Web Application Security

本课程是 Microsoft Front-End Developer 专业证书的一部分

位教师： Microsoft

访问权限由 New York State Department of Labor 提供

1,895 人已注册

4个模块

深入了解一个主题并学习基础知识。

15 条评论

初级等级

推荐体验

4 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

4个模块

深入了解一个主题并学习基础知识。

15 条评论

初级等级

推荐体验

4 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

您将获得的技能

Data Integrity
Open Web Application Security Project (OWASP)
Secure Coding
Data Security
Web Applications
Microsoft Copilot
Security Controls
Application Security
Authentications
Authorization (Computing)
Vulnerability Assessments
Encryption
Data Validation
技能部分已折叠。显示 9 项技能，共 13 项。

要了解的详细信息

可分享的证书

添加到您的领英档案

作业

32 任务¹

AI 评分请参见免责声明

授课语言：英语（English）

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

积累 Mobile and Web Development 领域的专业知识

本课程是 Microsoft Front-End Developer 专业证书专项课程的一部分

在注册此课程时，您还会同时注册此专业证书。

向行业专家学习新概念
获得对主题或工具的基础理解
通过实践项目培养工作相关技能
通过 Microsoft 获得可共享的职业证书

该课程共有4个模块

This course covers essential web security concepts and secure coding practices. You’ll learn to identify common vulnerabilities, implement protection techniques, and leverage Microsoft Copilot to detect and fix security issues in web applications.

By the end of this program, you will be able to… Define common web application vulnerabilities and principles of secure coding. Explain the concepts and impacts of SQL injection, XSS, CSRF, input validation techniques, and best practices for authentication and authorization. Describe the importance of output encoding, sanitization, secure data storage, and transmission. Enhance the security of web applications with Microsoft Copilot to detect vulnerabilities, fix issues, and implement secure coding practices.

In this module, you will explore the most prevalent security vulnerabilities in web applications and their potential impact. You’ll learn how attacks such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) exploit security flaws, compromising data integrity and user privacy. Through real-world examples, you’ll analyze how these threats manifest and the consequences they can have on web applications. By the end of this module, you’ll have a deeper understanding of these vulnerabilities and the critical need for secure coding practices to mitigate risks.

涵盖的内容

25个视频12篇阅读材料10个作业1个非评分实验室1个插件

25个视频总计105分钟

Course Introduction: Web Application Security 2分钟
Instructor Introduction 2分钟
The What’s What of the Course 3分钟
Completing the Guided Labs 4分钟
Introducing the AI Tool: Microsoft Copilot 3分钟
How to Be Successful in This Program 5分钟
Introduction to the Capstone Project 2分钟
Introduction: Common Vulnerabilities 1分钟
Identifying Common Web Vulnerabilities 4分钟
Practical Impact of Vulnerabilities 3分钟
Comparing Vulnerabilities 4分钟
How SQL Injection Works 4分钟
Mitigating SQL Injection 3分钟
Implementing SQL Injection Mitigation 7分钟
How XSS Works 3分钟
Mitigating XSS Vulnerabilities 4分钟
XSS Exploitation and Mitigation in Action 9分钟
How CSRF Works 7分钟
Mitigating CSRF 5分钟
Demonstrating CSRF Exploitation and Mitigation 6分钟
SQL Injection Case Study 6分钟
XXS Injection Case Study 6分钟
CSRF Case Study 4分钟
Analyzing and Mitigating Web Vulnerabilities 6分钟
Conclusion: Common Vulnerabilities (e.g., SQL Injection, XSS, CSRF) 1分钟

12篇阅读材料总计135分钟

Course Syllabus: Web Application Security 5分钟
Completing the Guided Labs 30分钟
Microsoft Tools for Front-End Development 10分钟
Activity: Vulnerability Comparison Table - Answer Key 10分钟
Overview of Common Web Application Vulnerabilities 10分钟
Overview of Common Web Vulnerabilities 10分钟
Activity: SQL Injection Mitigation Practice - Answer Key 10分钟
Mitigating SQL Injection: Practical Strategies 10分钟
Activity: Preventing XSS in a Sample Application - Answer Key 10分钟
Mitigating XSS: Input Validation and Encoding 10分钟
Activity: Implementing CSRF Prevention in a Web Application - Answer Key 10分钟
You Try It! Analyzing and Mitigating Web Vulnerabilities - Answer Key 10分钟

10个作业总计310分钟

Graded Quiz: Common Vulnerabilities (e.g., SQL Injection, XSS, CSRF) 50分钟
Activity: Vulnerability Comparison Table 30分钟
Practice Quiz: Introduction to Web Application Vulnerabilities 25分钟
Activity: SQL Injection Mitigation Practice 30分钟
Practice Quiz: SQL Injection 30分钟
Activity: Preventing XSS in a Sample Application 30分钟
Practice Quiz: Cross-Site Scripting (XSS) 30分钟
Activity: Implementing CSRF Prevention in a Web Application 30分钟
Practice Quiz: Cross-Site Request Forgery (CSRF) 30分钟
Practice Quiz: Mitigating Web Vulnerabilities 25分钟

1个非评分实验室总计60分钟

You Try It! Analyzing and Mitigating Web Vulnerabilities 60分钟

1个插件总计15分钟

Guided Lab: Analyzing and Mitigating Web Vulnerabilities 15分钟

In this module, you will learn the fundamental principles of secure coding and how they help protect web applications from common security threats. You'll explore techniques for input validation, output encoding, and data sanitization to prevent malicious attacks. Additionally, you’ll gain insight into best practices for authentication, authorization, and secure data storage and transmission. By the end of this module, you’ll understand how to implement security-focused development practices that strengthen application defenses and safeguard user data.

涵盖的内容

18个视频9篇阅读材料6个作业4个非评分实验室4个插件

18个视频总计79分钟

Introduction: Secure Coding Practices and Input Validation 1分钟
Overview of Secure Coding Principles 5分钟
Secure Development Lifecycle (SDL) 3分钟
Types of Input Validation 3分钟
Implementing Input Validation in Code 8分钟
Implementing Input Validation in a Web Application - Guided Lab Video 4分钟
Encoding Techniques 4分钟
Implementing Encoding Techniques in Code 6分钟
Sanitization Practices 3分钟
Encoding and Sanitization in a Web Application - Guided Lab Video 5分钟
Authentication Techniques 4分钟
Authentication Techniques Passkeys 4分钟
Authorization Techniques – Implementing Role-Based Access Control (RBAC) 5分钟
Implementing Authentication and Authorization in a Web Application - Guided Lab Video 9分钟
Encryption Techniques for Secure Data Storage 3分钟
Secure Transmission With TLS/SSL Protocols 5分钟
Secure Data Storage and Transmission in a Web Application - Guided Lab Video 5分钟
Conclusion: Secure Coding Practices and Input Validation 1分钟

9篇阅读材料总计90分钟

Foundations of Secure Coding: Key Principles and the SDL 10分钟
You Try It! Implementing Input Validation in a Web Application - Answer Key 10分钟
Practical Input Validation Techniques for Secure Web Applications 10分钟
You Try It! Encoding and Sanitization in a Web Application - Answer Key 10分钟
Encoding and Sanitization Cheat Sheet 10分钟
You Try It! Implementing Authentication and Authorization in a Web Application - Answer Key 10分钟
Authentication and Authorization Best Practices 10分钟
You Try It! Secure Data Storage and Transmission in a Web Application - Answer Key 10分钟
Encryption and Secure Transmission Reference Guide 10分钟

6个作业总计170分钟

Graded Quiz: Secure Coding Practices and Input Validation 50分钟
Practice Quiz: Principles of Secure Coding 15分钟
Practice Quiz: Implementing Input Validation 25分钟
Practice Quiz: Encoding and Sanitization Techniques 30分钟
Practice Quiz: Implementing Secure Authentication and Authorization 25分钟
Practice Quiz: Secure Data Storage and Transmission Techniques 25分钟

4个非评分实验室总计240分钟

You Try It! Implementing Input Validation in a Web Application 60分钟
You Try It! Encoding and Sanitization in a Web Application 60分钟
You Try It! Implementing Authentication and Authorization in a Web Application 60分钟
You Try It! Secure Data Storage and Transmission in a Web Application 60分钟

4个插件总计60分钟

Guided Lab: Implementing Input Validation in a Web Application 15分钟
Guided Lab: Encoding and Sanitization in a Web Application 15分钟
Guided Lab: Implementing Authentication and Authorization in a Web Application 15分钟
Guided Lab: Secure Data Storage and Transmission in a Web Application 15分钟

In this module, you will discover how Microsoft Copilot can assist in detecting and mitigating security vulnerabilities in web applications. You’ll learn how to leverage Copilot’s AI-powered capabilities to identify security flaws in code, apply fixes, and reinforce secure coding best practices. Additionally, you’ll explore how Copilot can be integrated into a comprehensive security review process to enhance application security. By the end of this module, you’ll be equipped to use Microsoft Copilot as a valuable tool in securing web applications against potential threats.

涵盖的内容

10个视频10篇阅读材料11个作业4个非评分实验室

10个视频总计40分钟

Overview of Security Vulnerability Detection 3分钟
Using Copilot to Detect Vulnerabilities 5分钟
Understanding Copilot’s Recommendations 3分钟
Applying Fixes With Copilot 7分钟
Secure Coding Recommendations from Copilot 4分钟
Overview of Comprehensive Security Reviews 4分钟
Performing a Security Review With Copilot 5分钟
Understanding the Limits of AI Security Recommendations 3分钟
Comparing AI Recommendations With Manual Reviews 5分钟
Conclusion: Using Microsoft Copilot for Identifying and Fixing Security Issues 2分钟

10篇阅读材料总计90分钟

Activity: Detecting Vulnerabilities Using Microsoft Copilot - Answer Key 10分钟
You Try It! Detecting Vulnerabilities Using Microsoft Copilot - Answer Key 10分钟
Activity: Fixing Vulnerabilities Using Microsoft Copilot - Answer Key 10分钟
You Try It! Fixing Vulnerabilities Using Microsoft Copilot - Answer Key 10分钟
Activity: Implementing Secure Coding Practices Using Copilot - Answer Key 10分钟
You Try It! Implementing Secure Coding Practices Using Copilot - Answer Key 10分钟
Secure Coding Practices With Copilot 10分钟
Activity: Conducting a Comprehensive Security Review Using Copilot - Answer Key 5分钟
You Try It! Conducting a Comprehensive Security Review Using Copilot - Answer Key 10分钟
Activity: Create a Security Evaluation Report - Answer Key 5分钟

11个作业总计295分钟

Graded Quiz: Using Microsoft Copilot for Identifying and Fixing Security Issues 50分钟
Activity: Detecting Vulnerabilities Using Microsoft Copilot 30分钟
Practice Quiz: Identifying Security Vulnerabilities With Microsoft Copilot 20分钟
Activity: Fixing Vulnerabilities Using Microsoft Copilot 30分钟
Practice Quiz: Fixing Security Issues Using Microsoft Copilot 25分钟
Activity: Implementing Secure Coding Practices Using Copilot 30分钟
Practice Quiz: Applying Secure Coding Practices Using Copilot 15分钟
Activity: Conducting a Comprehensive Security Review Using Copilot 30分钟
Practice Quiz: Comprehensive Security Review With Microsoft Copilot 20分钟
Activity: Create a Security Evaluation Report 30分钟
Practice Quiz: Evaluating AI-Driven Security Practices 15分钟