YoVDO

CompTIA CySA+ (CS0-002) Cert Prep: 4 Software and Systems Security

Offered By: LinkedIn Learning

Tags

CompTIA CySA+ (Plus) Courses Cybersecurity Courses Cloud Computing Courses Software Testing Courses Reverse Engineering Courses Penetration Testing Courses Virtualization Courses Information Security Certifications Courses Encryption Courses Secure Coding Practices Courses

Course Description

Overview

Review essential software and systems security concepts and best practices as you prepare for the CySA+ (CS0-002) exam. Learn about software testing, encryption, and more.

Syllabus

Introduction
  • Software and systems security
  • What you should know
  • Study resources
1. Software Development Life Cycle
  • Software platforms
  • Development methodologies
  • Maturity models
  • Change management
  • DevOps and DevSecOps
2. Software Assessment and Testing
  • Code review
  • Software testing
  • Code tests
  • Fuzz testing
  • Interface testing
  • Misuse case testing
  • Test coverage analysis
3. Secure Coding Best Practices
  • Input validation
  • Parameterized queries
  • Authentication and session management issues
  • Data protection
  • Output encoding
  • Error and exception handling
  • Code repositories
  • Code signing
4. Service Oriented Architecture
  • SOAP and REST
  • SOA and microservices
5. Secure Systems Design
  • Operating system types
  • Data encryption
  • Hardware and firmware security
  • Peripheral security
  • Physical asset management
6. Encryption and Certificate Management
  • Understanding encryption
  • Symmetric and asymmetric cryptography
  • Goals of cryptography
  • Choosing encryption algorithms
  • Key exchange
  • Diffie-Hellman
  • Trust models
  • PKI and digital certificates
  • Hash functions
  • Digital signatures
  • Creating a digital certificate
  • Revoking a digital certificate
7. Penetration Testing
  • Planning a penetration test
  • Designing penetration tests
  • Exploitation frameworks
  • Interception proxies
  • Penetration test reporting
  • Training and exercises
8. Reverse Engineering
  • Reverse engineering software
  • Reverse engineering hardware
9. Virtualization
  • Virtualization
  • Desktop and application virtualization
  • Containerization
10. Networking
  • Security zones
  • VLANs
  • Isolating sensitive systems
  • Virtual private networks (VPNs)
  • Software-defined networking
11. Cloud Computing
  • What is the cloud?
  • Cloud computing roles
  • Cloud compute resources
  • Cloud storage
  • Cloud networking
  • Cloud databases
  • Cloud orchestration
  • Cloud auditing tools
12. Extending Defenses
  • Deception technologies
Conclusion
  • Next steps

Taught by

Mike Chapple

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network