This course lays the foundation required by all application developers and development organizations to produce applications with greater stability and fewer security risks to the consumer.

This course will be invaluable to software developers and programmers alike to code and develop highly secure applications and web applications. This is done throughout the software life cycle that involves designing, implementing, and deployment of applications.

.Net and JAVA are widely used by almost all organizations as the leading frameworks to build web applications. The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development lifecycle to improve the overall quality of products and applications. 

Download EC-Council Certification Track (pdf)

Objectives

To acquire knowledge in the following areas:

  • .NET or JAVA security features and various secure coding principles
  • .NET or JAVA security model, role-based security, code access security (CAS), and class libraries security
  • Various validation controls, mitigation techniques for validation control vulnerabilities, defensive techniques for SQL injection attacks, and output encoding to prevent input validation attacks
  • Mitigating vulnerabilities in machine config files, mitigating the vulnerabilities in app config files, and security code review approaches 

Audience

This course is aimed to:

  • Programmers who are responsible for designing and building secure Windows/Web based applications with .NET or JAVA Framework.
  • Developers who have .NET or JAVA development skills. 

Prerequisites

The student must be well-versed with either .NET or JAVA programming language. 

Characteristics

The course has the following characteristics:

  • It is structured in thematic units, each of them presents a part of the theory followed by practical exercises of review and understanding.
  • The material used is in English and includes theory, practical exercises and complementary information.
  • Includes an EC-Council certification exam.
  • A certificate of completion is delivered.
  • Has a duration of 3 days.
  • Has a minimum capacity of 5 and a maximum of 25 participants. 

Exam

The certification exam has the following characteristics:

  • Number of Questions: 50
  • Test Duration: 2 Hours
  • Test Format: Multiple Choice
  • Test Delivery: EC-Council Exam Center 

Topics

The course has the following topics:

  1. Introduction to Java Security

  2. Secure Software Development

  3. File Input and Output and Serialization

  4. Input Validation

  5. Error Handling and Logging

  6. Authentication and Authorization

  7. Java Authentication and Authorization Service (JAAS)

  8. Java Concurrency and Session Management

  9. Java Cryptography

  10. Java Application Vulnerabilities 

*(The ECSP-.NET course will be similar in contents, but applicable to the .NET framework only.)


Advantages offered by Global Lynx

Our instructors are certified in different EC Council, Information Security, Cloud Computing and Risk Management disciplines and have an extensive experience in:

  • The design and implementation of Information Security Management Systems in the private and in the public sector.

  • The selection, implementation and configuration of tools and controls which support the Information Security management and which are the ones of most standing and acknowledgement in the market.

  • First and second level audits for Information Security Management Systems.

  • Teaching various ITSM, ISO, Information Security and Risk Management courses in the academic and professional field. 

The participant receives a high quality, didactic material in English developed by EC-Council.