 |
Please contact us
for GSA pricing
and CMAS pricing.
Contract #
GS-35F-0307T
Contract #
3-09-70-2645A
Recent Training Venues Accelebrate has recently trained for clients in the following cities:
- Huntsville, Alabama
- Montgomery / Birmingham, Alabama
- Anchorage, Alaska
- Edmonton & Calgary, Alberta
- Phoenix, Arizona
- Tucson, Arizona
- Fayetteville / Little Rock, Arkansas
- Amsterdam, The Netherlands / Brussels, Belgium
- Kamloops / Vancouver, British Columbia
- Oakland / San Jose / San Francisco, California
- Sacramento, California
- Oceanside / San Diego, California
- Pasadena / Orange County / Los Angeles, California
- San Bernardino / Riverside, California
- Boulder / Colorado Springs / Denver, Colorado
- Washington, DC
- Wilmington, Delaware
- Manchester / London, England
- Orlando, Florida
- Fort Lauderdale / Miami, Florida
- Gainesville / Jacksonville, Florida
- Saint Petersburg / Tampa, Florida
- Titusville & Melbourne, Florida
- Alpharetta & Atlanta, Georgia
- Augusta & Savannah, Georgia
- Macon & Columbus, Georgia
- Honolulu, Hawaii
- Boise, Idaho
- Bloomington, Illinois
- Chicago, Illinois
- Indianapolis, Indiana
- Cedar Rapids / Des Moines, Iowa
- Dublin, Ireland
- Wichita, Kansas
- Paducah / Lexington / Louisville, Kentucky
- Baton Rouge/New Orleans, Louisiana
- Portland, Maine
- Hagerstown & Frederick, Maryland
- Annapolis / Silver Spring / Baltimore, Maryland
- Boston / Cambridge, Massachusetts
- Hartford, Connecticut / Springfield, Massachusetts
- Ann Arbor / Farmington Hills / Detroit, Michigan
- Grand Rapids, Michigan
- Flint, Michigan
- Saint Paul / Minneapolis, Minnesota
- Jackson, Mississippi
- St. Louis, Missouri
- Whiteman Air Force Base / Kansas City, Missouri
- Lincoln / Omaha, Nebraska
- Reno and Las Vegas, Nevada
- Fredericton / Moncton / Saint John, New Brunswick
- Santa Fe / Albuquerque, New Mexico
- Princeton, New Jersey & Philadelphia, Pennsylvania
- Trenton, New Jersey
- Albany, New York
- Buffalo, New York
- White Plains / New York City, New York
- Charlotte, North Carolina
- Durham / Raleigh, North Carolina
- Bismarck & Fargo, North Dakota
- Halifax, Nova Scotia
- Bowling Green / Toledo, Ohio
- Canton / Akron, Ohio
- Cincinnati, Ohio
- Cleveland & Columbus, Ohio
- Dayton, Ohio
- Tulsa / Oklahoma City, Oklahoma
- Toronto, Ontario
- Portland, Oregon
- Pittsburgh, Pennsylvania
- Québec City / Montreal, Québec
- Providence, Rhode Island
- Saskatoon / Regina, Saskatchewan
- Edinburgh / Glasgow, Scotland
- Columbia & Charleston, South Carolina
- Spartanburg & Greenville, South Carolina
- Stockholm, Sweden
- Chattanooga / Knoxville, Tennessee
- Memphis / Jackson / Nashville, Tennessee
- College Station and Houston, Texas
- El Paso, Texas
- San Antonio / Austin, Texas
- Wichita Falls & Dallas, Texas
- Ogden / Salt Lake City, Utah
- Burlington, Vermont
- Fairfax / Dulles / McLean / Herndon / Reston, Virginia
- Richmond / Alexandria / Arlington, Virginia
- Virginia Beach / Norfolk, Virginia
- Tacoma / Seattle, Washington
- Charleston, West Virginia
- Madison / Milwaukee, Wisconsin
|
|
|
Java Security Training: Java Development for Secure Systems
|
Course Number: JAV-402
GSA/Previous Course Number: 203
Duration: 3 days
view class outline
Java Development for Secure Systems Training Overview
Accelebrate's Java™ Development for Secure Systems training teaches attendees the broad range of Java security challenges and how to successfully remedy them. This course starts with basic concepts of code security - what the Java SE runtime does to protect the system from Java code, and Java code from other Java code - and good secure-coding practices. It then takes students through exercises in basic cryptography skills using the appropriate Java API. Finally, it moves on to enterprise software and the issues related to component-based architectures such as Web applications, EJBs, and Java messaging components.
Location and Pricing
Most Accelebrate courses are taught on-site at our clients' locations worldwide for groups of 3 or more attendees and are customized to their specific needs. Please visit our client list to see organizations for whom we have recently delivered training. These courses can also be delivered as live, private online classes for groups that are geographically dispersed or wish to save on the instructor's or students' travel expenses. To receive a customized proposal and price quote private training at your site or online, please contact us.
In addition, some courses are available as live, online classes for individuals. To see a schedule of online courses, please visit http://www.accelebrate.com/online_training/?action=categorygroup&page=java.
Java Development for Secure Systems Training Prerequisites
- Solid Java programming experience is assumed - both structured and object-oriented techniques. Accelebrate's Core Java is excellent preparation for this course.
- Some knowledge of Java EE architecture and development is also required, though extensive practical experience with Java EE development is not strictly necessary.
Hands-on/Lecture Ratio
This Java training course is 70% hands-on, 30% lecture, with the longest lecture segments lasting for 20 minutes.
Java Development for Secure Systems Training Materials
All attendees will receive comprehensive courseware.
Java Development for Secure Systems Training Objectives
All attendees will learn how to:
- Understand how the Java language and standard-platform architecture solve many low-level security problems for all Java code.
- Design and implement security policies for Java applications, servers, and components.
- Manage keys and certificates for a Java application, and sign code sources as necessary.
- Practice secure design and coding, and balance usability with security in UI and API.
- Sign and verify application data and messages using the JCA, and encrypt/decrypt using the JCE.
- Incorporate JAAS authentication into an application.
- Implement a JAAS LoginModule to connect to your own application data.
- Secure Java EE applications by URL and role, and integrate JAAS authentication.
|
Java Development for Secure Systems Training Outline
- Java SE Security
- Holistic Security Practices
- Threats to the User
- The Class Loader and Bytecode Verifier
- System Classes and the Core API
- SecurityManager and AccessController
- Permissions
- Implication
- CodeSources
- Policies
- Configuring Java SE Security
- Dynamic Policies
- Privileged Actions
- Code Signature and Key Management
- Encryption and Digital Signature
- Keystores
- Keys and Certificates
- Certificate Authorities
- The KeyStore API
- Signing JARs
- Signed CodeSources
- Additional Policy Semantics
- Secure Development Practices: Java SE
- Code Injection
- Final Classes and Methods
- Singletons, Factories, and Flyweights
- Methods, Collections, and Data Hiding
- Sealing JARs
- Code Obfuscation
- Object Serialization
- Cryptography
- Threats to Identity and Privacy
- The Java Cryptography Extensions
- The Signature Class
- SignedObjects
- The Java Cryptography Extensions
- SecretKeys and KeyGenerator
- The Cipher Class
- Dangerous Practices
- HTTP and JSSE
- JAAS
- Pluggable Authentication Logic
- JAAS
- Packages and Interfaces
- Subjects and Principals
- ANDs and ORs
- Impersonation Methods
- Permissions for JAAS Use
- LoginContext and LoginModule
- Configuring JAAS
- CallbackHandler and Callbacks
- Implementing a JAAS Client
- Implementing a LoginModule
- Java EE Security
- Java EE Servers as Code Hosts
- Tomcat Security Configuration
- Declaring Roles
- Securing URLs
- HTTP Authentication Schemes
- Securing EJBs
- Programmatic Security
- JAAS in Java EE
- Realms and LoginModules
- JAAS in Tomcat
- JACC
- Certifying a Java EE Application
- HTTPS Configuration
- Secure Development Practices: Java EE
- Presentation-Tier Vulnerabilities
- User Accounts
- MVC and Security
- Validating User Input
- SQL Injection
- Cross-Site Scripting
- Reflected XSS
- Defeating XSS
- OWASP
- Penetration Testing
- Error Handling and Information Leakage
- Logging and Auditing
- Conclusion
|
| |
Java® and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries.
JBoss® and Hibernate® are registered trademarks of Red Hat, Inc. Accelebrate, Inc. has no affiliation with Red Hat, Inc. and no courses offered by Accelebrate, Inc. are endorsed by Red Hat, Inc. in any way.
WebSphere® is a registered trademark of IBM. Accelebrate, Inc. has no affiliation with IBM. |
|
Accelebrate®
Focuses on You! |
|
Accelebrate’s courses are taught for private groups of 3 or more people at your site or online anywhere worldwide.
Don't settle for a "one size fits all" public class! Have Accelebrate deliver exactly the training you want, privately at your site or online, for less than the cost of a public class.
For pricing and to learn more, please contact us via information request form or phone, or email us at info@accelebrate.com today.
|
|
| |
 This is an excellent course to take whether or not you have taken a Java class before.  |
| |
—Julia Mars
OCLC
Dublin, Ohio |
|
|
