CySA+: Software and Systems Security Competency (Intermediate Level)

  • 25m
  • 25 questions
The CySA+: Software and Systems Security benchmark will measure your ability to recognize key terms and concepts related to software and systems security concepts. You will be evaluated on user account security, software development security, and software vulnerabilities. A learner who scores high on this benchmark demonstrates that they have the skills related to understanding key software and systems security terminology and concepts.

Topics covered

  • configure user permissions in Amazon Web Services
  • create an IAM role in Amazon Web Services
  • create cloud identities in Amazon Web Services
  • deploy Simple Active Directory in Amazon Web Services
  • describe how database injection attacks work
  • discuss how cross-side scripting (XSS) attacks can be used to poison a webserver
  • discuss how misconfigurations of servers increases the likelihood of attacks
  • discuss the importance of staying current with the types and trends of software vulnerabilities
  • enable IAM user MFA
  • identify how software developers create modular, independent, and reusable code
  • isolate larger IT solutions into smaller components for focused testing
  • join a cloud VM to a cloud-based directory service
  • list common PaaS software developer service offerings
  • provide an overview of buffer overflow attacks
  • provide an overview of cross-site request forgery (XSRF) attacks
  • recall how thorough software testing can result in more secure software solutions
  • recall the benefits of using containerized applications
  • recognize common secure coding practices
  • recognize how a directory traversal vulnerability allows an attacker to navigate outside the website directory on a web server
  • recognize how MFA enhances sign-in security
  • recognize how security must be addressed during the entire IT life cycle
  • recognize the role of identity federation across organizations including SSO
  • set permissions to a Linux EXT4 file system
  • set permissions to a Windows NTFS file system
  • use the apktool to reverse engineer an Android application