Menu
Start your prep for ISC2 CSSLP exam with the Certified Secure Software Lifecycle Professional course. The course provides complete coverage of exam objectives topics including secure software concepts; secure software requirements; secure software design; secure software implementation/coding; secure software testing; software acceptance; software deployment, operations, maintenance, and disposal.
Here's what you will get
The Certified Secure Software Lifecycle Professional certification exam is a standalone certification from ISC2 with the exam code CSSLP. The certification is targeted at information security professionals who act as leader in organization and play key role in incorporating security into each phase of the software lifecycle. The exam provides knowledge about supply chain and software acquisition.
Lessons
8+ Lessons | 299+ Exercises | 147+ Quizzes | 238+ Flashcards | 238+ Glossary of terms
TestPrep
15+ Pre Assessment Questions | 3+ Full Length Tests | 89+ Post Assessment Questions | 267+ Practice Test Questions
Need guidance and support? Click here to check our Instructor Led Course.
Here's what you will learn
Download Course OutlineLessons 1: Secure Software Concepts
- Core concepts
- Security design principles
- Privacy
- Governance, risk and compliance
- Software development methodologies
Lessons 2: Secure Software Requirements
- Policy decomposition
- Data classification and categorization
- Functional requirements
- Operational requirements
Lessons 3: Secure Software Design
- Design process
- Design consideration
- Securing commonly used architecture
- Technologies
Lessons 4: Secure Software Implementation/Coding
- Declarative versus imperative (programmatic) security
- Vulnerability databases/lists
- Defensive coding practices and controls
- Source code and versioning
- Development and build environment
- Code/peer review
- Code analysis
- Anti-tampering techniques
Lessons 5: Secure Software Testing
- Testing artifacts
- Testing for security and quality assurance
- Types of testing
- Impact assessment and corrective action
- Test data lifecycle management
Lessons 6: Software Acceptance
- Pre-release and pre-deployment
- Post-release
Lessons 7: Software Deployment, Operations, Maintenance, and Disposal
- Installation and deployment
- Operations and maintenance
- Software disposal
Lessons 8: Supply Chain and Software Acquisition
- Supplier risk assessment
- Supplier sourcing
- Software development and test
- Software delivery, operations, and maintenance
- Supplier transitioning
Exam FAQs
USD 549
Pricing and taxes may vary from country to country.
The exam consists of linear and multiple choice questions.
ISC2 has the following pre-requisites for CSSLP certification:
- A minimum of four years of cumulative, paid, full-time Software Development Lifecycle (SDLC) professional experience.
- In one or more of the eight domains of the CSSLP Common Body of Knowledge (CBK).
The exam contains 175 questions.
240 minutes
700
In the event that you fail your first attempt at passing the CSSLP certification, ISC2's retake policy is:
- Candidates who do not pass the exam the first time will be able to retest after 30 days.
- Candidates that fail a second time will need to wait 90 days prior sitting for the exam again
- If a candidate fails third time, the next available time to sit for the exam will be 180 days after the most recent exam attempt.