Cert Secure Coding in C and C++ Professional Certificate

Heinz College

How long?

  • online
  • on demand

Heinz College

Disclaimer

Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Who should attend

C and C++ Software Developers

About the course

The CERT Secure Coding in C and C++ Professional Certificate provides software developers with practical instruction based upon the CERT Secure Coding Standards. The CERT Secure Coding Standards have been curated from the contribution of 1900+ experts for the C and C++ programming language. The CERT Secure Coding team teaches the essentials of designing and developing secure software in C and C++. Completion of this Professional Certificate will enable software developers to increase security and reduce vulnerability within the C and C++ programs they develop.

The CERT Secure Coding in C and C++ Professional Certificate is a certificate program that includes two courses and an examination, which are all available online. This Certificate program package includes the required courses, exam, and 3 e-books for continued study.

Secure Software Concepts

Secure Software Concepts explores basic security concepts and how security design principles protect the organization. Risk assessment and management, regulatory requirements, and software design are examined within the context of the organization's acquisition and development lifecycles to prepare the student for a deeper study of secure coding. This eLearning course contains two hours of video instruction that may be studied incrementally.

Secure Coding in C and C++

Secure Coding in C and C++ provides detailed instruction about common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation. The course concentrates on security issues intrinsic to the C and C++ programming languages and associated libraries. The intent is for this course to be useful to anyone involved in developing secure C and C++ programs regardless of the specific application. Moreover, this course encourages programmers to adopt security best practices and develop a security mindset that can help protect software from tomorrow's attacks, not just today's.

Instruction is accomplished through recorded lectures from SEI instructors and is reinforced through online exercise labs which apply your new knowledge. This eLearning course contains twenty (20) hours of video instruction, that may be studied incrementally, and six (6) online exercises performed in the virtual lab environment.

This course is also offered as instructor-led training at customer sites.

Secure Coding in C and C++ Examination

The CERT Secure Coding in C and C++ Professional Certificate concludes with an examination of the student's comprehension of the concepts presented in the preceding courses. The exam consists of 40 multiple choice questions. Students proceed through the exam at their convenience over 6 total hours. Students must achieve a passing score of 80%.

Please note that successful completion of all program components are necessary to achieve the professional certificate

Objectives

Students will acquire a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors. In particular, students will learn how to

  • improve the overall security of any C or C++ application
  • thwart buffer overflows and stack-smashing attacks that exploit insecure string manipulation logic
  • avoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functions
  • eliminate integer-related problems: integer overflows, sign errors, and truncation errors
  • correctly use formatted output functions without introducing format-string vulnerabilities
  • avoid I/O vulnerabilities, including race conditions

Topics

Secure Software Concepts

Topics

  • Define the core security concepts
  • Understand how security design principles protect the organization
  • Understand information privacy requirements imposed by regulation
    • Sarbanes-Oxley (SOX)
    • Gramm-Leach-Bliley Act (GLBA)
    • Federal Information Security Management Act (FISMA)
    • Payment Card Industry (PCI)
  • Define governance, risk, and compliance as related to secure software development
  • Identify critical assets, risk, and security requirements
  • Assess and manage risk
  • Identify security tasks within various software development methodologies
  • Select and use software assurance methodologies presented

Secure Coding in C and C++

Topics

  • String Management
  • Detection and Recovery
  • Structured Code Review
  • Integer Vulnerabilities and Mitigations
  • Dynamic Memory Management
  • Formatted Output
  • File I/O Basics
  • UNIX Permissions and Privileges
  • File Identification Vulnerabilities
  • Race Conditions

Materials

Once registered, learners will be granted 24-hour-a-day access to the courses material for 12 months.

Learners can proceed through the courses at their convenience and can review and repeat individual sections as often as needed. Each course provides video-recorded training sessions that were presented by SEI CERT instructors to a classroom of students representing a variety of industries. Instructor demonstrations included with the courses explore and reinforce the concepts taught and how they can be successfully applied.

Secure Coding Concepts

  • 8 video training sessions with transcripts

Secure Coding in C and C++

  • 20 video training sessions with transcripts
  • 6 coding exercises

A copy of course slides is available to download.

The curriculum and materials are based upon the e-books, which are provided in the certificate package:

  • Secure Coding in C and C++, Second Edition by Addison-Wesley.
  • SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)
  • SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems in C++ (2016 Edition)

Prerequisites

  • A basic to intermediate understanding of the C and C++ programming languages
  • Software security knowledge or experience is not required

To use CERT STEPfwd effectively, you need the following:

  • HTML5 compatible web browser such as Internet Explorer 9+, Chrome 4+, or Firefox 3.5+
  • Internet connection of 384 Kbps or greater to sustain downloads with no more than 230 ms of latency
  • Computer system and network settings that allow access to streaming video from internet sources
  • Minimum client resolution of 1280 x 1024 to enable proper lab player display

Schedule

Your access period of 12 months is based on your enrollment date.

Learners will have 12 months to complete both courses. Upon completing all elements of each course, the learner is awarded an electronic certificate of course completion. Upon completing both courses and successful completion of the certificate exam, the learner is awarded the CERT Secure Coding in C and C++ Professional Certificate.

Cert Secure Coding in C and C++ Professional Certificate at Heinz College

From  $1,250

Something went wrong. We're trying to fix this error.

Thank you for your application

We will contact the provider to ensure that seats are available and, if there is an admissions process, that you satisfy any requirements or prerequisites.

We may ask you for additional information.

To finalize your enrollment we will be in touch shortly.

Disclaimer

Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.

We are happy to help you find a suitable online alternative.