Cert Prep: Cyber Secure Coder (CSC-110)

Learn the skills you need to know to prepare for and tackle the CertNexus Cyber Secure Coder (CSC-110) certification exam.

Introduction

• Overview

1. Handling Vulnerabilities

• Prior knowledge and expectations
• Gather software requirements
• Challenge: Identity requirements
• Solution: Identify requirements
• Factors that undermine software security
• Software vulnerabilities and attack phases
• Attack patterns
• Challenge: Find vulnerabilities
• Solution: Find vulnerabilities
• Challenge: New password requirements
• Solution: New password requirements
• Challenge: Hashing passwords
• Solution: Hashing passwords
• Vulnerability intelligence
• Challenge: Vulnerability search
• Solution: Vulnerability search

2. Designing for Security

• Bugs in software
• External libraries and services
• Handling errors securely
• Human-related security
• Security requirements and design
• Security through the software lifecycle
• Challenge: Exploring leftover artifacts
• Solution: Exploring leftover artifacts

3. Developing Secure Code

• Principles of secure design
• Avoid common mistakes
• Challenge: Common security design flaws
• Solution: Common security design flaws
• Understand risk and threats
• Risk response strategies
• Exploit countermeasures

4. Implementing Common Protections

• Guidelines for secure coding
• Buffer overflows and prevention
• Race conditions
• Challenge: Use locks to remediate race condition
• Solution: Use locks to remediate race condition
• OWASP top ten platform vulnerabilities
• Web application vulnerabilities deep dive
• Mobile application vulnerabilities deep dive
• IoT vulnerabilities deep dive
• Desktop vulnerabilities deep dive
• Privacy vulnerability defects

5. Testing and Maintaining Software Security

• Secure session management
• Users, protections, and passwords
• Encryption and data protections
• Error handling and protections

Conclusion

• Testing software for security
• Monitoring and logging of production applications