Standards in this Framework
Standard | Lessons |
---|---|
CS3S-1.1
Describe and discuss key concepts in security, including confidentiality, integrity and availability, authentication, and access control. |
|
CS3S-1.2
Describe and discuss key concepts in cybersecurity, including cryptology, cryptography, cryptanalysis, cipher, cryptographic algorithm, private and public key encryption, public key infrastructure, and trust/trustworthiness. |
|
CS3S-1.3
Discuss the basic concepts of probability, random variables and probability distributions as they apply to information theory and cryptography. |
|
CS3S-2.1
Demonstrate the techniques to transform plaintext into ciphertext, the use of hash functions for authentication and data integrity, and the use of private and public key encryption. |
|
CS3S-2.2
Investigate security vulnerabilities in various data structures, such as out-of-bounds arrays and buffer overflows. |
|
CS3S-3.1
Discuss various types of cyberattacks on software and software systems along with possible countermeasures and security controls that minimize risk and exposure |
|
CS3S-3.2
Discuss current industry standards, tools, and security practices in software development, including use of multiple layers of defenses, wireless security, and risks in 3rd party applications and libraries. |
|
CS3S-4.1
Explain the tradeoffs of developing a program in a typesafe language Implement secure coding and testing techniques including input validation, data sanitization, and exception handling. |
|
CS3S-4.2
Describe when and how to properly use open source vs. closed source software. |
|
CS3S-4.3
Examine the need to update software to fix security vulnerabilities. |
|
CS3S-5.1
Discuss the role of software security in a company-wide security policy. |
|
CS3S-5.2
Develop Secure Software Development Lifecycle. |
|
CS3S-5.3
Perform software security audit on a peer-reviewed project. |
|