• Online, Self-Paced

Discover how to protect your applications from attacks and bad data! This course shows you how to identify and defend your C/C++ applications from potential risks, and how to control user input to reduce the possibility of bad data entry.

Learning Objectives

Risks in C/C++ Applications

  • start the course
  • identify potential risks to C/C++ UI applications
  • describe what buffer overflows are and how to limit their impact
  • recall how to prevent buffer overflows in C/C++ applications

 

Defense against Attacks

  • describe what code injection attacks are and how to mitigate them in C/C++ applications
  • identify how to prevent formatted string vulnerabilities
  • recognize how to prevent DLL hijacking in C/C++ applications
  • use exceptions in C/C++ applications

 

User Input

  • specify how to handle bad data in your C/C++ applications
  • work with regular expressions to help with input validation
  • recognize how to constrain user input to prevent the input of bad data

 

Practice: Defense and User Input

  • use defensive coding techniques to handle user input

 

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.