CSSLP
Certified Secure Software Lifecycle Professional Exam Preparation


CSSLP Course Introduction


The Official (ISC)² CSSLP CBK Review Seminar is the exclusive way to learn security best practices and industry standards for the software lifecycle - critical information to a CSSLP. This is where you will learn tools and processes on how security should be built into each phase of the software lifecycle. The CSSLP CBK contains the largest, most comprehensive, collection of best practices, policies, and procedures, to ensure a security initiative across all phases of application development, regardless of methodology.


CSSLP Course Objectives

  • To offers a high-level review of the main topics of CSSLP CBK
  • To identify areas students need to study
  • To provide an overview of the scope of the information security field
  • To study for CSSLP examination


CSSLP Course Prerequisite

  • SDLCF


Target Group

  • IT Director/Manager
  • Software Program Manager/Product Manager
  • Project Manager
  • Security Manager
  • Software Developer
  • Software Engineers and Architect
  • Application Security Specialist
  • Software Procurement Analyst
  • Software Quality Assurance
  • Quality Assurance Tester
  • Business Analyst
  • Penetration Tester
  • Professionals who manage these stakeholders


Course Outline of CSSLP


Day 1
Domain 1 Secure Software Concepts

    – Concepts of Secure Software
    – Principles of Secure Design
    – Security and Privacy
    – Governance, Risk, and Compliance
    – Methodologies for Software Development
Domain 2 Secure Software Requirements
    – Policy Decomposition
    – Classification and Categorization
    – Functional Requirements: Use Cases and Abuse Cases
    – Secure Software Operational Requirements

Day 2
Domain 3 Secure Software Design

    – The Importance of Secure Design
    – Design Considerations
    – Secure Design Processes
    – Securing Commonly Used Architectures
    – Securing Commonly Used Technologies

Day 3
Domain 4 Secure Software Implementation/Coding

    – Fundamental Programming Concepts
    – Vulnerability Databases and Lists
    – Defensive Coding Practices and Controls
    – Secure Software Processes

Day 4
Domain 5 Secure Software Testing

    – Artifacts of Testing
    – Testing for Security and Quality Assurance
    – Security Testing
    – Defect Reporting, Tracking, and Corrective Action
    – Test Data Life Cycle Management
Domain 6 Software Acceptance
    – Software Acceptance Considerations
    – Post-release

Day 5
Domain 7 Software Deployment, Operations, Maintenance and Disposal

    – Installation and Deployment
    – Operations and Maintenance
    – Disposal of Software
    – Domain 8 Supply Chain & Software Acquisition
    – Supplier Risk Assessment
    – Supplier Sourcing
    – Software Development and Test
    – Software Delivery, Operations, and Maintenance
    – Supplier Transitioning

16-20 December 2019

Course Level

Advance

Duration

5 Days

Tuition Fee

32,000.00 THB

Speaker

A.Jumpon Suwuanphahu
SSCP, CSSLP, ITIL Foundation, CompTIA Security+, ITSMS (ISO 20000) Lead Auditor Training

Our website uses both essential and non-essential cookies to analyze use of our products and services. This agreement applies to non-essential cookies only. By accepting, you are agreeing to third parties receiving information about your usage and activities. If you choose to decline this agreement, we will continue to use essential cookies for the operation of the website. View Policy