• Online, Self-Paced
Course Description

A fundamental understanding of the potential risks, vulnerabilities and exposures throughout the software lifecycle is the basis for ensuring overall software security. In this course, you'll learn about the core concepts of confidentiality, integrity, authentication, and authorization. You'll also be introduced to security design principles such as least privilege, separation of duties, fail safe, and economy of mechanism. Finally, this course covers best practices for governance, risk, and compliance throughout the software lifecycle. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Secure Software Lifecycle Professional (CSSLP) exam.

Learning Objectives

Core Concepts

  • start the course
  • recognize the characteristics of confidentiality
  • identify the characteristics of integrity
  • identify the characteristics of availability
  • recognize the characteristics of authentication and authorization
  • identify the role of accounting in assuring security
  • recognize the characteristics of non-repudiation

Security Design Principles

  • identify the characteristics of least privilege
  • recognize the characteristics of separation of duties
  • recognize the characteristics of defense in depth
  • recognize the characteristics of fail-safe
  • recognize the characteristics of economy of mechanism
  • recognize the characteristics of complete mediation
  • recognize the characteristics of open design
  • recognize the characteristics of least common mechanism
  • recognize the characteristics of psychological acceptability
  • recognize the characteristics of the weakest link
  • recognize the characteristics of leveraging existing components

Privacy

  • recognize the characteristics of privacy
  • distinguish between different privacy considerations

Governance, Risk, and Compliance

  • recognize characteristics of regulations and compliance
  • distinguish between legal issues to keep in mind during the software lifecycle
  • recognize characteristics of standards
  • distinguish between the steps of the general risk management model

Software Development Methodologies

  • identify secure software concepts in the Waterfall methodology
  • identify secure software concepts in the Agile methodology

Practice: Fundamental Secure Software Concepts

  • recognize the principles and practices behind securing software

Framework Connections