Certified Secure Software Lifecycle Professional (CSSLP) 2019: Supply Chain & Software Acquisition
CSSLP 2019
| Intermediate
- 20 videos | 53m 54s
- Includes Assessment
- Earns a Badge
This 20-video course examines a variety of best practices for supply chain and software acquisitions. Begin by watching demonstrations of how to analyze security for a third-party software and how to verify secure transfers. Then learn the steps involved in securely interconnecting and sharing systems; how to implement code repository security; how to build environment security; and how to work with digitally-signed components. Next, explore such important topics as compliance auditing, vulnerability response and reporting, supplier sourcing challenges, contractual integrity controls, and vendor technical integrity controls. Learn the basics of how to verify pedigree and provenance. The course also covers topics such as managed services controls, service level agreements (SLAs), support structure, and software development lifecycle approaches, as well as how to secure information systems, security track records, and product deployment. Finally, you will review the configuration identification scheme, a crucial tool in configuration management. The course prepares learners for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this courseanalyze security for third party softwarerecognize how to verify secure transfersdescribe how to securely interconnect and share systemsdescribe code repository securityrecognize how to secure the build environmentrecognize cryptographically hashed or digitally signed componentsrecognize how to audit security policy compliancerecognize how to perform vulnerability/incident response and reportingdistinguish between different security trade-offs in supplier sourcing
-
identify best practices for contractual integrity controlsidentify best practices for vendor technical integrity controlsidentify best secure control practices for managed services from a supplierdistinguish between the two rules SLAs should providerecognize maintenance and support structures such as community vs. commercialrecognize how to assess software engineering and SDLC approachesrecognize how to assess information systems security policy complianceassess a security track recordrecognize product deployment and sustainment controls such as upgrades, secure configuration, custom code extensions, operational readiness, and GPL requirementssummarize the key concepts covered in this course
IN THIS COURSE
-
1m 57s
-
4m 20s
-
1m 19s
-
2m 13s
-
4m 5s
-
2m 45s
-
2m 1s
-
2m 42s
-
2m 7s
-
4m 23s
-
2m 16s
-
3m 56s
-
2m 7s
-
2m 56s
-
2m 18s
-
4m 53s
-
2m 16s
-
1m 56s
-
1m 59s
-
1m 23s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.