[footag]
The Learning Initiative is an Authorized Training Partner to CertNexus.
The stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development life cycle.
This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development.
In this course, you will employ best practices in software development to develop secure software. You will:
This course includes hands on activities for each topic area. The goal of these activities is to demonstrate concepts utilizing two universal languages Python and Java Script. Developers who use alternate languages will be able apply the principles from the activities to any coding languages.
Hands on exercises are designed to keep the typing of code to a bare minimum. CertNexus provides students with all of the code they need to complete activities. The activities do not require a “deep dive” into code to understand the principles being covered.
This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy.
This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification.
This course presents secure programming concepts that apply to many different types of software development projects. Although this course uses Python®, HTML, and JavaScript® to demonstrate various programming concepts, you do not need to have experience in these languages to benefit from this course. However, you should have some programming experience, whether it be developing desktop, mobile, web, or cloud applications. Logical Operations provides a variety of courses covering software development that you might use to prepare for this course, such as:
In order to obtain the Certificate, you need to pass the official Exam.
Number of Questions 100 questions
Item Formats Multiple Choice/Multiple Response
Exam Duration 120 minutes (including 5 minutes for Candidate Agreement and 5 minutes for Pearson VUE tutorial)
Exam Options In person at Pearson VUE test centers or online via Pearson OnVUE
Passing Score 70% or 71%, depending on exam form
Topic A: Identify Security Requirements and Expectations
Topic B: Identify Factors That Undermine Software Security
Topic C: Find Vulnerabilities in Your Software
Topic D: Gather Intelligence on Vulnerabilities and Exploits
Topic A: Handle Vulnerabilities Due to Software Defects and Misconfiguration
Topic B: Handle Vulnerabilities Due to Human Factors
Topic C: Handle Vulnerabilities Due to Process Shortcomings
Topic A: Apply General Principles for Secure Design
Topic B: Design Software to Counter Specific Threats
Topic A: Follow Best Practices for Secure Coding
Topic B: Prevent Platform Vulnerabilities
Topic C: Prevent Privacy Vulnerabilities
Topic A: Limit Access Using Login and User Roles
Topic B: Protect Data in Transit and At Rest
Topic C: Implement Error Handling and Logging
Topic D: Protect Sensitive Data and Functions
Topic E: Protect Database Access
Topic A: Perform Security Testing
Topic B: Analyze Code to find Security Problems
Topic C: Use Automated Testing Tools to Find Security Problems
Topic A: Monitor and Log Applications to Support Security
Topic B: Maintain Security after Deployment
Appendix A: Mapping Course Content to Cyber Secure Coder (Exam CSC-210)
For this course, you will need one computer for each student and one for the instructor. Each computer
will need the following minimum hardware configurations:
Drop us a line so we can help you on your learning journey.
Driven by our core values of Agility, Partnership, Transparency & Results we ensure our clients succeed in their goals by helping them translate strategy into action and organize around value in a complex digital world.
Dubai Knowledge Park
G11, Al Sufouh 2, Dubai
United Arab Emirates
Trademarks: PRINCE®, ITIL® and IT Infrastructure Library® are registered trade mark of AXELOS Limited, used under permission of AXELOS Limited. The Swirl logo™ is a trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved. PMI, the Registered Education Provider logo, PMBOK, PMP, PgMP, PFMP, CAPM, PMI-SP, PMI-PBA, PM Network, PMI Today, Pulse of the Profession, the PMI logo, the PMP logo and PMBOK are registered marks of the Project Management Institute, Inc. The Self-Study courses on this page are offered by Professional Training Center of Excellence ATO/Affiliate of AXELOS Limited. All rights reserved.
All prices are exclusive of VAT.
® 2020 The Learning Initiative. All rights reserved.