SkillSoft Explore Course – Lambers, Inc.

Aspire Programmer to Secure Agile Programmer Secure Agile Programmer Track 2: Secure Programmer

Final Exam: Secure Programmer will test your knowledge and application of the topics presented throughout the Secure Programmer track of the Aspire Programmer to Secure Agile Programmer Journey.

Asset ID	it_fesap_02_enus
Course Type	Video Course
Course Category	Programmer to Secure Agile Programmer

Objectives
Final Exam: Secure Programmer apply C# secure coding to combat common code vulnerabilities apply JavaScript secure coding to combat SQL Injection Vulnerability code against buffer overflow attacks in C# code against buffer overflow attacks in Java code against buffer overflow attacks in Java - part 2 code against buffer overflow attacks in Java - part 3 code against buffer overflow attacks in JavaScript code against buffer overflow attacks in Python code against cross-site scripting attacks in C# code against cross-site scripting attacks in Java code against cross-site scripting attacks in JavaScript code against cross-site scripting attacks in JavaScript - part 2 code against cross-site scripting attacks in Python code against format string attacks in C# code against format string attacks in Java code against format string attacks in Python code against password cracking attacks in JavaScript code against password cracking attacks in JavaScript - part 2 code against SQL injection attacks in C# code against SQL injection attacks in C# - part 2 code against SQL injection attacks in Java code against SQL injection attacks in Java - part 2 code against SQL injection attacks in JavaScript code against SQL injection attacks in Python code against SQL injection attacks in Python - part 2 describe and be able to avoid common programming errors that can undermine the security describe and use CVE vulnerability scoring describe and use threat models including STRIDE, PASTA, DREAD, and SQUARE describe asymmetric algorithms including RSA, ECC, and Diffie-Helman describe authentication and authorization, including models such as DAC, MAC, RBAC, and ABAC describe hashing algorithms such as MD5 and SHA as well as MAC and HMAC describe OWASP Top 10 vulnerabilities describe OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection describe OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs describe OWASP Top 10 vulnerabilities including SQL injection, broken authentication, and cross-site scripting describe secure programming verification and validation process and techniques describe security concepts, including the CIA triangle, least privileges, and separation of duties describe specific security vulnerabilities and recognize how to program counter techniques describe symmetric algorithms including AES, Blowfish, and Serpent describe the resiliency concepts such as stability, recovery, and defensive coding identify OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection identify OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs identify security concepts, including the CIA triangle, least privileges, and separation of duties identify symmetric algorithms including AES, Blowfish, and Serpent identify the resiliency concepts such as stability, recovery, and defensive coding implement C# secure coding to combat common code vulnerabilities implement JavaScript secure coding to combat Cross-Site Scripting attacks implement JavaScript secure coding to combat SQL Injection Vulnerability implement Java secure coding to combat SQL Injection Vulnerability implement Python secure coding to combat a variety of security vulnerabilities recognize OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection recognize specific security vulnerabilities and recognize how to program counter techniques use CVSS scoring for vulnerabilities use OWASP Zap vulnerability scanner to test web sites for common vulnerabilities use Vega Vulnerability Scanner to test web sites for common vulnerabilities write resilient C# code write resilient Java code write resilient Java code - part 2 write resilient JavaScript code write resilient Python code

Objectives

Final Exam: Secure Programmer

apply C# secure coding to combat common code vulnerabilities
apply JavaScript secure coding to combat SQL Injection Vulnerability
code against buffer overflow attacks in C#
code against buffer overflow attacks in Java
code against buffer overflow attacks in Java - part 2
code against buffer overflow attacks in Java - part 3
code against buffer overflow attacks in JavaScript
code against buffer overflow attacks in Python
code against cross-site scripting attacks in C#
code against cross-site scripting attacks in Java
code against cross-site scripting attacks in JavaScript
code against cross-site scripting attacks in JavaScript - part 2
code against cross-site scripting attacks in Python
code against format string attacks in C#
code against format string attacks in Java
code against format string attacks in Python
code against password cracking attacks in JavaScript
code against password cracking attacks in JavaScript - part 2
code against SQL injection attacks in C#
code against SQL injection attacks in C# - part 2
code against SQL injection attacks in Java
code against SQL injection attacks in Java - part 2
code against SQL injection attacks in JavaScript
code against SQL injection attacks in Python
code against SQL injection attacks in Python - part 2
describe and be able to avoid common programming errors that can undermine the security
describe and use CVE vulnerability scoring
describe and use threat models including STRIDE, PASTA, DREAD, and SQUARE
describe asymmetric algorithms including RSA, ECC, and Diffie-Helman
describe authentication and authorization, including models such as DAC, MAC, RBAC, and ABAC
describe hashing algorithms such as MD5 and SHA as well as MAC and HMAC
describe OWASP Top 10 vulnerabilities
describe OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
describe OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs
describe OWASP Top 10 vulnerabilities including SQL injection, broken authentication, and cross-site scripting
describe secure programming verification and validation process and techniques
describe security concepts, including the CIA triangle, least privileges, and separation of duties
describe specific security vulnerabilities and recognize how to program counter techniques
describe symmetric algorithms including AES, Blowfish, and Serpent
describe the resiliency concepts such as stability, recovery, and defensive coding
identify OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
identify OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs
identify security concepts, including the CIA triangle, least privileges, and separation of duties
identify symmetric algorithms including AES, Blowfish, and Serpent
identify the resiliency concepts such as stability, recovery, and defensive coding
implement C# secure coding to combat common code vulnerabilities
implement JavaScript secure coding to combat Cross-Site Scripting attacks
implement JavaScript secure coding to combat SQL Injection Vulnerability
implement Java secure coding to combat SQL Injection Vulnerability
implement Python secure coding to combat a variety of security vulnerabilities
recognize OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
recognize specific security vulnerabilities and recognize how to program counter techniques
use CVSS scoring for vulnerabilities
use OWASP Zap vulnerability scanner to test web sites for common vulnerabilities
use Vega Vulnerability Scanner to test web sites for common vulnerabilities
write resilient C# code
write resilient Java code
write resilient Java code - part 2
write resilient JavaScript code
write resilient Python code