IT Skills     Security     Security Accreditations and Best Practice     Certified Secure Software Lifecycle Professional (CSSLP)

---

A fundamental understanding of the potential risks, vulnerabilities and exposures throughout the software lifecycle is the basis for ensuring overall software security. In this course, you'll learn about the core concepts of confidentiality, integrity, authentication, and authorization. You'll also be introduced to security design principles such as least privilege, separation of duties, fail safe, and economy of mechanism. Finally, this course covers best practices for governance, risk, and compliance throughout the software lifecycle. This course is one of a series in the learning path that covers the objectives for the Certified Secure Software Lifecycle Professional (CSSLP) exam.

---

---

Objectives

Core Concepts start the course recognize the characteristics of confidentiality identify the characteristics of integrity identify the characteristics of availability recognize the characteristics of authentication and authorization recognize the characteristics of authentication and authorization identify the role of accounting in assuring security recognize the characteristics of non-repudiation Security Design Principles identify the characteristics of least privilege recognize the characteristics of separation of duties recognize the characteristics of defense in depth recognize the characteristics of fail-safe recognize the characteristics of economy of mechanism recognize the characteristics of complete mediation recognize the characteristics of open design recognize the characteristics of least common mechanism recognize the characteristics of psychological acceptability recognize the characteristics of the weakest link recognize the characteristics of leveraging existing components Privacy recognize the characteristics of privacy distinguish between different privacy considerations Governance, Risk, and Compliance recognize characteristics of regulations and compliance distinguish between legal issues to keep in mind during the software lifecycle recognize characteristics of standards distinguish between the steps of the general risk management model Software Development Methodologies identify secure software concepts in the Waterfall methodology identify secure software concepts in the Agile methodology Practice: Fundamental Secure Software Concepts recognize the principles and practices behind securing software