EC-Council Certified Secure Programmer

More documents

Recommendations

Info

Page 14• Cinnabar Canner• Byte Code Verifier• Class Loader• Building a SimpleClassLoader• Security Manager• jarsigner - JAR Signing and Verification Tool• Signing an Applet Using RSA-Signed Certificates• Signing Tools• Getting RSA Certificates• Bundling Java Applets as JAR Files• Signing Java Applets Using Jarsigner• Signing Java Applets Using Netscape Signing Tool• Security Extensions• Java Security Overview: Basic Security Architecture• Java Authentication and Authorization Service (JAAS)• Java Cryptographic Extension (JCE)• Java Cryptography Architecture• JCE: Pseudo Code for Encryption• JCE: Pseudo Code for Decryption• Java Cryptography Architecture (JCA)• Sample Code for Encryption and Decryption• Secure Communication• Java(TM) Secure Socket Extension (JSSE)• Creating Secure Client Sockets• Creating Secure Server Sockets• Choosing the Cipher Suites• Java GSS Securityo Code for GSS Serverhttp://www.eccouncil.orgEC-Council
o Code for GSS Client• Java Server Page (JSP)o Problem of Untrusted User Inputo JSP Security Issues: Sensitive Data in GET Requests and Cookieso JSP Best Practices• Security with Untrusted User Input• Cross Site Scripting• Overcoming Cross Site Scripting Problem• Authentication in Java• Permissions in Java• How to create new types of permissions?• Security Policy• Specifying an additional Policy File at runtime• Policy Toolo Policy Tool: Creating a new Policy File• Best practices for developing secure Java CodePage 15Module 07: Secure Java Script and VB Script Programming• Script: Introduction• JavaScript Vulnerability• Cross-Site Scripting (XSS)• Cross-Site Scripting Attacks• Avoiding XSS• JavaScript Hijacking• Defending Against JavaScript Hijacking• Declining Malicious Requests• Prevent Direct Execution of the JavaScript Response• Malicious Script Embedded in Client Web Requestshttp://www.eccouncil.orgEC-Council
Page 1 and 2: Page 1EC-Council CertifiedSecure Pr
Page 3: Course DescriptionEC-Council Certif
Page 8 and 9: • Microsoft SDL Threat Modeling T
Page 11 and 12: • Countermeasure against Buffer O
Page 13: • Using Variable Arguments Proper
Page 17 and 18: • .NET Frameworko .NET Framework
Page 19: o Design Considerationso Applicatio
Page 22 and 23: Page 22o Web Application Fingerprin
Page 24 and 25: Page 24• SQL Server Security Mode
Page 26 and 27: Page 26• SQL Server 2005o Step 1:
Page 28 and 29: Page 28• Application Configuratio
Page 30 and 31: Page 30• Preventing Automatic Sub
Page 32 and 33: • Validation Process in XML• XM
Page 34 and 35: • Preventing Repurposing• SiteL
Page 36 and 37: Page 36• Authorization Controls
Page 38 and 39: Page 38Module 22: Secure Xcode Prog
Page 40 and 41: Page 40• Obfuscation Sample Code
Page 42 and 43: Page 42• Starting a Winsock 2 API
Page 44 and 45: Page 44• The Bind System Call•
Page 46 and 47: Page 46• Figures: Fake Chunk, Ove
Page 48 and 49: Page 48• The wiretap Library• A
Page 50 and 51: Page 50• Security and Trust Servi
Page 52 and 53: Page 52• SSL Certificates• Veri
Page 54 and 55: • Avoiding unvalidated redirects

EC-Council Certified Secure Programmer

Create successful ePaper yourself

Delete template?

Save as template?