Training & Exams

C and C++ secure coding.

About This Course

Course Code
QASCACPS

Course Type
Performance Plus

Vendor
Cyber

Duration
3 Days

RRP
£2,700.00

Course Overview
Download

Overview

To put it bluntly, writing C/C++ code can be a minefield for reasons ranging from memory management or dealing with legacy code to sharp deadlines and code maintainability. Yet, beyond all that, what if we told you that attackers were trying to break into your code right now? How likely would they be to succeed?

This course will change the way you look at your C/C++ code. We'll teach you the common weaknesses and their consequences that can allow hackers to attack your system, and – more importantly – best practices you can apply to protect yourself. We give you a holistic view on C/C++ programming mistakes and their countermeasures from the machine code level to virtual functions and OS memory management. We present the entire course through live practical exercises to keep it engaging and fun.

Writing secure code will give you a distinct edge over your competitors. It is your choice to be ahead of the pack – take a step and be a game-changer in the fight against cybercrime.

Topics include:

Objectives

Note: This course comes with a number of easy-to-understand exercises providing real-time ethical hacking fun. By accomplishing these exercises with the support of the trainer, participants can analyze vulnerable code snippets and commit attacks against them in order to fully understand the root causes of certain security problems. All exercises are prepared in a plug-and-play manner by using a pre-set desktop virtual machine, which provides a uniform development environment.

Course Outline

Day 1

IT security and secure coding

x86 machine code, memory layout and stack operations

Buffer overflow

Day 2

Buffer overflow

Practical cryptography

Security protocols

XML security

Common coding errors and vulnerabilities

Day 3

Common coding errors and vulnerabilities

Principles of security and secure coding

Knowledge sources

Prerequisites

There are no specific pre-requisites for this course. However a general understanding of development practices and a broad understanding of current threats would be desired. There are group exercises, and instructor led ‘hands-on’ labs within each module of this course. Delegates can observe the instructor demonstrations or engage fully with each hands-on lab, subject to experience.

The intended audience for this course is primarily Project Managers, Business Analysts, Junior Developers and Designers. Plus anyone with an interest in building and maintaining secure systems lifecycle.

Note: This course is not designed for the experienced software developer and does not cover hands-on coding.

About This Course

Course Code
QASCACPS

Course Type
Performance Plus

Vendor
Cyber

Duration
3 Days

RRP
£2,700.00

Course Overview
Download