Course Outline
 

 

Security Concepts

  • Digital Asset
  • Security Principles
  • Authentication
  • Vulnerability

Security Models

  • Security Models
  • Trust Models, Trusted Computing and TPM
  • Access Controls

Security Planning and Policy

  • Security Planning
  • Risk Assessment for Security
  • Security Policies and Guidelines

Security Attacks

  • Computer Security
  • Security Attack Classes
  • System Attacks
  • Network Attacks
  • Authentication Attacks
  • Spoofing Attacks
  • Social Engineering

Programming Attacks

  • Memory Corruption
  • Buffer Overflow
  • Stack Smashing
  • Code Injection
  • Integer Overflows
  • Heap Corruption
  • Globbing Hacks
  • Format String Attack

Cryptography

  • Cryptography Basics
  • Evolution and Data Encryption Methods
  • Symmetric and Asymmetric key Cryptography
  • Private and Public Key Exchange
  • Stream and Block Ciphers
  • Secret Key Cryptography
  • Message Authentication and Hash Functions
  • Digital Signatures and Public Key Infrastructure

C/C++ Security

  • Integer Overflow
  • String Issues
  • Formatted Functions
  • Exception Handling
  • Dynamic Memory Management
  • Pointers

.Net Security

  • .NET Architectural Components
  • .Net Security Basics
  • managed code
  • Interoperability
  • Code Access Security
  • Role-Based Security
  • Secure Coding Guidelines
  • ASP.NET Web Application Security
  • Security Practices for Web Applications

Java Security

  • Java Architecture
  • Java Security Basics
  • Permissions and Security Policy
  • Access Control
  • Secure Class Loading
  • Security Management
  • Secure Coding Guidelines

Networking and SOA Security

  • What is SOA, WSDL and Web Service
  • SOA Attacks
  • SOA Security
  • SSL
  • Web Services and Security
  • Java RMI and Security
  • ActiveX and Security

Web Application Security

  • Web Basics
  • Web Server Attacks
  • Web Server Security
  • Web Application Attacks and Security

Physical Security

  • What is physical Security
  • Natural Events
  • Authentication Controls
  • Physical Security Measures

Secured Software Development Life Cycle

  • Software Development Life Cycle (SDLC)
  • Waterfall Model
  • Agile or Extreme development model
  • Secure SDLC
  • Security Methodology
  • Secure Software Requirements
  • Secure Software Design
  • Threat Modeling
  • Secure Coding
  • Secure Software Testing

Cloud and Mobile Security

  • Cloud Computing Basics
  • Cloud Security
  • Mobile Security
  • Android Security
  • iOS Security

Emerging Trends

  • IoT Security
  • Big Data Security
  • New Threats

Apply for Certification

https://www.vskills.in/certification/Certified-Software-Security-Professional