Chapter 4. Software Development Security

This domain of the CISSP exam focuses on the risks associated with software development and the steps an organization can take to minimize these risks. There is a heavy focus on the software development lifecycle (SDLC) and the system development lifecycle, and you should have a general idea of the software development processes. However, you don’t need to know the details of individual programming languages because the majority of the security issues are similar between languages. Similarly, the overall security goals are the same regardless of the language used—applications should maintain the integrity of data and the application and prevent loss of availability.

This chapter covers the following objectives: ...

Get CISSP Rapid Review now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.