CSC 230 - Identity Access Management and Secure Software Development

Course Description

Ensure that the right users have that appropriate access to the applicable technology resources. Explore the concepts of Identity and Access Management (IAM), which consists of four foundational elements of identification, authentication, authorization, and accountability (IAAA).

Students will learn how the IAAA elements are configured and enforced in many access control systems. Understand how to choose and implement systems to meet the requirements for identity information. Additionally, study software development security, integration of security in the Software Development Life Cycle (SDLC), software development methodologies, security controls, and assessments.

This course covers the following domains of the CISSP Common Body of Knowledge (CBK):

• Domain Five: Identity and Access Management
• Domain Eight: Software Development Security

Course Details

Course Learning Outcomes

By the completion of this course, successful learners will be able to:

• Describe physical and logical access controls, management of identification and authentication of people, devices, and services, and federated identity with a third-party service
• Demonstrate knowledge in the implementation of authorization mechanisms and authentication systems, and management of the identity and access provisioning lifecycle
• Demonstrate knowledge in the integration of security in the Software Development Life Cycle (SDLC), application of security controls in software development ecosystems, and application of secure coding guidelines and standards
• Assess the effectiveness of software security and the security impact of acquired software

Topics

• Identity and Access Fundamentals
  • Identification, authentication, authorization, and accountability
  • Credential management
  • Identity management
  • Federated identity management with third-party service
• Managing Identities and Access
  • Authorization mechanisms
  • Implementing authentication systems
  • Managing the identity and access provisioning life cycle
  • Controlling physical and logical access
• Software Development
  • Software development life cycle
  • Development methodologies
  • Operation and maintenance
  • Maturity models
• Secure Software
  • Programming languages
  • Secure coding
  • Security controls for software development
  • Software security assessments
  • Assessing the security of acquired software

Who is this course for?

This course will help you to acquire the knowledge covered in the following domains of the CISSP CBK:

• Domain Five: Identity and Access Management
• Domain Eight: Software Development Security

Individuals in different roles and at various stages in their careers can benefit from this course. The course is designed for:

• Recent graduates (degree, associate degree, diploma) in IT or Computer Science who plan to challenge the CISSP exams to become Associate of (ISC)2
• Experienced IT professionals who are keen to move up the career ladder entering senior positions (e.g. manager, director, senior specialist, chief information security officer)
• Individuals who want to learn the technical skills to a career change into cyber security or information security
• IT infrastructure or Cyber Security professionals looking to upskill and learn new in-demand skills

Applies Towards the Following Program(s)

• Information Systems Security : Required