Upgrade to remove ads
Official (ISC)² CSSLP - Domain 2: Secure Software Requirements
Terms in this set (14)
An analysis technique that models the unintended behavior of the software or system by taking a hostile user perspective.
CRUD (create, read, update, delete)
The four primary procedures or ways a system can manipulate information.
Data Lifecycle Management
A policy-based approach to managing the flow of an information system's data throughout its life cycle: from creation and initial storage to the time when it becomes obsolete and is deleted.
Software requirements that define and describe the production environment in which the software will be deployed.
See Data Lifecycle Management.
The process of assigning labels to information (data) assets, based on potential impact to confidentiality, integrity, and availability (CIA), upon disclosure, alteration, or destruction.
Software requirements that focus on how the system will be operated by the users, including interfaces and interoperability with other systems.
The process of eliciting software and security requirements from internal policies, standards, and guidelines.
Protection Needs Elicitation
A software requirements elicitation process that aims to translate governance, regulatory, compliance, privacy, company policies and standards, and functional requirements into security requirements.
Data that is identifiable because it is organized in a structure.
A tool used in use case modeling that identifies allowable actions between subjects and objects based on use cases.
Time of Check (TOC)/Time of Use (TOU) Attacks
The result of sequencing and timing design flaws in software. Also referred to as race conditions.
Data that has no identifiable structure.
Use case modeling
An analysis technique by which software functional requirements can be elicited, understood, and defined. A use case models the intended behavior of the software or system.
THIS SET IS OFTEN IN FOLDERS WITH...
Official (ISC)² CSSLP - Domain 1: Secure Software…
Official (ISC)² CSSLP - Domain 7: Software Deploym…
Official (ISC)² CSSLP - Domain 3: Secure Software…
Official (ISC)² CSSLP - Domain 4: Secure Software…
YOU MIGHT ALSO LIKE...
Accounting Information Systems
[HIM 321] T2: CH3 - Terms
Joni Catanzaro ISDS 2001 Test 2
VCE Software Development Unit 3 UCD/srs
OTHER SETS BY THIS CREATOR
Chapter 8: Secure Software Supply Chain Domain
Chapter 7: Secure Software Deployment, Operations…
Chapter 6: Secure Software Testing Domain
Chapter 5: Secure Software Implementation Domain