CISSP® CBK® Review:

Software Development Security Domain

Welcome    Why?    Training    Games    ChangeBlog    External Resources    Submit Content


Key Area of Knowledge

-       Terms, Definition, and Concept associated with System Life Cycle (SLC)

·         System Development Methods: Waterfall, Modified Waterfall, and Iterative System Development Models

·         Security Considerations in System Life Cycle (SLC)

-          Software Environment & Security Controls

·         Security Kernel & Processor Privilege States

-          Programming Languages

-          Software & System Development

-          Databases, Database Warehousing Vulnerabilities, Threats, and Protections

·         Database Management Systems (DBMS) Models

·         Key Concepts to Relational DBMS (RDBMS)

-          Software and System Vulnerabilities and Threats

·         Common Weakness Enumeration (CWE)/SANS Top 25 Most Dangerous Programming Errors

·         Buffer Overflow

·         Cross-site Scripting

·         SQL Injection

·         Malicious Code / Malware


Class Material

-        Presentation (144 pages) (pptx, pdf)

-        Post-Class Quiz (8 pages) (pdf)

-        Answers to Post-Class Quiz (8 pages) (pdf)

<Return to Main CISSP Page>