Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
CISSP Cert Prep (2021): 8 Software Development Security

CISSP Cert Prep (2021): 8 Software Development Security

2h 45mAdvanced2022-02-28

Authors

Mike Chapple

Mike Chapple

Teaching Professor at the University of Notre Dame

Course details

Are you preparing to take the Certified Information Systems Security Professional (CISSP) exam, or are you a cybersecurity professional pursuing a better understanding of secure coding practices? In this course, instructor Mike Chapple provides you with the detailed information you need to get ready for the Software Development Security domain of the 2021 CISSP exam. Mike explains software development security practices as needed to complete the exam. He covers the software development lifecycle, code review, software testing, and common software security issues. Mike also discusses secure coding practices, security considerations for cloud computing, and software security assessment.

Skills covered

Software Development SecurityIncident ResponseCybersecurityCert Prep

Concepts

0. Introduction

  • 01 - Software development security
  • 02 - What you need to know
  • 03 - Study resources

1. Software Development Lifecycle

  • 04 - Software platforms
  • 05 - Development methodologies
  • 06 - Maturity models
  • 07 - Change management
  • 08 - Automation and DevOps
  • 09 - Programming languages
  • 10 - Acquired software

2. Software Quality Assurance

  • 11 - Code review
  • 12 - Software testing
  • 13 - Code security tests
  • 14 - Fuzz testing
  • 15 - Code repositories
  • 16 - Application management
  • 17 - Third-party code
  • 18 - Software risk analysis and mitigation

3. Application Attacks

  • 19 - OWASP Top 10
  • 20 - Application security
  • 21 - Preventing SQL injection
  • 22 - Understanding cross-site scripting
  • 23 - Request forgery
  • 24 - Defending against directory traversal
  • 25 - Overflow attacks
  • 26 - Explaining cookies and attachments
  • 27 - Session hijacking
  • 28 - Code execution attacks
  • 29 - Privilege escalation
  • 30 - Driver manipulation
  • 31 - Memory vulnerabilities
  • 32 - Race condition vulnerabilities

4. Secure Coding Practices

  • 33 - Input validation
  • 34 - Parameterized queries
  • 35 - Authentication session management issues
  • 36 - Output encoding
  • 37 - Error and exception handling
  • 38 - Code signing
  • 39 - Database security
  • 40 - Data deidentification
  • 41 - Data obfuscation

5. Cloud Computing

  • 42 - What is the cloud
  • 43 - Cloud computing roles
  • 44 - Drivers for cloud computing
  • 45 - Security service providers
  • 46 - Cloud activities and the cloud reference architecture
  • 47 - Cloud deployment models
  • 48 - Cloud service categories

Conclusion

  • 49 - Continuing your studies

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal