Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Coding Practices
CSSLP 2019
| Intermediate
- 19 videos | 1h 11m 40s
- Includes Assessment
- Earns a Badge
In this 19-video course, learners will explore the intricate world of secure coding practices. Topics covered in detail include declarative versus imperative (programmatic) security-whether the security is part of the application or part of the container. Next, survey defensive coding practices and control such as secure configuration, error handling, and session management. Learners will also explore cryptography, input and output sanitization, error handling, input validation, logging and auditing, and session and exception management. You will learn important information about safe application programming interfaces (APIs), including those that offer different types of functionality, such as Microsoft's Crypto API and Python's pycrypto, which both provide cryptographic functions; popular social media platforms provide their own APIs that programmers can tap into while incorporating aspects of those services. Learn more about useful concepts such as concurrency, type safety, memory management, configuration parameter management, tokenizing, and sandboxing. The course may be used in preparation for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this courserecognize characteristics of declarative securityrecognize characteristics of programmatic securityrecognize how to use defensive coding practice to address concurrency issues leading to race conditionrecognize examples of using configuration as a defensive coding practicerecognize cryptography elements such as storage, agility, encryption, and algorithm selectionrecognize examples of using input and output sanitization as a defensive coding practicerecognize examples of using error handling as a defensive coding practicerecognize examples of using input validation as a defensive coding practicerecognize examples of using logging and auditing as a defensive coding practice
-
recognize examples of using session management as a defensive coding practicerecognize examples of using exception management as a defensive coding practicedistinguish between safe and unsafe API coding practicesdistinguish between static and dynamic type safety enforcementrecognize characteristics of memory management as a defensive coding practicerecognize characteristics of configuration parameter management as a defensive coding practicerecognize examples of tokenizing as a defensive coding practicerecognize characteristics of sandboxing as a defensive coding practicesummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 43sUP NEXT
-
2.Declarative Security3m 22s
-
3.Programmatic Security3m 18s
-
4.Concurrency3m 9s
-
5.Configuration4m 37s
-
6.Cryptography5m 8s
-
7.Input and Output Sanitization4m 16s
-
8.Error Handling5m 1s
-
9.Input Validation5m 52s
-
10.Logging and Auditing5m 43s
-
11.Session Management4m 2s
-
12.Exception Management5m 7s
-
13.Safe APIs3m 33s
-
14.Type Safety2m 1s
-
15.Memory Management4m 37s
-
16.Configuration Parameter Management4m 34s
-
17.Tokenizing2m 16s
-
18.Sandboxing2m
-
19.Course Summary1m 19s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.