• Online, Self-Paced
Course Description

This course covers a set of key security principles that students can use to improve the security of application architecture and design. Principles of this course include applying defense to harden applications and make them more difficult for intruders to breach, reducing the amount of damage an attacker can accomplish, compartmentalizing to reduce the impact of exploits, using centralized input and data validation to protect applications from malicious input, and reducing the risk in error code paths.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills to apply security principles for creating secure application architecture including:

  • Simplicity
  • Encapsulation
  • Abstraction
  • Modularization
  • Layering
  • Defense in Depth
  • Principle of Least Privilege
  • Compartmentalization
  • Secure by Default
  • Fail Secure
  • Psychological Acceptability
  • Economy of Mechanism
  • Protect the Weakest Link
  • Input Validation
  • Auditing and Logging

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Software Development