YoVDO

CompTIA CySA+ (CS0-002) Cert Prep: 4 Software and Systems Security

Offered By: LinkedIn Learning

Tags

CompTIA CySA+ (Plus) Courses Cloud Computing Courses Software Testing Courses Reverse Engineering Courses Penetration Testing Courses Virtualization Courses Information Security Certifications Courses Encryption Courses Service-Oriented Architecture Courses Secure Coding Practices Courses

Course Description

Overview

Review essential software and systems security concepts and best practices as you prepare for the CySA+ (CS0-002) exam. Learn about software testing, encryption, and more.

Syllabus

Introduction
  • Software and systems security
  • What you should know
  • Study resources
1. Software Development Life Cycle
  • Software platforms
  • Development methodologies
  • Maturity models
  • Change management
  • DevOps and DevSecOps
2. Software Assessment and Testing
  • Code review
  • Software testing
  • Code tests
  • Fuzz testing
  • Interface testing
  • Misuse case testing
  • Test coverage analysis
3. Secure Coding Best Practices
  • Input validation
  • Parameterized queries
  • Authentication and session management issues
  • Data protection
  • Output encoding
  • Error and exception handling
  • Code repositories
  • Code signing
4. Service Oriented Architecture
  • SOAP and REST
  • SOA and microservices
5. Secure Systems Design
  • Operating system types
  • Data encryption
  • Hardware and firmware security
  • Peripheral security
  • Physical asset management
6. Encryption and Certificate Management
  • Understanding encryption
  • Symmetric and asymmetric cryptography
  • Goals of cryptography
  • Choosing encryption algorithms
  • Key exchange
  • Diffie-Hellman
  • Trust models
  • PKI and digital certificates
  • Hash functions
  • Digital signatures
  • Creating a digital certificate
  • Revoking a digital certificate
7. Penetration Testing
  • Planning a penetration test
  • Designing penetration tests
  • Exploitation frameworks
  • Interception proxies
  • Penetration test reporting
  • Training and exercises
8. Reverse Engineering
  • Reverse engineering software
  • Reverse engineering hardware
9. Virtualization
  • Virtualization
  • Desktop and application virtualization
  • Containerization
10. Networking
  • Security zones
  • VLANs
  • Isolating sensitive systems
  • Virtual private networks (VPNs)
  • Software-defined networking
11. Cloud Computing
  • What is the cloud?
  • Cloud computing roles
  • Cloud compute resources
  • Cloud storage
  • Cloud networking
  • Cloud databases
  • Cloud orchestration
  • Cloud auditing tools
12. Extending Defenses
  • Deception technologies
Conclusion
  • Next steps

Taught by

Mike Chapple

Related Courses

Applied ChatGPT for Cybersecurity
Infosec via Coursera
Become an Influencer at Work
CreativeLive
Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX
Advanced Malware Analysis: Redux
Cybrary
How to Use GDB (BSWJ)
Cybrary