Learn about the risks associated with application vulnerabilities—and the secure coding practices that can help you avoid attacks—as you prepare for the Security+ exam.
CompTIA Security+ (SY0-601) Cert Prep: 2 Secure Code Design and Implementation
Overview
Syllabus
Introduction
- Secure code design and implementation
- What you need to know
- Study resources
- Software platforms
- Development methodologies
- Maturity models
- Change management
- Automation and DevOps
- Code review
- Software testing
- Code security tests
- Fuzz testing
- Code repositories
- Application management
- Third-party code
- OWASP Top 10
- Application security
- Prevent SQL injection
- Cross-site scripting
- Request forgery
- Defend against directory traversal
- Overflow attacks
- Cookies and attachments
- Session hijacking
- Code execution attacks
- Privilege escalation
- Driver manipulation
- Memory vulnerabilities
- Race condition vulnerabilities
- Input validation
- Parameterized queries
- Authentication and session management issues
- Output encoding
- Error and exception handling
- Code signing
- Database security
- Data deidentification
- Data obfuscation
- Continue your studies
Taught by
Mike Chapple
