Overview
-
Learn how to define and validate security requirements for applications as you prepare for the second domain of the CSSLP exam: Secure Software Requirements.
Syllabus
-
Introduction
- Determining security requirements
- Functional requirements
- Nonfunctional requirements
- Policy decomposition
- Legal, regulatory, and industry
- Security vs. privacy
- Data anonymization
- User consent
- Disposition
- Private data storage
- Data ownership
- Labeling
- Types of data
- Data life cycle
- Misuse and abuse cases
- Software requirement specifications
- Security requirement traceability matrix
- Next steps
