CSSLP-2013 : Certified Secure Software Lifecycle Professional

Retired. This product is no longer available.

ISC2's CSSLP certification is an industry recognized credential. The certification is proof of a person's competence in the field of security of software development lifecycle. It establishes industry standards and best practices for building security into each phase.
CSSLP
Certified Secure Software Lifecycle Professional

Lessons

uCertify uses content from well known publishers, instructors, and subject matter experts. They have a minimum of 15 years of experience in their fields. uCertify brings these textbooks to life. It is full of interactive activities that keeps the learner engaged. uCertify brings all available learning resources for a topic in one place so that the learner can efficiently learn without going to multiple places. Challenge questions are also embedded in the chapters so learners can attempt those while they are learning about that particular topic. This helps them grasp the concepts better because they can go over it again right away which improves learning. Learners can do Flashcards, Exercises, Quizzes and Labs related to each chapter. At the end of every lesson, uCertify courses guide the learners on the path they should follow.

uCertify platform supports 50+ different types of interactive activities, connect the idea, or try it yourself lab activities embedded throughout its course. These interactive activities keeps learners engaged and makes learning fun.

Here's What You Get

Exercises Flashcards Quizzes Glossary

Each lesson comes with Exercises, Flashcards & Quizzes. There is no limit to the number of times learners can attempt these. Exercises come with detailed remediation, which ensures that learners are confident on the topic before proceeding. Flashcards help master the key concepts. Glossary defines the key terms.

Exercise Questions
299+
Quizzes
147+
Flashcards
238+
Glossary of terms
238+
Lessons
8+

Test Prep & Practice Questions

uCertify provides full length practice tests. These tests closely follow the exam objectives and are designed to simulate real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure that learners are prepared for the certification exam.

Here's What You Get

Pre-assessments Questions
15+
Full Length Tests
3+
Post-Assessments Questions
89+

Features

Full Remediation

Each question comes with detailed remediation explaining not only why an answer option is correct but also why the incorrect answer options are incorrect.

Unlimited Practice

Each test can be taken unlimited number of times until the learner feels they are prepared. Learner can review the test and read detailed remediation. Detailed test history is also available.

Learn, Test and Review Mode

Each test set comes with learn, test and review modes. In learn mode, learners will attempt a question and will get immediate feedback and complete remediation as they move on to the next question. In test mode, learners can take a timed test simulating the actual exam conditions. In review mode, learners can read through one item at a time without attempting it.

Exam Information

The Certified Secure Software lifecycle Professional certification exam is a standalone certification from ISC2 with the exam code CSSLP.

The certification is targeted at information security professionals who act as leader in organization and play key role in incorporating security into each phase of the software lifecycle . The exam covers secure software design, testing, software deployment, operations, maintenance and disposal.

Prepare for the following certification

Career Prospects

An ISC2 certified professional has several career opportunities open up to them, including:

  • Software developer
  • Engineer and architect
  • Product manager
  • Project manager
  • Business analyst
Exam FAQs
What is the exam registration fee?
  • Paper based testing- Early registration- $549
  • Paper based testing-Standard registration-$599
  • Computer based Testing-$549

Pricing and taxes may vary from country to country.

Where do I take the exam?
The ISC2 exam is administered by Pearson Vue at testing centers worldwide Click here to find a testing center near you
What is the format of the exam?
The exam consists of linear and multiple choice questions.
What are the pre-requisites of the exam?

ISC2 has the following pre-requisites for CSSLP certification:

  • Candidate must have at least 4 years of professional experience in Software lifecycle for CSSLP credential.
How many questions are asked in the exam?
The exam contains 175 questions.
What is the duration of the exam?
240 minutes
What is the passing score?
700

(on a scale of 0-1000)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the CSSLP certification, ISC2's retake policy is:

  • Candidates who do not pass the exam the first time will be able to retest after 30 days.
  • Candidates that fail a second time will need to wait 90 days prior sitting for the exam again
  • If a candidate fails third time, the next available time to sit for the exam will be 180 days after the most recent exam attempt.
What is the validity of the certification?
ISC2's CSSLP expires three years from date of issue, after which the certification holder will need to renew their certification. Click here for more information.
Where can I find more information about this exam?
To know more about the CSSLP, click here.

Table of Content

Here's What you will Learn

Lesson 1: Secure Software Concepts

  • Core concepts
  • Security design principles
  • Privacy
  • Governance, risk and compliance
  • Software development methodologies

Lesson 2: Secure Software Requirements

  • Policy decomposition
  • Data classification and categorization
  • Functional requirements
  • Operational requirements

Lesson 3: Secure Software Design

  • Design process
  • Design consideration
  • Securing commonly used architecture
  • Technologies

Lesson 4: Secure Software Implementation/Coding

  • Declarative versus imperative (programmatic) security
  • Vulnerability databases/lists
  • Defensive coding practices and controls
  • Source code and versioning
  • Development and build environment
  • Code/peer review
  • Code analysis
  • Anti-tampering techniques

Lesson 5: Secure Software Testing

  • Testing artifacts
  • Testing for security and quality assurance
  • Types of testing
  • Impact assessment and corrective action
  • Test data lifecycle management

Lesson 6: Software Acceptance

  • Pre-release and pre-deployment
  • Post-release

Lesson 7: Software Deployment, Operations, Maintenance, and Disposal

  • Installation and deployment
  • Operations and maintenance
  • Software disposal

Lesson 8: Supply Chain and Software Acquisition

  • Supplier risk assessment
  • Supplier sourcing
  • Software development and test
  • Software delivery, operations, and maintenance
  • Supplier transitioning