Secure Programming of Web Applications for Developers and TPMs - Course Assessment

This assessment questionnaire gives you the opportunity to verifiy your learning progress. Thank you for taking this course!

Back to Overview

This is only an abridged excerpt from the course
Secure Programming of Web Applications for Developers and TPMs

Questionnaire

What is the best way to create a secure hashing scheme for your application?

Simply using a secure and long hash function
Concatenating a password with a salt and using a secure and long hash function
Using a specifically-designed hashing scheme developed by cryptographers

What are examples of Back-end attacks?

Cross-Site-Scripting
Command Injection
SQL Injection
Session-Hijacking

Does HTTPS mitigate programming errors?

Yes
No

For Cross-Site-Scripting mitigation, JavaScript and HTML contexts are equally relevant...

True
False, only JavaScript is relevant

Session-Hijacking can be supported by Cross-Site-Scripting flaws...

True
False

Submit Answers

Back to Overview

Chapters

Number	Title	Length
	Start
1	Introduction and Motivation (Full preview availabe)	2 min
2	Well-known Vulnerabilities Overview (Full preview availabe)	2 min
3	Causes & Background	9 min
4	Secure Programming in general	3 min
5	BankBoard Intro – A vulnerable Java Web Application	3 min
6	Code/Command Injection	3 min
7	(No)SQL Code Injection (Full preview availabe)	4 min
8	DEMO: BankBoard SQL Code Injection (Full preview availabe)	2 min
9	Cross-Site Request Forgery (CSRF)	5 min
10	DEMO: CSRF	2 min
11	Cross-Site Scripting (XSS)	5 min
12	DEMO: Simple XSS	2 min
13	Open Redirection	4 min
14	File Inclusion / Directory Traversal	4 min
15	Clickjacking	4 min
16	Session-Hijacking	7 min
17	DEMO: XSS with Session-Hijacking	2 min
18	Information Disclosure	3 min
19	Authentication	7 min
20	Denial of Service	4 min
21	Middleware	1 min
22	Third-Party Software	1 min
23	Conclusion & Summary	3 min
A1	[Appendix] Java Coding Example - Secure Password Hashing/PBKDF2	18 min
	Course Assessment