• Online, Self-Paced
Course Description

Defensive programming is an approach to programming that attempts to ensure that software still functions under adverse or unforeseen circumstances. In this course, you will learn how to code defensively in order to handle and protect data. You'll learn how to implement secure communications and how to implement access control and authentication effectively.

Learning Objectives

Secure Communications and Access Control

  • start this course
  • implement secure network communications in Java programs
  • identify permission issues with callback methods that you need to consider when programming defensively in Java
  • identify access control issues with java.security.AccessController.doPrivileged in Java programs
  • identify how to use containers securely in Java
  • create a custom security policy file to grant permissions in Java
  • identify permission issues with contexts that you need to consider when programming defensively in Java
  • identify permission issues with callers that you need to consider when programming defensively in Java

Protecting Data

  • identify how to code defensively to avoid compromising data confidentiality
  • use secure password storage
  • review a database that stores user authentication data and write code that can be used to connect and communicate with the database
  • implement and test secure user authentication

Practice: Securing a Java Application

  • use defensive coding techniques in communication, authorization and access control to create a secure Java application

Framework Connections

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.