• Online, Self-Paced
Course Description

Integrating security into the software development process and identifying key security objectives is paramount to successful secure software development. In this course, you'll learn about internal and external security requirements and how to classify and categorize data. You'll also explore functional requirements such as role and user definitions, the role of the deployment environment on requirements, and sequencing and timing requirements. Finally, this course covers operational requirements such as deployment and management solutions. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Secure Software Lifecycle Professional (CSSLP) exam.

Learning Objectives

Policy Decomposition

  • start the course
  • identify typical internal security requirements
  • identify typical external security requirements

Data Classification and Categorization

  • identify data state categories
  • identify data usage categories
  • distinguish between the data owner and data custodian roles
  • distinguish between the different impact level definitions
  • distinguish between structured and unstructured data
  • distinguish between generation, retention, and disposal

Functional Requirements

  • identify characteristics of role and user definitions
  • identify the role of the deployment environment within functional requirements
  • distinguish between objects, activities, and actions
  • identify best practices for sequencing and timing

Operational Requirements

  • identify characteristics of software deployment requirements
  • identify characteristics of operations requirements
  • identify characteristics of management requirements

Practice: Securing Software

  • recognize what is involved in securing software

Framework Connections