CHAPTER 9Application Security

This domain includes questions from the following topics:

• Software controls and their implementation

• Database concepts and security issues

• Attack types

• Program development types

• Object-oriented programming components

• Expert systems and artificial intelligence

Security is often—mistakenly—an afterthought when it comes to software development. Patches and hot fixes are created after vulnerabilities put assets at risk, and are band-aid solutions to deeper problems. Adding security after an application or computer system is developed is not only less effective at protecting the product against threats but also more costly. Incorporating security throughout the software development life cycle and integrating ...

Get CISSP Practice Exams now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.