Integrating security into the software development process and identifying key security objectives is paramount to successful secure software development. In this course, you'll learn about internal and external security requirements and how to classify and categorize data. You'll also explore functional requirements such as role and user definitions, the role of the deployment environment on requirements, and sequencing and timing requirements. Finally, this course covers operational requirements such as deployment and management solutions. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Secure Software Lifecycle Professional (CSSLP) exam.
Learning Objectives
Policy Decomposition
- start the course
- identify typical internal security requirements
- identify typical external security requirements
Data Classification and Categorization
- identify data state categories
- identify data usage categories
- distinguish between the data owner and data custodian roles
- distinguish between the different impact level definitions
- distinguish between structured and unstructured data
- distinguish between generation, retention, and disposal
Functional Requirements
- identify characteristics of role and user definitions
- identify the role of the deployment environment within functional requirements
- distinguish between objects, activities, and actions
- identify best practices for sequencing and timing
Operational Requirements
- identify characteristics of software deployment requirements
- identify characteristics of operations requirements
- identify characteristics of management requirements
Practice: Securing Software
- recognize what is involved in securing software