Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Design Principles

CSSLP 2019    |    Intermediate
  • 13 videos | 34m 13s
  • Includes Assessment
  • Earns a Badge
Rating 4.5 of 280 users Rating 4.5 of 280 users (280)
This course explores the design principles that help to ensure key security practices are incorporated into the software development lifecycle, and it prepares you for the (ISC)2 CSSLP (Certified Secure Software Lifecycle Professional) exam. The design principles you will learn include least privilege, to provide the lowest level of rights and permissions for a user to perform current tasks and separation of duties. This course covers the principles of defense in depth, to include multiple overlapping defenses such as layered controls, input validation, and security zones that work together collectively as a series of defenses. You will learn the concepts of fail-safe principles, including exception handling, and denied by default. Next, learn to design a complete mediation so that authorization is verified every time access is requested. Also covered is a less common design issue is psychological acceptability, such as password complexity and screen layouts, to ensure the design is psychologically acceptable to users. Finally, this course examines the separation of duties principles, including multiparty control, secret sharing and splitting.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Describe least privileges principles such as access control, need-to know, and run-time privileges
    Recognize separation of duties principles such as multi-party control, secret sharing, and splitting
    Differentiate between different defense in depth principles such as layered controls, input validation, and security zones
    Describe fail safe principles such as exception handling, non-verbose errors, and deny by default
    Recognize economy of mechanism principles such as single sign-on
    Describe complete mediation principles such as cookie management, session management, and caching of credentials
  • Describe open design principles such as peer reviewed algorithm
    Recognize least common mechanism principles such as compartmentalization/isolation
    List psychological acceptability principles such as password complexity and screen layouts
    Leverage existing components such as common controls and libraries
    Eliminate single points of failure
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 59s
  • 3m 4s
    Upon completion of this video, you will be able to describe principles of least privilege such as access control, need-to-know, and run-time privileges. FREE ACCESS
  • Locked
    3.  Separation of Duties
    2m 55s
    After completing this video, you will be able to recognize separation of duties principles such as multi-party control, secret sharing, and splitting. FREE ACCESS
  • Locked
    4.  Defense in Depth
    3m 4s
    During this video, you will learn how to differentiate between different defense in depth principles, such as layered controls, input validation, and security zones. FREE ACCESS
  • Locked
    5.  Fail Safe
    3m 17s
    After completing this video, you will be able to describe fail-safe principles such as exception handling, non-verbose errors, and deny by default. FREE ACCESS
  • Locked
    6.  Economy of Mechanism
    3m 55s
    After completing this video, you will be able to recognize economy of mechanism principles, such as single sign-on. FREE ACCESS
  • Locked
    7.  Complete Mediation
    2m 25s
    Upon completion of this video, you will be able to describe complete mediation principles such as cookie management, session management, and caching of credentials. FREE ACCESS
  • Locked
    8.  Open Design
    1m 59s
    Upon completion of this video, you will be able to describe open design principles such as peer-reviewed algorithms. FREE ACCESS
  • Locked
    9.  Least Common Mechanism
    2m 6s
    Upon completion of this video, you will be able to recognize principles of least common mechanisms such as compartmentalization/isolation. FREE ACCESS
  • Locked
    10.  Psychological Acceptability
    3m 1s
    Upon completion of this video, you will be able to list psychological acceptability principles, such as password complexity and screen layouts. FREE ACCESS
  • Locked
    11.  Leveraging Existing Components
    2m 26s
    In this video, you will learn how to use existing components such as common controls and libraries. FREE ACCESS
  • Locked
    12.  Eliminate Single Points of Failure
    2m 4s
    In this video, learn how to eliminate single points of failure. FREE ACCESS
  • Locked
    13.  Course Summary
    1m 58s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Core Concepts
Rating 4.6 of 559 users Rating 4.6 of 559 users (559)
Course Certified in Cybersecurity (CC): Core Security Principles & Risk Management
Rating 4.7 of 266 users Rating 4.7 of 266 users (266)
Course AWS Solutions Architect Associate 2022: AWS Cryptography & PKI
Rating 4.6 of 164 users Rating 4.6 of 164 users (164)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Vulnerabilities
Rating 4.5 of 85 users Rating 4.5 of 85 users (85)
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Architectural Risk & Modeling
Rating 3.6 of 59 users Rating 3.6 of 59 users (59)
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Requirements
Rating 4.4 of 281 users Rating 4.4 of 281 users (281)