Secure Programming of Web Applications for Developers and TPMs - Course Assessment

This assessment questionnaire gives you the opportunity to verifiy your learning progress. Thank you for taking this course!

Back to Overview

This is only an abridged excerpt from the course
Secure Programming of Web Applications for Developers and TPMs

Questionnaire

What is the best way to create a secure hashing scheme for your application?




What are examples of Back-end attacks?





Does HTTPS mitigate programming errors?



For Cross-Site-Scripting mitigation, JavaScript and HTML contexts are equally relevant...



Session-Hijacking can be supported by Cross-Site-Scripting flaws...





Back to Overview

Chapters

Number Title Length
Start
1 Introduction and Motivation (Full preview availabe) 2 min
2 Well-known Vulnerabilities Overview (Full preview availabe) 2 min
3 Causes & Background 9 min
4 Secure Programming in general 3 min
5 BankBoard Intro – A vulnerable Java Web Application 3 min
6 Code/Command Injection 3 min
7 (No)SQL Code Injection (Full preview availabe) 4 min
8 DEMO: BankBoard SQL Code Injection (Full preview availabe) 2 min
9 Cross-Site Request Forgery (CSRF) 5 min
10 DEMO: CSRF 2 min
11 Cross-Site Scripting (XSS) 5 min
12 DEMO: Simple XSS 2 min
13 Open Redirection 4 min
14 File Inclusion / Directory Traversal 4 min
15 Clickjacking 4 min
16 Session-Hijacking 7 min
17 DEMO: XSS with Session-Hijacking 2 min
18 Information Disclosure 3 min
19 Authentication 7 min
20 Denial of Service 4 min
21 Middleware 1 min
22 Third-Party Software 1 min
23 Conclusion & Summary 3 min
A1 [Appendix] Java Coding Example - Secure Password Hashing/PBKDF2 18 min
Course Assessment