CISSP® - Software Development Security
This course covers topics that are related to the CISSP® software security domain.
What you'll learn
This CISSP Software Development Security course provides coverage of the Software Development Security (Understanding, Applying, and Enforcing Software Security) domain from the April 2015 ISC2 CISSP® exam objectives.
You will be made familiar with the importance of building security into the development process and learn about system life cycle security, the basics of software development, the different types of threats that applications face, and some countermeasure examples.
This course is focused on the 8th of 8 domains in the CISSP® exam, and as such there will basic to intermediate coverage of many different concepts that CISSP® candidates will be expected to have some understanding of.
The goal of the course will be to ensure the learner has a;
- Basic understanding of the concepts
- Why they are important
- And when they should be used.
Table of contents
- Introduction 2m
- The Cause of Software Vulnerabilities 4m
- Defense in Depth and Input Validation 5m
- Outputs, Cryptography, and Fail Secure 5m
- Memory Protection, Architecture, and Code Review 6m
- Code Reuse, Security Testing, and Patching 7m
- Deployment and Well Defined Systems 5m
- Separation of Duties and Anti-malware 4m
- Audit Trails and Course Conclusion 5m
About the author
With over two decades of experience in the security industry, Lee is a seasoned professional with a proven track record of delivering top-notch security services to a diverse range of organizations. From Internet Service Providers and computer manufacturers to global pharmaceutical companies, public universities, and a major bank, Lee has worked with some of the biggest names in the industry. With experience as a leader of the penetration testing team at a large bank, Lee has developed deep expe... more