IT Security/Host/Application

This lesson covers application security.

Objectives and Skills

edit

Objectives and skills for the application security portion of Security+ certification include:[1]

Explain the importance of application security controls and techniques.
  • Fuzzing
  • Secure coding concepts
    • Error and exception handling
    • Input validation
  • Cross-site scripting prevention
  • Cross-site Request Forgery (XSRF) prevention
  • Application configuration baseline (proper settings)
  • Application hardening
  • Application patch management
  • NoSQL databases vs. SQL databases
  • Server-side vs. Client-side validation

Readings

edit

Multimedia

edit
  1. YouTube: Fuzzing - CompTIA Security+ SY0-401: 4.1
  2. YouTube: Secure Coding Concepts - CompTIA Security+ SY0-401: 4.1
  3. YouTube: Application Configuration Baselining and Hardening - CompTIA Security+ SY0-401: 4.1
  4. YouTube: Application Patch Management - CompTIA Security+ SY0-401: 4.1
  5. YouTube: SQL and NoSQL Databases - CompTIA Security+ SY0-401: 4.1
  6. YouTube: Server-side vs. Client-side Validation - CompTIA Security+ SY0-401: 4.1

Activities

edit

See Also

edit

References

edit