CSSLP 2024: Secure Software Architectures & Frameworks

CSSLP 2024 | Expert

16 videos | 2h 6m 28s
Earns a Badge

The Secure Software Architecture and Design CSSLP domain focuses on the ability to apply security practices to each phase of the software development life cycle, spanning topics from high-level models like SABSA and the Zachman Framework to cloud computing, VMs, hypervisors, containers, and industrial IoT systems. In this course, you'll learn how to organize and categorize security architectures, including the Sherwood Applied Business Security Architecture (SABSA). Explore various types of distributed computing architectures, the client-server architecture, and peer-to-peer (P2P) networks along with their security challenges. From there, you'll dive into service-oriented architectures (SOAs), analyze the security benefits of microservices and containers, examine Rich Internet Applications (RIAs), and cover how to prevent Remote Code Execution (RCE) attacks. After that, you'll study the implications of different types of connectivity, location-based services, RFID, NFC, and sensor and mesh networks. You'll finish with a focus on Embedded Systems and learn the significance of Secure Boot and Secure Memory, Secure Update Mechanisms, and Field-programmable Gate Arrays (FPGAs). This course prepares learners for the Certified Secure Software Lifecycle Professional (CSSLP) exam.

WHAT YOU WILL LEARN

Discover the key concepts covered in this course

Outline the zachman framework for security architectures

Define the sherwood applied business security architecture (sabsa) for risk-driven enterprise security architectures

Define distributed computing, enumerate types of distributed computing architectures, and analyze the client-server architecture

Analyze the unique security challenges of peer-to-peer (p2p) networks, and describe message queues

Describe n-tier architectures and the common layers, and then analyze the special case of the three-tier architecture

Identify attributes of service-oriented architectures and describe the enterprise service bus (esb)

Describe web services and the use of simple object access protocol (soap), representational state transfer (rest), and xml
Enumerate properties of microservice-based architectures and analyze how they leverage containers

Define rias and analyze security considerations in client-side technologies

Define rce attacks and analyze the role of input validation and safe serialization in mitigating such attacks

Analyze security concerns arising from constant connectivity, pervasive/ubiquitous computing, and wireless communications

Enumerate security concerns with location-based services, radio frequency identification (rfid), near field communication (nfc), and sensor and mesh networks

Outline the use of secure boot and secure memory in embedded systems

Analyze the growing need for secure update mechanisms and outline security concerns in the use of field-programmable gate arrays (fpgas)

Summarize the key concepts covered in this course

IN THIS COURSE

2m 38s

In this video, we will discover the key concepts covered in this course. FREE ACCESS
9m 25s

After completing this video, you will be able to outline the Zachman Framework for security architectures. FREE ACCESS
3. The SABSA Framework for Security Architectures

4m 32s

In this video, we will define the Sherwood Applied Business Security Architecture (SABSA) for risk-driven enterprise security architectures. FREE ACCESS
4. Distributed Computing Architectures

8m 52s

In this video, find out how to define distributed computing, enumerate types of distributed computing architectures, and analyze the client-server architecture. FREE ACCESS
5. Peer-to-peer Networks and Message Queues

8m 9s

Learn how to analyze the unique security challenges of peer-to-peer (P2P) networks, and describe message queues. FREE ACCESS
6. N-tier Architectures and Three-tier Architectures

7m 31s

In this video, we will describe n-tier architectures and the common layers, and then analyze the special case of the three-tier architecture. FREE ACCESS
7. Service-oriented Architectures

6m 48s

In this video, you will learn how to identify attributes of service-oriented architectures and describe the enterprise service bus (ESB). FREE ACCESS
8. SOAP, REST, and XML for Secure Data Exchange

7m 9s

After completing this video, you will be able to describe web services and the use of Simple Object Access Protocol (SOAP), REpresentational State Transfer (REST), and XML. FREE ACCESS
9. Microservices and Containers

9m 10s

Upon completion of this video, you will be able to enumerate properties of microservice-based architectures and analyze how they leverage containers. FREE ACCESS
10. Rich Internet Applications (RIAs)

9m 21s

In this video, learn how to define RIAs and analyze security considerations in client-side technologies. FREE ACCESS
11. Remote Code Execution (RCE)

4m 31s

During this video, discover how to define RCE attacks and analyze the role of input validation and safe serialization in mitigating such attacks. FREE ACCESS
12. Constant Connectivity, Pervasive/Ubiquitous Computing, & Wireless

12m 2s

After completing this video, you will be able to analyze security concerns arising from constant connectivity, pervasive/ubiquitous computing, and wireless communications. FREE ACCESS
13. Location-based Services, RFID, NFC, & Mesh Networks

10m 28s

Upon completion of this video, you will be able to enumerate security concerns with location-based services, Radio Frequency Identification (RFID), Near Field Communication (NFC), and Sensor and Mesh Networks. FREE ACCESS
14. Embedded Systems, Secure Boot, and Secure Memory

13m 45s

After completing this video, you will be able to outline the use of secure boot and secure memory in embedded systems. FREE ACCESS
15. Secure Update Mechanisms and FPGAs

9m 26s

During this video, you will learn how to analyze the growing need for secure update mechanisms and outline security concerns in the use of Field-programmable Gate Arrays (FPGAs). FREE ACCESS
16. Course Summary

2m 40s

In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course CCSP 2022: Application Security Awareness & Life Cycles

(64)

Course CSSLP 2024: Secure Software Requirements

(1)

Course Certified in Cybersecurity (CC): Networking & Security Infrastructure

(30)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

CSSLP 2024: Secure Software Architectures & Frameworks

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE