Monthly Subscription Starting at AED 99 + VAT

Identifying Security Vulnerabilities in C/C++Programming
  • Level Professional
  • Duration 23 hours
  • Course by University of California, Davis
  • Offered by

About

This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities, courses one and two, in this specialization. This course uses the focusing technique that asks you to think about: “what to watch out for” and “where to look” to evaluate and ultimately remediate fragile C++ library code. The techniques you’ll be examining will make your programs perform accurately and be resistant to attempts to perform inaccurately. This is really what the term secure programming means. You will be shown common errors that people make, and then learn how to program more robustly. You will apply tips and best practices to help you improve your programming style and help you to avoid common problems like buffer overflows, which may or may not cause security problems.

Modules

Getting Started

    • 1 Videos
    • 1 Readings
    • 1 Discussion
Show info about module content

1 Discussions

  • Learning Goals

1 Videos

  • Course Introduction

1 Readings

  • A Note From UC Davis

Lesson 1: Users and Privileges

    • 10 Videos
    • 1 Readings
    • 1 Discussion
Show info about module content

1 Discussions

  • Who Are You? (Suggested Activity)

10 Videos

  • Module 1 Introduction
  • Users and Privileges Overview
  • Identifying Users and Changing Privileges
  • Spawning Subprocesses
  • Identifying Users Incorrectly
  • Establishing Users and Setting UIDs
  • Establishing Groups and GIDs
  • Establishing Privileges for Users and Groups
  • How Root Privileges Work
  • Lesson 1 Summary

1 Readings

  • Who Are You? - What is Going On?

Lesson 2: Environment Variables

    • 6 Videos
    • 2 Readings
    • 2 Discussion
    • 1 Assignment
Show info about module content

1 Assignment

  • Module 1 Practice Quiz

2 Discussions

  • Resetting the PATH (Suggested Activity)
  • Multiple PATH Environment Variables (Suggested Activity)

6 Videos

  • Environment Variables Overview
  • Programming Explicitly
  • Addressing Various Attacks
  • Dynamic Loading and Associated Attacks
  • Programming Implicitly
  • The Moral of the Story

2 Readings

  • Resetting the PATH - What is Going On?
  • Multiple PATH Environment Variables - What's Going On?

Review

    • 1 Assignment
Show info about module content

1 Assignment

  • Module 1 Quiz

Lesson 3: Validation and Verification

    • 7 Videos
    • 1 Readings
    • 1 Discussion
Show info about module content

1 Discussions

  • Path Names (Suggested Activity)

7 Videos

  • Module 2 Introduction
  • Validation and Verification Overview
  • Metacharacters
  • The Heartbleed Bug and Other Exploits
  • Inputs
  • Fixes
  • Lesson 3 Summary

1 Readings

  • Path Names - What's Going On?

Lesson 4: Buffer Overflows and Numerica Overflows

    • 6 Videos
    • 1 Readings
    • 1 Discussion
Show info about module content

1 Discussions

  • Numeric and Buffer Overflows (Suggested Activity)

6 Videos

  • Buffer Overflows Overview
  • Buffer Overflow Examples
  • Selective Buffer Overflow and Utilizing Canaries
  • Numeric Overflows Overview
  • Numeric Overflow Examples
  • Lesson 4 Summary

1 Readings

  • Numeric and Buffer Overflows - What's Going On?

Lesson 5: Dealing with Input Injections

    • 4 Videos
    • 1 Assignment
Show info about module content

1 Assignment

  • Module 2 Practice Quiz

4 Videos

  • Input Injections Overview
  • Cross-Site Scripting Attacks
  • SQL Injections
  • Lesson 5 Summary

Review

    • 1 Assignment
Show info about module content

1 Assignment

  • Module 2 Quiz

Lesson 6: Files and Subprocesses

    • 6 Videos
Show info about module content

6 Videos

  • Module 3 Introduction
  • Files and Subprocesses Overview
  • Creating a Child Process
  • Subprocess Environment
  • Files and Subprocesses Design Tips
  • Lesson 6 Summary

Lesson 7: Race Conditions

    • 7 Videos
    • 1 Readings
    • 1 Discussion
    • 1 Assignment
Show info about module content

1 Assignment

  • Module 3 Practice Quiz

1 Discussions

  • The Environmental Condition (Suggested Activity)

7 Videos

  • Race Conditions Overview
  • A Classic Race Condition Example
  • Time of Check to Time of Use
  • Programming Condition
  • Environmental Condition
  • Race Conditions
  • Linux Locks and FreeBSD System Calls

1 Readings

  • The Environmental Condition - What's Going On?

Review

    • 1 Assignment
Show info about module content

1 Assignment

  • Module 3 Quiz

Lesson 8: Randomness and Cryptography

    • 9 Videos
    • 1 Readings
    • 1 Discussion
Show info about module content

1 Discussions

  • (Pseudo) Random Numbers (Suggested Activity)

9 Videos

  • Module 4 Introduction
  • Randomness and Cryptography Overview
  • Pseudorandom vs. Random
  • Producing Random Numbers
  • Sowing Seeds
  • Cryptography Basics
  • Using Cryptography for Secrecy and Integrity
  • Some Cryptography Examples
  • Lesson 8 Summary

1 Readings

  • (Pseudo) Random Numbers - What's Going On?

Lesson 9: Handling Sensitive Information and Errors and Formatting Strings

    • 9 Videos
    • 3 Readings
    • 3 Discussion
    • 1 Assignment
Show info about module content

1 Assignment

  • Module 4 Practice Quiz

3 Discussions

  • Hashing and Cracking Passwords (Suggested Activity)
  • A Safe system() Function (Suggested Activity)
  • Converting Strings to Integers (Suggested Activity)

9 Videos

  • Handling Sensitive Information and Errors and Formatting Strings Overview
  • All About Passwords
  • Adding a Pinch of Salt
  • Managing Sensitive Data
  • Practice a Secure Function
  • Error Handling Part 1
  • Error Handling Part 2
  • Format Strings
  • Lesson 9 Summary

3 Readings

  • Hashing and Cracking Passwords - What's Going On?
  • A Safe system() Function - What's Going On?
  • Converting Strings to Integers - What's Going On?

Review

    • 1 Assignment
Show info about module content

1 Assignment

  • Module 4 Quiz

Course Summary

    • 1 Videos
    • 1 Discussion
Show info about module content

1 Discussions

  • Self-Reflection

1 Videos

  • Course Summary

Auto Summary

Enhance your C/C++ programming with a professional-level course focused on identifying and remediating security vulnerabilities. Offered by Coursera, this IT & Computer Science course builds on secure coding principles, teaching you to avoid common errors like buffer overflows. Over 1380 minutes, you'll learn practical tips and best practices to make your programs robust and secure. Ideal for professionals seeking to improve their coding style and program accuracy. Available with a Starter subscription.

Matthew Bishop, PhD
Instructor

Matthew Bishop, PhD