YoVDO

CISSP Cert Prep (2021): 8 Software Development Security

Offered By: LinkedIn Learning

Tags

CISSP Certification Courses Cybersecurity Courses Cloud Computing Courses Software Quality Assurance Courses Secure Coding Practices Courses OWASP Top 10 Courses

Course Description

Overview

Use this course to help you prepare for the Software Development Security domain of the 2021 CISSP exam.

Syllabus

Introduction
  • Software development security
  • What you need to know
  • Study resources
1. Software Development Lifecycle
  • Software platforms
  • Development methodologies
  • Maturity models
  • Change management
  • Automation and DevOps
  • Programming languages
  • Acquired software
2. Software Quality Assurance
  • Code review
  • Software testing
  • Code security tests
  • Fuzz testing
  • Code repositories
  • Application management
  • Third-party code
  • Software risk analysis and mitigation
3. Application Attacks
  • OWASP Top 10
  • Application security
  • Preventing SQL injection
  • Understanding cross-site scripting
  • Request forgery
  • Defending against directory traversal
  • Overflow attacks
  • Explaining cookies and attachments
  • Session hijacking
  • Code execution attacks
  • Privilege escalation
  • Driver manipulation
  • Memory vulnerabiliities
  • Race condition vulnerabilities
4. Secure Coding Practices
  • Input validation
  • Parameterized queries
  • Authentication/session management issues
  • Output encoding
  • Error and exception handling
  • Code signing
  • Database security
  • Data deidentification
  • Data obfuscation
5. Cloud Computing
  • What is the cloud?
  • Cloud computing roles
  • Drivers for cloud computing
  • Security service providers
  • Cloud activities and the cloud reference architecture
  • Cloud deployment models
  • Cloud service categories
Conclusion
  • Continuing your studies

Taught by

Mike Chapple

Related Courses

Security Principles
(ISC)² via Coursera
A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera
FinTech for Finance and Business Leaders
ACCA via edX
Access Control Concepts
(ISC)² via Coursera
Access Controls
(ISC)² via Coursera