Exam Details
- Number of Questions: 150
- Passing Score: 70%
- Test Duration: 4 Hours
- Test Format: Multiple Choice
- Test Delivery: Prometric Prime / Prometric APTC / VUE
Exam Code
The exam code varies when taken at different testing centers.
- Prometric Prime: 312-92
- VUE: 312-92
Skills Measured
The exam 312-92 tests ECSP candidates on the following 29 domains.
- Introduction to Secure Coding
- Designing Secure Architecture
- Cryptography
- Buffer Overflows
- Secure C and C++ Programming
- Secure Java and JSP Programming
- Secure Java Script and VB Script Programming
- Secure ASP Programming
- Secure Microsoft.NET Programming
- Secure PHP Programming
- Secure PERL Programming
- Secure XML, Web Services and AJAX Programming
- Secure RPC, ActiveX and DCOM Programming
- Secure Linux Programming
- Secure Linux Kernel Programming
- Secure Xcode Programming
- Secure Oracle PL/SQL Programming
- Secure SQL Server Programming
- Secure Network Programming
- Windows Socket Programming
- Writing Shellcodes
- Writing Exploits
- Programming Port Scanners and Hacking Tools
- Secure Mobile phone and PDA Programming
- Secure Game Designing
- Securing E-Commerce Applications
- Software Activation, Piracy Blocking, and Automatic Updates
- Secure Application Testing
- Writing Secure Documentation and Error Messages
ECSP Certification Test Objectives
Module 01: Introduction to Secure Coding
- Explain the need for secure coding
- Discuss the vulnerabilities statistics and programming errors
- Discuss why security mistakes are made
- Discuss the need for secure programming and why secure coding is important
- Determine the building blocks of software security and explains the various types of security vulnerabilities
- Determine the software vulnerability cycle, and types of attacks
- Explain the various secure coding principles and guidelines for developing the secure codes
- Prepare a checklist for software security mechanisms
Module 02: Designing Secure Architecture
- Explain about the secure architecture and application security
- Determine the factors affecting the security of the application
- Define the software engineering concept and SDLC
- Explain what is extreme programming and it roles and practices
- Describe Unified Modeling Language (UML) and its goals
- Discuss on UML tools such as Rational Rose and Borland Together
- Explain about threat modeling and their aspects of security
- Discuss on STRIDE threat model
- What are the common criteria and software development best practices
- Explain the working of Microsoft SDL threat modeling tool
- Summarize the working of the tool: Borland® TeamInspector™
Module 03: Cryptography
- Define Cryptography, Encryption, and Decryption
- Discuss cryptographic techniques such as Classic Cryptographic and Modern Cryptographic
- Define RSA (Rivest Shamir Adleman) and attacks against it
- Explain how to implement RSA in C++
- Discuss the Diffie-Hellman Key Agreement Standard and its algorithm
- Explain Data Encryption Standard (DES), overview and its implementation of DES in Java
- Describe Rijndael Algorithm, RC4, RC5, RC6, and Blowfish, and describes Blowfish algorithm in C
- What are Message digest, One-way bash, and MD5 functions
- Describe the implementation of MD5 in Java
- Explain the implementation of SHA (Secure Hash Algorithm) in Java, and Collision Search Attacks on SHA1
- Describe Modern Cipher Breaking, the Keyed-Hash Message Authentication Code (HMAC), and its algorithm
- What is SSL, and SSH
- Determine algorithms and security, explain disk encryption, and Government Access to Keys (GAK)
- What are the components of a Digital Signature, method of Digital Signature technology, use of Digital Signature, and Digital Signature Standard (DSS)
- Determine Digital Signature algorithms such as Signature Generation/Verification and ECDSA, ElGamal Signature Scheme
- Explain Hashing techniques, Hashing, MACs, and Digital Signatures using C# in .NET
- What are the challenges and Opportunities of digital signatures
- Provides an overview of Digital Certificates, creating and verifying a simple XML Digital Signature in C#
- Explain about Cleversafe Grid Builder, Pretty Good Privacy, CypherCalc, CryptoHeaven, and Command Line Scriptor
- Explain about JavaScrypt: Browser-Based Cryptography tool and steps to use JavaScrypt Encryption and Decryption tool
- Determine cryptanalysis, cryptography attacks, cryptography attacks, brute-force attack, and the distributed.net organization
Module 04: Buffer Overflows
- Describe buffer overflows and reasons for buffer overflow attacks
- Explain why programs/applications are vulnerable
- Explain the concepts of Stacks and Heaps
- Describe Stack-based and Heap-based buffer overflows
- What are the countermeasures against Buffer Overflow attacks
- Explain how an attacker can attack a Real Program
- What is Return Address Defender
- List and summarize the tools to defend buffer overflows
- What are the buffer overflow protection solutions
- Provide a comparison of the functions of libc and Libsafe tools
- Explain how buffer over flow occurs in C and how to analyze the code
Module 05: Secure C and C++ Programming
- List the important features of object oriented programming such as C/C++
- List and explain the vulnerable C/C++ functions
- What are the types of buffer overflows and explain each of them
- Describe the dangling pointers, stack smashing, and GCC extension to protect the stack-smashing attacks
- How to determine integer vulnerabilities, Truncation, and Sign Error
- Discuss on Pointer Subterfuge and Bugs with Pointers and Memory
- Describe about dynamic memory management, double free vulnerability, and secure memory allocation tips
- Explain symmetric and symmetric encryption in C++
- Explain the Blowfish Algorithm in C
- Describe public key cryptography in C++
- Discuss on networking, creating an SSL Client in C++, and creating an SSL Server
- Determine the random number generation problem, anti-tampering, and its techniques
- Explain the process of erasing data from memory securely using C/C++
- How to prevent memory from paging to disk
- Explain how to use the variable arguments properly
- Discuss on signal handling, encapsulation in C++, and best practices for input validation
- Define Code Profiling, list and explain the working of memory debugging tools
Module 06: Secure Java and JSP Programming
- Discuss the features of Java Programming language, explain what is Java virtual Machine(JVM), and discuss the byte code basics
- Describe Java security, access controls, and Sandbox model
- List the security issues with Java
- Describe the SQL injection attack and explain how to prevent
- Describe about URL Tampering
- Discuss the various attacks on Applet, and explain the prevention of DoS attacks
- Discuss on Byte Code attack and Reverse Engineering/Decompilation by Mocha
- List and summarize the Obfuscation Tools
- Explain how to build a simple ClassLoader
- Explain what is a security manager
- List and explain the signing tools
- How to get RSA certificates
- Describe the process of bundling Java Applets as JAR Files, and signing Java Applets using the Netscape signing tool
- Discuss about the Java Security and basic security architecture
- Determines Java Cryptography Architecture (JCA) and sample code for encryption and decryption
- Explain how to create Secure Client and Server Sockets, and how to choose the Cipher Suites
- Discuss about Java GSS security
- List and explain the security issues with JSP
- Explain Cross-Site scripting, countermeasures, and how to create new types of permissions
- Explain what is a Security Policy, and describe policy tools
- Determine the best practices for developing secure Java code
Module 07: Secure JavaScript and VBScript Programming
- Discuss on Java Script and vulnerabilities associated with it
- Describe the XSS attack, and explain how to avoid the attacks
- Define JavaScript Hijacking and how to defend against JavaScript Hijacking
- Explain the effects and solutions to prevent malicious script embedded in client web requests
- Explain the Thicket Obfuscator for JavaScript tool
- Discuss on JavaScript security in Mozilla, the Same Origin Policy and Signed Script Policy
- Explain the Netscape's SignTool
- List and summarize the encryption tools
- Discuss on signing a script (Windows Script Host), verifying a script, and Signature Verification Policy
- Determine software restriction policies for Windows XP/Vista, and Server 2008
- Discuss on designing a software restriction policy and creating additional rules
- Describe the procedure to block the malicious scripts
Module 08: Secure ASP Programming
- Describe about ASP and improving ASP design
- Determine the #include directive and .BAK files on the server
- Explain about detecting exceptions with scripting language error-handling mechanisms, using VBScript and Jscript to detect an error
- Discuss about attacks on ASP
- Explain insufficient validation of fields in SQL queries
- Describe ASP DypsAntiSpam: A CAPTCHA for ASP and preventing automatic submission with DypsAntiSpam
- Describe using database and ASP sessions to implement ASP security and steps for designing the mechanism
- Explain about protecting ASP pages and encoding ASP code: Script Encoder
- Describe protecting passwords of ASP pages with a one-way hash function and ASP best practices
Module 09: Secure Microsoft.NET Programming
- Describe about common terminology, Microsoft.NET, .NET framework, and .NET framework security policy model
- Explain the security policy levels and security features in .NET
- Explain about Code Access Security (CAS)
- List the steps to use CAS in ASP.NET applications
- Describe evidence-based security, role-based security, declarative, and imperative security
- Explain the process involved in key generation
- Discuss the methods to protect client and server data using encryption
- Describe the cryptographic signatures and hash code generation
- Describe about classes implementing the public-key encryption algorithms
- Create a security checklist for .NET framework and permissions
- Describe skipverification and stack walk
- Determine runtime security policy and list the step-by-step configuration of the runtime security policies
- Discuss on creating a security policy deployment package
- Describe type safety, canonicalization, Access Control List (ACL) editor, and securing user credentials and logon information, and obfuscation
- List and explain the working of .NET obfuscator tool and Administration tools
- Describe ASP.NET security architecture and authentication and authorization strategies
- Explains about various authorizations in .NET
- Develop a security checklist for ASP.NET
- List the steps to encrypt configuration sections in ASP.NET using DPAPI and the steps for configuring security with Mscorcfg.msc
- Discuss how to identity a ASP.NET process
- Describe secure communication, storing secrets, and web.config vulnerabilities
- Describe how to secure session and view state, web form considerations, and how to secure web services
- Explain the web application security frame, and its threats, attacks, and countermeasures
- Describe secure remoting, creating remotable object, and secure data access
- Explain how to protect ASP.NET from SQL injection attack
- List the steps to prevent cross-site scripting in ASP.NET
- Describe about .NET security tools
- List the best practices for .NET security
Module 10: Secure PHP Programming
- Describe the PHP security blunders, and give example of PHP attack
- Determine solution for: access control flaws and session ID protection
- Describe error reporting and data handling errors
- Explain security sensitive PHP functions: file functions and ezmlm_hash
- List the PHP exploits and explain them with examples
- Describe about spoofed form submissions, spoofed HTTP requests, and sessions and cookies
- Describe about cookie theft, exposed session data, session fixation, and session hijacking
- List the vulnerabilities in PHP, attack vulnerabilities, and common PHP attacks
- Discuss how to defend against file system attacks, information gathering attacks, and PHP injection attacks
- Describe ten PHP best practices and secure PHP practices
- Determine the best practices for PHP security
- Explain various PHP encoders
Module 11: Secure Perl Programming
- Explain the common terminology of PERL programming language, and security issues in Perl scripts
- Explain about basic user input vulnerabilities and how to overcoming the basic user input vulnerabilities
- Describe insecure environmental variables
- Describe algorithmic complexity attacks and Perl: Taint, Strict, and Warnings
- Explain Setuid command, authenticating the user with setuid, security bugs with setuid, Perl crypt() function
- Describe logging into a secure website with Perl script
- Describe secure log-in checklist, unicodes, and displaying unicode as text
Module 12: Secure XML, Web Services and AJAX Programming
- Describe about web application and web services and its vulnerabilities
- Describe XML introduction, XSLT and XPath, XML signature, applying XML signatures to security, and XML encryption
- Determine security considerations for the XML encryption syntax
- Describe canonicalization, validation process in XML, XML web services security, and security of URI in XML
- Determine security of opaque data in XML and XML web services security the best practices
- List and summarize XML tools
- Describe about AJAX, anatomy of an AJAX interaction, security issues, how to prevent the attacks and the tools
- Describe about HP WebInspect software
Module 13: Secure RPC, ActiveX and DCOM Programming
- Explain the terms: RPC, Authentication, Authentication protocol, NULL authentication, Unix authentication, and DES authentication
- Explain about Diffie-Hellman encryption, security methods, SSPI, and SSPs
- Describe the secure RPC protocol and RpcServerRegisterAuthInfo
- Determine RPC programming best practices, making RPC function calls, and RPC and the network
- Describe ActiveX programming, preventing repurposing, and sitelock template
- Describe about IObjectSafety interface, code signing, and creating a code signing certificate and signing an ActiveX component in Windows
- Determine how to protect the ActiveX controls
- Explain the concept of DCOM
- Explain application-level security, security by configuration, and programmatic security
- Explain heap overflow vulnerability
- Describe the tool: DCOMbobulator and the security best practices of DCOM
Module 14: Secure Linux Programming
- What is open source with respect to Linux and the security associated with it
- Describe the basic Linux commands, networking commands, processes, and POSIX capabilities
- Explain UTF-8 security issues, UTF-8 legal values, and secure Linux programming advantages
- Determine the requirements for security measure assurance
- Discuss on enabling the source address verification, Linux iptables and ipchains, and code to save the ip6tables state
- Explain how to control access by MAC address and permitting the SSH access only
- Explain about network access control and layers of security for incoming network connections
- Describe prohibiting root logins on the terminal devices and authentication techniques
- Discuss on authorization controls, running a root login shell, and protecting the outgoing network connections
- Explain logging into a remote host, invoking remote programs and copying remote files
- Describe about public-key authentication between OpenSSH client and server and authenticating in Cron Jobs
- Describe how to protect files, file permissions, shared directory, and encrypting files
- Explain about listing the keyring, signing files, encrypting directories, and POP/IMAP mail server
- Describe about testing an ssl mail connection, securing POP/IMAP with SSL and Pine and SMTP server
- Discuss on testing and monitoring, testing login passwords (John the Ripper), testing login passwords (CrackLib), and testing search path
- Explain how to search file systems effectively, secure device special files, look for rootkits, and tracing processes
- Describe how to observe the network traffic, detect insecure network protocols and intrusion detection with snort
- Discuss on testing a syslog configuration and logwatch filter
- Determine structure program internals and approach, sample code for minimizing privileges, and filters cross-site malicious content on input
- Describe about filter HTML/URIs and avoid buffer overflow,
- Discuss on language-specific issues: C/C++, Perl, Ada, Java, Tcl, and PHP
- Determine Linux application auditing tool: grsecurity
Module 15: Secure Linux Kernel Programming
- Explain what is a kernels
- Describe how to build a Linux kernel and the procedures to be followed post-build
- Determine Linux kernel configuration menu
- Discuss on compiling a Linux kernel
Module 16: Secure Xcode Programming
- Explain what is Xcode
- Explain Mac OS X applications, Cocoa, Carbon, AppleScript, Script Editor, and Script window
- Describe about common data security architecture and securetransport API Set and CSP
- Discuss how to create SSL certificates on Mac OS X server, using SSL with the web server, setting up SSL for LDAP, and how to protect security information
- Describe security in Mac OS X and security management using system preferences
- List the recommended steps to secure Mac OS X
Module 17: Secure Oracle PLSQL Programming
- Explain about PL/SQL and security issues in Oracle
- Discuss on SQL injection attacks and how to defend against SQL injection attacks
- Describe SQL manipulation, code injection attacks, function call injection attacks, buffer overflows, and other vulnerabilities
- Explain DBMS_SQL vulnerability in PL/SQL and protecting DBMS_SQL in PL/SQL
- Discuss on types of database vulnerabilities/attacks and how to establish security policies
- List and explain the password management policies
- List the steps for creating an Oracle label security policy
- Describe Oracle identity management
- Discuss on security tools, Oracle secure backup tool, obfuscation, and encryption using DBMS_CRYPTO
- Describe advanced security options and low level security
- Explain Oracle database vaults: tool, auditing, auditing methods, audit options, view audit trail, FGA, and Oracle auditing tools
- Describe about testing PL/SQL programs and SQL unit testing tools
Module 18: Secure SQL Server Programming
- Explain the SQL server security model, and how to create an SQL server login
- Describe about database user, guest user, permissions, and roles
- Determine the security features of MS-SQL Server 2005 and the additional security features in MS-SQL Server 2008
- List and explain the vulnerabilities in SQL server security
- Discuss on SQL injection attacks and methods to prevent the SQL injection attacks
- Describe Sqlninja: SQL Server Injection and Takeover tool
- Describe data encryption, built-in encryption capabilities, and encryption keys
- Discuss on Transact-SQL, creating asymmetric and symmetric key in T-SQL
- Explain how to create a certificate in T-SQL
- Explain the method to determine SQL server security
- Determine the database programming best practices
- Explain the process of authentication and authorization in SQL server installation
- Describe the process of auditing and intrusion detection
- List and summarize the database security auditing tools
Module 19: Secure Network Programming
- Explain basic network concepts and basic web concepts
- Explain about network programming and benefits of the secure network programming
- Describe about network interface, securing sockets: server and client program
- Discuss on ports, UDP datagram and sockets, Internet address, and content handler
- Describe cookie policy, RMI connector, and .Net: Internet authentication
- Describe network scanning tool- Security Manager Plus, and network programming best practices
Module 20: Windows Socket Programming
- Explain about Windows Sockets, Windows NT and Windows 2000 Sockets architecture, and socket programming
- Discuss on Winsock 2.0, Winsock linking methods, how to start a Winsock 2 API, and grabbing a web page using Winsock
- Discuss on writing client and server applications, TCP client, and server application sample code
- Describe Winsock secure socket extensions, WSAQuerySocketSecurity, SOCKET_SECURITY_SETTINGStructure
- Explain how to use WinSock to execute a web attack, how to use Winsock to execute a remote buffer overflow and MDACDos application
Module 21: Writing Shellcodes
- Explain about shellcode and shellcode development tools
- Describe remote shellcode, port binding shellcode, and clean port binding shellcode
- Discuss on socket descriptor reuse shellcode and socket descriptor reuse shellcode in C
- Describe socket descriptor reuse shellcode: sample code, local shellcode, and byte code
- Discuss on how to break chroot jails and breaking chroot jails on Linux kernels
- Describe Windows shellcode and list the steps to execute the shell code assembly
- Explain the write system call, Linux shellcode for “Hello, world!”, the write system call in FreeBSD
- Discuss on various system calls and assembly creation
Module 22: Writing Exploits
- Explain the steps involved in writing exploits and targeting vulnerabilities
- Discuss on the remote and local exploits and a two-stage exploit
- Describe format string attacks, fixing format string bugs, and user-supplied format string vulnerability CVE-2000-0763 in xlockmore
- Explain TCP/IP vulnerabilities and race conditions
- Discuss on file race conditions, signal race conditions, and input validation error in man program
- Describe writing exploits and vulnerability checking programs and stack overflow exploits
- Describe memory organization, stack overflows, heap corruption exploits, Doug Lea malloc, and Dlmalloc chunk
- Discusse on OpenSSL SSLv2 malformed client key remote buffer overflow vulnerability CAN-2002-0656
- Describe about exploitation, complication, integer bug exploits, integer wrapping, and bypassing size checks
- Discuss on how to use the metasploit framework
- Explain how to determine attack vector, select a control vector, find a return address, and select the search method in the metasploit Opcode database
- Explain the how to insert the return address, verify return address reliability, and increase reliability with a Nop Sled
- How to choose a payload and encoder and list of available encoders
- Describe integrating exploits into framework
Module 23: Programming Port Scanners and Hacking Tools
- Explain about port scanner, simple port scanners, and prerequisites for writing a port scanner
- Describe port scanner in C++, port scanner in C#, building a simple port scanner in VC++, port scanner in Java, port scanner in ASP.Net, port scanner in Perl, and port scanner in PHP
- Discuss on libpcap, saving captured packets to a file, and the Wiretap library
- Explain Nessus Attack Scripting Language (NASL), and porting to and from NASL
- Describe Metasploit Framework (MSF), executing an exploit using msfconsole and writing basic rules
- Discuss on rule header, rule options, optimizing rules, testing rules, and writing detection plugins, and Netcat source code
Module 24: Secure Mobile Phone and PDA Programming
- Explain about mobile phone programming and different OS architectures in the mobile phone
- Discuss on Symbian Operating System and guidelines for securing Symbian OS
- Describe about Palm OS, Palm OS vulnerabilities, HotSync vulnerability, and Creator ID switching
- Determine Windows mobile, calling secure web services, and security practices for Windows mobile programming
- Discuss on comparison of the common programming tasks, PDA programming, PDA security issues, and security policies for PDAs
- Discuss on PDA security products and security vendors
- Describe Java platform, Micro edition (Java ME), Java ME architecture, and Java ME security issues
- Describe about the CLDC security, Mobile Information Device Profile (MIDP), MIDP security, and programming the BlackBerry with Java ME
- Determine Security and Trust Services API (SATSA) for Java ME: the security APIs and certificate enrollment in SATSA
- Discuss on data integrity with message digests, data confidentiality: using ciphers for data encryption
- Explain security issues and attacks in bluetooth and bluetooth security
- Describe various tools such as BlueKey, BlueWatch, BlueSweep, etc.,
- Determine mobile phone security tips and defending cell phones and PDAs against attack
- Describe the antivirus tools for mobile devices
Module 25: Secure Game Designing
- Explain about game designing, console games, mobile games, online games, offline games, and Wii games
- Determine threats to online gaming, threats to online gaming: cheating
- Describe about various tools such as Multimedia Fusion 2, Adventure Game Studio, Game Maker, FPS and Stagecast Creator and the Scrolling Game Development Kit
- Explain about game engine and best practices for secure game designing
Module 26: Securing E-Commerce Applications
- Describe the purpose of secure E-Commerce application, and E-Business concepts: Secure Electronic Transaction (SET)
- Discuss on using SET
- Discuss about Secure Socket Layer (SSL) and SSL certificates
- Discuss about VeriSign SSL certificates and Entrust SSL certificates
- Explain about concept and functioning of: Digital certificates, Digital Signature, and Digital Signature technology
- Describe about Digital Signature algorithm: Signature Generation/Verification and ECDSA, ElGamal signature scheme
- Explain guidelines for developing secure E-Commerce applications
Module 27: Software Activation, Piracy Blocking, and Automatic Updates
- Explain about software activation and software activation process
- Describe about software activation and its advantages
- Discuss on activation explained, online license management server, and activation policies
- Describe policy control parameters, piracy, and the effects of piracy
- Explain piracy blocking, Digital Rights Management (DRM), and software piracy protection strategies
- Describe copy protection for DVD, Application Framework: DVD Copy Protection System, and content protection during digital transmission
- Explain about watermark system design issues, cost effectiveness, false positives rate, and interaction with MPEG compression
- Describe about detector placement, copy generation management, and the Crypkey tool
- Describe about EnTrial key generation, EnTrial distribution file, and EnTrial product and package initialization dialog
- Discuss on Windows automatic updates, options for setting up Windows automatic updates on XP and Vista, automatic updates option on: AVG antivirus, Internet Explorer, and Mozilla Firefox
Module 28: Secure Application Testing
- Explain the Software Development Life Cycle (SDLC), introduction to testing, and the types of testing
- Discuss on white box testing, types of white box testing, dynamic white box testing, integration testing, regression testing, system testing, and black box testing
- Describe about load testing and strategies, functional testing, and list the testing steps
- Explain how to create a test strategy, test plans, test cases, and test data
- Discuss bug fixing, and retesting
- Discuss on classic testing mistakes and user interface errors
- Determine good user interfaces
- Discuss on use of the automatic testing and tools
- Prepare a generic code review checklist, and software testing best practices
- List and summarize various testing tools
- Describe real-time testing
Module 29: Writing Secure Documentation and Error Messages
- Describe about error messages, the categories and what a good error message is
- Determine error messages in well-designed applications, examples, and miscommunications in the error messages
- Prepare a error message usability checklist
- Describe guidelines for creating effective error messages
- List the best practices for designing error messages
- Explain the security issues in error messages
- Describe about security precautions in documentation
|
No comments:
Post a Comment