Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Coding Practices

CSSLP 2019 | Intermediate

19 videos | 1h 11m 40s
Includes Assessment
Earns a Badge

(498)

In this 19-video course, learners will explore the intricate world of secure coding practices. Topics covered in detail include declarative versus imperative (programmatic) security-whether the security is part of the application or part of the container. Next, survey defensive coding practices and control such as secure configuration, error handling, and session management. Learners will also explore cryptography, input and output sanitization, error handling, input validation, logging and auditing, and session and exception management. You will learn important information about safe application programming interfaces (APIs), including those that offer different types of functionality, such as Microsoft's Crypto API and Python's pycrypto, which both provide cryptographic functions; popular social media platforms provide their own APIs that programmers can tap into while incorporating aspects of those services. Learn more about useful concepts such as concurrency, type safety, memory management, configuration parameter management, tokenizing, and sandboxing. The course may be used in preparation for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.

WHAT YOU WILL LEARN

Discover the key concepts covered in this course

Recognize characteristics of declarative security

Recognize characteristics of programmatic security

Recognize how to use defensive coding practice to address concurrency issues leading to race condition

Recognize examples of using configuration as a defensive coding practice

Recognize cryptography elements such as storage, agility, encryption, and algorithm selection

Recognize examples of using input and output sanitization as a defensive coding practice

Recognize examples of using error handling as a defensive coding practice

Recognize examples of using input validation as a defensive coding practice

Recognize examples of using logging and auditing as a defensive coding practice
Recognize examples of using session management as a defensive coding practice

Recognize examples of using exception management as a defensive coding practice

Distinguish between safe and unsafe api coding practices

Distinguish between static and dynamic type safety enforcement

Recognize characteristics of memory management as a defensive coding practice

Recognize characteristics of configuration parameter management as a defensive coding practice

Recognize examples of tokenizing as a defensive coding practice

Recognize characteristics of sandboxing as a defensive coding practice

Summarize the key concepts covered in this course

IN THIS COURSE

1m 43s

FREE ACCESS
3m 22s

Upon completion of this video, you will be able to recognize characteristics of declarative security. FREE ACCESS
3. Programmatic Security

3m 18s

Upon completion of this video, you will be able to recognize characteristics of programmatic security. FREE ACCESS
4. Concurrency

3m 9s

After completing this video, you will be able to recognize how to use defensive coding practices to address concurrency issues leading to race conditions. FREE ACCESS
5. Configuration

4m 37s

Upon completion of this video, you will be able to recognize examples of using configuration as a defensive coding practice. FREE ACCESS
6. Cryptography

5m 8s

After completing this video, you will be able to recognize cryptography elements such as storage, agility, encryption, and algorithm selection. FREE ACCESS
7. Input and Output Sanitization

4m 16s

After completing this video, you will be able to recognize examples of using input and output sanitization as a defensive coding practice. FREE ACCESS
8. Error Handling

5m 1s

After completing this video, you will be able to recognize examples of using error handling as a defensive coding practice. FREE ACCESS
9. Input Validation

5m 52s

Upon completion of this video, you will be able to recognize examples of input validation as a defensive coding practice. FREE ACCESS
10. Logging and Auditing

5m 43s

Upon completion of this video, you will be able to recognize examples of using logging and auditing as defensive coding practices. FREE ACCESS
11. Session Management

4m 2s

Upon completion of this video, you will be able to recognize examples of using session management as a defensive coding practice. FREE ACCESS
12. Exception Management

5m 7s

After completing this video, you will be able to recognize examples of using exception management as a defensive coding practice. FREE ACCESS
13. Safe APIs

3m 33s

In this video, you will learn how to distinguish between safe and unsafe API coding practices. FREE ACCESS
14. Type Safety

2m 1s

Find out how to distinguish between static and dynamic type safety enforcement. FREE ACCESS
15. Memory Management

4m 37s

Upon completion of this video, you will be able to recognize characteristics of memory management as a defensive coding practice. FREE ACCESS
16. Configuration Parameter Management

4m 34s

After completing this video, you will be able to recognize characteristics of configuration parameter management as a defensive coding practice. FREE ACCESS
17. Tokenizing

2m 16s

After completing this video, you will be able to recognize examples of tokenizing as a defensive coding practice. FREE ACCESS
18. Sandboxing

2m

After completing this video, you will be able to recognize characteristics of sandboxing as a defensive coding practice. FREE ACCESS
19. Course Summary

1m 19s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course Information Security for Leaders: Elements of InfoSec

(5)

Course CISSP 2021: Software Development Security

(125)

Course AWS DevOps Engineer Professional 2021: Serverless Architecture

(16)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Software Testing

(147)

Course Data Security and Access Control

(340)

Course A10 and A9: API and Component Attacks

(336)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Coding Practices

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE