Software Security Foundations
Fee may apply
This introductory course covers 3 specific topic areas:
Computer Security Principles covers security objectives such as authentication, authorization, access control, confidentiality, data integrity, and non-repudiation. The module also covers software design principles including the principles of least privilege, fail-safe stance, and defense-in-depth.
Introduction to Cryptography covers both symmetric encryption and public-key cryptography, discussing how they are used to achieve security goals and build PKI (Public-Key Infrastructure) systems. The module also covers DES, 3DES, AES, RC4, RSA, ECC, MD5, SHA-1, X.509, digital signatures, and all cryptographic primitives necessary to understand PKI. Diffie-Hellman key exchange and man-in-the-middle attacks will also be discussed.
Secure Programming Techniques discusses the threats that worms and hackers present to software and the programming techniques that developers can use to defend against software vulnerabilities such as buffer overflows, SQL injection, and off-line dictionary attacks. The module also covers common mistakes made in using cryptographic libraries and how they can be avoided.
What you will learn
- Computer Security Design and Principles
- Worms and Other Malware
- Introduction to Cryptography
- Secure Programming Techniques
Includes 60 days access to the online course homepage and digital color PDF's of presentations and handouts when available.
*Note: All amounts shown are in USD
60 day access to the online course starts upon payment. The end date of a section of this course does not restrict your access to the course material.
Course materials are available for download from the online videos page. All materials are available for printing and review upon enrollment.
Online participants are asked to complete a final exam at the end of each course to maintain the integrity of the program. A score of 85% must be achieved to successfully pass the exam. A digital record of completion will be emailed to participants when they pass the exam.
It is required that participants complete the course evaluation once they have passed the final exam.