Certified Secure Software Lifecycle Professional (CSSLP)
(CSSLP.AO1) / ISBN : 978-1-64459-229-8
This course includes
Interactive Lessons
Gamified TestPrep
Lab
AI Tutor (Add-on)
6
Reviews
About This Course
Skills You’ll Get
Interactive Lessons
21+ Interactive Lessons | 299+ Quizzes | 236+ Flashcards | 236+ Glossary of terms
Gamified TestPrep
100+ Pre Assessment Questions | 2+ Full Length Tests | 100+ Post Assessment Questions | 200+ Practice Test Questions
1
Introduction
- Why Focus on Software Development?
- The Role of CSSLP
- How to Use This Course?
- The Examination
- CSSLP (2020)
2
General Security Concepts
- General Security Concepts
- Security Models
- Adversaries
- Lesson Review
3
Risk Management
- Definitions and Terminology
- Types of Risk
- Governance, Risk, and Compliance
- Risk Management Models
- Risk Options
- Lesson Review
4
Security Policies and Regulations
- Regulations and Compliance
- Legal Issues
- Privacy
- Security Standards
- Secure Software Architecture
- Trusted Computing
- Acquisition
- Lesson Review
5
Software Development Methodologies
- Secure Development Lifecycle
- Secure Development Lifecycle Components
- Software Development Models
- Microsoft Security Development Lifecycle
- Lesson Review
6
Policy Decomposition
- Confidentiality, Integrity, and Availability Requirements
- Authentication, Authorization, and Auditing Requirements
- Internal and External Requirements
- Lesson Review
7
Data Classification and Categorization
- Data Classification
- Data Ownership
- Labeling
- Types of Data
- Data Lifecycle
- Lesson Review
8
Requirements
- Functional Requirements
- Operational Requirements
- Requirements Traceability Matrix
- Connecting the Dots
- Lesson Review
9
Design Processes
- Attack Surface Evaluation
- Threat Modeling
- Control Identification and Prioritization
- Risk Assessment for Code Reuse
- Documentation
- Design and Architecture Technical Review
- Lesson Review
10
Design Considerations
- Application of Methods to Address Core Security Concepts
- Interfaces
- Lesson Review
11
Securing Commonly Used Architecture
- Distributed Computing
- Service-Oriented Architecture
- Rich Internet Applications
- Pervasive/Ubiquitous Computing
- Mobile Applications
- Integration with Existing Architectures
- Cloud Architectures
- Lesson Review
12
Technologies
- Authentication and Identity Management
- Credential Management
- Flow Control (Proxies, Firewalls, Middleware)
- Logging
- Data Loss Prevention
- Virtualization
- Digital Rights Management
- Trusted Computing
- Database Security
- Programming Language Environment
- Operating Systems
- Embedded Systems
- Lesson Review
13
Common Software Vulnerabilities and Countermeasures
- CWE/SANS Top 25 Vulnerability Categories
- OWASP Vulnerability Categories
- Common Vulnerabilities and Countermeasures
- Input Validation Failures
- Common Enumerations
- Virtualization
- Embedded Systems
- Side Channel
- Social Engineering Attacks
- Lesson Review
14
Defensive Coding Practices
- Declarative vs. Programmatic Security
- Memory Management
- Error Handling
- Interface Coding
- Primary Mitigations
- Learning from Past Mistakes
- Lesson Review
15
Secure Software Coding Operations
- Code Analysis (Static and Dynamic)
- Code/Peer Review
- Build Environment
- Antitampering Techniques
- Configuration Management: Source Code and Versioning
- Lesson Review
16
Security Quality Assurance Testing
- Standards for Software Quality Assurance
- Testing Methodology
- Functional Testing
- Security Testing
- Environment
- Bug Tracking
- Attack Surface Validation
- Testing Artifacts
- Test Data Lifecycle Management
- Lesson Review
17
Security Testing
- Scanning
- Penetration Testing
- Fuzzing
- Simulation Testing
- Testing for Failure
- Cryptographic Validation
- Regression Testing
- Impact Assessment and Corrective Action
- Lesson Review
18
Secure Lifecycle Management
- Introduction to Acceptance
- Pre-release Activities
- Post-release Activities
- Lesson Review
19
Secure Software Installation and Deployment
- Secure Software Installation and Its Subsequent Deployment
- Configuration Management
- Lesson Review
20
Secure Software Operations and Maintenance
- Secure Software Operations
- The Software Maintenance Process
- Secure DevOps
- Secure Software Disposal
- Lesson Review
21
Supply Chain and Software Acquisition
- Supplier Risk Assessment
- Supplier Sourcing
- Software Development and Testing
- Software Delivery, Operations, and Maintenance
- Supplier Transitioning
- Lesson Review
General Security Concepts
- Understanding Security Design Tenets
- Discussing About Access Control Models
- Understanding Information Flow Models
Risk Management
- Understanding Annualized Loss Expectancy
Security Policies and Regulations
- Understanding Compliance-Based Assessment Regulations
- Understanding PII and PHI
- Understanding National Institute of Standards and Technology
Software Development Methodologies
- Discussing About Software Development Methodologies
- Understanding Secure Development Lifecycle Components
- Understanding Software Development Models
Policy Decomposition
- Understanding Access Control Mechanisms
Data Classification and Categorization
- Understanding Data Classification Types
- Understanding Data Ownership Roles
Requirements
- Understanding Functional Requirements
- Understanding the Requirements Traceability Matrix
Design Processes
- Understanding Documentation
Design Considerations
- Discussing About Security Design Considerations
Securing Commonly Used Architecture
- Understanding Distributed Computing Terms
- Understanding the Enterprise Service Bus
- Understanding Cloud Service Models
Technologies
- Understanding X.509 Digital Certificate Fields
- Understanding Flow Control Technologies
- Understanding Syslog
- Understanding Trusted Computing Elements
Common Software Vulnerabilities and Countermeasures
- Discussing About Software Vulnerabilities and Countermeasures
- Understanding the Buffer Overflow Attack
Defensive Coding Practices
- Understanding Imperative and Declarative Securities
- Understanding Memory Management
Secure Software Coding Operations
- Understanding Code Analysis Types
Security Quality Assurance Testing
- Discussing About Security Quality Assurance Testing Methods
- Understanding Functional Testing Types
- Understanding Security Testing Types
Security Testing
- Understanding the Attack Surface Analyzer
- Understanding Regression Testing
Secure Lifecycle Management
- Understanding Various Forms of Testing
Secure Software Installation and Deployment
- Understanding Bootstrapping
Secure Software Operations and Maintenance
- Understanding Operations/Maintenance Activities
- Understanding the Software Disposal Process
Supply Chain and Software Acquisition
- Discussing About Supplier Risk Assessment
- Understanding Service Level Agreements
Any questions?Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us Now