Course AWR-178-W

Web-based Training (Self-Paced)

Secure Software

This course covers secure programming practices necessary to secure applications against attacks and exploits. Topics covered include fundamental concepts of secure software development, defensive programming techniques, secure design and testing, and secure development methodologies. Network security administration topics include firewalls, intrusion detection/prevention, common cryptographic ciphers, AAA (authentication, authorization and accounting), server and client security, and secure policy generation.

Objectives
  • Demonstrate understanding of the concepts of reliability, predictability and traceability
  • Demonstrate knowledge of software errors
  • Demonstrate understanding of the need for simplicity in secure software programming
  • Demonstrate understanding of vulnerabilities
  • Demonstrate knowledge of common security requirements
  • Demonstrate understanding of the concept of awareness
  • Demonstrate understanding of the importance of and uses of vulnerability databases
  • Demonstrate knowledge of input validation
  • Demonstrate understanding of the concepts of buffer overflow and race conditions
  • Demonstrate knowledge of compartmentalization and its implementation methods
  • Demonstrate understanding of the concepts of obscurity, obfuscation and encapsulation
  • Demonstrate knowledge of a basic framework for software architecture design
  • Demonstrate understanding of the need for and benefits of security modeling
  • The trainee will demonstrate knowledge of five steps for secure design
  • Demonstrate knowledge of common design objectives
Target Audience

Software developers and IT staff interested in furthering their knowledge regarding the development of secure software.

 

(Note: credit hours through ACE are provided only if all four courses, AWR-138, AWR-139, AWR-173 & AWR-178, within the Online for IT Professionals (Cyber 201) track are completed).

Like this course? Share with others!

Thousands trained at no cost

Be the next in line to get cybersecurity education for individuals, organizations, and jurisdictions without spending a dime.

Join the NCPC mailing list