Applications and Systems-Development Security

Introduction

Well-written applications are the key to good security. As such, this chapter focuses on the security requirements that are needed when developing applications. Although this chapter won't make you into a programmer, it will help you understand the steps required to build robust and secure applications.

To become certified as a CISSP, ISC2 expects test candidates to understand how to develop secure applications, know the steps of the system development life cycle, have knowledge of database design and structure, and be able to recognize and respond to malicious code and system vulnerabilities.