"You have surrounded yourself with CISSP , and soon success will come running to you."

- Luke Ahmed

Today is Day 5 of Yihenew’s CISSP study plan, continuing with Systems Development Security, but now shifting the focus toward attacks on software security.

Key Areas Covered:

• Injection Attacks — SQL injection, command injection, and input validation weaknesses that let attackers manipulate application behavior

• Buffer Overflows — exploiting poor memory management to execute arbitrary code

• Race Conditions — manipulating timing to access resources in an unsafe sequence

• Cross-Site Scripting (XSS) & Cross-Site Request Forgery (CSRF) — exploiting trust between a user and a web application

• Backdoors & Logic Bombs — malicious code inserted intentionally or hidden in applications, waiting for the right trigger
  

In this CISSP study plan session, Yihenew reinforced that understanding common software attack vectors is just as important as knowing secure development practices. Recognizing how attackers think helps you design countermeasures early in the lifecycle—closing the door before exploits can even be attempted.

If you’re building your own CISSP preparation plan, these software attack concepts are critical for mastering the Systems Development Security domain and directly tie into Security Engineering and Software Development Security on the exam.

Check out Yani's TikTok or see Day 4 or Day 6.

👉 Can you take the Yani Challenge?

55 days of consistent CISSP prep, tackling one domain at a time, using only the resources below:

Course

Luke's CISSP Course (2 months access, $89.98)

One-to-one Zoom sessions with Luke Ahmed (2 weeks before exam)

Books, Notes, and Practice Questions

All-In-One Study Guide by Shon Harris (Around $45)

Sybex 10th Edition (Around $52.55)

Official CISSP Practice Tests, 4th Edition by Mike Chapple & David Seidl (Around $35)

How To Think Like A Manager for the CISSP Exam ($29.99)

Total Cost: approxiamately $250 depending on your geographic location. Yani is located in East Africa.

📚 Study Plan (55 Days of Dedication):

- Weekdays: 2–3 hours of focused study—late nights and early mornings (5 AM).

- Weekends: 5–6 hours of deep study sessions.

Pass CISSP in first attempt within 100 questions.

Yani's biggest expense was his time, committment, consistency, and dedication! It was worth it because he passed first attempt in 100 questions using the above resources only.

If Yihenew could do it, so can you.

All the best Future CISSP. You can feel free to contact me anytime as well.

Thank you.

Luke Ahmed

All of Yani's 55 Study Days

Day 1 of Yihenew's CISSP Study Plan

CISSP Study Plan – Day 2 of 55 | TLS, Symmetric & Asymmetric Encryption

CISSP Study Plan – Day 3 of 55 | Firewalls vs Routers in Network Security

CISSP Study Plan – Day 4 of 55 | Systems Development Security & Covert Channels

CISSP Study Plan – Day 5 of 55 | SDLC Attacks on Software Security

CISSP Study Plan – Day 6 of 55 | SDLC & Scrum Development Methodology Explained

CISSP Study Plan – Day 7 of 55 | Security of APIs Explained

CISSP Study Plan – Day 8 of 55 | Compliance and Security Frameworks

CISSP Study Plan – Day 9 of 55 | CI/CD and Secure DevOps