CSSLP Cert Prep: 1 Secure Software Concepts

CSSLP Cert Prep: 1 Secure Software Concepts

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 1h 34m | 256 MB

The Certified Secure Software Lifecycle Professional (CSSLP) is a globally recognized certification from (ISC)², the organization that has certified well over 100,000 information security professionals. As a CSSLP holder, you can demonstrate to current or future employers that you understand how security can be embedded in the software development lifecycle (SDLC). This course, the first installment in the CSSLP Cert Prep series, prepares you to tackle the first domain in the CSSLP exam: Secure Software Concepts. Instructor Jerod Brennen discusses how application security fits within the broader context of information security. He also digs into core concepts, including confidentiality and availability; security design principles, such as least privilege and open design; and more.

Topics include:

  • The core principles of confidentiality and availability
  • The basics of accountability, including auditing and logging
  • Least privilege
  • Fail safes, including exception handling
  • Leveraging existing components
  • Eliminating single points of failure
Table of Contents

1 Building secure software
2 What you should know
3 The goals of application security
4 Confidentiality
5 Integrity
6 Availability
7 Authentication
8 Authorization
9 Accountability
10 Nonrepudiation
11 Least privilege
12 Separation of duties
13 Economy of mechanism
14 Complete mediation
15 Defense in depth
16 Fail safe
17 Open design
18 Least common mechanism
19 Psychological acceptability
20 Leveraging existing components
21 Eliminate single point of failure
22 Next steps