|
|
|
Secure Programming
exin-secure-programing-foundation

Secure Programming

 

EXIN Secure Programming

Purpose and objective

Cybercrime, data leaks and information security get more attention than ever in the news. Governments and companies dedicate more and more resources to these areas. However, most of that attention appears to be focused on reactive measures (“How do we catch the cyber criminals?”) instead of on preventive measures (“How do we make our systems secure?”). Although it is hard to measure, research reports indicate that building security in is worth the investment. Key in the software building process is education. If programmers do not understand the security of the software they are building, any additional investment in the process is useless.

The EXIN Secure Programming Foundation exam tests the knowledge of the candidate on the basic principles of secure programming. The subjects of this module are Authentication and Session Management; Handling User Input; Authorization; Configuration, Error Handling and Logging; Cryptography; and Secure Software Engineering.

All content of the training is in accordance with the requirements determined by the largest international certification bodies.

Training Content (Syllabus)

Introduction
Security Awareness
Basic Principles
Web Security

Authentication and Session Management
Passwords
Session Management
Cross-Site Request Forgery (CSRF/XSRF) and Clickjacking

 Handling User Input
Injection Attacks
Input Validation
Buffer Overflows
Cross-Site-Scripting (XSS)

Authorization
Authorization
Session Poisoning and Race Conditions

Configuration, Error Handling and Logging
Third Party Components, Configuration and Hardening
Information Leaks
Error Handling and Logging
Denial of Service

Cryptography
Kerckhoffs’ Principle, Key Management and Randomness
Public Key Cryptography
HTTPS

Secure Software Engineering
Security Requirements
Secure Design
Secure Coding
Security Testing

Sample Exam
Review
Certification Exam (optional)

Prerequisites

None.

Target Group

This training and certification is meant for programmers or software developers, who have an interest in developing secure (web-)applications

Workload

Minimum: 16 hours

Recommended: 16 hours

Language

Training and Examination: Portuguese (pt-br) or English

Exam Content

You gain knowledge of and insight in the concept of Secure Programming.
You learn how to identify security threats and solutions that are related to authentication and session management.
You learn how to handle user input on web-forms in a secure way.
You gain knowledge of managing authorization for parts of your software.
You learn about configuration, error handling and logging, and their implications for security.
You gain insight in the workings and use of cryptography.
You learn the basics of secure software engineering.

Exam Format

Format: Multiple choice, 40 questions.
Duration: Maximum 60 minutes for all candidates in their respective language.
Prerequisite: None.
Supervised: Yes.
Open Book: No.
Pass Score: 26/40 or 65%
Delivery: This examination is available in Online or Paper based format.

Try our material and your knowledge

Content-Delivery-Download

Sample Material

Sample Exam

Quality its an important requirement to delivery contents for our partners.

Please try for free our sample material anytime you want it.

Try your skills and knowldge for free !

We provide a database exclusively for you.

Access our Free Sample Exam now !

Still have Questions? Contact Us Using the Form Below.

Get in Touch with Us





Academy, Accredited, Code, Course, Development, EXIN, Linux, Material, Official, Programming, Secure, Secure Programming, Security, Security Academy, Training, Unix