10,000+ Free Udemy Courses to Start Today

View Courses

Coursesity is supported by learner community. We may earn affiliate commission when you make purchase via links on Coursesity.

Certification CoursePractical Security: Simple Practices for Defending Your Systems

Practical Security: Simple Practices for Defending Your Systems

This course is based on the Pragmatic Programmers' book, Practical Security, and is intended for developers, administrators, team leads, architects, technology generalists, and anyone else who protects the network from threats.

Discount Offer

Go to Course SAVE

Description

In this course, you will learn :

  • 5 simple, yet effective, techniques for keeping attackers out of your system.
  • Patching, software vulnerabilities, cryptography, Windows security, and phishing are all examples of these techniques.
  • The best practises for preventing vulnerabilities and making them more detectable.

Syllabus :

1. Patching

  • Upgrading Third-Party Libraries and Software
  • A Closer Look at Patching
  • Library Inventory
  • Dependency Management: Python
  • Dependency Management: JavaScript
  • Automating Vulnerability Detection
  • Network Inventory
  • Nmap
  • OpenVAS
  • Patching Windows
  • Finding Published Vulnerabilities
  • Testing Your Patches
  • If Patching Hurts, Do It More Often

 

2. Vulnerabilities

  • Introduction to SQL
  • Challenge: Select The Journal
  • Solution Review: Select The Journal
  • More SQL Commands
  • Challenge: Write a Generalized Query
  • Solution Review: Write a Generalized Query
  • How SQL Injection Works
  • Extending the Defense Beyond Prepared Statements
  • Additional Defenses as a Mitigation Against Future Mistakes
  • Putting It All Together for a Robust Defense
  • Introduction to Cross-Site Scripting (XSS)
  • HTML Encoding
  • Defenses against XSS
  • Introduction to Cross-Site Request Forgery (XSRF)
  • XSRF Prevention with SameSite
  • Misconfiguration
  • Default Passwords & Credentials
  • Jenkins & Public-Facing Servers

 

3. Cryptography

  • Don’t Roll Your Own Crypto
  • Some Key Principles
  • Security When the Enemy Knows the System
  • Don’t Use Low-Level Crypto Libraries
  • ECB Malleability
  • CBC Is Still Malleable
  • Evaluating Crypto Libraries Without Being a Crypto Expert
  • Password Storage
  • More Techniques for Password Storage
  • Storing Passwords When You’re the Client
  • Minimizing the Cost of Credential Loss
  • Keeping Passwords Hard to Predict
  • TLS Configuration

 

4. Windows

  • Login and Mimikatz
  • Password Policy
  • Active Directory: What Else Is It Good For?
  • BitLocker

 

5. Phishing

  • Types of Phishing Attacks
  • Social Defense
  • DNS-Based Defense SPF
  • DNS-Based Defense: DKIM
  • DNS-Based Defense: DMARC

Similar Courses

CompTIA Cybersecurity Analyst CySA+ (CSA+). The Total Course

4.3
SAVE

Free Online Comptia Course

21.7K+ enrolled
SAVE

CompTIA Security+ Plus SY0-501 Certification Practice Tests

4.3
3.7K Reviews
SAVE

Introduction to Computer Information Systems

3.6
7 Reviews
SAVE

Free Tutorial for Complete CompTIA A+ Certification

4.5
656 Reviews
SAVE

CompTIA A+ : 220-1002 Test Prep, Exams and Simulations

4.7
3.9K Reviews
SAVE

CompTIA Security+ Cert(SY0-501): Security Administration

4.1
75 Reviews
SAVE

Learn CompTIA Security+ (Plus) Certification Total Course

4.6
25.2K Reviews
SAVE

CompTIA Security+ (SY0-401) : The Complete Course

4.4
223 Reviews
SAVE

Course Features

Report course
Go to Course SAVE