Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
CompTIA CySA+ (CS0-002) Cert Prep: 4 Software and Systems Security

CompTIA CySA+ (CS0-002) Cert Prep: 4 Software and Systems Security

4h 2mAdvanced2020-11-20

Authors

Mike Chapple

Mike Chapple

Teaching Professor at the University of Notre Dame

Course details

A solid understanding of software and systems security—from the software development lifecycle to penetration testing—is essential for aspiring cybersecurity analysts, as well as for those looking to earn the CompTIA Cybersecurity Analyst (CySA+) certification. In this installment of the CySA+ (CS0-002) Cert Prep series, instructor Mike Chapple dives into key software and system security practices as he prepares you for the Software and Systems Security domain of the CySA+ (CS0-002) exam. Mike provides coverage of secure software development practices, virtualization, networking, cloud computing, and more. Upon wrapping up this course—along with CySA+ (CS0-002) Cert Prep: 3 Identity and Access Management—you'll be prepared to confidently answer questions in the Software and Systems Security domain of the CySA+ exam.

Skills covered

Software Development SecurityCybersecurityCert Prep

Concepts

0. Introduction

  • 01 - Software and systems security
  • 02 - What you should know
  • 03 - Study resources

1. Software Development Life Cycle

  • 04 - Software platforms
  • 05 - Development methodologies
  • 06 - Maturity models
  • 07 - Change management
  • 08 - DevOps and DevSecOps

2. Software Assessment and Testing

  • 09 - Code review
  • 10 - Software testing
  • 11 - Code tests
  • 12 - Fuzz testing
  • 13 - Interface testing
  • 14 - Misuse case testing
  • 15 - Test coverage analysis

3. Secure Coding Best Practices

  • 16 - Input validation
  • 17 - Parameterized queries
  • 18 - Authentication and session management issues
  • 19 - Data protection
  • 20 - Output encoding
  • 21 - Error and exception handling
  • 22 - Code repositories
  • 23 - Code signing

4. Service Oriented Architecture

  • 24 - SOAP and REST
  • 25 - SOA and microservices

5. Secure Systems Design

  • 26 - Operating system types
  • 27 - Data encryption
  • 28 - Hardware and firmware security
  • 29 - Peripheral security
  • 30 - Physical asset management

6. Encryption and Certificate Management

  • 31 - Understanding encryption
  • 32 - Symmetric and asymmetric cryptography
  • 33 - Goals of cryptography
  • 34 - Choosing encryption algorithms
  • 35 - Key exchange
  • 36 - Diffie-Hellman
  • 37 - Trust models
  • 38 - PKI and digital certificates
  • 39 - Hash functions
  • 40 - Digital signatures
  • 41 - Creating a digital certificate
  • 42 - Revoking a digital certificate

7. Penetration Testing

  • 43 - Planning a penetration test
  • 44 - Designing penetration tests
  • 45 - Exploitation frameworks
  • 46 - Interception proxies
  • 47 - Penetration test reporting
  • 48 - Training and exercises

8. Reverse Engineering

  • 49 - Reverse engineering software
  • 50 - Reverse engineering hardware

9. Virtualization

  • 51 - Virtualization
  • 52 - Desktop and application virtualization
  • 53 - Containerization

10. Networking

  • 54 - Security zones
  • 55 - VLANs
  • 56 - Isolating sensitive systems
  • 57 - Virtual private networks (VPNs)
  • 58 - Software-defined networking

11. Cloud Computing

  • 59 - What is the cloud
  • 60 - Cloud computing roles
  • 61 - Cloud compute resources
  • 62 - Cloud storage
  • 63 - Cloud networking
  • 64 - Cloud databases
  • 65 - Cloud orchestration
  • 66 - Cloud auditing tools

12. Extending Defenses

  • 67 - Deception technologies

Conclusion

  • 68 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal