Jump to content

IT Security/Host/Application

From Wikiversity

This lesson covers application security.

Objectives and Skills

[edit | edit source]

Objectives and skills for the application security portion of Security+ certification include:[1]

Explain the importance of application security controls and techniques.
  • Fuzzing
  • Secure coding concepts
    • Error and exception handling
    • Input validation
  • Cross-site scripting prevention
  • Cross-site Request Forgery (XSRF) prevention
  • Application configuration baseline (proper settings)
  • Application hardening
  • Application patch management
  • NoSQL databases vs. SQL databases
  • Server-side vs. Client-side validation

Readings

[edit | edit source]

Multimedia

[edit | edit source]
  1. YouTube: Fuzzing - CompTIA Security+ SY0-401: 4.1
  2. YouTube: Secure Coding Concepts - CompTIA Security+ SY0-401: 4.1
  3. YouTube: Application Configuration Baselining and Hardening - CompTIA Security+ SY0-401: 4.1
  4. YouTube: Application Patch Management - CompTIA Security+ SY0-401: 4.1
  5. YouTube: SQL and NoSQL Databases - CompTIA Security+ SY0-401: 4.1
  6. YouTube: Server-side vs. Client-side Validation - CompTIA Security+ SY0-401: 4.1

Activities

[edit | edit source]

See Also

[edit | edit source]

References

[edit | edit source]