| Read pages 335 – 362 taking notes |
| Complete all 33 review questions |
| Any review questions that are wrong or missing then go back into the chapter and read those areas |
| Action – Videos Professor Messer |
|
https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/sy0-601-comptia-security-plus-course/
2.3 Secure Application Development
- Secure Deployments
- Provisioning and Deprovisioning
- Secure Coding Techniques
- Software Diversity
- Automation and Scripting
2.6 Embedded Systems
- Embedded Systems
- Embedded Systems Communications
- Embedded Systems
3.2 Application Security
32. Application Hardening
|
|
Boot Integrity
Endpoint Protections
Application Security especially:
- Input Validation
- HTTP Headers
- Code Signing
- Manual/Static/Dynamic Code Analyzers
- Fuzzing
Hardening
FDE
TPM/HSM
SED
IoT
SoC
Specialized Devices
Embedded Systems
SCADA/ICS
Communication Consideration
Software Development Lifecycle in order
- Development
- Test
- Staging
- Production
Automatization/Scripting especially
- Continuous Integration
- Continuous Validation/Verification
Version Control
Secure Coding Techniques especially
- Race Condition
- Pointer/Object Dereference
- Proper Error Handling
- Stored Procedure
- API considerations/Shimming
- Obfuscation
- Memory Management
- Use of Third-Party Library
- SDK
- Database Normalization
- Front End/Back End
- Client Side/Server Side
OWASP
Capture the Flag
Phishing Campaigns
|