Applications and systems are the technologies closest to the data that information security professionals are constantly trying to protect.
In this CISSP Essentials Security School lesson, Domain 6, Software Development Security, expert CISSP exam trainer Shon Harris details how applications and systems are structured, what security mechanisms and strategies are commonly used to secure data during access, processing and storage; it also presents some of the common threats and countermeasures.
ABOUT CISSP ESSENTIALS
Discover what you need to know to ace the CISSP exam with this series of CISSP certification training lessons. Each lesson, which contains a video, domain spotlight article and a quiz with sample CISSP exam questions, corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know.
Before watching the special Domain 6, Software Development Security video below, students are encouraged to read the Domain 6 spotlight article, which provides an overview of the concepts presented in the video, including system development processes, namely the models, methods life cycle phases, and management of the development process; database systems and their components, models, management systems, query languages, data warehousing and mining, schema and security measures; application development methodology, covering software architecture, programming languages and concepts, change control methods, improvement models, data modeling and structures, data interface and exchange methods, artificial neural networks and expert systems; and security threats and countermeasures, the common threats to applications and systems and how expert techniques and artificial neural networks can be applied to mitigate threats.
After watching the video, test your comprehension of this material with our Domain 6, Software Development Security quiz. Upon completion, return to the CISSP Essentials Security School table of contents to select your next lesson.
About Shon Harris:
Shon Harris is a CISSP, MCSE and President of Logical Security, a firm specializing in security educational and training tools. Logical Security offers curriculum, virtual labs, instructor slides and tools for lease by training companies, security companies, military organizations, government sectors and corporations.
Shon is also a security consultant, an engineer in the Air Force's Information Warfare unit, an entrepreneur and an author. She has authored two best selling CISSP books, including CISSP All-in-One Exam Guide, and was a contributing author to the book Hacker's Challenge. Shon is currently finishing her newest book, Gray Hat Hacking: The Ethical Hacker's Handbook.
CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as ISC(2).