This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities, courses one and two, in this specialization. This course uses the focusing technique that asks you to think about: “what to watch out for” and “where to look” to evaluate and ultimately remediate fragile C++ library code.
제공자:
Secure Coding Practices 특화 과정캘리포니아 대학교 데이비스 캠퍼스이 강좌에 대하여
최근 조회 7,624회
유연한 마감일
일정에 따라 마감일을 재설정합니다.
공유 가능한 수료증
완료 시 수료증 획득
100% 온라인
지금 바로 시작해 나만의 일정에 따라 학습을 진행하세요.
다음 특화 과정의 4개 강좌 중 3번째 강좌:
중급 단계
완료하는 데 약 23시간 필요
영어
자막: 프랑스어, 포르투갈어 (유럽), 러시아어, 영어, 스페인어
배울 내용
Apply “what to watch out for” and “where to look” to evaluate fragility of C++ library code.
Given a fragile C++ library, code a robust version.
Identify problems w/ privilege, trusted environments, input validation, files & sub-processes, resource mngmt, asynchronicity, & randomness in C/C++.
Remediate examples of problems that apply to C/C++ interactions with the programming environment.
귀하가 습득할 기술
- Identifying vulernabilities
- C/C++ Programming
유연한 마감일
일정에 따라 마감일을 재설정합니다.
공유 가능한 수료증
완료 시 수료증 획득
100% 온라인
지금 바로 시작해 나만의 일정에 따라 학습을 진행하세요.
다음 특화 과정의 4개 강좌 중 3번째 강좌:
중급 단계
완료하는 데 약 23시간 필요
영어
자막: 프랑스어, 포르투갈어 (유럽), 러시아어, 영어, 스페인어
제공자:
캘리포니아 대학교 데이비스 캠퍼스
UC Davis, one of the nation’s top-ranked research universities, is a global leader in agriculture, veterinary medicine, sustainability, environmental and biological sciences, and technology. With four colleges and six professional schools, UC Davis and its students and alumni are known for their academic excellence, meaningful public service and profound international impact.
강의 계획표 - 이 강좌에서 배울 내용
완료하는 데 7시간 필요
Users, Privileges, and Environment Variables
In this module, you will be able to manage users and privileges when you run programs or sub-programs. You will be able to identify and use the different types of privileges on a Linux (and UNIX-like) system. You'll be able to identify how program shells preserve environment settings. You will be able to examine how your shell (or other program that uses the PATH variable) deals with multiple versions of that variable.
완료하는 데 7시간 필요
17개 동영상 (총 107분), 4 개의 읽기 자료, 2 개의 테스트
완료하는 데 6시간 필요
Validation and Verification, Buffer and Numeric Overflows, and Input Injections
In this module, you will be able to breakdown how the process of checking inputs, known as validation and verification works. You will be able to avoid and buffer numeric overflows in your programs. You will be able to discover what happens when you call functions with parameters that cause overflows. And finally, you will be able to detect various input injections such as cross-site scripting and SQL injections and be able to describe the consequences of not examining input.
완료하는 데 6시간 필요
17개 동영상 (총 162분), 2 개의 읽기 자료, 2 개의 테스트
완료하는 데 3시간 필요
Files, Subprocesses, and Race Conditions
In this module, you will be able to describe how files and subprocesses interact and be able to create subprocesses and shell scripts. You will also be able to identify and prevent race conditions in your programs and practice cleaning out environments to make them safe for untrusted subprocesses.
완료하는 데 3시간 필요
13개 동영상 (총 80분), 1 개의 읽기 자료, 2 개의 테스트
완료하는 데 7시간 필요
Randomness, Cryptography, and Other Topics
In this module you will be able to distinguish between pseudo-randomness and actual randomness. You will be able to apply randomness in the coding environment and generate random numbers and look at their distribution. You'll be able to identify and describe how and why cryptography is used, as well as why you should use trusted cryptography code libraries instead of crafting your own solution. You will be able to analyze and consider best practices for handling sensitive information, passwords, crypto keys, how to handle errors in security sensitive programs, and how to defend against string attacks. You will be able to hash a password and then try to guess another one. You will be able to practice cleaning out environments to make them safe for untrusted subprocesses, as well as practice handling integer overflow.
완료하는 데 7시간 필요
19개 동영상 (총 97분), 4 개의 읽기 자료, 2 개의 테스트
검토
- 5 stars75%
- 4 stars13.88%
- 3 stars9.72%
- 1 star1.38%
IDENTIFYING SECURITY VULNERABILITIES IN C/C++PROGRAMMING의 최상위 리뷰
HH 제공2020년 5월 30일
Thoroughly enjoyed the course. learned a lot. thank you.
VP 제공2020년 11월 30일
More code and Example would be good in this code, Example code for Discussion would be good for ideal reference
RK 제공2020년 5월 12일
Practical demos could have added more fun to this course.
BB 제공2021년 2월 22일
I liked the course and the instructor is really nice. It could use more code. This course has very minimal code.
Secure Coding Practices 특화 과정 정보
This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.Through four courses, you will cover the principles of secure coding, concepts of threat modeling and cryptography and exploit vulnerabilities in both C/C++ and Java languages, which will prepare you to think like a hacker and protect your organizations information. The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.
자주 묻는 질문
강의 및 과제를 언제 이용할 수 있게 되나요?
이 전문 분야를 구독하면 무엇을 이용할 수 있나요?
재정 지원을 받을 수 있나요?
궁금한 점이 더 있으신가요? 학습자 도움말 센터를 방문해 보세요.
