Win a copy of OCP Oracle Certified Professional Java SE 11 Programmer I Study Guide: Exam 1Z0-815 this week in the Programmer Certification forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
  • Knute Snortum
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Ron McLeod
  • Carey Brown
  • Paweł Baczyński
  • Piet Souris
  • Vijitha Kumara

IT Security, and certifications

Ranch Hand
Posts: 2103
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Im just searching for a nice addition to my skills.

Besides sounding cool, and probably being the highest-paid career (just like 'physical' security), IT security industry is a nice one.

Any comment about the following (which I am considering because I can get sponsorship on these 2)?

1. Computer Hacking Forensic Investigator (CHFI)
2. Certified Information Systems Security Professional (CISSP)

Any comment on these, or anything on it security in general, as a job, is appreciated.
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Even I am looking at Security certifications related to the programming - java and web application. Where you able to find any information on how useful are those and also any pointers where we can find the material to go over? Any inputs will be really appriciated.

Ranch Hand
Posts: 110
Google Web Toolkit Java Google App Engine
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

If you haven't heard about security in Java (as you've referred maybe trying to refer Java SE) or in Java "web" is because you haven't read enough about Java yet.

There is no such thing as deep study related to security in any of these subjects because any possible breach found will be related to some protocol, infrastructure, operational system, etc that your software written using Java rely on.

What you might find is how-to define security constraints and programmatic security in servlet API. In EJB you might find role validation at metadata(annotation) level or programmatic to do some validation or operation that requires certain level of authorization. Using API's such as JAAS or any other will just take the abstraction higher, but the problems will be the same.

Session forgery, Sniffing, XHR Interception and replay, some exploit on top of some out-of-date protocol / server / software on the server, these are all problems addressed in any technology .. and I'm not talking about another practices such as DoS and so on, you could find a book that talk about this and you should use the mechanism you find that better suits your needs based on what you learn.

Hope it helps you!
Who among you feels worthy enough to be my best friend? Test 1 is to read this tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!