Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our Acquired Software Security Considerations Module. You should consider the impacts of acquiring software from a vendor. You should consider using a software code escrow whenever you are purchasing software from a third party. This is a very important process in order to reduce your risk. If the developer ends up going out of business, or some other problem occurs, a trusted third party has a copy of your source code.
This will allow you to hire other developers to continue to edit the program so you can continue using the application. You should remember software code escrow for the CISSP examination. Software assurance is the level of confidence that the software you have purchased is free from vulnerabilities, including vulnerabilities that were intentionally placed by the individual who produced the software.
Or accidental flows that were inserted during it's life cycle. Software assurance also guarantees that the software functions in the manner that it was intended to. It can be organized around all of the phases of the software acquisition process including the planning and initiation phase, monitoring and acceptance phase and the follow up with the customer phase.
One of the current trends in software development is commercial off the shelf software, or COTSS. There are many well known and widely available solutions that companies can simply purchase, and then begin using. Since the source code is unknown, you must trust the developer and assume that they did a good job developing the software.
Typically, these programs will come with documentation and training which are very standardized in the industry. Today's databases are very flexible and can be used with many different programs. There are also many Cloud solutions that you can choose from. One of the goals of purchasing COTTS is to reduce the risk to your organization to an acceptable level in a very cost effective manor.
Previously when you had to purchase custom software, it was very time consuming to create and properly implement in your organization. Very costly to create it securely. And it was also expensive to maintain, document, and train your users because of the custom nature of the software. The goal of commercial off the shelf software is to provide a standardized solution for a lesser amount of money that can be more quickly implemented than a custom solution.
You should be familiar with commercial off the shelf software as well as the benefits of these products for the CISSP examination. This concludes our Acquired Software Security Considerations Module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!