uCertify

Secure Software Design

Lessons
Lab
TestPrep
Get A Free Trial

About This Course

Skills You’ll Get

Download Course Outline

1

General Security Concepts

  • General Security Concepts
  • Security Models
  • Adversaries
  • Lesson Review
2

Risk Management

  • Definitions and Terminology
  • Types of Risk
  • Governance, Risk, and Compliance
  • Risk Management Models
  • Risk Options
  • Lesson Review
3

Security Policies and Regulations

  • Regulations and Compliance
  • Legal Issues
  • Privacy
  • Security Standards
  • Secure Software Architecture
  • Trusted Computing
  • Acquisition
  • Lesson Review
4

Software Development Methodologies

  • Secure Development Lifecycle
  • Secure Development Lifecycle Components
  • Software Development Models
  • Microsoft Security Development Lifecycle
  • Lesson Review
5

Policy Decomposition

  • Confidentiality, Integrity, and Availability Requirements
  • Authentication, Authorization, and Auditing Requirements
  • Internal and External Requirements
  • Lesson Review
6

Data Classification and Categorization

  • Data Classification
  • Data Ownership
  • Labeling
  • Types of Data
  • Data Lifecycle
  • Lesson Review
7

Requirements

  • Functional Requirements
  • Operational Requirements
  • Requirements Traceability Matrix
  • Connecting the Dots
  • Lesson Review
8

Design Processes

  • Attack Surface Evaluation
  • Threat Modeling
  • Control Identification and Prioritization
  • Risk Assessment for Code Reuse
  • Documentation
  • Design and Architecture Technical Review
  • Lesson Review
9

Design Considerations

  • Application of Methods to Address Core Security Concepts
  • Interfaces
  • Lesson Review
10

Securing Commonly Used Architecture

  • Distributed Computing
  • Service-Oriented Architecture
  • Rich Internet Applications
  • Pervasive/Ubiquitous Computing
  • Mobile Applications
  • Integration with Existing Architectures
  • Cloud Architectures
  • Lesson Review
11

Technologies

  • Authentication and Identity Management
  • Credential Management
  • Flow Control (Proxies, Firewalls, Middleware)
  • Logging
  • Data Loss Prevention
  • Virtualization
  • Digital Rights Management
  • Trusted Computing
  • Database Security
  • Programming Language Environment
  • Operating Systems
  • Embedded Systems
  • Lesson Review

General Security Concepts

  • Understanding Security Design Tenets
  • Discussing About Access Control Models
  • Understanding Information Flow Models

Risk Management

  • Understanding Annualized Loss Expectancy

Security Policies and Regulations

  • Understanding Compliance-Based Assessment Regulations
  • Understanding PII and PHI
  • Understanding National Institute of Standards and Technology

Software Development Methodologies

  • Discussing About Software Development Methodologies
  • Understanding Secure Development Lifecycle Components
  • Understanding Software Development Models

Policy Decomposition

  • Understanding Access Control Mechanisms

Data Classification and Categorization

  • Understanding Data Classification Types
  • Understanding Data Ownership Roles

Requirements

  • Understanding Functional Requirements
  • Understanding the Requirements Traceability Matrix

Design Processes

  • Understanding Documentation

Design Considerations

  • Discussing About Security Design Considerations

Securing Commonly Used Architecture

  • Understanding Distributed Computing Terms
  • Understanding the Enterprise Service Bus
  • Understanding Cloud Service Models

Technologies

  • Understanding X.509 Digital Certificate Fields
  • Understanding Flow Control Technologies
  • Understanding Syslog
  • Understanding Trusted Computing Elements

Related Courses

All Course
scroll to top