CHAPTER 9Software Development Security

This domain includes questions from the following topics:

• Common software development issues

• Software development life cycles

• Secure software development approaches

• Change control and configuration management

• Programming language types

• Database concepts and security issues

• Expert systems and artificial intelligence

• Malware types and attacks

Security is often—mistakenly—an afterthought when it comes to software development. Patches and hot fixes are created after vulnerabilities put assets at risk, and are band-aid solutions to deeper problems. Adding security after an application or computer system is developed is not only less effective at protecting the product against threats but also ...

Get CISSP Practice Exams, Second Edition, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.