Life-Cycle Security (2020)
From CyberEdWiki
The intent of the Life-Cycle Security Knowledge Unit is to provide students with an understanding of how security principles can be applied to improve security throughout the system or product lifecycle.
Contents
Outcomes[edit]
After completing the KU, students will be able to:
- Describe the importance of secure software, and the programming practices and development processes and methodologies that lead to secure software.
- List, describe the phases of the system life-cycle, and explain security related concerns at each phase.
- List and describe the elements of a maturity model.
Topics[edit]
- System Life-Cycle Phases and Issues
- Initiation
- Requirements
- Design
- Development
- Testing
- Deployment
- Operations and Maintenance
- Disposal
- Vulnerability Mapping, Management, and Traceability
- Threat modeling
- Software Assurance Maturity Model
- Role of Project/Program Management
- Role of Process Management
- Importance of Culture and Training
- Development Processes and Paradigms
- Configuration Management
- Developmental Threats
Skills[edit]
NICE Framework Categories[edit]
CSEC 2017 Categories[edit]
Specialization Areas[edit]
- Health Care Security
- Network Security Administration, Specialization Area
- Network Security Engineering
- Secure Cloud Computing
- Secure Embedded Systems
- Secure Mobile Technology
- Secure Software Development
- Secure Telecommunications
- Security Incident Analysis and Response
- System Security Administration
- Systems Security Engineering, Specialization Area
See also[edit]
Related Knowledge Units
- Software Assurance
- Security Risk Analysis
- Secure Programming Practices
- Software Security Analysis
- Vulnerability Analysis
- QA/Functional Testing
Original Knowledge Unit
Further reading[edit]
Suggested textbooks[edit]
Suggested academic readings[edit]
Sample knowledge test[edit]
Sample skills test[edit]
Sample abilities test[edit]
Additional notes or materials[edit]
Contacts[edit]
Reference ID[edit]
LCS
