Everyone whether they write protocols or internal processes is responsible for using secure programming techniques to minimize the adverse effects of attacks, test the code for software security and know how to fix the software for security.
This 5 part, 40 hr 1 wk + 32 hr pre-study class delivers the best of all the Software Security classes and more. It includes items that are classed as defensive in nature (e.g. checking error return codes before using handles and other data structures that should have been created, or protecting against using a pointer after it has been released). It also includes items how to prevent attacks and lastly a step by step process to FIX software and lastly provides Solutions and Counter Measures to protect your code.
Class Fee: | $3,990 |
Time: | 72 hrs |
Learning Level: | Entry |
Contact Hours: | 40 hr 1 wk + 32 hr pre-study & 2hr exam |
Prerequisites: | Understanding of TCP/IP Protocols |
Credits: | 72 CPE / 3 CEU |
Method of Delivery: | Residential (100% face-to-face) or Hybrid |
Instructor: | TBD |
Method of Evaluation: | 95 % attendance 2. 100 % completion of Lab |
Grading: | Pass = Attendance+ labs & quizzes Fail > 95% Attendance |
Sample Job Titles:
Analyst Programmer/Computer Programmer
Configuration Manager
Database Developer/Engineer/Architect
Information Assurance (IA) Engineer
Information Assurance (IA) Software Developer
Information Assurance (IA) Software Engineer
Research & Development Engineer
Secure Software Engineer/ Security Engineer
Software Developer/ Software Engineer
Architect Systems Analyst/ Web App Developer
This accelerated class is taught using face to face modality or hybrid modality. [excluding veterans using the Veterans Education benefits, can only attend in the face to-face modality]. Class includes 40 hr 1 wk + 32 hr pre-study contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation. Class Materials Class handbook, lab, SU resource and attack handouts
Who Should Attend
Software testers, software developers, development and test managers, security auditors and anyone involved in software production for resale or internal use will find it valuable. Information Security and IT managers; Information Assurance Programmers; Information Security Analysts and Consultants Q& A Specialists. Secure Software Engineering – Develops, modifies, enhances, and sustains new or existing computer applications, software, or utility programs following software assurance best practices throughout the software lifecycle.
Text Materials: labs, SU Pen Testing Materials, resource CD’s and attack handouts.
Machines a Dual Core 4M Ram, 350 Gig drives, running MS OS, linux, and VMWare Workstation
Tools for class- Whois, Google Hacking, Nslookup , Sam Spade, Traceroute , NMap , HTTrack , Superscan , Nessus, PSTool,
Nbtstat, Solarwinds ,Netcat , John the ripper , Nikto/Wikto ,Web Scarab , HTTP Tunnel (hts.exe) , LCP ,Cain and Abel, Ettercap system hacking ,John the Ripper Wireshark sniffers, TCP dump, D sniff , tcpdump, Metasploit, ISS exploit, web app,Core Impact , Snort , Infostego, Etherape ,Firefox with plugins (Hackbar, XSSme...) ,, ebgoat, Ounce, Foritfy, X Wget, Cyrpto tool, 'Curl'
KU Outcomes
- Students will be able to produce software components that satisfy their functional requirements without introducing vulnerabilities
- Students will be able to describe the characteristics of secure programming
Grades - All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Those less comfortable and somewhere in between are not at a disadvantage vis-à-vis those more comfortable. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while you’re mitigating the threat step by step.