Må vi gemme en cookie?

Vi bruger cookies for at forbedre din oplevelse af vores hjemmeside, målrette indhold samt statistik. Læs mere om cookies

Kurser

Kursusadministration

Brug for hjælp?

  • Gregersensvej 8
  • 2630 Taastrup
Google MapsApple MapsRejseplanen
  • Forskerparken Fyn, Forskerparken 10F
  • 5230 Odense M
Google MapsApple MapsRejseplanen
  • Teknologiparken Kongsvang Allé 29
  • 8000 Aarhus C
Google MapsApple MapsRejseplanen
  • NordsøcentretPostboks 104
  • 9850Hirtshals
Google MapsApple MapsRejseplanen
  • Gammel Ålbovej 1
  • 6092Sønder Stenderup
Google MapsApple MapsRejseplanen
Nyt
365 dages online kursus

Online kursus: Defensive Programming

Få en forståelse defensiv programmering i programmeringssprogene C/C++, C#, JavaScript og HTML5. Kurserne er på engelsk og foregår online, når det passer dig. Du har adgang til online kurserne i 365 dage.

online kurser

Introduktion

Med denne kursuspakke vil du lære defensiv programmering i programmeringssprogene C/C++, C#, JavaScript og HTML5, hvilket du blandt andet kan bruge til at sikre iOS og Android applikationer. Defensiv programmering kan reducere antallet af softwarebugs og problemer, og sikrer at kildekoden er læselig og forståelig. På kurset vil du lære mere om, hvorfor defensiv programmering er vigtigt, og hvordan du bruger værktøjerne de forskellige sprog stiller til rådighed.

Deltagerprofil

Softwareudviklere der ønsker en introduktion til effektiv og sikker udvikling af applikationer.
Der er ingen specifikke forudsætninger ud over din professionelle baggrund.

Indhold

Defensive Programming in C/C++

Defensive Coding Fundamentals for C/C++
  • Describe the potential risks faced by software applications
  • Identify the key reasons why risks are recurring issues
  • Recognize the key features of defensive coding
  • List some key approaches that prevent problems during the planning stage
  • Recognize what a clean code is
  • Identify the key features of iterative design
  • Use pseudocode to develop programming solutions
  • Use assertions in your programming code
  • Apply pre and post conditions to C/C++
  • Identify how to perform low-level design inspections
  • Describe the benefits of testing your code
  • Recognize how to write testable code in C/C++
  • Recognize how to perform unit tests using Visual Studio for C/C++
  • Create examples of defensible methods in C/C++
  • Identify the techniques for applying defensive techniques for method parameters and return values in C/C++ methods
  • Recognize how to implement variable declarations for defendable code
  • Identify how to use if and switch statements in creating defendable code
  • Identify error-handling techniques to promote defensive coding
  • Demonstrate how to use exceptions to handle errors
  • Create a C/C++ application that incorporates error codes and messages into its error handling
  • Recognize how to use error processing and global objects
  • Identify how to handle errors locally in C/C++ code
  • Recognize how to anticipate potential errors in C/C++ code
  • Use defensive coding techniques to create clean testable methods
Defensive Coding for C/C++
  • List potential risks to C/C++ UI applications
  • Describe what buffer overflows are and their impact
  • Identify how to prevent buffer overflows
  • Describe what code injection attacks are
  • Describe how to mitigate injection attacks in C/C++ applications
  • Identify how to prevent format string vulnerabilities in C/C++ applications
  • Recognize how to prevent Dynamic Link Library or DLL hijacking in C/C++ applications
  • Use exceptions in C/C++ applications
  • Specify how to deal with bad data in your C/C++ applications
  • How to use regular expressions to help in input validation
  • Recognize how to constrain user input to prevent bad data input
  • Recognize how to properly interface with data in C/C++
  • Demonstrate some common data validation techniques employed to create secure C/C++ applications
  • Identify why casting in the C++ style is preferred to the C style
  • Recognize how to properly use operator overloading in C/C++
  • Identify the correct way to access internal class data
  • Describe why for loops are preferred to while loops
  • Recognize how to keep functions focused and concise
  • Identify the best way to use references and pointers and why you should avoid raw pointers
  • Describe the top secure coding practices for C/C++
  • Recognize the importance of good readability for planning and maintaining code
  • Use defensive coding techniques to create a secure C/C++ application

Defensive Programming in C#

Defensive Coding Fundamentals for C#
  • Describe the potential risks faced by software applications
  • Identify the key reasons why risks are a recurring issue
  • Recognize the key features of defensive coding
  • List some key approaches to preventing problems during the planning stage
  • Recognize what clean code is
  • Identify the key features of iterative design
  • Use pseudocode to develop programming solutions
  • Use assertions in your programming code
  • Apply pre and post conditions to C#
  • Identify how to perform low level design inspections
  • Describe the benefits of testing your code
  • Recognize how to write testable code in C#
  • Recognize how to perform unit tests using Visual Studio for C#
  • Create examples of defensible methods in C#
  • Identify the techniques for applying defensive techniques for method parameters and return values in C# methods
  • Recognize how to implement variable declarations for defendable code
  • Identify how to use null values in creating defendable code
  • Identify how to use if and switch statements in creating defendable code
  • Identify error handling techniques to promote defensive coding
  • Demonstrate how to use exceptions to handle errors
  • Create a C# application that incorporates error codes and messages into its error handling
  • Recognize how to use error processing and global objects
  • Identify how to handle errors locally in C# code
  • Recognize how to anticipate potential errors in C# code
  • Write clean, testable code
Defensive Coding for C#
  • List potential risks to C# UI applications
  • Describe what buffer overflows are and their impact
  • Identify how to prevent buffer overflows
  • Identify what form injection attacks typically take in C# applications
  • Describe how to mitigate injection attacks in C# applications
  • Identify how to prevent shatter attacks in .NET applications
  • Recognize how to prevent DLL highjacking in .NET applications
  • Use exceptions in C# applications
  • Specify how to deal with bad data in your C# applications
  • How to use input validation in a C# application
  • How to use regular expressions to help in input validation
  • Recognize how to constrain user input to prevent bad data input
  • Describe what SQL injection attacks are
  • Recognize how to use Stored Procedures to aid in the defense of SQL injection attacks
  • Describe some of the pitfalls of using dynamic SQL
  • Illustrate how authentication works in WCF
  • Recognize how to verify service identities
  • Identify how to prevent NTLM attacks
  • Recognize how to work with the WindowsIdentity class
  • Describe potential XML risks in ASP.NET applications
  • Identify how to prevent against XML Entity expansion attacks
  • List the potential problems that path traversal may cause
  • Recognize how to prevent path traversal attacks
  • Use defensive coding techniques to create secure C# application

Defensive Programming in JavaScript and HTML5

Defensive Coding Fundamentals for JavaScript and HTML5
  • Describe the potential risks faced by software applications
  • Identify the key reasons why risks are a recurring issue
  • Recognize the key features of defensive coding
  • List some key approaches to preventing problems during the planning stage
  • Recognize the correct way to use, or not use, the escape function
  • Identify the key features of a strong Cross-Origin Resource Sharing Policy
  • Use event handlers to account for and prevent untrusted data
  • Utilize secure Web storage in JavaScript and HTML5
  • Utilize secure web messaging in JavaScript and HTML5
  • Identify the key features and benefits of testing
  • Describe the benefits of testing your code for multiple browsers
  • Recognize how to write testable code in JavaScript and HTML5
  • Recognize how to perform tests using Visual Studio for JavaScript and HTML5
  • Create examples of defensible methods in JavaScript and HTML5
  • Identify the techniques for applying defensive techniques for method parameters and return values in JavaScript and HTML5 methods
  • Recognize how to implement variable declarations for defendable code
  • Identify how to use null values in creating defendable code
  • Identify how to use if and switch statements in creating defendable code
  • Identify error-handling techniques to promote defensive coding
  • Demonstrate how to use exceptions to handle errors
  • Create a JavaScript and HTML5 application that incorporates error codes and messages into its error handling
  • Recognize how to use error processing and global objects
  • Identify how to handle errors locally in JavaScript and HTML5 code
  • Recognize how to anticipate potential errors in JavaScript and HTML5 code
  • Use defensive coding techniques to create clean testable methods
Defensive Coding for JavaScript and HTML5
  • List potential Document Object Model or DOM risks to JavaScript and HTML5 applications
  • Describe the risks associated with cross-site scripting and cross-site request forgery
  • Identify what Document Object Model or DOM-based Cross-Site Scripting or XSS is and illustrate the form an attack might take in JavaScript
  • Describe what social jacking is and identify what things users need to be on the lookout for
  • List potential information and trust issues that would affect JavaScript and HTML5 applications
  • Demonstrate how to prevent Document Object Model or DOM manipulation in JavaScript
  • Describe common risks associated with third-party application program interfaces or APIs
  • Demonstrate how to prevent page manipulation in JavaScript through cascading style sheets or CSS
  • Identify the best practices for dealing with client input in a JavaScript HTML5 application
  • Troubleshoot potential risks associated with browser plugins
  • Demonstrate how to counteract risks by running JavaScript in a sandbox
  • Compare Scalable Vector Graphics or SVG exploits and how to use JavaScript to prevent them
  • Describe how to secure JavaScript code in your applications
  • Describe the key features of JavaScript Object Notation
  • List the key risks of using JavaScript Object Notation
  • Perform input validation on JavaScript Object Notation or JSON data
  • Use the eval method to convert JavaScript Object Notation or JSON data into a JavaScript object
  • Describe how to implement a cross-origin resource sharing policy in HTML5
  • Demonstrate the most secure ways to include media in HTML5 pages
  • Describe secure practices for using HTML5 Web Workers
  • Distinguish some of the key ways to secure HTML5 applications
  • Use defensive coding techniques to create a secure JavaScript and HTML5 Application
Defensive Programming in iOS
  • Thinking Defensively about Functions, Methods, and Input
  • Create code that handles file inputs to an iOS app
  • Create code that handles url scheme inputs to an iOS app
  • Validate user-provided input using Objective-C
  • Use a real-time approach to validating user-provided input in Objective-C
  • Use secure coding principles to guard against format string attacks
  • Restrict free navigation around the Web based on user input in a UIWebView
  • Use best practices to name functions and methods in Objective-C
  • Use best practices to name accessor methods in Objective-C
  • Use best practices to name delegate methods in Objective-C
  • Reduce method complexity in iOS apps using Objective-C
  • Overload a function to reduce code complexity in Swift
  • Design functions that have a single and defined focus
  • Identify and use different class naming standards in Objective-C
  • Create and use constants in Objective-C
  • Create and use constants in Swift
  • Create and use resource files in an iOS app
  • Easily store and retrieve data from the defaults database
  • Recognize how using brackets can protect against potential bugs
  • Design while loops that are not vulnerable to running forever
  • Design for loops that are not vulnerable to running forever
  • Identify and avoid bugs caused by altered loop variables
  • Handle various types of inputs to an iOS app
Managing Network Interaction
  • Create a TCP client connection from an iOS app
  • Send and receive data over a TCP connection in an iOS app
  • Determine when an iOS app can and cannot access the Internet
  • Determine when an iOS app can and cannot reach a specific IP address
  • Determine when an iOS app can and cannot access the Internet
  • Install and configure the network link conditioner to be able to test iOS apps in different connection conditions
  • Use CF functions to encode URLs
  • Use CF functions to decode URLs
  • Use NSURLConnection to make synchronous and asynchronous network calls
  • Use NSURLConnection to make asynchronous network calls without using custom delegates
  • Create and apply a configuration object to an NSURLSession instance
  • Request a URL in a simple manner using NSURLSession and system delegates
  • Request a URL in a flexible manner using NSURLSession and custom delegates
  • Stop script execution in any HTML loaded into a WebView
  • Disallow Internet traffic over cellular connections in an iOS app
  • Capture and handle redirect responses from a server
  • Use NSURLSession to reliably download and save files in an iOS app
  • Use NSURLSession to handle users stopping and starting download operations
  • Use NSURLSession to handle downloads that fail
  • Use NSURLSession to upload files to a web server
  • Use common techniques for managing network interaction
Errors, Exceptions, and Testing
  • Use error information returned indirectly from methods
  • Test for specific kinds of errors based on domains and codes
  • Create and return error objects from custom methods
  • Use alert views to inform end users of error information
  • Use an underlying error object to find out more detail about an error that has occurred
  • Create and throw/raise exceptions in iOS apps
  • Catch and handle exceptions in iOS apps
  • Use the @finally directive to guarantee code execution
  • Convert a raised exception to an error when appropriate
  • Capture and handle specific types of exceptions locally
  • Create an XCTestCase Class using Xcode and Objective-C
  • Create an XCTestCase Class using Xcode and Swift
  • Create, execute, and check results of unit tests using Xcode and Objective-C
  • Creating and executing unit tests in Swift
  • Unit test private methods in custom classes
  • How to create tests that measure execution time of code
  • Create and execute asynchronous tests
  • Recognize how to initiate the creation of an automated test of an iOS app
  • Access interface elements by navigating the element hierarchy
  • Use accessibility labels to interact with iOS app elements when automation testing
  • Select and tap interface elements in automation testing
  • Define pass and fail benchmarks for automation testing
  • Use the logElementTree method to understand an app's view hierarchy
  • Import previously created automation scripts for reuse
  • Create assertions using NSAssert
  • Create assertions using the assert function
  • Create assertions in Swift
  • Work with creating and managing errors and exceptions
Protecting Data in iOS Apps
  • Obscure sensitive data from plain sight in an iOS app interface
  • Use alert view styles to collect sensitive user data
  • Obscure sensitive data when using alert controllers
  • Use Touch ID authentication in iOS apps on supported devices
  • Recognize how to write text data to files while reducing the risk of data corruption
  • Recognize how to write binary data to files while reducing the risk of data corruption
  • Use built-in hardware encryption to store text files securely on disk
  • Use built-in hardware encryption to store binary files securely on disk
  • Register for notifications and delegate methods that indicate when protected files change status
  • Create and access protected files while an iOS device is in the background
  • Securely store sensitive data using the iOS keychain
  • Search and retrieve sensitive data from the iOS keychain
  • Update sensitive data stored in the iOS keychain
  • Remove sensitive data stored in the iOS keychain
  • Define when keychain items are accessible depending on the lock status of an iOS device
  • Use the Randomization Services API to generate random numbers
  • Create an MD5 hash using the Common Crypto library
  • Create an SHA hash using the Common Crypto library
  • Use the RNCryptor library to encrypt and decrypt data in an iOS app
  • Use the Certificate, Key, and Trust functions to generate an asymmetric key pair
  • Use the public key of an asymmetric key pair to encrypt data
  • Use the private key of an asymmetric key pair to decrypt data
  • Create and manage iOS keychain items

Defensive Programming in Android

Defensive Programming in Android: Input and Methods
  • Identify common assumptions not to make about user input
  • Create code that handles file inputs to an Android app
  • Create code that handles URL inputs to an Android app
  • Validate user-provided input
  • Use a real-time approach to validating user-provided input
  • Use secure coding principles to guard against format string attacks
  • Parse and check input values before using that input in a WebView object
  • Restrict access to navigation methods in a WebView object
  • Protect against SQL injection by using parameterized and prepared statements
  • Recognize best practice in writing methods for Android apps in Java
  • Use best practices to name methods in Java for Android
  • Use best practices to name getter methods in Java for Android
  • Use best practices to name callback methods in Java for Android
  • Reduce method complexity in Android apps using Java
  • Use Java overloaded methods to reduce complexity in Java for Android
  • Recognize how constants can be used in defensive programming
  • Create and use constants in Java for Android
  • Use best practices for naming constants in Java for Android
  • Create and use resource files in an Android app
  • Recognize how to write if statements defensively to protect against potential bugs
  • Design while loops that are not vulnerable to running forever
  • Design for loops that are not vulnerable to running forever
  • Identify and avoid bugs caused by altered loop variables
  • Use defensive practices to code in Java
Defensive Programming in Android: Using Standards
  • Recognize how and where standards promote defensive programming
  • Identify and use class naming standards in Java
  • Identify and use variable naming standards in Java
  • Recognize the proper use of comments to make code more readable and maintainable
  • Use SQLite prepared statements to protect against SQL attacks
  • Recognize how both indentation and whitespace can be used to promote defensive programming
  • Use indentation to make source code more readable and maintainable
  • Use whitespace to make source code more readable and maintainable
  • Recognize what it means to keep code simple and how it makes programs more robust
  • Design classes that have a single and defined focus
  • Design methods that have a single and defined focus
  • Perform refactoring in Java
  • Avoid duplicating code in Java Android apps
  • Set up dependency management in Apache Maven
  • Set up dependency management in Gradle
  • Describe the characteristics of Design by Contract
  • Use comments to support Design by Contract
  • Use preconditions to support Design by Contract
  • Use postconditions to support Design by Contract
  • Use invariants to support Design by Contract
  • Use Design by Contract in Java
  • Use Design by Contract in Android
  • Create a simple app using Design by Contract principles
Defensive Programming in Android: Errors, Exceptions, and Testing
  • Recognize how errors and exceptions can be used in defensive programming
  • Use the Java exception classes
  • Use exception stack traces
  • Test for specific kinds of errors based on domain and code
  • Create custom Java error classes
  • Inform end users of error information in an Android app
  • Use an underlying error object to find out more detail about an error that has occurred
  • Release Java resources in the event of an exception
  • Recognize how unit testing can be used in defensive programming
  • Use the android testing API to construct automated unit tests
  • Use instrumentation in automated Android unit testing
  • Use test case classes in Android automated unit testing
  • Use Android assertion classes
  • Use mock object classes in Android automated unit testing
  • Use test runner classes for Android automated unit testing
  • View test results in the IDE
  • Recognize where end-to-end testing can be used in defensive programming
  • Set up the Android Testing Support API for automated UI testing
  • Use Espresso test classes for Android automated UI testing
  • Use instrumentation of activities for Android automated UI testing
  • Test UI components in Android
  • Use ViewAction, ViewInteraction, and DataInteraction classes to simulate actions when testing an Android app
  • Describe the use of assertions for defensive programming in Java for Android
  • Use basic assert statements in Java for Android
  • Identify and use precondition, postcondition and invariant assertions
  • Use annotations to aid in programming defensively for Android
  • Create a Java app to use exceptions and assertion
Defensive Programming in Android: Network Access and Java Defensive Techniques
  • Initialize instances of classes safely
  • Check for the presence of null to avoid errors
  • Design setters to avoid potential errors
  • Recognize how to compare two objects in Java avoiding potential errors
  • Work safely with the Java switch and case statements
  • Use atomic and nonatomic operations in threaded applications
  • Use final properties to minimize potential for errors
  • Recognize when to use mutable and immutable classes
  • Implement a basic enum in Java
  • Use enums to reduce the possibility of unexpected input
  • Implement an enum with a constructor and recognize the rules for enum constructors
  • Implement an interface in an enum
  • Create an enum with abstract methods
  • Use packages and classes to implement proper encapsulation
  • Import packages in Java Android apps
  • Use different scopes to implement defensive programming
  • Create APKs to run on Android devices
  • Create jars for exporting Java code between apps
  • Recognize the importance of maintaining a good user experience while accessing the network
  • Use AsyncTask to retrieve data asynchronously and preserve user experience
  • Use progress reporting to enhance user experience
  • Cache retrieved data to enhance user experience
  • transfer large files in the background
  • check network connectivity status in Android apps
  • sanitize data transferred across the network
  • create an Android app to access the network asynchronously

Secure Programming

Introduction to Secure Programming
  • Describe defensive programming and identify its benefits and disadvantages
  • Describe secure programming, its relationship to defensive programming, and its benefits and disadvantages
  • Identify sources of risk that can negatively impact your software applications
  • Describe best practices for creating secure code
  • Describe how to include defensive programming techniques into your software development process
  • Describe why testing should be performed and identify the major phases of the software testing process
  • Describe what unit testing is and the benefits it provides
  • Identify the benefits of employing defensive and secure programming and recognize the phases of the software testing process
Secure Programming for C/C++
  • Recognize what clean code is and the best techniques for writing clean code
  • Identify the key features of iterative design
  • Use pseudo-code to develop programming solutions
  • Use assertions in your programming code
  • Apply pre and post conditions to C/C++ code
  • Recognize how to write testable C/C++ code
  • Create examples of defensible methods
  • Identify how to apply defensive techniques for method parameters and return values
  • Recognize how to implement variable declarations for defendable code
  • Identify how to use if and switch statements in creating defendable code
  • Demonstrate how to use exceptions to handle errors
  • Create a C/C++ application that incorporates error codes and messages into its error handling
  • Recognize how to use error processing and global objects in your programs
  • Identify how to handle errors locally in C/C++ code
  • Recognize how to anticipate potential errors in C/C++ code
  • Use defensive coding techniques to create clean, testable methods

 

Tidsforbrug

Hele kursuskollektionen kan gennemføres på ca. 24 timer.

Form

Denne online kursuspakke består af flere forskellige kurser, som du ved tilmelding har adgang til i 365 dage. Hvert enkelt kursus er opdelt i flere kursusmoduler, som du via en oversigtsmenu kan tage i den rækkefølge, du ønsker. Modulerne indeholder lyd, billeder og tekst, der gennemgår kursusindholdet. Nogle moduler indeholder små videofilm med scenarier og cases. Ved hvert kursus har du mulighed for at teste din forståelse af indholdet med tests, som du kan tage både før, under og efter kurset. Du gennemfører kursusmodulerne via din computer eller tablet med lyd og adgang til Internettet. Du kan selv styre, hvornår du vil tage modulerne – og de kan sættes på pause undervejs. Der bliver indsat bogmærker, der hvor du er nået til, så du altid har mulighed for at fortsætte, hvor du sidst kom til.
Læs mere om vores online kurser og se svar på dine spørgsmål (FAQ)

Søgte du et andet online kursus?

Vi tilbyder over 7.000 forskellige online kurser inden for mange forskellige områder. Kontakt os på tlf. 72203000 eller kurser@teknologisk.dk, så vi kan hjælpe med at imødekomme dit behov.
Se desuden listen over vores udvalgte online kurser.

Køb online kursus til flere

Er I en afdeling, en hel virksomhed eller blot flere personer, der ønsker adgang til online kurser, så kontakt os og få et tilbud på tlf. 72203000 eller kurser@teknologisk.dk

Har du faglige spørgsmål så kontakt
Andre kigger også på