University of California, Davis - Identifying Security Vulnerabilities in C/C++Programming
- Offered byCoursera
Identifying Security Vulnerabilities in C/C++Programming at Coursera Overview
Duration | 23 hours |
Start from | Start Now |
Total fee | Free |
Mode of learning | Online |
Difficulty level | Intermediate |
Official Website | Explore Free Course  |
Credential | Certificate |
Identifying Security Vulnerabilities in C/C++Programming at Coursera Highlights
- This Course Plus the Full Specialization.
- Shareable Certificates.
- Graded Programming Assignments.
Identifying Security Vulnerabilities in C/C++Programming at Coursera Course details
- This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities, courses one and two, in this specialization. This course uses the focusing technique that asks you to think about: ?what to watch out for? and ?where to look? to evaluate and ultimately remediate fragile C++ library code.
- The techniques you?ll be examining will make your programs perform accurately and be resistant to attempts to perform inaccurately. This is really what the term secure programming means. You will be shown common errors that people make, and then learn how to program more robustly. You will apply tips and best practices to help you improve your programming style and help you to avoid common problems like buffer overflows, which may or may not cause security problems.
Identifying Security Vulnerabilities in C/C++Programming at Coursera Curriculum
Users, Privileges, and Environment Variables
Course Introduction
Module 1 Introduction
Users and Privileges Overview
Identifying Users and Changing Privileges
Spawning Subprocesses
Identifying Users Incorrectly
Establishing Users and Setting UIDs
Establishing Groups and GIDs
Establishing Privileges for Users and Groups
How Root Privileges Work
Lesson 1 Summary
Environment Variables Overview
Programming Explicitly
Addressing Various Attacks
Dynamic Loading and Associated Attacks
Programming Implicitly
The Moral of the Story
A Note From UC Davis
Who Are You? - What is Going On?
Resetting the PATH - What is Going On?
Multiple PATH Environment Variables - What's Going On?
Module 1 Practice Quiz
Module 1 Quiz
Validation and Verification, Buffer and Numeric Overflows, and Input Injections
Module 2 Introduction
Validation and Verification Overview
Metacharacters
The Heartbleed Bug and Other Exploits
Inputs
Fixes
Lesson 3 Summary
Buffer Overflows Overview
Buffer Overflow Examples
Selective Buffer Overflow and Utilizing Canaries
Numeric Overflows Overview
Numeric Overflow Examples
Lesson 4 Summary
Input Injections Overview
Cross-Site Scripting Attacks
SQL Injections
Lesson 5 Summary
Path Names - What's Going On?
Numeric and Buffer Overflows - What's Going On?
Module 2 Practice Quiz
Module 2 Quiz
Files, Subprocesses, and Race Conditions
Module 3 Introduction
Files and Subprocesses Overview
Creating a Child Process
Subprocess Environment
Files and Subprocesses Design Tips
Lesson 6 Summary
Race Conditions Overview
A Classic Race Condition Example
Time of Check to Time of Use
Programming Condition
Environmental Condition
Race Conditions
Linux Locks and FreeBSD System Calls
The Environmental Condition - What's Going On?
Module 3 Practice Quiz
Module 3 Quiz
Randomness, Cryptography, and Other Topics
Module 4 Introduction
Randomness and Cryptography Overview
Pseudorandom vs. Random
Producing Random Numbers
Sowing Seeds
Cryptography Basics
Using Cryptography for Secrecy and Integrity
Some Cryptography Examples
Lesson 8 Summary
Handling Sensitive Information and Errors and Formatting Strings Overview
All About Passwords
Adding a Pinch of Salt
Managing Sensitive Data
Practice a Secure Function
Error Handling Part 1
Error Handling Part 2
Format Strings
Lesson 9 Summary
Course Summary
(Pseudo) Random Numbers - What's Going On?
Hashing and Cracking Passwords - What's Going On?
A Safe system() Function - What's Going On?
Converting Strings to Integers - What's Going On?
Module 4 Practice Quiz
Module 4 Quiz
Identifying Security Vulnerabilities in C/C++Programming at Coursera Admission Process
Important Dates
Other courses offered by Coursera
Student Forum
Anything you would want to ask experts?