Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Design Principles
CSSLP 2019
| Intermediate
- 13 videos | 34m 13s
- Includes Assessment
- Earns a Badge
This course explores the design principles that help to ensure key security practices are incorporated into the software development lifecycle, and it prepares you for the (ISC)2 CSSLP (Certified Secure Software Lifecycle Professional) exam. The design principles you will learn include least privilege, to provide the lowest level of rights and permissions for a user to perform current tasks and separation of duties. This course covers the principles of defense in depth, to include multiple overlapping defenses such as layered controls, input validation, and security zones that work together collectively as a series of defenses. You will learn the concepts of fail-safe principles, including exception handling, and denied by default. Next, learn to design a complete mediation so that authorization is verified every time access is requested. Also covered is a less common design issue is psychological acceptability, such as password complexity and screen layouts, to ensure the design is psychologically acceptable to users. Finally, this course examines the separation of duties principles, including multiparty control, secret sharing and splitting.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this coursedescribe least privileges principles such as access control, need-to know, and run-time privilegesrecognize separation of duties principles such as multi-party control, secret sharing, and splittingdifferentiate between different defense in depth principles such as layered controls, input validation, and security zonesdescribe fail safe principles such as exception handling, non-verbose errors, and deny by defaultrecognize economy of mechanism principles such as single sign-ondescribe complete mediation principles such as cookie management, session management, and caching of credentials
-
describe open design principles such as peer reviewed algorithmrecognize least common mechanism principles such as compartmentalization/isolationlist psychological acceptability principles such as password complexity and screen layoutsleverage existing components such as common controls and librarieseliminate single points of failuresummarize the key concepts covered in this course
IN THIS COURSE
-
1m 59s
-
3m 4s
-
2m 55s
-
3m 4s
-
3m 17s
-
3m 55s
-
2m 25s
-
1m 59s
-
2m 6s
-
3m 1s
-
2m 26s
-
2m 4s
-
1m 58s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.