Use this course to help you prepare for the Software Development Security domain of the 2021 CISSP exam.
CISSP Cert Prep (2021): 8 Software Development Security
Overview
Syllabus
Introduction
- Software development security
- What you need to know
- Study resources
- Software platforms
- Development methodologies
- Maturity models
- Change management
- Automation and DevOps
- Programming languages
- Acquired software
- Code review
- Software testing
- Code security tests
- Fuzz testing
- Code repositories
- Application management
- Third-party code
- Software risk analysis and mitigation
- OWASP Top 10
- Application security
- Preventing SQL injection
- Understanding cross-site scripting
- Request forgery
- Defending against directory traversal
- Overflow attacks
- Explaining cookies and attachments
- Session hijacking
- Code execution attacks
- Privilege escalation
- Driver manipulation
- Memory vulnerabilities
- Race condition vulnerabilities
- Input validation
- Parameterized queries
- Authentication/session management issues
- Output encoding
- Error and exception handling
- Code signing
- Database security
- Data deidentification
- Data obfuscation
- What is the cloud?
- Cloud computing roles
- Drivers for cloud computing
- Security service providers
- Cloud activities and the cloud reference architecture
- Cloud deployment models
- Cloud service categories
- Continuing your studies
Taught by
Mike Chapple
Related Courses
-
Secure Software Development
-
Certified Information Systems Security Professional (CISSP)
-
Certified Information Systems Security Professional (CISSP)
-
CISSP Certification Course – PASS the Certified Information Security Professional Exam!
5.0 -
Certified Information Systems Security Professional (CISSP)
-
Software Development Security for CISSP®
