LearnKey Training

CISSP Application Security
CISSP Application Security


CISSP Application Security Training

1 Session –
3 Hours of Interactive Training

Applications & Systems Development Security is one of 10 domains comprising the Certified Information Systems Security Professional (CISSP) Common Body of Knowledge (CBK). In this CISSP certification prep course from LearnKey, expert instructor Michael Solomon goes over software development, databases, data storage, and common attacks that must be protected against. At the conclusion of this course, you will be familiar with the issues and concepts of the Applications & Systems Development domain required to pass the CISSP exam.

Benefits
  • One of the valuable domains which leads to CISSP certification.
  • Boost your earning potential through accreditation in CISSP.
  • Information security skills are in demand throughout the world.

    		•
    About The Author
    Michael Solomon, CISSP, PMP, TICSA, is a speaker, consultant and trainer who specializes in project management and database application-level security topics. Since 1987 Solomon has worked on IT projects or instructed for more than 60 organizations including EarthLink, Nike, Lucent Technologies, BellSouth, UPS, Boart Longyear, and the U.S. Coast Guard. Solomon holds an MS in Computer Science from Emory University (1998), and a BS in Computer Science from Kennesaw State University (1987) where he was also an instructor from 1998 - 2001. He has been a contributor to various certification books.
    Session 1

    Section A: Application Issues
    · Software Development
    · Application Environments
    · Malicious Code
    · Agents
    · Applets
    · Objects

    Section B: Databases and Warehousing
    · Databases
    · Relational Database
    · Record Identification
    · Query Language
    · Data Access Methods
    · Data Warehouses
    · Aggregation
    · Inference
    · Polyinstantiation

    Section C: Data and Information Storage
    · Data Handling
    · Data Storage
    · Virtual Memory
    · Information Retrieval
    · Knowledge-based Systems
    · Audit and Assurance Mechanisms

    Section D: System Development Controls
    · Coding Controls
    · Development Life Cycle
    · Design
    · Certification
    · Certification Standards

    Section E: Security Development Controls
    · Isolation Architecture
    · Administration Controls
    · Design Control
    · System Control
    · Modes of Operation
    · Integrity Levels
    · Service Level Agreement

    Section F: Malicious Code
    · Overview
    · Players
    · Viruses
    · Virus Types
    · OS Vulnerability
    · Other Malicious Code
    · Antivirus Protection

    Section G: Methods of Attack
    · Brute Force
    · Social Engineering
    · DoS/DDoS
    · Spoofing
    · Pseudo Flaw
    · Buffer Overflow
    · TOC/TOU
    · Rootkits