We may earn an affiliate commission when you visit our partners.
(ISC)² Education & Training
Welcome to Systems and Application Security Course!
In the Systems and Application Security Course, you will gain an understanding of computer code that can be described as harmful or malicious. Both technical and non-technical attacks will be discussed. You will learn how an organization can protect itself from these attacks. You will learn concepts in endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.
Objectives
1. Identify malicious code activity
2. Describe malicious code and the various countermeasures
Read more
Welcome to Systems and Application Security Course!
In the Systems and Application Security Course, you will gain an understanding of computer code that can be described as harmful or malicious. Both technical and non-technical attacks will be discussed. You will learn how an organization can protect itself from these attacks. You will learn concepts in endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.
Objectives
1. Identify malicious code activity
2. Describe malicious code and the various countermeasures
Read more
Welcome to Systems and Application Security Course!
In the Systems and Application Security Course, you will gain an understanding of computer code that can be described as harmful or malicious. Both technical and non-technical attacks will be discussed. You will learn how an organization can protect itself from these attacks. You will learn concepts in endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.
Objectives
1. Identify malicious code activity
2. Describe malicious code and the various countermeasures
3. Describe the processes for operating endpoint device security
4. Define mobile device management processes
5. Describe the process for configuring cloud security
6. Explain the process for securing big data systems
7. Summarize the process for securing virtual environments
Register for this course and see more details by visiting:
OpenCourser.com/course/hgt4fv/systems
Two deals to help you save
Save money when you learn. Here are two deals and offers that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid until July 14
Coursera Plus Annual
Work toward what's next for your career with access to 10,000+ programs. Discover emerging skills and save.
Up to
40%
off
Get offer
Valid until August 30
Google AI App Builder
Learn how to use Gemini API and API Studio with a three-course series from Google DeepMind
Take
100%
off
Get offer
What's inside
Syllabus
Identify and Analyze Malicious Code and Activity
Module Topics: Malicious Code, Malicious Code Countermeasures, Exploitation, Insider Threats, Spoofing, Phishing, Spam, and Botnet, Malicious Web Activity, Payloads, Malicious Activity Countermeasures, Malcode Mitigation, and Common Mistakes. Malicious Code includes topics like Key concepts, Example Worms, Polymorphic Viruses, Software Exploitation Methods, Scanners, Generations of Antivirus Scanning Software, Generic Decryption (GD) Technology, Behavior-Blocking Software, Antivirus Software on the Firewall and IDS, Code signing, Code Signing Certificates, Sandboxing, Virtual Machine (VM), Social Engineering, Additional Examples of Social Engineering Attacks, and Security Awareness Training. Under the topic of Exploitation, you will learn about Long File Extensions, Fake Icon, Hostile Codecs, and E-mail. In Insider Threats, you will learn about Indicators of Malicious Threat Activity, Countermeasures, Direction, Prevention, and Deterrence Methods, Continual Training, and Insider Hardware Threats. In Spoofing, Phishing, Spam, and Botnets, you will learn about Spoofing, Examples of Spoofing, Phishing, Common Characteristics of Forged E-Mail Messages, Techniques, How Phishing Works, Impact of Phishing, How to Recognize a Phishing E-Mail, Spam, Spam Distribution Channels, How Does Spam Work?, Spam Techniques, Protecting users From Spam, Botnets, How Are Botnets Created?, Botnet-Led Exploits, Botnet Detection and Mitigation, Common Botnet Detection and Mitigation Techniques. In Malicious Web Activity, you will go through topics like Mobomarket Attack, Cross-site Scripting (XSS) Attacks, The Theory of XSS, XSS Attack Vectors, Is the Organization's Site Vulnerable to Cross-Site Scripting? Example of a Cross-Site Scripting Attack, How to check for Cross-Site Scripting Vulnerabilities, Zero-Day Exploits and Advanced Persistent Threats (APTS), Unknown Vulnerabilities management Process, Five Phases of APT, Brute-Force Attacks, Instant Messaging, Infected Factory Builds and Media, man-in-the-Middle Malcode, Malicious Activity Countermeasures, Network Layer, Application Layer, Modified Hosts File and DNS Changes, Inspection of Process, Rootkit, Rootkit Classifications, Behavioral Analysis of Malcode, and Static File Analysis.
Read more
Syllabus
Identify and Analyze Malicious Code and Activity
Module Topics: Malicious Code, Malicious Code Countermeasures, Exploitation, Insider Threats, Spoofing, Phishing, Spam, and Botnet, Malicious Web Activity, Payloads, Malicious Activity Countermeasures, Malcode Mitigation, and Common Mistakes. Malicious Code includes topics like Key concepts, Example Worms, Polymorphic Viruses, Software Exploitation Methods, Scanners, Generations of Antivirus Scanning Software, Generic Decryption (GD) Technology, Behavior-Blocking Software, Antivirus Software on the Firewall and IDS, Code signing, Code Signing Certificates, Sandboxing, Virtual Machine (VM), Social Engineering, Additional Examples of Social Engineering Attacks, and Security Awareness Training. Under the topic of Exploitation, you will learn about Long File Extensions, Fake Icon, Hostile Codecs, and E-mail. In Insider Threats, you will learn about Indicators of Malicious Threat Activity, Countermeasures, Direction, Prevention, and Deterrence Methods, Continual Training, and Insider Hardware Threats. In Spoofing, Phishing, Spam, and Botnets, you will learn about Spoofing, Examples of Spoofing, Phishing, Common Characteristics of Forged E-Mail Messages, Techniques, How Phishing Works, Impact of Phishing, How to Recognize a Phishing E-Mail, Spam, Spam Distribution Channels, How Does Spam Work?, Spam Techniques, Protecting users From Spam, Botnets, How Are Botnets Created?, Botnet-Led Exploits, Botnet Detection and Mitigation, Common Botnet Detection and Mitigation Techniques. In Malicious Web Activity, you will go through topics like Mobomarket Attack, Cross-site Scripting (XSS) Attacks, The Theory of XSS, XSS Attack Vectors, Is the Organization's Site Vulnerable to Cross-Site Scripting? Example of a Cross-Site Scripting Attack, How to check for Cross-Site Scripting Vulnerabilities, Zero-Day Exploits and Advanced Persistent Threats (APTS), Unknown Vulnerabilities management Process, Five Phases of APT, Brute-Force Attacks, Instant Messaging, Infected Factory Builds and Media, man-in-the-Middle Malcode, Malicious Activity Countermeasures, Network Layer, Application Layer, Modified Hosts File and DNS Changes, Inspection of Process, Rootkit, Rootkit Classifications, Behavioral Analysis of Malcode, and Static File Analysis.
Read more
Traffic lights
Traffic lights
Read about what's good
what should give you pause and
possible dealbreakers
Examines endpoint device security, cloud infrastructure security, securing big data systems, and virtual environments, which is standard in industry
Develops technical and non-technical attack identification skills, which are core skills for security analysts in any setting
Develops endpoint device security management skills, which are core skills for security analysts and system administrators
Develops cloud security management skills, which are essential for cloud security architects, administrators, and auditors
Develops big data system security management skills, which are essential for big data security analysts, administrators, architects, and auditors
Develops virtual environment security management skills, which are essential for virtualization system administrators and virtual environment security analysts
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Reviews summary
Introductory systems and application security
According to learners, this course provides a solid foundation in systems and application security concepts. Many highlight the clear explanations and structured modules as particularly helpful for understanding the basics. Reviewers found the course useful for entry-level knowledge and as a good starting point for career preparation, especially for the ISC2 CC exam. While generally positive, some mentioned that the course is quite theoretical and could benefit from more hands-on labs or practical examples for deeper learning. Overall, it is seen as a well-structured and accessible introduction to the field.
Helpful for ISC2 CC exam preparation.
"This course was instrumental in preparing me for the ISC2 Certified in Cybersecurity (CC) exam."
"It covers the necessary domains for the CC certification well."
"Used this as a study aid for the ISC2 CC exam, and it was very relevant."
"Good alignment with the ISC2 CC body of knowledge."
Excellent starting point for new learners.
"Perfect course if you are just starting out in cybersecurity."
"This course is very helpful for someone new to the field."
"It gave me a comprehensive overview as a beginner."
"Definitely recommend this for entry-level security learning."
Complex topics explained clearly and simply.
"The explanations were very clear and easy to follow, even for challenging topics."
"I appreciate how the instructor broke down complex ideas into understandable parts."
"The videos and readings explained everything simply."
"Excellent clarity in explaining security terminologies and threats."
Provides a strong base in security concepts.
"This course provides a solid foundation for understanding the key concepts in systems and application security."
"I feel much more confident in my understanding of security principles after taking this course."
"It's a great starting point for anyone new to the field, laying down the fundamental knowledge effectively."
"Gave me a good foundational understanding of various security topics."
Primarily focused on theoretical knowledge.
"The course is very theory-heavy, which is good for understanding but less so for practical application."
"It's more about concepts and definitions than how to actually implement security measures."
"Focused more on explaining 'what' things are rather than 'how' they work in practice."
"Strong on theoretical concepts, less on practical skills."
Could use more hands-on exercises.
"While the theory is good, I wish there were more hands-on labs to practice the concepts."
"It felt a bit too theoretical at times; practical examples or demos would improve it."
"More practical exercises would enhance the learning experience significantly."
"Could benefit from hands-on activities to solidify understanding."
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Systems and Application Security with these
activities:
Review essential programming fundamentals
Show steps
Review the basics of programming to solidify your foundation in the subject and prepare for the advanced concepts covered in the course.
Browse courses on
Variables and Data Types
Show steps
-
Go over your notes or textbooks from previous programming courses.
-
Solve practice problems or coding challenges to test your understanding.
-
Review online tutorials or resources on the concepts you are less confident in.
Form a study group with classmates or peers
Show steps
Collaborate with peers to discuss concepts, ask questions, and work on projects together to enhance your learning experience and build a supportive learning community.
Show steps
-
Reach out to classmates or fellow students to form a study group.
-
Schedule regular meetings to discuss course materials and assignments.
-
Collaborate on projects or practice exercises together.
Practice reading and writing malicious code
Show steps
Gain hands-on experience in identifying and analyzing malicious code to improve your understanding of cyber threats and vulnerabilities.
Show steps
-
Find a dataset of malicious code samples online.
-
Use tools like IDA Pro or Ghidra to disassemble and analyze the code.
-
Identify the malicious functionality and techniques used.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Read 'Network Security Essentials: Applications and Standards' by William Stallings
Show steps
Gain a comprehensive understanding of network security principles and standards to enhance your knowledge of the subject and prepare for industry certifications like the CISSP.
View
Network Security Essentials: Applications and...
on Amazon
Show steps
-
Read through the book thoroughly, taking notes and highlighting important concepts.
-
Complete the exercises and review questions at the end of each chapter to test your comprehension.
-
Use the book as a reference guide for future studies and projects.
Set up a lab environment for security testing
Show steps
Build a practical understanding of security testing by setting up your own lab environment and conducting vulnerability assessments to strengthen your hands-on skills.
Browse courses on
Security Testing
Show steps
-
Choose a virtualization platform like VirtualBox or VMware.
-
Install operating systems and security tools on your virtual machines.
-
Follow tutorials or online resources to set up a basic security testing lab.
Develop a security plan for a small business or organization
Show steps
Apply your understanding of security concepts to a practical scenario by creating a security plan to enhance your ability to protect organizations from cyber threats.
Browse courses on
Security Planning
Show steps
-
Identify the organization's security requirements and goals.
-
Conduct a risk assessment to identify potential vulnerabilities.
-
Develop and document a comprehensive security plan that addresses the identified risks.
Compile a resource library on endpoint security best practices
Show steps
Gather and organize valuable resources on endpoint security to deepen your understanding of best practices and enhance your knowledge in this critical area.
Browse courses on
Endpoint Security
Show steps
-
Collect articles, white papers, and security advisories related to endpoint security.
-
Create a repository like a Google Doc, Notion page, or GitHub gist to store the resources.
-
Categorize and organize the resources for easy access and reference.
Attend a cybersecurity workshop or conference
Show steps
Engage with industry experts and learn about the latest trends and advancements in cybersecurity to expand your knowledge and network with professionals in the field.
Show steps
-
Research and identify relevant cybersecurity workshops or conferences.
-
Register and attend the event.
-
Actively participate in sessions, ask questions, and network with attendees.
Review essential programming fundamentals
Show steps
Review the basics of programming to solidify your foundation in the subject and prepare for the advanced concepts covered in the course.
Browse courses on
Variables and Data Types
Show steps
Show steps
Show steps
- Go over your notes or textbooks from previous programming courses.
- Solve practice problems or coding challenges to test your understanding.
- Review online tutorials or resources on the concepts you are less confident in.
Form a study group with classmates or peers
Show steps
Collaborate with peers to discuss concepts, ask questions, and work on projects together to enhance your learning experience and build a supportive learning community.
Show steps
Show steps
Show steps
- Reach out to classmates or fellow students to form a study group.
- Schedule regular meetings to discuss course materials and assignments.
- Collaborate on projects or practice exercises together.
Practice reading and writing malicious code
Show steps
Gain hands-on experience in identifying and analyzing malicious code to improve your understanding of cyber threats and vulnerabilities.
Show steps
Show steps
Show steps
- Find a dataset of malicious code samples online.
- Use tools like IDA Pro or Ghidra to disassemble and analyze the code.
- Identify the malicious functionality and techniques used.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Read 'Network Security Essentials: Applications and Standards' by William Stallings
Show steps
Gain a comprehensive understanding of network security principles and standards to enhance your knowledge of the subject and prepare for industry certifications like the CISSP.
View
Network Security Essentials: Applications and...
on Amazon
Show steps
Show steps
Show steps
- Read through the book thoroughly, taking notes and highlighting important concepts.
- Complete the exercises and review questions at the end of each chapter to test your comprehension.
- Use the book as a reference guide for future studies and projects.
Set up a lab environment for security testing
Show steps
Build a practical understanding of security testing by setting up your own lab environment and conducting vulnerability assessments to strengthen your hands-on skills.
Browse courses on
Security Testing
Show steps
Show steps
Show steps
- Choose a virtualization platform like VirtualBox or VMware.
- Install operating systems and security tools on your virtual machines.
- Follow tutorials or online resources to set up a basic security testing lab.
Develop a security plan for a small business or organization
Show steps
Apply your understanding of security concepts to a practical scenario by creating a security plan to enhance your ability to protect organizations from cyber threats.
Browse courses on
Security Planning
Show steps
Show steps
Show steps
- Identify the organization's security requirements and goals.
- Conduct a risk assessment to identify potential vulnerabilities.
- Develop and document a comprehensive security plan that addresses the identified risks.
Compile a resource library on endpoint security best practices
Show steps
Gather and organize valuable resources on endpoint security to deepen your understanding of best practices and enhance your knowledge in this critical area.
Browse courses on
Endpoint Security
Show steps
Show steps
Show steps
- Collect articles, white papers, and security advisories related to endpoint security.
- Create a repository like a Google Doc, Notion page, or GitHub gist to store the resources.
- Categorize and organize the resources for easy access and reference.
Attend a cybersecurity workshop or conference
Show steps
Engage with industry experts and learn about the latest trends and advancements in cybersecurity to expand your knowledge and network with professionals in the field.
Show steps
Show steps
Show steps
- Research and identify relevant cybersecurity workshops or conferences.
- Register and attend the event.
- Actively participate in sessions, ask questions, and network with attendees.
Career center
Learners who complete Systems and Application Security will develop knowledge and skills
that may be useful to these careers:
Security Program Manager
Security Program Manager
A Security Program Manager is responsible for planning, implementing, and managing an organization's security program. This includes developing and implementing security policies, managing security risks, and overseeing security operations. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Cybersecurity Manager
Cybersecurity Manager
A Cybersecurity Manager is responsible for planning, implementing, and managing an organization's cybersecurity program. This includes developing and implementing security policies, managing security risks, and overseeing security operations. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
A Chief Information Security Officer (CISO) is responsible for the overall security of an organization's information assets. This includes developing and implementing security policies, managing security risks, and overseeing security operations. The Systems and Application Security course may be useful as it will give you a comprehensive understanding of various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Malware Analyst
Malware Analyst
A Malware Analyst researches and analyzes malicious code, such as viruses, worms, and Trojans. They also develop and implement countermeasures to protect against these threats. The Systems and Application Security course may be useful as it will give you a deep understanding of various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Penetration Tester
Penetration Tester
A Penetration Tester simulates attacks on an organization's computer systems to identify vulnerabilities. They then report these vulnerabilities to the organization so that they can be fixed. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Cyber Threat Intelligence Analyst
Cyber Threat Intelligence Analyst
A Cyber Threat Intelligence Analyst researches and analyzes cyber threats to identify and mitigate them. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Security Consultant
Security Consultant
A Security Consultant provides advice and guidance to organizations on how to improve their security posture. This includes assessing security risks, developing security plans, and implementing security controls. The Systems and Application Security course may be useful as it will give you a broad understanding of various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Data Protection Officer (DPO)
Data Protection Officer (DPO)
A Data Protection Officer (DPO) is responsible for ensuring that an organization complies with data protection regulations. This includes developing and implementing data protection policies, managing data protection risks, and overseeing data protection operations. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Privacy Officer
Privacy Officer
A Privacy Officer is responsible for ensuring that an organization complies with privacy regulations. This includes developing and implementing privacy policies, managing privacy risks, and overseeing privacy operations. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Cybersecurity Analyst
Cybersecurity Analyst
A Cybersecurity Analyst monitors and analyzes an organization's computer systems to identify and mitigate security threats. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
IT Auditor
IT Auditor
An IT Auditor reviews an organization's IT systems and processes to ensure that they are secure and compliant with regulations. The Systems and Application Security course may be useful as it will teach you about various types of malicious code, how to identify and mitigate them, and how to secure endpoint devices, cloud infrastructure, big data systems, and virtual environments.
Network Security Engineer
Network Security Engineer
A Network Security Engineer designs, implements, and maintains an organization's network security systems. This includes firewalls, intrusion detection systems, and access control lists. The Systems and Application Security course may be useful as it will teach you about various types of malicious code and how to identify and mitigate them. This course also covers endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.
Information Security Analyst
Information Security Analyst
An Information Security Analyst is in charge of protecting their organization's networks and computer systems from a range of threats. To do this, they monitor computer systems, analyze security breaches, and develop security plans. The Systems and Application Security course may be useful as it will teach you about various types of malicious code and how to identify and mitigate them. This course also covers endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.
Cloud Security Engineer
Cloud Security Engineer
A Cloud Security Engineer designs and implements security plans for an organization's cloud computing environment. This includes identifying security risks, developing security policies, and implementing security controls. The Systems and Application Security course may be useful as it will teach you about various types of malicious code and how to identify and mitigate them. This course also covers endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.
Security Architect
Security Architect
A Security Architect designs and implements security plans for an organization. This includes identifying security risks, developing security policies, and implementing security controls. The Systems and Application Security course may be useful as it will teach you about various types of malicious code and how to identify and mitigate them. This course also covers endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.
For more career information including salaries, visit:
OpenCourser.com/course/hgt4fv/systems
Reading list
We've selected seven books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Systems and Application Security.
Save
Provides a comprehensive overview of computer security, covering topics such as the different types of computer security threats, the different types of computer security measures, and how to implement computer security measures.
Provides a comprehensive overview of computer security, covering topics such as the different types of computer security threats, the different types of computer security measures, and how to implement computer security measures.
Save
Provides a detailed overview of network security, covering topics such as the different types of network security threats, the different types of network security measures, and how to implement network security measures.
Provides a detailed overview of cloud security, covering topics such as the different types of cloud computing, the security risks associated with cloud computing, and how to implement cloud security measures.
Provides a comprehensive overview of cloud security, covering topics such as the different types of cloud computing, the security risks associated with cloud computing, and how to implement cloud security measures.
Provides a unique perspective on information warfare, covering topics such as the history of information warfare, the different types of information warfare threats, and the different ways to protect against information warfare attacks.
Save
Provides a comprehensive overview of virtualization security, covering topics such as the different types of virtualization, the security risks associated with virtualization, and how to implement virtualization security measures.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/hgt4fv/systems
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Level
Introductory
Via
Coursera
Institution
ISC2
Instructor
(ISC)² Education & Training
Language
English
Transcripts
Español
Français
Português
Deutsch
Italiano
中文
العربية
한국어
日本語
हिंदी
Nederlands
Svenska
Pусский
Türkçe
Polski
Ελληνικά
українська мова
Bahasa Indonesia
ไทย
қазақша
This course belongs to a
collection
called
(ISC)² Systems Security Certified Practitioner (SSCP) . It's comprised of six courses:
- Security Operations and Administration
- Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
- Cryptography
- Access Controls
- Systems and Application Security (viewing)
- Networks and Communications Security
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser