YoVDO

CISSP Cert Prep (2021): 8 Software Development Security

Offered By: LinkedIn Learning

Tags

CISSP Certification Courses Cybersecurity Courses Software Testing Courses Software Quality Assurance Courses Cloud Computing Security Courses Secure Coding Practices Courses

Course Description

Overview

Use this course to help you prepare for the Software Development Security domain of the 2021 CISSP exam.

Syllabus

Introduction
  • Software development security
  • What you need to know
  • Study resources
1. Software Development Lifecycle
  • Software platforms
  • Development methodologies
  • Maturity models
  • Change management
  • Automation and DevOps
  • Programming languages
  • Acquired software
2. Software Quality Assurance
  • Code review
  • Software testing
  • Code security tests
  • Fuzz testing
  • Code repositories
  • Application management
  • Third-party code
  • Software risk analysis and mitigation
3. Application Attacks
  • OWASP Top 10
  • Application security
  • Preventing SQL injection
  • Understanding cross-site scripting
  • Request forgery
  • Defending against directory traversal
  • Overflow attacks
  • Explaining cookies and attachments
  • Session hijacking
  • Code execution attacks
  • Privilege escalation
  • Driver manipulation
  • Memory vulnerabilities
  • Race condition vulnerabilities
4. Secure Coding Practices
  • Input validation
  • Parameterized queries
  • Authentication/session management issues
  • Output encoding
  • Error and exception handling
  • Code signing
  • Database security
  • Data deidentification
  • Data obfuscation
5. Cloud Computing
  • What is the cloud?
  • Cloud computing roles
  • Drivers for cloud computing
  • Security service providers
  • Cloud activities and the cloud reference architecture
  • Cloud deployment models
  • Cloud service categories
Conclusion
  • Continuing your studies

Taught by

Mike Chapple

Related Courses

Certified Information Systems Security Professional (CISSP)
A Cloud Guru
Certified Information Systems Security Professional (CISSP)
A Cloud Guru
Asset Security
Packt via Coursera
CISSP Crash Course
Packt via Coursera
Communication and Network Security
Packt via Coursera