On the basis of knowledge that's expected for the CISSP exam, this domain is broadly grouped into five sections as shown here:
Section 1: Systems engineering concepts relate to the application of engineering concepts to the system development life cycle. Security considerations during the development cycle will reduce the number of vulnerabilities in the final products.
Section 2: Software development life cycle implies the processes that are involved during the development of a software application. Different security controls, as well as testing, are required at each stage of development to ensure fewer vulnerabilities in the final products.
Section 3: Information technology application systems consist of object-oriented systems, expert systems, database systems, and so on. Each of these application systems has unique applications and usage. Security in such systems is of great importance.
Section 4: Application development processes are not robust enough to identify and...