Chapter 7. Applications and Systems-Development Security

Terms you'll need to understand:

  • Tuple

  • Polyinstantiation

  • Inference

  • Certification

  • Accreditation

  • Database

  • Malware

  • Buffer overflow

Techniques you'll need to master:

  • Identifying the system development life cycle

  • Understanding database design

  • Stating the steps of the development life cycle

  • Recognizing the different types of failure states

  • Recognizing the four primary types of databases


Well-written applications are the key to good security. As such, this chapter focuses on the security requirements that are needed when developing applications. Although this chapter won't make you into a programmer, it will help you understand the steps required to build robust and secure applications.

To become certified ...

Get CISSP Exam Cram™ 2 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.