CSSLP 2024: Secure Software Requirements

CSSLP 2024    |    Expert
  • 12 videos | 1h 32m 35s
  • Includes Assessment
  • Earns a Badge
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
The Secure Software Requirements CSSLP domain spans a wide range of topics, from privacy regulations to the construction of the Security Requirements Traceability Matrix (SRTM). In this course, you'll learn to distinguish between functional and non-functional security requirements, gather security requirements across business, application, and infrastructure layers, define user requirements, and create effective user stories using the INVEST attributes. Next, explore key compliance requirements and relevant regulations, including GDPR, CCPA, HIPAA, and Sarbanes-Oxley, analyze security requirements from NIST and ISO/IEC publications, and discover how these standards help organizations maintain strong security postures. You'll learn about the principles of data governance and data classification, including how to categorize data with labels like Confidential, Internal, and Public. Finally, you'll explore the data lifecycle, covering the stages of data creation, storage, usage, retention, and disposal, with a focus on secure practices. You will also study key confidentiality models like Bell-LaPadula and Brewer-Nash, as well as integrity models like Biba and Clark-Wilson. This course prepares learners for the Certified Secure Software Lifecycle Professional (CSSLP) exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Identify types of functional security requirements and non-functional security requirements
    Analyze security requirements gathering in the context of the three-tier model, and describe the owasp asvs
    Define user requirements, user tasks, user stories, use case scenarios and the invest attributes
    Define gdpr, ccpa, hipaa and other regulations and analyze compliance requirements in sarbanes oxley
    Outline security requirements in various nist and iso/iec publications with examples
  • Define data governance and data classification and enumerate common tools and labels in data classification
    Analyze the roles of data subject, owner, controller, custodian, processor, and user
    Define structured, semi-structured, and unstructured data
    Define the data lifecycle and outline considerations in secure data retention, retrieval, and disposal
    Describe confidentiality models such as bell-lapadula and brewer-nash, as well as integrity models such as biba and clark-wilson
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 2m 22s
    In this video, we will discover the key concepts covered in this course. FREE ACCESS
  • 9m 36s
    Find out how to identify types of functional security requirements and non-functional security requirements. FREE ACCESS
  • Locked
    3.  Gathering Security Requirements and OWASP ASVS
    4m 50s
    Upon completion of this video, you will be able to analyze security requirements gathering in the context of the three-tier model, and describe the OWASP ASVS. FREE ACCESS
  • Locked
    4.  The Perspective of a User
    9m 24s
    After completing this video, you will be able to define user requirements, user tasks, user stories, use case scenarios and the INVEST attributes. FREE ACCESS
  • Locked
    5.  Compliance Requirements and Relevant Regulations
    9m 23s
    Learn how to define GDPR, CCPA, HIPAA and other regulations and analyze compliance requirements in Sarbanes Oxley. FREE ACCESS
  • Locked
    6.  Security Requirements from NIST and ISO/IEC Publications
    10m 57s
    Learn how to outline security requirements in various NIST and ISO/IEC publications with examples. FREE ACCESS
  • Locked
    7.  Data Governance and Data Classification
    7m 22s
    During this video, discover how to define data governance and data classification and enumerate common tools and labels in data classification. FREE ACCESS
  • Locked
    8.  Roles in Data Governance
    12m 9s
    During this video, you will learn how to analyze the roles of data subject, owner, controller, custodian, processor, and user. FREE ACCESS
  • Locked
    9.  Structured, Unstructured, and Semi-structured Data
    10m 7s
    Find out how to define structured, semi-structured, and unstructured data. FREE ACCESS
  • Locked
    10.  The Data Lifecycle
    5m 48s
    During this video, discover how to define the data lifecycle and outline considerations in secure data retention, retrieval, and disposal. FREE ACCESS
  • Locked
    11.  Confidentiality and Integrity Models
    7m 43s
    Upon completion of this video, you will be able to describe confidentiality models such as Bell-LaPadula and Brewer-Nash, as well as integrity models such as Biba and Clark-Wilson. FREE ACCESS
  • Locked
    12.  Course Summary
    2m 55s
    In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course Information Security for Leaders: An Introduction to InfoSec
Rating 4.4 of 27 users Rating 4.4 of 27 users (27)
Course AWS Developer Associate 2022: Security Controls
Rating 4.8 of 16 users Rating 4.8 of 16 users (16)
Course Security Risks: Planning for Security Risk Management
Rating 4.4 of 64 users Rating 4.4 of 64 users (64)