CISSP Cert Prep: 8 Software Development Security

CISSP Cert Prep: 8 Software Development Security

English | MP4 | AVC 1280Ă—720 | AAC 48KHz 2ch | 1h 26m | 227 MB

Prepare for the Certified Information Systems Security Professional (CISSP) exam by bolstering your knowledge of software development security practices. In this course, follow Mike Chapple as he walks through each topic in the eighth domain of the CISSP exam—Software Development Security. He covers the software development lifecycle and common software security issues, such as cookies, session hijacking, and code execution attacks. Mike also discusses secure coding practices and software security assessment.

Topics include:

  • Software development methodologies
  • Operation, maintenance, and change management
  • DevOps
  • Cross-site scripting
  • Preventing SQL injection
  • Overflow attacks
  • Malicious add-ons
  • Secure coding practices
  • Code signing
  • Risk analysis and mitigation
  • Software testing
  • Acquired software
Table of Contents

Introduction
1 Welcome
2 What you need to know
3 Application security

Software Development Lifecycle
4 Development methodologies
5 Maturity models
6 Operation maintenance and change management
7 DevOps

Software Security Issues
8 Understanding cross-site scripting
9 Preventing SQL injection
10 Privilege escalation
11 Directory traversal
12 Overflow attacks
13 Cookies
14 Session hijacking
15 Malicious add-ons
16 Code execution attacks

Secure Coding Practices
17 Error and exception handling
18 Code repositories
19 Third-party code
20 Code signing

Software Security Assessment
21 Risk analysis and mitigation
22 Software testing
23 Acquired software

Conclusion
24 What s next