À propos de ce cours

11,811 consultations récentes
Certificat partageable
Obtenez un Certificat lorsque vous terminez
100 % en ligne
Commencez dès maintenant et apprenez aux horaires qui vous conviennent.
Dates limites flexibles
Réinitialisez les dates limites selon votre disponibilité.
Niveau intermédiaire
Approx. 22 heures pour terminer
Anglais
Sous-titres : Anglais

Ce que vous allez apprendre

  • Apply “what to watch out for” and “where to look” to evaluate fragility of C++ library code.

  • Given a fragile C++ library, code a robust version.

  • Identify problems w/ privilege, trusted environments, input validation, files & sub-processes, resource mngmt, asynchronicity, & randomness in C/C++.

  • Remediate examples of problems that apply to C/C++ interactions with the programming environment.

Compétences que vous acquerrez

Identifying vulernabilitiesC/C++ Programming
Certificat partageable
Obtenez un Certificat lorsque vous terminez
100 % en ligne
Commencez dès maintenant et apprenez aux horaires qui vous conviennent.
Dates limites flexibles
Réinitialisez les dates limites selon votre disponibilité.
Niveau intermédiaire
Approx. 22 heures pour terminer
Anglais
Sous-titres : Anglais

Offert par

Logo Université de Californie à Davis

Université de Californie à Davis

Programme du cours : ce que vous apprendrez dans ce cours

Semaine
1

Semaine 1

6 heures pour terminer

Users, Privileges, and Environment Variables

6 heures pour terminer
17 vidéos (Total 107 min), 4 lectures, 2 quiz
17 vidéos
Module 1 Introduction2 min
Users and Privileges Overview7 min
Identifying Users and Changing Privileges7 min
Spawning Subprocesses8 min
Identifying Users Incorrectly1 min
Establishing Users and Setting UIDs8 min
Establishing Groups and GIDs3 min
Establishing Privileges for Users and Groups11 min
How Root Privileges Work3 min
Lesson 1 Summary1 min
Environment Variables Overview2 min
Programming Explicitly4 min
Addressing Various Attacks16 min
Dynamic Loading and Associated Attacks16 min
Programming Implicitly3 min
The Moral of the Story5 min
4 lectures
A Note From UC Davis10 min
Who Are You? - What is Going On?10 min
Resetting the PATH - What is Going On?10 min
Multiple PATH Environment Variables - What's Going On?5 min
2 exercices pour s'entraîner
Module 1 Practice Quiz14 min
Module 1 Quiz30 min
Semaine
2

Semaine 2

6 heures pour terminer

Validation and Verification, Buffer and Numeric Overflows, and Input Injections

6 heures pour terminer
17 vidéos (Total 162 min), 2 lectures, 2 quiz
17 vidéos
Validation and Verification Overview8 min
Metacharacters11 min
The Heartbleed Bug and Other Exploits21 min
Inputs15 min
Fixes6 min
Lesson 3 Summary1 min
Buffer Overflows Overview2 min
Buffer Overflow Examples18 min
Selective Buffer Overflow and Utilizing Canaries17 min
Numeric Overflows Overview7 min
Numeric Overflow Examples8 min
Lesson 4 Summary2 min
Input Injections Overview1 min
Cross-Site Scripting Attacks18 min
SQL Injections10 min
Lesson 5 Summary5 min
2 lectures
Path Names - What's Going On?10 min
Numeric and Buffer Overflows - What's Going On?10 min
2 exercices pour s'entraîner
Module 2 Practice Quiz15 min
Module 2 Quiz30 min
Semaine
3

Semaine 3

3 heures pour terminer

Files, Subprocesses, and Race Conditions

3 heures pour terminer
13 vidéos (Total 80 min), 1 lecture, 2 quiz
13 vidéos
Files and Subprocesses Overview52s
Creating a Child Process5 min
Subprocess Environment10 min
Files and Subprocesses Design Tips5 min
Lesson 6 Summary2 min
Race Conditions Overview8 min
A Classic Race Condition Example9 min
Time of Check to Time of Use12 min
Programming Condition5 min
Environmental Condition7 min
Race Conditions6 min
Linux Locks and FreeBSD System Calls4 min
1 lecture
The Environmental Condition - What's Going On?10 min
2 exercices pour s'entraîner
Module 3 Practice Quiz15 min
Module 3 Quiz30 min
Semaine
4

Semaine 4

7 heures pour terminer

Randomness, Cryptography, and Other Topics

7 heures pour terminer
19 vidéos (Total 97 min), 4 lectures, 2 quiz
19 vidéos
Randomness and Cryptography Overview2 min
Pseudorandom vs. Random6 min
Producing Random Numbers4 min
Sowing Seeds12 min
Cryptography Basics3 min
Using Cryptography for Secrecy and Integrity8 min
Some Cryptography Examples9 min
Lesson 8 Summary1 min
Handling Sensitive Information and Errors and Formatting Strings Overview1 min
All About Passwords7 min
Adding a Pinch of Salt4 min
Managing Sensitive Data4 min
Practice a Secure Function8 min
Error Handling Part 14 min
Error Handling Part 26 min
Format Strings5 min
Lesson 9 Summary2 min
Course Summary52s
4 lectures
(Pseudo) Random Numbers - What's Going On?10 min
Hashing and Cracking Passwords - What's Going On?10 min
A Safe system() Function - What's Going On?10 min
Converting Strings to Integers - What's Going On?10 min
2 exercices pour s'entraîner
Module 4 Practice Quiz15 min
Module 4 Quiz30 min

Avis

Meilleurs avis pour IDENTIFYING SECURITY VULNERABILITIES IN C/C++PROGRAMMING

Voir tous les avis

À propos du Spécialisation Secure Coding Practices

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.Through four courses, you will cover the principles of secure coding, concepts of threat modeling and cryptography and exploit vulnerabilities in both C/C++ and Java languages, which will prepare you to think like a hacker and protect your organizations information. The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing....
Secure Coding Practices

Foire Aux Questions

  • Access to lectures and assignments depends on your type of enrollment. If you take a course in audit mode, you will be able to see most course materials for free. To access graded assignments and to earn a Certificate, you will need to purchase the Certificate experience, during or after your audit. If you don't see the audit option:

    • The course may not offer an audit option. You can try a Free Trial instead, or apply for Financial Aid.

    • The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

  • When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.

  • If you subscribed, you get a 7-day free trial during which you can cancel at no penalty. After that, we don’t give refunds, but you can cancel your subscription at any time. See our full refund policy.

  • Yes, Coursera provides financial aid to learners who cannot afford the fee. Apply for it by clicking on the Financial Aid link beneath the "Enroll" button on the left. You'll be prompted to complete an application and will be notified if you are approved. You'll need to complete this step for each course in the Specialization, including the Capstone Project. Learn more.

D'autres questions ? Visitez le Centre d'Aide pour les Etudiants.