From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,400 courses taught by industry experts.

Verifying and validating documentation

Verifying and validating documentation

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Verifying and validating documentation

- [Instructor] The scope of your security testing includes more than just the technical components of your application infrastructure. An important step in secure software testing is to verify and validate the documentation that guided the development of the application. Hopefully, your development team has been generating a lot of documentation along the way to maximize the team's shared knowledge as the application passes through the SDLC. As a CSSLP, there are four types of documentation that you'll be particularly interested in as you build out your test cases. Installation and setup instructions, error messages, user guides, and release notes. First, take a look at the application's installation and setup instructions. When you're reading through those instructions, you should do so with the target audience in mind. Who's going to be using these instructions? A semi-technical end user? A system administrator? How much security knowledge should you expect that person to have?…

Contents