Home Page Icon
Home Page
Table of Contents for
Official (ISC)2 Guide to the CSSLP
Close
Official (ISC)2 Guide to the CSSLP
by Mano Paul
Official (ISC)2 Guide to the CSSLP
Foreword
About the Author
Introduction
Chapter 1 - Secure Software Concepts
1.1 Introduction
1.2 Objectives
1.3 Holistic Security
1.4 Implementation Challenges
1.4.1 Iron Triangle Constraints
1.4.2 Security as an Afterthought
1.4.3 Security versus Usability
1.5 Quality and Security
1.6 Security Profile: What Makes a Software Secure?
1.6.1 Core Security Concepts
1.6.1.1 Confidentiality
1.6.1.2 Integrity
1.6.1.3 Availability
1.6.2 General Security Concepts
1.6.2.1 Authentication
1.6.2.2 Authorization
1.6.2.3 Auditing/Logging
1.6.2.4 Session Management
1.6.2.5 Errors and Exception Management
1.6.2.6 Configuration Parameters Management
1.6.3 Design Security Concepts
1.7 Security Concepts in the SDLC
1.8 Risk Management
1.8.1 Terminology and Definitions
1.8.1.1 Asset
1.8.1.2 Vulnerability
1.8.1.3 Threat
1.8.1.4 Threat Source/Agent
1.8.1.5 Attack
1.8.1.6 Probability
1.8.1.7 Impact
1.8.1.8 Exposure Factor
1.8.1.9 Controls
1.8.1.10 Total Risk
1.8.1.11 Residual Risk
1.8.2 Calculation of Risk
1.8.3 Risk Management for Software
1.8.4 Handling Risk
1.8.5 Risk Management Concepts: Summary
1.9 Security Policies: The “What” and “Why” for Security
1.9.1 Scope of the Security Policies
1.9.2 Prerequisites for Security Policy Development
1.9.3 Security Policy Development Process
1.10 Security Standards
1.10.1 Types of Security Standards
1.10.1.1 Coding Standards
1.10.1.2 Payment Card Industry Data Security Standards
1.10.1.3 NIST Standards
1.10.1.4 ISO Standards
1.10.1.5 Federal Information Processing Standards (FIPS)
1.10.2 Benefits of Security Standards
1.11 Best Practices
1.11.1 Open Web Application Security Project (OWASP)
1.11.1.1 OWASP Development Guide
1.11.1.2 OWASP Code Review Guide
1.11.1.3 OWASP Testing Guide
1.11.1.4 Other OWASP Projects
1.12 Information Technology Infrastructure Library (ITIL)
1.13 Security Methodologies
1.13.1 Socratic Methodology
1.13.2 Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE®)
1.13.3 STRIDE and DREAD
1.13.4 Open Source Security Testing Methodology Manual (OSSTMM)
1.13.5 Flaw Hypothesis Method (FHM)
1.13.6 Six Sigma (6σ)
1.13.7 Capability Maturity Model Integration (CMMI)
1.14 Security Frameworks
1.14.1 Zachman Framework
1.14.2 Control Objectives for Information and Related Technology (COBIT®)
1.14.3 Committee of Sponsoring Organizations (COSO)
1.14.4 Sherwood Applied Business Security Architecture (SABSA)
1.15 Regulations, Privacy, and Compliance
1.15.1 Significant Regulations and Acts
1.15.1.1 Sarbanes–Oxley (SOX) Act
1.15.1.2 BASEL II
1.15.1.3 Gramm–Leach–Bliley Act (GLBA)
1.15.1.4 Health Insurance Portability and Accountability Act (HIPAA)
1.15.1.5 Data Protection Act
1.15.1.6 Computer Misuse Act
1.15.1.7 State Security Breach Laws
1.15.2 Challenges with Regulations and Privacy Mandates
1.15.3 Privacy and Software Development
1.16 Security Models
1.16.1 BLP Confidentiality Model
1.16.2 Biba Integrity Model
1.16.3 Clark and Wilson Model (Access Triple Model)
1.16.4 Brewer and Nash Model (Chinese Wall Model)
1.17 Trusted Computing
1.17.1 Ring Protection
1.17.2 Trust Boundary (or Security Perimeter)
1.17.3 Trusted Computing Base (TCB)
1.17.3.1 Process Activation
1.17.3.2 Execution Domain Switching
1.17.3.3 Memory Protection
1.17.3.4 Input/Output Operations
1.17.4 Reference Monitor
1.17.5 Rootkits
1.18 Trusted Platform Module (TPM)
1.19 Acquisitions
1.20 Summary
1.21 Review Questions
References
Chapter 2 - Secure Software Requirements
2.1 Introduction
2.2 Objectives
2.3 Sources for Security Requirements
2.4 Types of Security Requirements
2.4.1 Confidentiality Requirements
2.4.2 Integrity Requirements
2.4.3 Availability Requirements
2.4.4 Authentication Requirements
2.4.4.1 Anonymous Authentication
2.4.4.2 Basic Authentication
2.4.4.3 Digest Authentication
2.4.4.4 Integrated Authentication
2.4.4.5 Client Certificate-Based Authentication
2.4.4.6 Forms Authentication
2.4.4.7 Token-Based Authentication
2.4.4.8 Smart Cards–Based Authentication
2.4.4.9 Biometric Authentication
2.4.5 Authorization Requirements
2.4.5.1 Discretionary Access Control (DAC)
2.4.5.2 Nondiscretionary Access Control (NDAC)
2.4.5.3 Mandatory Access Control (MAC)
2.4.5.4 Role-Based Access Control (RBAC)
2.4.5.5 Resource-Based Access Control
2.4.6 Auditing/Logging Requirements
2.4.7 Session Management Requirements
2.4.8 Errors and Exception Management Requirements
2.4.9 Configuration Parameters Management Requirements
2.4.10 Sequencing and Timing Requirements
2.4.10.1 Race Condition Properties
2.4.10.2 Race Conditions Protection
2.4.11 Archiving Requirements
2.4.12 International Requirements
2.4.13 Deployment Environment Requirements
2.4.14 Procurement Requirements
2.4.15 Antipiracy Requirements
2.5 Protection Needs Elicitation
2.5.1 Brainstorming
2.5.2 Surveys (Questionnaires and Interviews)
2.5.3 Policy Decomposition
2.5.4 Data Classification
2.5.5 Use and Misuse Case Modeling
2.5.5.1 Use Cases
2.5.5.2 Misuse Cases
2.5.6 Subject–Object Matrix
2.5.7 Templates and Tools
2.6 Requirements Traceability Matrix (RTM)
2.7 Summary
2.8 Review Questions
References
Chapter 3 - Secure Software Design
3.1 Introduction
3.2 Objectives
3.3 The Need for Secure Design
3.4 Flaws versus Bugs
3.5 Design Considerations
3.5.1 Core Software Security Design Considerations
3.5.1.1 Confidentiality Design
3.5.2 Integrity Design
3.5.2.1 Hashing (Hash Functions)
3.5.2.2 Referential Integrity
3.5.2.3 Resource Locking
3.5.2.4 Code Signing
3.5.3 Availability Design
3.5.4 Authentication Design
3.5.5 Authorization Design
3.5.6 Auditing/Logging Design
3.6 Information Technology Security Principles and Secure Design
3.7 Designing Secure Design Principles
3.7.1 Least Privilege
3.7.2 Separation of Duties
3.7.3 Defense in Depth
3.7.4 Fail Secure
3.7.5 Economy of Mechanisms
3.7.6 Complete Mediation
3.7.7 Open Design
3.7.8 Least Common Mechanisms
3.7.9 Psychological Acceptability
3.7.10 Leveraging Existing Components
3.8 Balancing Secure Design Principles
3.9 Other Design Considerations
3.9.1 Programming Language
3.9.2 Data Type, Format, Range, and Length
3.9.3 Database Security
3.9.3.1 Polyinstantiation
3.9.3.2 Database Encryption
3.9.3.3 Normalization
3.9.3.4 Triggers and Views
3.9.4 Interface
3.9.4.1 User Interface
3.9.4.2 Security Management Interfaces (SMI)
3.9.5 Interconnectivity
3.10 Design Processes
3.10.1 Attack Surface Evaluation
3.10.1.1 Relative Attack Surface Quotient
3.10.2 Threat Modeling
3.10.2.1 Threat Sources/Agents
3.10.2.2 What Is Threat Modeling?
3.10.2.3 Benefits
3.10.2.4 Challenges
3.10.2.5 Prerequisites
3.10.2.6 What Can We Threat Model?
3.10.2.7 Process
3.10.2.8 Comparison of Risk Ranking Methodologies
3.10.2.9 Control Identification and Prioritization
3.11 Architectures
3.11.1 Mainframe Architecture
3.11.2 Distributed Computing
3.11.3 Service Oriented Architecture
3.11.4 Rich Internet Applications
3.11.5 Pervasive Computing
3.11.6 Software as a Service (SaaS)
3.11.7 Integration with Existing Architectures
3.12 Technologies
3.12.1 Authentication
3.12.2 Identity Management
3.12.3 Credential Management
3.12.4 Password Management
3.12.5 Certificate Management
3.12.6 Single Sign-On (SSO)
3.12.7 Flow Control
3.12.7.1 Firewalls and Proxies
3.12.7.2 Queuing Infrastructure and Technology
3.12.8 Auditing/Logging
3.12.8.1 Syslog
3.12.8.2 Intrusion Detection System (IDS)
3.12.8.3 Intrusion Prevention Systems (IPS)
3.12.9 Data Loss Prevention
3.12.10 Virtualization
3.12.11 Digital Rights Management
3.13 Secure Design and Architecture Review
3.14 Summary
3.15 Review Questions
References
Chapter 4 - Secure Software Implementation/Coding
4.1 Introduction
4.2 Objectives
4.3 Who Is to Be Blamed for Insecure Software?
4.4 Fundamental Concepts of Programming
4.4.1 Computer Architecture
4.4.2 Programming Languages
4.4.2.1 Compiled Languages
4.4.2.2 Interpreted Languages
4.4.2.3 Hybrid Languages
4.5 Software Development Methodologies
4.5.1 Waterfall Model
4.5.2 Iterative Model
4.5.3 Spiral Model
4.5.4 Agile Development Methodologies
4.5.5 Which Model Should We Choose?
4.6 Common Software Vulnerabilities and Controls
4.6.1 Injection Flaws
4.6.1.1 Injection Flaws Controls
4.6.2 Cross-Site Scripting (XSS)
4.6.2.1 XSS Controls
4.6.3 Buffer Overflow
4.6.3.1 Buffer Overflow Controls
4.6.4 Broken Authentication and Session Management
4.6.4.1 Broken Authentication and Session Management Controls
4.6.5 Insecure Direct Object References
4.6.5.1 Insecure Direct Object References Controls
4.6.6 Cross-Site Request Forgery (CSRF)
4.6.6.1 CSRF Controls
4.6.7 Security Misconfiguration
4.6.7.1 Security Misconfiguration Controls
4.6.8 Failure to Restrict URL Access
4.6.8.1 Failure to Restrict URL Access Controls
4.6.9 Unvalidated Redirects and Forwards
4.6.9.1 Unvalidated Redirects and Forwards Controls
4.6.10 Insecure Cryptographic Storage
4.6.10.1 Insecure Cryptographic Storage Controls
4.6.11 Insufficient Transport Layer Protection
4.6.11.1 Insufficient Transport Layer Protection Controls
4.6.12 Information Leakage and Improper Error Handling
4.6.12.1 Information Leakage and Improper Error Handling Controls
4.6.13 File Attacks
4.6.13.1 File Attacks Controls
4.6.14 Race Condition
4.6.14.1 Race Condition Controls
4.6.15 Side Channel Attacks
4.6.15.1 Side Channel Attacks Controls
4.7 Defensive Coding Practices—Concepts and Techniques
4.7.1 Attack Surface Evaluation and Reduction
4.7.2 Input Validation
4.7.2.1 How to Validate?
4.7.2.2 Where to Validate?
4.7.2.3 What to Validate?
4.7.3 Canonicalization
4.7.4 Code Access Security
4.7.4.1 Security Actions
4.7.4.2 Type Safety
4.7.4.3 Syntax Security (Declarative and Imperative)
4.7.4.4 Secure Class Libraries
4.7.5 Container (Declarative) versus Component (Programmatic) Security
4.7.6 Cryptographic Agility
4.7.7 Memory Management
4.7.7.1 Locality of Reference
4.7.7.2 Dangling Pointers
4.7.7.3 Address Space Layout Randomization (ASLR)
4.7.7.4 Data Execution Prevention (DEP)/Executable Space Protection (ESP)
4.7.7.5 /GS Flag
4.7.7.6 StackGuard
4.7.8 Exception Management
4.7.9 Anti-Tampering
4.7.10 Secure Startup
4.7.11 Embedded Systems
4.7.12 Interface Coding
4.8 Secure Software Processes
4.8.1 Versioning
4.8.2 Code Analysis
4.8.3 Code/Peer Review
4.9 Build Environment and Tools Security
4.10 Summary
4.11 Review Questions
References
Chapter 5 - Secure Software Testing
5.1 Introduction
5.2 Objectives
5.3 Quality Assurance
5.4 Types of Software QA Testing
5.4.1 Reliability Testing (Functional Testing)
5.4.1.1 Unit Testing
5.4.1.2 Integration Testing
5.4.1.3 Logic Testing
5.4.1.4 Regression Testing
5.4.2 Recoverability Testing
5.4.2.1 Performance Testing
5.4.2.2 Scalability Testing
5.4.3 Resiliency Testing (Security Testing)
5.4.3.1 Motives, Opportunities, and Means
5.4.3.2 Testing of Security Functionality versus Security Testing
5.4.3.3 The Need for Security Testing
5.5 Security Testing Methodologies
5.5.1 White Box Testing
5.5.2 Black Box Testing
5.5.3 Fuzzing
5.5.4 Scanning
5.5.5 Penetration Testing (Pen-Testing)
5.5.6 White Box Testing versus Black Box Testing
5.6 Software Security Testing
5.6.1 Testing for Input Validation
5.6.2 Injection Flaws Testing
5.6.3 Testing for Nonrepudiation
5.6.4 Testing for Spoofing
5.6.5 Failure Testing
5.6.6 Cryptographic Validation Testing
5.6.7 Testing for Buffer Overflow Defenses
5.6.8 Testing for Privilege Escalations Defenses
5.6.9 Anti-Reversing Protection Testing
5.7 Other Testing
5.7.1 Environment Testing
5.7.1.1 Interoperability Testing
5.7.1.2 Simulation Testing
5.7.1.3 Disaster Recovery (DR) Testing
5.7.2 Privacy Testing
5.7.3 User Acceptance Testing
5.8 Defect Reporting and Tracking
5.8.1 Reporting Defects
5.8.2 Tracking Defects
5.9 Impact Assessment and Corrective Action
5.10 Tools for Security Testing
5.11 Summary
5.12 Review Questions
References
Chapter 6 - Software Acceptance
6.1 Introduction
6.2 Objectives
6.3 Guidelines for Software Acceptance
6.4 Benefits of Accepting Software Formally
6.5 Software Acceptance Considerations
6.5.1 Considerations When Building Software
6.5.1.1 Completion Criteria
6.5.1.2 Change Management
6.5.1.3 Approval to Deploy/Release
6.5.1.4 Risk Acceptance and Exception Policy
6.5.1.5 Documentation of Software
6.5.2 When Buying Software
6.5.2.1 Procurement Methodology
6.6 Legal Protection Mechanisms
6.6.1 IP Protection
6.6.1.1 Patents (Inventions)
6.6.1.2 Copyright
6.6.1.3 Trademark
6.6.1.4 Trade Secret
6.6.2 Disclaimers
6.6.3 Validity Periods
6.6.4 Contracts and Agreements
6.6.4.1 Service Level Agreements (SLA)
6.6.4.2 Nondisclosure Agreements (NDA)
6.6.4.3 Noncompete Agreements
6.7 Software Escrow
6.8 Verification and Validation (V&V)
6.8.1 Reviews
6.8.2 Testing
6.8.3 Independent (Third Party) Verification and Validation
6.8.4 Checklists and Tools
6.9 Certification and Accreditation
6.10 Summary
6.11 Review Questions
References
Chapter 7 - Software Deployment, Operations, Maintenance, and Disposal
7.1 Introduction
7.2 Objectives
7.3 Installation and Deployment
7.3.1 Hardening
7.3.2 Enforcement of Security Principles
7.3.3 Environment Configuration
7.3.4 Bootstrapping and Secure Startup
7.4 Operations and Maintenance
7.4.1 Monitoring
7.4.1.1 Why Monitor?
7.4.1.2 What to Monitor?
7.4.1.3 Ways to Monitor
7.4.1.4 Metrics in Monitoring
7.4.1.5 Audits for Monitoring
7.4.2 Incident Management
7.4.2.1 Events, Alerts, and Incidents
7.4.2.2 Types of Incidents
7.4.2.3 Incident Response Process
7.4.3 Problem Management
7.4.3.1 Problem Management Process
7.4.4 Patching and Vulnerability Management
7.5 Disposal
7.5.1 End-of-Life Policies
7.5.2 Sunsetting Criteria
7.5.3 Sunsetting Processes
7.5.4 Information Disposal and Media Sanitization
7.6 Summary
7.7 Review Questions
References
Appendix A Answers to Practice Questions
Chapter 1—Secure Software Concepts Questions
Chapter 2—Secure Software Requirements Questions
Chapter 3—Secure Software Design Questions
Chapter 4—Secure Software Implementation/Coding Questions
Chapter 5—Secure Software Testing Questions
Chapter 6—Software Acceptance Questions
Chapter 7—Software Deployment, Operations, Maintenance, and Disposal Questions
Appendix B
Threat Modeling—Zion, Inc.
Appendix C
Commonly Used Opcodes in Assembly
Appendix D
HTTP/1.1 Status Codes and Reason Phrases (IETF RFC 2616)
Appendix E
Security Testing Tools
E.1 Reconnaissance (Information Gathering) Tools
E.2 Vulnerability Scanners
E.3 Fingerprinting Tools
E.4 Sniffers/Protocol Analyzers
E.5 Password Crackers
E.6 Web Security Tools: Scanners, Proxies, and Vulnerability Management
E.7 Wireless Security Tools
E.8 Reverse Engineering Tools (Assembler and Disassemblers, Debuggers, and Decompilers)
E.9 Source Code Analyzers
E.10 Vulnerability Exploitation Tools
E.11 Security-Oriented Operating Systems
E.12 Privacy Testing Tools
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Preliminaries
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset