SKILL BENCHMARK

CSSLP: Secure Software Implementation Competency (Intermediate Level)

23m
23 questions

Explore all Skills Benchmarks

The Secure Software Implementation Competency benchmark measures your knowledge of the differences between declarative and programmatic security, in addition to defensive coding practices and applying secure coding controls such as configuration, error handling, and session management. You will be evaluated on your skills in using essential secure coding techniques such as versioning, peer-based code reviews, code analysis, and anti-tampering techniques, as well as analyzing code for security vulnerabilities, identifying malicious code, and securely reusing third-party code and integrating components. A learner who scores high on this benchmark demonstrates that they have the skills necessary to recognize and apply secure coding practices and assess security vulnerabilities.

Topics covered

analyze reused code for security vulnerabilities
describe social engineering attacks such as phishing
differentiate between common weakness enumerations and common vulnerabilities and exposure
differentiate between static and dynamic analysis
distinguish between safe and unsafe API coding practices
distinguish between static and dynamic code analysis
identify build environment best practices such as anti-tampering techniques and compiler switches
locate and list the OWASP "Top 10"
recognize characteristics of configuration parameter management as a defensive coding practice
recognize characteristics of declarative security
recognize characteristics of memory management as a defensive coding practice
recognize characteristics of programmatic security
recognize characteristics of sandboxing as a defensive coding practice
recognize cryptography elements such as storage, agility, encryption, and algorithm selection
recognize examples of tokenizing as a defensive coding practice
recognize examples of using configuration as a defensive coding practice
recognize examples of using input and output sanitization as a defensive coding practice
recognize examples of using input validation as a defensive coding practice
recognize examples of using logging and auditing as a defensive coding practice
recognize examples of using session management as a defensive coding practice
recognize how to securely integrate components such as systems of systems integration
search for and identify malicious code
securely reuse third party code or libraries

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

CSSLP: Secure Software Implementation Competency (Intermediate Level)

Topics covered