This course explores the security requirements needed in all stages of the software development lifecycle. Learners first examine the functional requirements, and learn that these requirements start as business requirements that are translated into functional requirements. You will then learn the characteristics or properties of nonfunctional requirements, which include security, maintainability, costs, accuracy, reliability, and performance. This 7-video course then covers how security requirements are aligned with functional and nonfunctional requirements. Next, learn that policies are defined by the National Institute of Standards and Technology (NIST), and are broken down to issue-specific policies, system-specific policies, and program policies. Learn how issue-specific policies address defined issues, while system-specific policies are directives geared towards achieving some technical outcome. Finally, this course examines the legal and regulatory requirements, and policy documents that define the security requirements. You will learn that there are several sources of industry-standard legal, compliance and policy standards. This course can be used in preparation for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.
Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Requirements