Threat Hunting in the Cloud: Defending AWS, Azure and Other Cloud
CYATTK-CLOUD.AE1
Threat Hunting in the Cloud: Defending AWS, Azure and Other Cloud
ISBN: 9781644593790CYATTK-CLOUD.AE1
Certified Secure Software Lifecycle Professional (CSSLP)
(CSSLP.AO2) / ISBN : 978-1-64459-454-4
This course includes
Interactive Lessons
Gamified TestPrep
About This Course
Skills You’ll Get
Interactive Lessons
20+ Interactive Lessons | 447+ Exercises | 185+ Quizzes | 246+ Flashcards | 246+ Glossary of terms
Gamified TestPrep
100+ Pre Assessment Questions | 2+ Full Length Tests | 100+ Post Assessment Questions | 200+ Practice Test Questions
1
Introduction
- Why Focus on Software Development?
- The Role of CSSLP
- How to Use This Course
- The Examination
- Exam Objective Map
- CSSLP Version 3 (2020)
2
Core Concepts
- Confidentiality
- Integrity
- Availability
- Authentication
- Authorization
- Accountability (Auditing and Logging)
- Nonrepudiation
- Secure Development Lifecycle
- Secure Development Lifecycle Components
- Lesson Review
3
Security Design Principles
- System Tenets
- Secure Design Tenets
- Security Models
- Adversaries
- Lesson Review
4
Define Software Security Requirements
- Functional Requirements
- Operational and Deployment Requirements
- Connecting the Dots
- Lesson Review
5
Identify and Analyze Compliance Requirements
- Regulations and Compliance
- Data Classification
- Privacy
- Lesson Review
6
Misuse and Abuse Cases
- Misuse/Abuse Cases
- Requirements Traceability Matrix
- Software Acquisition
- Lesson Review
7
Secure Software Architecture
- Perform Threat Modeling
- Define the Security Architecture
- Lesson Review
8
Secure Software Design
- Performing Secure Interface Design
- Performing Architectural Risk Assessment
- Model (Nonfunctional) Security Properties and Constraints
- Model and Classify Data
- Evaluate and Select Reusable Secure Design
- Perform Security Architecture and Design Review
- Define Secure Operational Architecture
- Use Secure Architecture and Design Principles, Patterns, and Tools
- Lesson Review
9
Secure Coding Practices
- Declarative vs. Imperative Security
- Memory Management
- Error Handling
- Interface Coding
- Primary Mitigations
- Learning from Past Mistakes
- Secure Design Principles
- Interconnectivity
- Cryptographic Failures
- Input Validation Failures
- General Programming Failures
- Technology Solutions
- Lesson Review
10
Analyze Code for Security Risks
- Code Analysis (Static and Dynamic)
- Code/Peer Review
- Code Review Objectives
- Additional Sources of Vulnerability Information
- CWE/SANS Top 25 Vulnerability Categories
- OWASP Vulnerability Categories
- Common Vulnerabilities and Countermeasures
- Lesson Review
11
Implement Security Controls
- Security Risks
- Implement Security Controls
- Applying Security via the Build Environment
- Anti-tampering Techniques
- Defensive Coding Techniques
- Primary Mitigations
- Secure Integration of Components
- Lesson Review
12
Security Test Cases
- Security Test Cases
- Attack Surface Evaluation
- Penetration Testing
- Common Methods
- Lesson Review
13
Security Testing Strategy and Plan
- Develop a Security Testing Strategy and a Plan
- Functional Security Testing
- Nonfunctional Security Testing
- Testing Techniques
- Environment
- Standards
- Crowd Sourcing
- Lesson Review
14
Software Testing and Acceptance
- Perform Verification and Validation Testing
- Identify Undocumented Functionality
- Analyze Security Implications of Test Results
- Classify and Track Security Errors
- Secure Test Data
- Lesson Review
15
Secure Configuration and Version Control
- Secure Configuration and Version Control
- Define Strategy and Roadmap
- Manage Security Within a Software Development Methodology
- Identify Security Standards and Frameworks
- Define and Develop Security Documentation
- Develop Security Metrics
- Decommission Software
- Report Security Status
- Lesson Review
16
Software Risk Management
- Incorporate Integrated Risk Management
- Promote Security Culture in Software Development
- Implement Continuous Improvement
- Lesson Review
17
Secure Software Deployment
- Perform Operational Risk Analysis
- Release Software Securely
- Securely Store and Manage Security Data
- Ensure Secure Installation
- Perform Post-Deployment Security Testing
- Lesson Review
18
Secure Software Operations and Maintenance
- Obtain Security Approval to Operate
- Perform Information Security Continuous Monitoring
- Support Incident Response
- Perform Patch Management
- Perform Vulnerability Management
- Runtime Protection
- Support Continuity of Operations
- Integrate Service Level Objectives and Service Level Agreements
- Lesson Review
19
Software Supply Chain Risk Management
- Implement Software Supply Chain Risk Management
- Analyze Security of Third-Party Software
- Verify Pedigree and Provenance
- Lesson Review
20
Supplier Security Requirements
- Ensure Supplier Security Requirements in the Acquisition Process
- Support Contractual Requirements
- Lesson Review
Any questions?Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us NowRelated Courses
All Course
Computer Security Fundamentals 5e
COMP-SEC-FUNDA.AB1
Computer Security Fundamentals 5e
ISBN: 9781644594162COMP-SEC-FUNDA.AB1
Cybersec First Responder (CFR-410)
CFR-410.AK1
Cybersec First Responder (CFR-410)
ISBN: 9781644594179CFR-410.AK1
Certified Information Systems Auditor (CISA)
CISA.AA1
Certified Information Systems Auditor (CISA)
ISBN: 9781644594421CISA.AA1
Cisco CyberOps Associate CBROPS (200-201)
200-201.AP2
Cisco CyberOps Associate CBROPS (200-201)
ISBN: 9781644594650200-201.AP2
Certified Ethical Hacker (CEH v12)
CEH-v12.AE1
Certified Ethical Hacker (CEH v12)
ISBN: 9781644599815CEH-v12.AE1
