CSSLP Certified Secure Software Lifecycle Professional AllinOne Exam Guide, Third Edition

  • 7h 43m
  • Daniel Shoemaker, Wm. Arthur Conklin
  • McGraw-Hill/Osborne
  • 2022

Providing 100% coverage of the latest CSSLP exam, this self-study guide offers everything you need to ace the exam

CSSLP Certification All-in-One Exam Guide, Third Edition covers all eight exam domains of the challenging CSSLP exam, developed by the International Information Systems Security Certification Consortium (ISC) (R). Thoroughly revised and updated for the latest exam release, this guide includes real-world examples and comprehensive coverage on all aspects of application security within the entire software development lifecycle. It also includes hands-on exercises, chapter review summaries and notes, tips, and cautions that provide real-world insight and call out potentially harmful situations.

With access to 350 exam questions online, you can practice either with full-length, timed mock exams or by creating your own custom quizzes by chapter or exam objective.

CSSLP Certification All-in-One Exam Guide, Third Edition provides thorough coverage of all eight exam domains:

  • Secure Software Concepts
  • Secure Software Requirements
  • Secure Software Design
  • Secure Software Implementation Programming
  • Secure Software Testing
  • Secure Lifecycle Management
  • Software Deployment, Operations, and Maintenance
  • Supply Chain and Software Acquisition

About the Author

DWm. Arthur Conklin, PhD, CompTIA Security+®, CISSP®, CSSLP, is assistant professor in the Information and Logistics Technology Department at the University of Houston. He is the lead author of CompTIA Security+ All-in-One Exam Guide, Sixth Edition, and Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition.

Daniel Shoemaker, PhD, is a professor and senior research scientist at the University of Detroit Mercy’s Center for Cyber Security and Intelligence Studies, which also includes the NSA Center of Academic Excellence in Information Assurance Education. One of the first academic participants in the development of software engineering as a discipline, Shoemaker has written four books, has been published in 200+ publications, and has spoken on security topics around the world.

an Shoemaker, Ph. D. (University of Detroit Mercy) is the Director of the Centre for the Software Assurance Institute, a National Security Agency (NSA) Center of Academic Excellence, at the University of Detroit Mercy. He is also a Professor at UDM where he has been the Chair of Computer and Information Systems since 1985. Dr. Shoemaker is Co-Chair of the Workforce Training and Education working group within the Department of Homeland Security’s National Cybersecurity Division (NCSD). Dr. Shoemaker was one of the earliest academic participants in the development of Software Engineering as a discipline, starting at SEI in the fall of 1987.

In this Book

  • Acknowledgments
  • Introduction
  • Exam Objective Map
  • Core Concepts
  • Security Design Principles
  • Define Software Security Requirements
  • Identify and Analyze Compliance Requirements
  • Misuse and Abuse Cases
  • Secure Software Architecture
  • Secure Software Design
  • Secure Coding Practices
  • Analyze Code for Security Risks
  • Implement Security Controls
  • Security Test Cases
  • Security Testing Strategy and Plan
  • Software Testing and Acceptance
  • Secure Configuration and Version Control
  • Software Risk Management
  • Secure Software Deployment
  • Secure Software Operations and Maintenance
  • Software Supply Chain Risk Management
  • Supplier Security Requirements
  • About the Online Content
  • Glossary



Rating 4.6 of 559 users Rating 4.6 of 559 users (559)
Rating 4.4 of 281 users Rating 4.4 of 281 users (281)
Rating 4.5 of 85 users Rating 4.5 of 85 users (85)