Cloud Computing

Certified Secure Software Lifecycle Professional Exam Bootcamp Part 1

The Certified Secure Software Lifecycle Professional (CSSLP) certification is a vendor neutral credential; launched in 2008 by the International Information System Security Certification Consortium, or (ISC)2.

This exam is very challenging even to software developers with experience because of the depth of knowledge required to learn in order to pass.This course has been developed by an industry professional with over twenty years of IT experience. Course contains numerous aids to help the learning process such as demos, discussions, whiteboard designs, test tips, practice reviews and practice questions.

The CSSLP certification validates that the certified professional has the expertise to include the best security practices, auditing, and authorization into each phase of the Software Development Lifecycle (SDLC). SDLC phases include software design, implementation, testing, and deployment. After earning their CSSLP certification, a software professional will be able to develop a software security program in their organization, reduce production cost, mitigate source code vulnerabilities, and reduce losses because of software breaches.

The CSSLP meets the Level I and II IA System Architecture and Engineering requirements of the DoD mandate 8570.01M. Additionally, the CSSLP certification is accredited for the requirements of ANSI/IEC/ISO Standard-17024.

The CSSLP certification exam is a well written exam evaluating potential candidates across eight different domains.

The exam contains 175 question, multiple-choice exam is administered over a 4-hour period at a Pearson Professional Center.

The CSSLP exam questions are developed from the skills and information contained within the CSSLP CBK with the following tested percentages.

  • Secure Software Concepts – 13%
  • Secure Software Requirements – 14%
  • Secure Software Design – 16%
  • Secure Software Implementation/Programming – 16%
  • Secure Software Testing – 14%
  • Secure Lifecycle Management – 10%
  • Software Development, Operations, and Maintenance – 9%
  • Supply Chain and Software Acquisition – 8%

Who would be the target audience?

The audience should be willing to study and review materials to pass the CSSLP Plus and meet the requirements set by ISC2 In order to become a fully certified CSSLP, (ISC)² requires the candidate to have a minimum of four years cumulative paid full-time SDLC experience in one or more of the eight domains of the CSSLP credential.

A candidate can substitute one year of experience for a four-year college degree. If a candidate passes the certification exam but does not possess the required years of experience they will become an associate of (ISC)² and have five years to earn the experience. At which time they will become a fully certified CSSLP.

Roles which would benefit from taking the exam.

  • Software Developers
  • Software Engineers
  • DevOps Engineers
  • Enterprise Architects
  • Application Developers
  • Security Professionals

What you will learn

  • Protecting data and business assets and complying with applicable laws and regulations
  • Following secure coding standards and how documentation can help in the maintenance and operations of software
  • Identifying software vulnerabilities and how to perform testing of units of code
  • Managing each phase of the software development lifecycle (SDLC)
  • Developing security to meet environmental risk and operational challenges
  • Supporting incident response, patch and vulnerability management, and continuity of operations
  • Supporting the software acquisitions process
  • Understanding security related frameworks and best practices

The Certified Secure Software Lifecycle Professional (CSSLP) certification is a vendor neutral credential; launched in 2008 by the International Information System Security Certification Consortium, or (ISC)2.This exam is very challenging even to ...

There is no description for this course

Course content

    • Certified Secure Software Lifecycle Professional Course Part 1
      • Course Overview
      • Course Pre Requirements
      • Download Supporting Files here
      • What is a CSSLP
      • Why becoming a CSSLP Matters
      • Exam Overview
      • CSSLP Exam Pre Requirements
      • 1. Secure Software Concepts 13%
      • 1.1 Core Concepts
      • Confidentiality, integrity and Availability (CIA)
      • Authentication, Authorization and Accountability
      • Nonrepudiation and Digital Signatures
      • 1.2 Security Design Principles
      • Least privilege
      • Separation of duties
      • Defense in Depth
      • Whiteboard- Defense in Depth
      • Fail Safe
      • Economy of mechanism
      • Complete mediation
      • Open Design
      • Least common mechanism
      • Whiteboard - Least Common
      • Psychological acceptability
      • Leveraging existing components
      • Eliminate single point of failure
      • Demo -Hashing
      • Test Tips
      • Section Review Questions
      • 2. Secure Software Requirements
      • 2.1 Identify Security Requirements
      • Functional and Non Functional Requirements
      • Terminology to know
      • Whiteboard - Attacks part 1
      • Terminology to know part 2
      • Cert and Owasp Secure Coding Standards
      • Terminology to know part 3
      • Legal, regulatory, and industry requirements
      • Policy Decomp
      • Terminology to know- Legal
      • Privacy Concerns
      • Control Basics
      • 2.2 Interpret Data Classification Requirements
      • Data Classification overview- Ownership, Labeling, Data Types, Data Lifecycle
      • Data anonymization, user consent and Disposition
      • 2.4 Develop Misuse and Abuse Cases
      • Abuse Cases
      • 2.5 Include Security in Software Requirement Specifications
      • Maturity Models
      • What is Identifying Threats?
      • Threat Models
      • Orgs to Know
      • 2.6 Develop Security Requirement Traceability Matrix
      • SRTM
      • Demo
      • Test Tips
      • Section Review Questions