"SDLC - security must be in all stages, especially the first one. Think like a manager means do your best to mention security and reduce attack surface using threat modeling, but also smart enough to know vulnerabilities will exist after software deployment. Keep going brother !! What a legacy you’re leaving behind before your name has the letters “CISSP” after it." - Luke Ahmed

Today is Day 4 of Yihenew’s CISSP study plan, focusing on systems development security with an emphasis on covert channels and time-of-use (TOU) vulnerabilities.

• Systems Development Security — integrating security controls into the software lifecycle to prevent vulnerabilities from the start.

• Covert Timing Channels — exploiting the timing of events to pass unauthorized information between processes.

• Covert Storage Channels — using shared storage or variables in unintended ways to communicate without authorization.

• TOU (Time of Use) Flaws — when the state of a resource changes between the time it is checked and the time it is used, potentially allowing exploitation.
  

In this CISSP study plan session, Yihenew learned that understanding these concepts is crucial for identifying security weaknesses that may not be obvious in traditional testing but can be exploited in real-world attacks.

If you’re building your own CISSP exam preparation plan, these topics are critical for mastering both Systems Development Security and Security Engineering domains.d where they sit in the network—is essential for both Communication and Network Security and Security Operations domains.

Check out Yani's TikTok or see Day 3 or Day 5.

👉 Can you take the Yani Challenge?

55 days of consistent CISSP prep, tackling one domain at a time, using only the resources below:

Course

Luke's CISSP Course (2 months access, $89.98)

One-to-one Zoom sessions with Luke Ahmed (2 weeks before exam)

Books, Notes, and Practice Questions

All-In-One Study Guide by Shon Harris (Around $45)

Sybex 10th Edition (Around $52.55)

Official CISSP Practice Tests, 4th Edition by Mike Chapple & David Seidl (Around $35)

How To Think Like A Manager for the CISSP Exam ($29.99)

Total Cost: approxiamately $250 depending on your geographic location. Yani is located in East Africa.

📚 Study Plan (55 Days of Dedication):

- Weekdays: 2–3 hours of focused study—late nights and early mornings (5 AM).

- Weekends: 5–6 hours of deep study sessions.

Pass CISSP in first attempt within 100 questions.

Yani's biggest expense was his time, committment, consistency, and dedication! It was worth it because he passed first attempt in 100 questions using the above resources only.

If Yihenew could do it, so can you.

All the best Future CISSP. You can feel free to contact me anytime as well.

Thank you.

Luke Ahmed