CSSLP 2024: Databases & Programming Language Environments
CSSLP 2024
| Expert
- 15 videos | 2h 8m 48s
- Includes Assessment
- Earns a Badge
Python, Java, and .NET all have elaborate security features built into their runtimes, and so do database and data warehouse technologies we use every day. In this course, you'll learn the fundamentals of database security, including the role of encryption and how triggers can automate threat responses. Explore the uses of views in controlling data access and examine secure programming language environments. Analyze security features in the .NET CLR and the JRE, focusing on ASLR, DEP, type checking, and memory security. Then, contrast these with Python and PowerShell and learn about critical security controls in OS kernels, modes of execution, and virtual memory management. Next, discover threat modeling, STRIDE, spoofing, tampering, and the PASTA approach. Learn about attack trees, secure architectural design patterns, security design verification methods, as well as simulations and boundary value analysis. Finally, you'll define non-functional security requirements and discuss CI/CD Pipelines in secure deployment. This course prepares learners for the Certified Secure Software Lifecycle Professional (CSSLP) exam.
WHAT YOU WILL LEARN
-
Discover the key concepts covered in this course
Introduce database security and examine the role of encryption and triggers
Analyze the uses of views and enumerate secure connection management practices
Examine components of programming language environments and common security measures within them
Analyze security features in java and .net such as address space layout randomization (aslr), data execution prevention (dep), type checking, and memory security
Analyze security features in python, contrast these with java and .net, and also discuss security in powershell
Enumerate security features in os kernels, modes of execution, and virtual memory
Define threat modeling and analyze the stride methodology for threat modeling -
Outline the pasta approach to threat modeling and contrast it with hybrid approaches
Outline the use of attack trees and analyze some major advanced persistent threats
Analyze architectural patterns such as the enterprise security gateway, service-oriented security and security-first architecture
Analyze logic analysis, interface analysis and constraint analysis in design verification, and identify use cases for simulations and boundary value analysis
Define different types of non-functional security requirements and enumerate examples
Outline continuous integration and continuous delivery/deployment pipelines and their security considerations
Summarize the key concepts covered in this course
IN THIS COURSE
-
2m 13sIn this video, you will discover the key concepts covered in this course. FREE ACCESS
-
11m 39sIn this video, we will introduce database security and examine the role of encryption and triggers. FREE ACCESS
-
3. Views and Secure Connections10m 19sDiscover how to analyze the uses of views and enumerate secure connection management practices. FREE ACCESS
-
4. Secure Programming Language Environments8m 17sIn this video, find out how to examine components of programming language environments and common security measures within them. FREE ACCESS
-
5. Security in the .NET Common Language Runtime and Java Runtime Environment7m 50sIn this video, find out how to analyze security features in Java and .NET such as address space layout randomization (ASLR), data execution prevention (DEP), type checking, and memory security. FREE ACCESS
-
6. Security in Python and PowerShell10m 22sFind out how to analyze security features in Python, contrast these with Java and .NET, and also discuss security in PowerShell. FREE ACCESS
-
7. Security Controls in Operating Systems10m 11sLearn how to enumerate security features in OS kernels, modes of execution, and virtual memory. FREE ACCESS
-
8. Threat Modeling with STRIDE8m 19sIn this video, learn how to define threat modeling and analyze the STRIDE methodology for threat modeling. FREE ACCESS
-
9. Threat Modeling with PASTA10m 33sIn this video, find out how to outline the PASTA approach to threat modeling and contrast it with hybrid approaches. FREE ACCESS
-
10. Attack Trees and Advanced Persistent Threats12m 1sFind out how to outline the use of attack trees and analyze some major advanced persistent threats. FREE ACCESS
-
11. Secure Architectural Design Patterns10m 36sDiscover how to analyze architectural patterns such as the enterprise security gateway, service-oriented security and security-first architecture. FREE ACCESS
-
12. Security Design Verification8m 38sIn this video, learn how to analyze logic analysis, interface analysis and constraint analysis in design verification, and identify use cases for simulations and boundary value analysis. FREE ACCESS
-
13. Non-functional Security Requirements6m 10sDuring this video, you will learn how to define different types of non-functional security requirements and enumerate examples. FREE ACCESS
-
14. CI/CD Pipelines in Secure Deployment8m 42sIn this video, you will outline continuous integration and continuous delivery/deployment pipelines and their security considerations. FREE ACCESS
-
15. Course Summary2m 58sIn this video, we will summarize the key concepts covered in this course. FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
