Software Security and Secure Coding Certification Exam Information

Secure Programmer Exam



ECSP (312-92) Exam

Software Security & Secure Coding Certification Information

Credit Towards Certification

EC-Council Certified Secure Programmer v1

Exam Details

  • Number of Questions: 150
  • Passing Score: 70%
  • Test Duration: 4 hours
  • Test Format: Multiple choice
  • Test Delivery:
  • Prometric Prime / Prometric APTC / VUE

 
 

Exam Code

The exam code varies when taken at different testing centers.
  • Prometric Prime: 312-92
  • VUE: 312-92






 
 

Skills Measured

The exam 312-92 tests ECSP candidates on the following 29 domains.
  • Introduction to Secure Coding
  • Designing Secure Architecture
  • Cryptography
  • Buffer Overflows
  • Secure C and C++ Programming
  • Secure Java and JSP Programming
  • Secure Java Script and VB Script Programming
  • Secure ASP Programming
  • Secure Microsoft.NET Programming
  • Secure PHP Programming
  • Secure PERL Programming
  • Secure XML, Web Services and AJAX Programming
  • Secure RPC, ActiveX and DCOM Programming
  • Secure Linux Programming
  • Secure Linux Kernel Programming
  • Secure Xcode Programming
  • Secure Oracle PL/SQL Programming
  • Secure SQL Server Programming
  • Secure Network Programming
  • Windows Socket Programming
  • Writing Shellcodes
  • Writing Exploits
  • Programming Port Scanners and Hacking Tools
  • Secure Mobile phone and PDA Programming
  • Secure Game Designing
  • Securing E-Commerce Applications
  • Software Activation, Piracy Blocking, and Automatic Updates
  • Secure Application Testing
  • Writing Secure Documentation and Error Messages


ECSP (312-92) Exam



Introduction to Secure Coding

  • Explain the need for secure coding
  • Discuss the vulnerabilities statistics and programming errors
  • Discuss why security mistakes are made
  • Discuss the need for secure programming and why secure coding is important
  • Determine the building blocks of software security and explains the various types of security vulnerabilities
  • Determine the software vulnerability cycle, and types of attacks
  • Explain the various secure coding principles and guidelines for developing the secure codes
  • Prepare a checklist for software security mechanisms

Designing Secure Architecture

  • Explain about the secure architecture and application security
  • Determine the factors affecting the security of the application
  • Define the software engineering concept and SDLC
  • Explain what is extreme programming and it roles and practices
  • Describe Unified Modeling Language (UML) and its goals
  • Discuss on UML tools such as Rational Rose and Borland Together
  • Explain about threat modeling and their aspects of security
  • Discuss on STRIDE threat model
  • What are the common criteria and software development best practices
  • Explain the working of Microsoft SDL threat modeling tool
  • Summarize the working of the tool: Borland® TeamInspector™

Cryptography

  • Define Cryptography, Encryption, and Decryption
  • Discuss cryptographic techniques such as Classic Cryptographic and Modern Cryptographic
  • Define RSA (Rivest Shamir Adleman) and attacks against it
  • Explain how to implement RSA in C++
  • Discuss the Diffie-Hellman Key Agreement Standard and its algorithm
  • Explain Data Encryption Standard (DES), overview and its implementation of DES in Java
  • Describe Rijndael Algorithm, RC4, RC5, RC6, and Blowfish, and describes Blowfish algorithm in C
  • What are Message digest, One-way bash, and MD5 functions
  • Describe the implementation of MD5 in Java
  • Explain the implementation of SHA (Secure Hash Algorithm) in Java, and Collision Search Attacks on SHA1
  • Describe  Modern Cipher Breaking, the Keyed-Hash Message Authentication Code (HMAC), and its algorithm
  • What is SSL, and SSH
  • Determine algorithms and security, explain disk encryption, and Government Access to Keys (GAK)
  • What are the components of a Digital Signature, method of Digital Signature technology, use of Digital Signature, and Digital Signature Standard (DSS)
  • Determine Digital Signature algorithms such as Signature Generation/Verification and ECDSA, ElGamal Signature Scheme
  • Explain Hashing techniques, Hashing, MACs, and Digital Signatures using C# in .NET
  • What are the challenges and Opportunities of digital signatures
  • Provides an overview of Digital Certificates, creating and verifying a simple XML Digital Signature in C#
  • Explain about Cleversafe Grid Builder, Pretty Good Privacy, CypherCalc, CryptoHeaven, and Command Line Scriptor
  • Explain about JavaScrypt: Browser-Based Cryptography tool and steps to use JavaScrypt Encryption and Decryption tool
  • Determine cryptanalysis, cryptography attacks, cryptography attacks, brute-force attack, and the distributed.net organization

Buffer Overflows

  • Describe buffer overflows and reasons for buffer overflow attacks
  • Explain why programs/applications are vulnerable
  • Explain the concepts of Stacks and Heaps
  • Describe Stack-based and Heap-based buffer overflows
  • What are the countermeasures against Buffer Overflow attacks
  • Explain how an attacker can attack a Real Program
  • What is Return Address Defender
  • List and summarize the tools to defend buffer overflows  
  • What are the buffer overflow protection solutions
  • Provide a comparison of the functions of libc and Libsafe tools
  • Explain how buffer over flow occurs in C and how to analyze the code

Secure C and C++ Programming

  • List the important features of object oriented programming such as C/C++
  • List and explain the vulnerable C/C++ functions
  • What are the types of buffer overflows and explain each of them
  • Describe the dangling pointers, stack smashing, and GCC extension to protect the stack-smashing attacks
  • How to determine integer vulnerabilities, Truncation, and Sign Error
  • Discuss on Pointer Subterfuge and Bugs with Pointers and Memory
  • Describe about dynamic memory management, double free vulnerability, and secure memory allocation tips
  • Explain symmetric and symmetric encryption in C++
  • Explain the Blowfish Algorithm in C
  • Describe public key cryptography in C++
  • Discuss on  networking, creating an SSL Client in C++, and creating an SSL Server
  • Determine the random number generation problem, anti-tampering, and its techniques
  • Explain the process of erasing data from memory securely using C/C++
  • How to prevent memory from paging to disk
  • Explain how to use the variable arguments properly
  • Discuss on signal handling, encapsulation in C++, and best practices for input validation
  • Define Code Profiling, list and explain the working of memory debugging tools

Secure Java and JSP Programming

  • Discuss the features of Java Programming language, explain what is Java virtual Machine(JVM), and discuss the byte code basics
  • Describe Java security, access controls, and Sandbox model
  • List the security issues with Java
  • Describe the SQL injection attack and explain how to prevent
  • Describe about URL Tampering
  • Discuss the various attacks on Applet, and explain the prevention of DoS attacks
  • Discuss on Byte Code attack and Reverse Engineering/Decompilation by Mocha
  • List and summarize the Obfuscation Tools
  • Explain how to build a simple ClassLoader
  • Explain what is a security manager
  • List and explain the signing tools
  • How to get RSA certificates
  • Describe the process of bundling Java Applets as JAR Files, and signing Java Applets using the Netscape signing tool
  • Discuss about the Java Security and basic security architecture
  • Determines Java Cryptography Architecture (JCA) and sample code for encryption and decryption
  • Explain how to create Secure Client and Server Sockets, and how to choose the Cipher Suites
  • Discuss about Java GSS security
  • List and explain the security issues with JSP
  • Explain Cross-Site scripting, countermeasures, and how to create new types of permissions
  • Explain what is a Security Policy, and describe policy tools
  • Determine the best practices for developing secure Java code

Secure Java Script and VB Script Programming

  • Discuss on Java Script and vulnerabilities associated with it
  • Describe the XSS attack, and explain how to avoid the attacks
  • Define JavaScript Hijacking and how to defend against JavaScript Hijacking
  • Explain the effects and solutions to prevent malicious script embedded in client web requests
  • Explain the Thicket Obfuscator for JavaScript tool
  • Discuss on JavaScript security in Mozilla, the Same Origin Policy and Signed Script Policy
  • Explain the Netscape's SignTool
  • List and summarize the encryption tools
  • Discuss on signing a script (Windows Script Host), verifying a script, and Signature Verification Policy
  • Determine software restriction policies for Windows XP/Vista, and Server 2008
  • Discuss on designing a software restriction policy and creating additional rules
  • Describe the procedure to block the malicious scripts

Secure ASP Programming

  • Describe about ASP and improving ASP design
  • Determine the #include directive and .BAK files on the server
  • Explain about  detecting exceptions with scripting language error-handling mechanisms, using VBScript and Jscript to detect an error
  • Discuss about attacks on ASP
  • Explain insufficient validation of fields in SQL queries
  • Describe ASP DypsAntiSpam: A CAPTCHA for ASP and preventing automatic submission with DypsAntiSpam
  • Describe using database and ASP sessions to implement ASP security and steps for designing the mechanism
  • Explain about protecting ASP pages and encoding ASP code: Script Encoder
  • Describe protecting passwords of ASP pages with a one-way hash function and ASP best practices

Secure Microsoft.NET Programming

  • Describe about common terminology, Microsoft.NET, .NET framework, and .NET framework security policy model
  • Explain the security policy levels and security features in .NET
  • Explain about Code Access Security (CAS)
  • List the steps to use CAS in ASP.NET applications
  • Describe evidence-based security, role-based security, declarative, and imperative security
  • Explain the process involved in key generation
  • Discuss the methods to protect client and server data using encryption
  • Describe the cryptographic signatures and hash code generation
  • Describe about classes implementing the public-key encryption algorithms
  • Create a security checklist for .NET framework and permissions
  •  Describe skipverification and stack walk
  • Determine runtime security policy and list the step-by-step configuration of the runtime security policies
  • Discuss on creating a security policy deployment package
  • Describe type safety, canonicalization, Access Control List (ACL) editor, and securing user credentials and logon information, and obfuscation
  • List and explain the working of .NET obfuscator tool and Administration tools
  • Describe ASP.NET security architecture and authentication and authorization strategies
  • Explains about various authorizations in .NET
  • Develop a security checklist for ASP.NET
  • List the steps to encrypt configuration sections in ASP.NET using DPAPI and the steps for configuring security with Mscorcfg.msc
  • Discuss how to identity a ASP.NET process
  • Describe secure communication, storing secrets, and web.config vulnerabilities
  • Describe how to secure session and view state, web form considerations, and how to secure web services
  • Explain the web application security frame, and its threats, attacks, and countermeasures
  • Describe secure remoting, creating remotable object, and secure data access
  • Explain how to protect ASP.NET from SQL injection attack
  • List the steps to prevent cross-site scripting in ASP.NET
  • Describe about  .NET security tools
  • List the best practices for .NET security

Secure PHP Programming

  • Describe the PHP security blunders, and give example of PHP attack
  • Determine solution for: access control flaws and session ID protection
  • Describe error reporting and data handling errors
  • Explain security sensitive PHP functions: file functions and ezmlm_hash
  • List the PHP exploits and explain them with examples
  • Describe about spoofed form submissions, spoofed HTTP requests, and sessions and cookies
  • Describe about cookie theft, exposed session data, session fixation, and session hijacking
  • List the vulnerabilities in PHP, attack vulnerabilities, and common PHP attacks
  • Discuss how to defend against file system attacks, information gathering attacks, and PHP injection attacks
  • Describe ten PHP best practices and secure PHP practices
  • Determine the best practices for PHP security
  • Explain various PHP encoders

Secure PERL Programming

  • Explain the common terminology of PERL programming language, and security issues in Perl scripts
  • Explain about basic user input vulnerabilities and how to overcoming the basic user input vulnerabilities
  • Describe insecure environmental variables
  • Describe algorithmic complexity attacks and Perl: Taint, Strict, and Warnings
  • Explain Setuid command, authenticating the user with setuid, security bugs with setuid, Perl crypt() function
  • Describe logging into a secure website with Perl script
  • Describe secure log-in checklist, unicodes, and displaying unicode as text

Secure XML, Web Services and AJAX Programming

  • Describe about web application and web services and its vulnerabilities
  • Describe XML introduction, XSLT and XPath, XML signature, applying XML signatures to security, and XML encryption
  • Determine security considerations for the XML encryption syntax
  • Describe canonicalization, validation process in XML, XML web services security, and security of URI in XML
  • Determine security of opaque data in XML and XML web services security the best practices
  • List and summarize XML tools
  • Describe about AJAX, anatomy of an AJAX interaction, security issues, how to prevent the attacks and the tools
  • Describe about  HP WebInspect software

Secure RPC, ActiveX and DCOM Programming

  • Explain the terms: RPC, Authentication, Authentication protocol, NULL authentication, Unix authentication, and DES authentication
  • Explain about  Diffie-Hellman encryption, security methods, SSPI, and SSPs
  • Describe the secure RPC protocol and RpcServerRegisterAuthInfo
  • Determine RPC programming best practices, making RPC function calls, and RPC and the network
  • Describe ActiveX programming, preventing repurposing, and sitelock template
  • Describe about IObjectSafety interface, code signing, and creating a code signing certificate and signing an ActiveX component in Windows
  • Determine how to protect the ActiveX controls
  • Explain the concept of DCOM
  • Explain application-level security, security by configuration, and programmatic security
  • Explain heap overflow vulnerability
  • Describe the tool: DCOMbobulator and the security best practices of DCOM

Secure Linux Programming

  • What is open source with respect to Linux and the security associated with it
  • Describe the basic Linux commands, networking commands, processes, and POSIX capabilities
  • Explain UTF-8 security issues, UTF-8 legal values, and secure Linux programming advantages
  • Determine the requirements for security measure assurance
  • Discuss on enabling the source address verification, Linux iptables and ipchains, and code to save the ip6tables state
  • Explain how to control access by MAC address  and permitting the SSH access only
  • Explain about network access control and layers of security for incoming network connections
  • Describe prohibiting root logins on the terminal devices and authentication techniques
  • Discuss on authorization controls, running a root login shell, and protecting the outgoing network connections
  • Explain logging into a remote host, invoking remote programs and copying remote files
  • Describe about public-key  authentication between OpenSSH client and server and authenticating in Cron Jobs
  • Describe how to protect files, file permissions, shared directory, and encrypting files
  • Explain about listing the keyring, signing files, encrypting directories, and POP/IMAP mail server
  • Describe about testing an ssl mail connection, securing POP/IMAP with SSL and Pine and SMTP server
  • Discuss on testing and monitoring, testing login passwords (John the Ripper), testing login passwords (CrackLib), and testing search path
  • Explain how to search file systems effectively, secure device special files, look for rootkits, and tracing processes
  • Describe how to observe the network traffic, detect insecure network protocols and intrusion detection with snort
  • Discuss on testing a syslog configuration and logwatch filter
  • Determine structure program internals and approach, sample code for minimizing privileges, and filters cross-site malicious content on input
  • Describe about filter HTML/URIs and avoid buffer overflow,
  • Discuss on language-specific issues: C/C++, Perl, Ada, Java, Tcl, and PHP
  • Determine Linux application auditing tool: grsecurity

Secure Linux Kernel Programming

  • Explain what is a kernels
  • Describe how to build a Linux kernel and the procedures to be followed post-build
  • Determine Linux kernel configuration menu
  • Discuss on compiling a Linux kernel

Secure Xcode Programming

  • Explain what is Xcode
  • Explain Mac OS X applications, Cocoa, Carbon, AppleScript, Script Editor, and Script window
  • Describe about common data security architecture and securetransport API Set and CSP
  • Discuss how to create SSL certificates on Mac OS X server, using SSL with the web server, setting up SSL for LDAP, and how to protect security information
  • Describe security in Mac OS X and security management using system preferences
  • List the recommended steps to secure Mac OS X

Secure Oracle PL/SQL Programming

  • Explain about PL/SQL and security issues in Oracle
  • Discuss on SQL injection attacks and how to defend against SQL injection attacks
  • Describe SQL manipulation, code injection attacks, function call injection attacks, buffer overflows, and other vulnerabilities
  • Explain DBMS_SQL  vulnerability in PL/SQL and protecting DBMS_SQL in PL/SQL
  • Discuss on types of database vulnerabilities/attacks and how to establish security policies
  • List and explain the password management policies
  • List the steps for creating an Oracle label security policy
  • Describe Oracle identity management  
  • Discuss on security tools, Oracle secure backup tool, obfuscation, and encryption using DBMS_CRYPTO
  • Describe advanced security options and low level security
  • Explain Oracle database vaults: tool, auditing, auditing methods, audit options, view audit trail, FGA, and Oracle auditing tools
  • Describe about testing PL/SQL programs and SQL unit testing tools

Secure SQL Server Programming

  • Explain the SQL server security model, and how to create an SQL server login
  • Describe about database user, guest user, permissions, and roles
  • Determine the security features of MS-SQL Server 2005 and the additional security features in MS-SQL Server 2008
  • List and explain the vulnerabilities in SQL server security
  • Discuss on SQL injection attacks and methods to prevent the SQL injection attacks
  • Describe Sqlninja: SQL Server Injection and Takeover tool
  • Describe data encryption, built-in encryption capabilities, and encryption keys
  • Discuss on Transact-SQL, creating asymmetric and symmetric key in T-SQL
  • Explain how to create a certificate in T-SQL
  • Explain the method to determine SQL server security
  • Determine the database programming best practices
  • Explain the process of authentication and authorization in SQL server installation
  • Describe the process of auditing and intrusion detection
  • List and summarize the database security auditing tools

Secure Network Programming

  • Explain basic network concepts  and basic web concepts
  • Explain about network programming and benefits of the secure network programming
  • Describe about network interface, securing sockets: server and client program
  • Discuss on ports, UDP datagram and sockets, Internet address, and content handler
  • Describe cookie policy, RMI connector, and .Net: Internet authentication
  • Describe network scanning tool- Security Manager Plus, and network programming best practices

Windows Socket Programming

  • Explain about Windows Sockets, Windows NT and Windows 2000 Sockets architecture, and socket programming
  • Discuss on Winsock 2.0, Winsock linking methods, how to start a Winsock 2 API, and grabbing a web page using Winsock
  • Discuss on writing client and server applications, TCP client, and server application sample code
  • Describe Winsock secure socket extensions, WSAQuerySocketSecurity, SOCKET_SECURITY_SETTINGStructure
  • Explain how to use WinSock to execute a web attack, how to use Winsock to execute a remote buffer overflow and MDACDos application

Writing Shellcodes

  • Explain about shellcode and shellcode development tools
  • Describe remote shellcode, port binding shellcode, and clean port binding shellcode
  • Discuss on socket descriptor reuse shellcode and socket descriptor reuse shellcode in C
  • Describe socket descriptor reuse shellcode: sample code, local shellcode, and byte code
  • Discuss on how to break chroot jails and breaking chroot jails on Linux kernels
  • Describe Windows shellcode and list the steps to execute the shell code assembly
  • Explain the write system call, Linux shellcode for “Hello, world!”, the write system call in FreeBSD
  • Discuss on  various system calls and assembly creation

Writing Exploits

  • Explain the steps involved in writing exploits and targeting vulnerabilities
  • Discuss on the remote and local exploits and a two-stage exploit
  • Describe format string attacks, fixing format string bugs, and user-supplied format string vulnerability CVE-2000-0763 in xlockmore
  • Explain TCP/IP vulnerabilities and race conditions
  • Discuss on file race conditions, signal race conditions, and input validation error in man program
  • Describe writing exploits and vulnerability checking programs and stack overflow exploits
  • Describe memory organization, stack overflows, heap corruption exploits, Doug Lea malloc, and Dlmalloc chunk
  • Discusse on OpenSSL SSLv2 malformed client key remote buffer overflow vulnerability CAN-2002-0656
  • Describe about exploitation, complication, integer bug exploits, integer wrapping, and bypassing size checks
  • Discuss on how to use the metasploit framework
  • Explain how to determine attack vector, select a control vector, find a return address, and select the search method in the metasploit Opcode database
  • Explain the how to insert the return address, verify return address reliability, and increase reliability with a Nop Sled
  • How to choose a payload and encoder and list of available encoders
  • Describe integrating exploits into framework

Programming Port Scanners and Hacking Tools

  • Explain about port scanner, simple port scanners, and prerequisites for writing a port scanner
  • Describe port scanner in C++, port scanner in C#, building a simple port scanner in VC++, port scanner in Java, port scanner in ASP.Net, port scanner in Perl, and port scanner in PHP
  • Discuss on libpcap, saving captured packets to a file, and the Wiretap library
  • Explain Nessus Attack Scripting Language (NASL), and porting to and from NASL
  • Describe Metasploit Framework (MSF), executing an exploit using msfconsole and writing basic rules
  • Discuss on rule header, rule options, optimizing rules, testing rules, and writing detection plugins, and Netcat source code

Secure Mobile phone and PDA Programming

  • Explain about mobile phone programming and different OS architectures in the mobile phone
  • Discuss on Symbian Operating System and guidelines for securing Symbian OS
  • Describe about Palm OS, Palm OS vulnerabilities, HotSync vulnerability, and Creator ID switching
  • Determine Windows mobile, calling secure web services, and security practices for Windows mobile programming
  • Discuss on comparison of the common programming tasks, PDA programming, PDA security issues, and security policies for PDAs
  • Discuss on PDA security products and security vendors
  • Describe Java platform, Micro edition (Java ME), Java ME architecture, and Java ME security issues
  • Describe about the CLDC security, Mobile Information Device Profile (MIDP), MIDP security, and programming the BlackBerry with Java ME
  • Determine Security and Trust Services API (SATSA) for Java ME: the security APIs and certificate enrollment in SATSA
  • Discuss on data integrity with message digests, data confidentiality: using ciphers for data encryption
  • Explain security issues and attacks in bluetooth and bluetooth security
  • Describe various tools such as BlueKey, BlueWatch, BlueSweep, etc.,
  • Determine mobile phone security tips and defending cell phones and PDAs against attack
  • Describe the antivirus tools for mobile devices

Secure Game Designing

  • Explain about game designing, console games, mobile games, online games, offline games, and Wii games
  • Determine threats to online gaming, threats to online gaming: cheating
  • Describe about various tools such as Multimedia Fusion 2, Adventure Game Studio, Game Maker, FPS and Stagecast Creator and the Scrolling Game Development Kit
  • Explain about game engine and best practices for secure game designing

Securing E-Commerce Applications

  • Describe the purpose of secure E-Commerce application, and E-Business concepts: Secure Electronic Transaction (SET)
  • Discuss on using SET
  • Discuss about Secure Socket Layer (SSL) and SSL certificates
  • Discuss about VeriSign SSL certificates and Entrust SSL certificates
  • Explain about concept and functioning of: Digital certificates, Digital Signature, and Digital Signature technology
  • Describe about Digital Signature algorithm: Signature Generation/Verification and ECDSA, ElGamal signature scheme
  • Explain guidelines for developing secure E-Commerce applications

Software Activation, Piracy Blocking, and Automatic Updates

  • Explain about software activation and software activation process
  • Describe about software activation and its advantages
  • Discuss on activation explained, online license management server, and activation policies
  • Describe policy control parameters, piracy, and the effects of piracy
  • Explain piracy blocking, Digital Rights Management (DRM), and software piracy protection strategies
  • Describe copy protection for DVD, Application Framework: DVD Copy Protection System, and content protection during digital transmission
  • Explain about watermark system design issues, cost effectiveness, false positives rate, and interaction with MPEG compression
  • Describe about detector placement, copy generation management, and the Crypkey tool
  • Describe about EnTrial key generation, EnTrial distribution file, and EnTrial product and package initialization dialog
  • Discuss on Windows automatic updates, options for setting up Windows automatic updates on XP and Vista, automatic updates option on: AVG antivirus, Internet Explorer, and Mozilla Firefox

Secure Application Testing

  • Explain the Software Development Life Cycle (SDLC), introduction to testing, and the types of testing
  • Discuss on white box testing, types of white box testing, dynamic white box testing, integration testing, regression testing, system testing, and black box testing
  • Describe about load testing and strategies, functional testing, and list the testing steps
  • Explain how to create a test strategy, test plans, test cases, and test data
  • Discuss bug fixing, and retesting
  • Discuss on classic testing mistakes and user interface errors
  • Determine good user interfaces
  • Discuss on use of the automatic testing and tools
  • Prepare a generic code review checklist, and software testing best practices
  • List and summarize various testing tools
  • Describe real-time testing

Writing Secure Documentation and Error Messages

  • Describe about error messages, the categories and what a good error message is
  • Determine error messages in well-designed applications, examples, and miscommunications in the error messages
  • Prepare a error message usability checklist
  • Describe guidelines for creating effective error messages
  • List the best practices for designing error messages
  • Explain the security issues in error messages
  • Describe about security precautions in documentation