Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Coding Practices

CSSLP 2019    |    Intermediate
  • 19 videos | 1h 11m 40s
  • Includes Assessment
  • Earns a Badge
Rating 4.6 of 498 users Rating 4.6 of 498 users (498)
In this 19-video course, learners will explore the intricate world of secure coding practices. Topics covered in detail include declarative versus imperative (programmatic) security-whether the security is part of the application or part of the container. Next, survey defensive coding practices and control such as secure configuration, error handling, and session management. Learners will also explore cryptography, input and output sanitization, error handling, input validation, logging and auditing, and session and exception management. You will learn important information about safe application programming interfaces (APIs), including those that offer different types of functionality, such as Microsoft's Crypto API and Python's pycrypto, which both provide cryptographic functions; popular social media platforms provide their own APIs that programmers can tap into while incorporating aspects of those services. Learn more about useful concepts such as concurrency, type safety, memory management, configuration parameter management, tokenizing, and sandboxing. The course may be used in preparation for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Recognize characteristics of declarative security
    Recognize characteristics of programmatic security
    Recognize how to use defensive coding practice to address concurrency issues leading to race condition
    Recognize examples of using configuration as a defensive coding practice
    Recognize cryptography elements such as storage, agility, encryption, and algorithm selection
    Recognize examples of using input and output sanitization as a defensive coding practice
    Recognize examples of using error handling as a defensive coding practice
    Recognize examples of using input validation as a defensive coding practice
    Recognize examples of using logging and auditing as a defensive coding practice
  • Recognize examples of using session management as a defensive coding practice
    Recognize examples of using exception management as a defensive coding practice
    Distinguish between safe and unsafe api coding practices
    Distinguish between static and dynamic type safety enforcement
    Recognize characteristics of memory management as a defensive coding practice
    Recognize characteristics of configuration parameter management as a defensive coding practice
    Recognize examples of tokenizing as a defensive coding practice
    Recognize characteristics of sandboxing as a defensive coding practice
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 43s
  • 3m 22s
    Upon completion of this video, you will be able to recognize characteristics of declarative security. FREE ACCESS
  • Locked
    3.  Programmatic Security
    3m 18s
    Upon completion of this video, you will be able to recognize characteristics of programmatic security. FREE ACCESS
  • Locked
    4.  Concurrency
    3m 9s
    After completing this video, you will be able to recognize how to use defensive coding practices to address concurrency issues leading to race conditions. FREE ACCESS
  • Locked
    5.  Configuration
    4m 37s
    Upon completion of this video, you will be able to recognize examples of using configuration as a defensive coding practice. FREE ACCESS
  • Locked
    6.  Cryptography
    5m 8s
    After completing this video, you will be able to recognize cryptography elements such as storage, agility, encryption, and algorithm selection. FREE ACCESS
  • Locked
    7.  Input and Output Sanitization
    4m 16s
    After completing this video, you will be able to recognize examples of using input and output sanitization as a defensive coding practice. FREE ACCESS
  • Locked
    8.  Error Handling
    5m 1s
    After completing this video, you will be able to recognize examples of using error handling as a defensive coding practice. FREE ACCESS
  • Locked
    9.  Input Validation
    5m 52s
    Upon completion of this video, you will be able to recognize examples of input validation as a defensive coding practice. FREE ACCESS
  • Locked
    10.  Logging and Auditing
    5m 43s
    Upon completion of this video, you will be able to recognize examples of using logging and auditing as defensive coding practices. FREE ACCESS
  • Locked
    11.  Session Management
    4m 2s
    Upon completion of this video, you will be able to recognize examples of using session management as a defensive coding practice. FREE ACCESS
  • Locked
    12.  Exception Management
    5m 7s
    After completing this video, you will be able to recognize examples of using exception management as a defensive coding practice. FREE ACCESS
  • Locked
    13.  Safe APIs
    3m 33s
    In this video, you will learn how to distinguish between safe and unsafe API coding practices. FREE ACCESS
  • Locked
    14.  Type Safety
    2m 1s
    Find out how to distinguish between static and dynamic type safety enforcement. FREE ACCESS
  • Locked
    15.  Memory Management
    4m 37s
    Upon completion of this video, you will be able to recognize characteristics of memory management as a defensive coding practice. FREE ACCESS
  • Locked
    16.  Configuration Parameter Management
    4m 34s
    After completing this video, you will be able to recognize characteristics of configuration parameter management as a defensive coding practice. FREE ACCESS
  • Locked
    17.  Tokenizing
    2m 16s
    After completing this video, you will be able to recognize examples of tokenizing as a defensive coding practice. FREE ACCESS
  • Locked
    18.  Sandboxing
    2m
    After completing this video, you will be able to recognize characteristics of sandboxing as a defensive coding practice. FREE ACCESS
  • Locked
    19.  Course Summary
    1m 19s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Technologies
Rating 4.4 of 44 users Rating 4.4 of 44 users (44)
Course CSSLP 2024: Secure Software Testing
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Core Concepts
Rating 4.6 of 559 users Rating 4.6 of 559 users (559)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Data Security and Access Control
Rating 4.5 of 340 users Rating 4.5 of 340 users (340)
Course OWASP Top 10: Securing Web Applications
Rating 4.6 of 1111 users Rating 4.6 of 1111 users (1111)
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Vulnerabilities
Rating 4.5 of 85 users Rating 4.5 of 85 users (85)