Exam Essentials: Chapter 20

Posted byChrisPosted inUncategorized

Chapter 20: Software Development Security

Explain the basic architecture of a relational database management system (RDMS)

  • Know the structure of relational DBs.
  • Be able to explain the functions of tables (relations), rows (records/tuples) and columns (fields/attributes).
  • Know how relationships are defined between tables, and the roles of various types of keys.
  • Describe the DB security threats posed by aggregation & inference.

Know the various types of storage

  • Explain the differences between:
    • primary memory & virtual memory
    • secondary storage & virtual storage
    • random access storage & sequential storage
    • volatile storage and non-volatile storage.

Explain how expert systems, machine learning & neural networks function

  • Expert systems consist of two main components:
    • A knowledge base that contains a series of “if/then” rules
    • An inference engine that uses that information to draw conclusions about other data
  • Machine learning techniques attempt to algorithmically discover knowledge from datasets.
  • Neural networks simulate the functioning of the human mind to a limited extent, by arranging a series of layered calculations to solve problems.
  • Neural networks require extensive training on a particular problem before they are able to offer solutions.

Understand the models of systems development

  • Know that the waterfall model describes a sequential development process that results in the development of a finished product. Developers may step back only one phase in the process if errors are discovered.
  • The spiral model uses several iterations of the waterfall model to produce a number of fully specified and tested prototypes.
  • Agile development models place an emphasis on the needs of the customer and quickly developing new functionality that meets those needs in an iterative fashion.

Describe software development maturity models [TODO]

  • Know that maturity models help software organisations improve the maturity & quality of their software processes by implementing an evolutionary path from ad-hoc, chaotic processes to mature, disciplined software processes.
  • Be able to describe the SW-CMM and IDEAL models. [TODO]

Understand the importance of change & configuration management

  • Know the three basic components of change control — request control, change control & release control — and how they contribute to security.
  • Explain how config mgmt controls the versions of software used in an organisation.

Understand the importance of testing

  • Software testing should be designed as part of the development process.
  • Testing should be used as a management tool to improve the design, development & production processes.

Leave a comment

Design a site like this with WordPress.com
Get started