•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Life-Cycle Security

The intent of the Life-Cycle Security Knowledge Unit is to provide students with an understanding of how security principles can be applied to improve security throughout the system or product lifecycle.

Topics

  1. List and describe the elements of a maturity model.
  2. System Life-Cycle Phases and Issues
  3. Vulnerability Mapping, Management, and Tractability
  4. Importance of Culture and Training
  5. System Life-Cycle Phases and Issues a. Initiation b. Requirements c. Design d. Development e. Testing f. Deployment g. Operations and Maintenance h. Disposal
  6. Describe the importance of secure software, and the programming practices, development processes and methodologies that lead to secure software.
  7. List, describe the phases of the system life-cycle, and explain security related concerns at each phase.
  8. List, describe the phases of the system life-cycle, and explain security related concerns at each phase.

Outcomes

  1. Describe the importance of secure software, and the programming practices, development processes and methodologies that lead to secure software.
  2. List, describe the phases of the system life-cycle, and explain security related concerns at each phase.
  3. List and describe the elements of a maturity model.

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0258 Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)).
K0039 Knowledge of cybersecurity and privacy principles and methods that apply to software development.
K0178 Knowledge of secure software deployment methodologies, tools, and practices.
K0080 Knowledge of software design tools, methods, and techniques.
K0075 Knowledge of security system design tools, methods, and techniques.
K0081 Knowledge of software development models (e.g., Waterfall Model, Spiral Model).
K0090 Knowledge of system life cycle management principles, including software security and usability.
K0344 Knowledge of an organization??s threat environment.
K0243 Knowledge of organizational training and education policies, processes, and procedures.
K0316 Knowledge of business or military operation plans, concept operation plans, orders, policies, and standing rules of engagement.
ID DESCRIPTION
S0135 Skill in secure test plan design (e. g. unit, integration, system, acceptance).
S0001 Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
ID DESCRIPTION
A0171 Ability to conduct training and education needs assessment.
A0006 Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures.
ID DESCRIPTION