About this Course

10,010 recent views
Shareable Certificate
Earn a Certificate upon completion
100% online
Start instantly and learn at your own schedule.
Flexible deadlines
Reset deadlines in accordance to your schedule.
Intermediate Level
Approx. 23 hours to complete
English

What you will learn

  • Apply “what to watch out for” and “where to look” to evaluate fragility of C++ library code.

  • Given a fragile C++ library, code a robust version.

  • Identify problems w/ privilege, trusted environments, input validation, files & sub-processes, resource mngmt, asynchronicity, & randomness in C/C++.

  • Remediate examples of problems that apply to C/C++ interactions with the programming environment.

Skills you will gain

Identifying vulernabilitiesC/C++ Programming
Shareable Certificate
Earn a Certificate upon completion
100% online
Start instantly and learn at your own schedule.
Flexible deadlines
Reset deadlines in accordance to your schedule.
Intermediate Level
Approx. 23 hours to complete
English

Offered by

Placeholder

University of California, Davis

Syllabus - What you will learn from this course

Week
1

Week 1

6 hours to complete

Users, Privileges, and Environment Variables

6 hours to complete
17 videos (Total 107 min), 4 readings, 2 quizzes
17 videos
Module 1 Introduction2m
Users and Privileges Overview7m
Identifying Users and Changing Privileges7m
Spawning Subprocesses8m
Identifying Users Incorrectly1m
Establishing Users and Setting UIDs8m
Establishing Groups and GIDs3m
Establishing Privileges for Users and Groups11m
How Root Privileges Work3m
Lesson 1 Summary1m
Environment Variables Overview2m
Programming Explicitly4m
Addressing Various Attacks16m
Dynamic Loading and Associated Attacks16m
Programming Implicitly3m
The Moral of the Story5m
4 readings
A Note From UC Davis10m
Who Are You? - What is Going On?10m
Resetting the PATH - What is Going On?10m
Multiple PATH Environment Variables - What's Going On?5m
2 practice exercises
Module 1 Practice Quiz30m
Module 1 Quiz30m
Week
2

Week 2

6 hours to complete

Validation and Verification, Buffer and Numeric Overflows, and Input Injections

6 hours to complete
17 videos (Total 162 min), 2 readings, 2 quizzes
17 videos
Validation and Verification Overview8m
Metacharacters11m
The Heartbleed Bug and Other Exploits21m
Inputs15m
Fixes6m
Lesson 3 Summary1m
Buffer Overflows Overview2m
Buffer Overflow Examples18m
Selective Buffer Overflow and Utilizing Canaries17m
Numeric Overflows Overview7m
Numeric Overflow Examples8m
Lesson 4 Summary2m
Input Injections Overview1m
Cross-Site Scripting Attacks18m
SQL Injections10m
Lesson 5 Summary5m
2 readings
Path Names - What's Going On?10m
Numeric and Buffer Overflows - What's Going On?10m
2 practice exercises
Module 2 Practice Quiz15m
Module 2 Quiz30m
Week
3

Week 3

3 hours to complete

Files, Subprocesses, and Race Conditions

3 hours to complete
13 videos (Total 80 min), 1 reading, 2 quizzes
13 videos
Files and Subprocesses Overview52s
Creating a Child Process5m
Subprocess Environment10m
Files and Subprocesses Design Tips5m
Lesson 6 Summary2m
Race Conditions Overview8m
A Classic Race Condition Example9m
Time of Check to Time of Use12m
Programming Condition5m
Environmental Condition7m
Race Conditions6m
Linux Locks and FreeBSD System Calls4m
1 reading
The Environmental Condition - What's Going On?10m
2 practice exercises
Module 3 Practice Quiz15m
Module 3 Quiz30m
Week
4

Week 4

7 hours to complete

Randomness, Cryptography, and Other Topics

7 hours to complete
19 videos (Total 97 min), 4 readings, 2 quizzes
19 videos
Randomness and Cryptography Overview2m
Pseudorandom vs. Random6m
Producing Random Numbers4m
Sowing Seeds12m
Cryptography Basics3m
Using Cryptography for Secrecy and Integrity8m
Some Cryptography Examples9m
Lesson 8 Summary1m
Handling Sensitive Information and Errors and Formatting Strings Overview1m
All About Passwords7m
Adding a Pinch of Salt4m
Managing Sensitive Data4m
Practice a Secure Function8m
Error Handling Part 14m
Error Handling Part 26m
Format Strings5m
Lesson 9 Summary2m
Course Summary52s
4 readings
(Pseudo) Random Numbers - What's Going On?10m
Hashing and Cracking Passwords - What's Going On?10m
A Safe system() Function - What's Going On?10m
Converting Strings to Integers - What's Going On?10m
2 practice exercises
Module 4 Practice Quiz15m
Module 4 Quiz30m

Reviews

TOP REVIEWS FROM IDENTIFYING SECURITY VULNERABILITIES IN C/C++PROGRAMMING

View all reviews

About the Secure Coding Practices Specialization

Secure Coding Practices

Frequently Asked Questions

More questions? Visit the Learner Help Center.