Certified Secure Software Lifecycle Professional (CSSLP)
(CSSLP.AO2) / ISBN : 978-1-64459-454-4
About This Course
Elevate your skills in software development and make security your top priority with the Certified Secure Software Lifecycle Professional (CSSLP) course. In today's digital landscape, ensuring the security of software is paramount, and this course equips you with the knowledge and skills to lead in the development of secure software. From interactive lessons to practice tests and pre-assessments, we've got your exam preparation covered. Explore topics like software vulnerabilities and the principles of secure software development, making a real impact on reducing risks and costs. Become part of a workforce with an enhanced skillset and embark on a journey toward creating more secure software and a safer digital world. Unleash your potential with CSSLP and contribute to a more secure software development process.
Skills You’ll Get
Let's get to the core of the Certified Secure Software Lifecycle Professional (CSSLP) exam. It consists of 125 multiple-choice questions. Here are some vital exam tips: Pay close attention to the Exam Tips, retake practice exams, answer known questions first, and make educated guesses on unfamiliar ones - there's no penalty for guessing. Your success is our goal, and we wish you the best for your future in secure software development. Study hard and use this knowledge to create safer software.
Write about certification
Get the support you need. Enroll in our Instructor-Led Course.
Interactive Lessons
20+ Interactive Lessons | 447+ Exercises | 185+ Quizzes | 246+ Flashcards | 246+ Glossary of terms
Gamified TestPrep
100+ Pre Assessment Questions | 2+ Full Length Tests | 100+ Post Assessment Questions | 200+ Practice Test Questions
Introduction
- Why Focus on Software Development?
- The Role of CSSLP
- How to Use This Course
- The Examination
- Exam Objective Map
- CSSLP Version 3 (2020)
Core Concepts
- Confidentiality
- Integrity
- Availability
- Authentication
- Authorization
- Accountability (Auditing and Logging)
- Nonrepudiation
- Secure Development Lifecycle
- Secure Development Lifecycle Components
- Lesson Review
Security Design Principles
- System Tenets
- Secure Design Tenets
- Security Models
- Adversaries
- Lesson Review
Define Software Security Requirements
- Functional Requirements
- Operational and Deployment Requirements
- Connecting the Dots
- Lesson Review
Identify and Analyze Compliance Requirements
- Regulations and Compliance
- Data Classification
- Privacy
- Lesson Review
Misuse and Abuse Cases
- Misuse/Abuse Cases
- Requirements Traceability Matrix
- Software Acquisition
- Lesson Review
Secure Software Architecture
- Perform Threat Modeling
- Define the Security Architecture
- Lesson Review
Secure Software Design
- Performing Secure Interface Design
- Performing Architectural Risk Assessment
- Model (Nonfunctional) Security Properties and Constraints
- Model and Classify Data
- Evaluate and Select Reusable Secure Design
- Perform Security Architecture and Design Review
- Define Secure Operational Architecture
- Use Secure Architecture and Design Principles, Patterns, and Tools
- Lesson Review
Secure Coding Practices
- Declarative vs. Imperative Security
- Memory Management
- Error Handling
- Interface Coding
- Primary Mitigations
- Learning from Past Mistakes
- Secure Design Principles
- Interconnectivity
- Cryptographic Failures
- Input Validation Failures
- General Programming Failures
- Technology Solutions
- Lesson Review
Analyze Code for Security Risks
- Code Analysis (Static and Dynamic)
- Code/Peer Review
- Code Review Objectives
- Additional Sources of Vulnerability Information
- CWE/SANS Top 25 Vulnerability Categories
- OWASP Vulnerability Categories
- Common Vulnerabilities and Countermeasures
- Lesson Review
Implement Security Controls
- Security Risks
- Implement Security Controls
- Applying Security via the Build Environment
- Anti-tampering Techniques
- Defensive Coding Techniques
- Primary Mitigations
- Secure Integration of Components
- Lesson Review
Security Test Cases
- Security Test Cases
- Attack Surface Evaluation
- Penetration Testing
- Common Methods
- Lesson Review
Security Testing Strategy and Plan
- Develop a Security Testing Strategy and a Plan
- Functional Security Testing
- Nonfunctional Security Testing
- Testing Techniques
- Environment
- Standards
- Crowd Sourcing
- Lesson Review
Software Testing and Acceptance
- Perform Verification and Validation Testing
- Identify Undocumented Functionality
- Analyze Security Implications of Test Results
- Classify and Track Security Errors
- Secure Test Data
- Lesson Review
Secure Configuration and Version Control
- Secure Configuration and Version Control
- Define Strategy and Roadmap
- Manage Security Within a Software Development Methodology
- Identify Security Standards and Frameworks
- Define and Develop Security Documentation
- Develop Security Metrics
- Decommission Software
- Report Security Status
- Lesson Review
Software Risk Management
- Incorporate Integrated Risk Management
- Promote Security Culture in Software Development
- Implement Continuous Improvement
- Lesson Review
Secure Software Deployment
- Perform Operational Risk Analysis
- Release Software Securely
- Securely Store and Manage Security Data
- Ensure Secure Installation
- Perform Post-Deployment Security Testing
- Lesson Review
Secure Software Operations and Maintenance
- Obtain Security Approval to Operate
- Perform Information Security Continuous Monitoring
- Support Incident Response
- Perform Patch Management
- Perform Vulnerability Management
- Runtime Protection
- Support Continuity of Operations
- Integrate Service Level Objectives and Service Level Agreements
- Lesson Review
Software Supply Chain Risk Management
- Implement Software Supply Chain Risk Management
- Analyze Security of Third-Party Software
- Verify Pedigree and Provenance
- Lesson Review
Supplier Security Requirements
- Ensure Supplier Security Requirements in the Acquisition Process
- Support Contractual Requirements
- Lesson Review
Any questions?Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us Now599
Pearson VUE
MCQs
The exam contains 125 questions.
180 minutes
700
(on a scale of 700-1000)
Retest after 30 test-free days