CSSLP 2024: Secure Software Implementation

Skillsoft issued completion badges are earned based on viewing the percentage required or receiving a passing score when assessment is required. Domain 5, Secure Software Implementation, is a dense, interesting domain of the CSSLP certification where you encounter fascinating code samples from different languages. This course is designed to ensure the test-taker can apply security practices to each phase of the software development life cycle. First, you’ll analyze the differences between imperative and declarative programming, explore processor security extensions, and study input validation and output sanitization best practices to prevent common attacks. Then, you’ll learn SEI CERT secure coding practices in Java, C, C++, and Android, with examples from ten coding guidelines in each language. You’ll explore secure session management techniques in PHP, Python, and Java, covering session expiration, secure cookie handling, and session ID regeneration. Additionally, you’ll study concurrency exploits such as race conditions and TOCTOU attacks. Finally, you’ll analyze concurrency best practices in Python, Java, C#, and C++, learning how to use threads, locks, and safe collections, along with database concurrency best practices and isolation levels to prevent issues like dirty reads. This course prepares learners for the Certified Secure Software Lifecycle Professional (CSSLP) exam.