CISSP 2012 Domain: Software Development Security


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number


Overview/Description
Poorly written systems or applications can allow an attacker to exploit coding errors and thus interrupt the orderly processes of the system or application. This course discusses methods to increase the security of operating system and application development and thwart attacker attempts to manipulate source code. It also covers application and database development models such as the SDLC and how choosing the right model supports security. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC2) for its Certified Information Systems Security Professional (CISSP) certification. The CISSP credential certifies student expertise in ten different knowledge domains.

Target Audience
Mid- and senior-level managers who are working toward or have already attained positions as CISOs, CSOs, or Senior Security Engineers

Expected Duration (hours)
2.0

Lesson Objectives

CISSP 2012 Domain: Software Development Security

  • match issues related to software development with corresponding ways in which they create security vulnerabilities
  • recognize types of attacks used in the enterprise environment
  • determine the appropriate methods to counteract a given attack
  • match types of computer attacks to their corresponding countermeasures
  • match types of malicious code to their corresponding descriptions
  • recognize the purpose of software forensics
  • match types of antivirus software with their corresponding descriptions
  • recognize the type of attack being perpetrated in a given scenario
  • determine the appropriate steps to counteract a given attack
  • recognize the characteristics of knowledge-based systems
  • determine the appropriate development model to use for a given software development project
  • distinguish between various database models and technologies
  • recognize the software development phase a given project team is in
  • determine the appropriate development model to use for a given software development project
  • select the appropriate database model for a given set of criteria

    • Course Number:
    sp_cpte_a04_it_enus