• Online, Self-Paced
Course Description

This course explores the use of architectural risk assessment to identify flaws in software, and to determine risks. You will learn to use security management interfaces, and how to design and integrate the interfacing security functionality with existing software to meet an enterprise's security objectives. This 9-video course will examine upstream/downstream software development and compatibility, the types of design decisions when encountering interconnectivity with other applications, and any considerations concerning key sharing, single sign-on, token-based security, and delegation of trust. You will learn the two types of channels, message passing and shared memory channels, for communication between two entities. Next, learn how to do a proper architectural risk analysis by using vulnerability analysis, ambiguity analysis, and platform vulnerability analysis. Learners then use an engineering goal-oriented model to evaluate security, and learn how to use an NFR (nonfunctional requirements) framework. Finally, the course examines data classification. This course can be used in preparation for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Software Development