Official (ISC)2 Guide to the CSSLP

By (author) Paul, Mano

As the global leader in information security education and certification, (ISC)2(R) has a proven track record of educating and certifying information security professionals. Its newest certification, the Certified Secure Software Lifecycle Professional (CSSLP(R)) is a testament to the organization's ongoing commitment to information and software security. The Official (ISC)2(R) Guide to the CSSLP(R) provides an all-inclusive analysis of the CSSLP Common Body of Knowledge (CBK(R)). As the first comprehensive guide to the CSSLP CBK, it facilitates the required understanding of the seven CSSLP domains-Secure Software Concepts, Secure Software Requirements, Secure Software Design, Secure Software Implementation/Coding, Secure Software Testing, Software Acceptance, and Software Deployment, Operations, Maintenance and Disposal-to assist candidates for certification and beyond. Serves as the only official guide to the CSSLP professional certification Details the software security activities that need to be incorporated throughout the software development lifecycle Provides comprehensive coverage that includes the people, processes, and technology components of software, networks, and host defenses Supplies a pragmatic approach to implementing software assurances in the real-world The text allows readers to learn about software security from a renowned security practitioner who is the appointed software assurance advisor for (ISC)2. Complete with numerous illustrations, it makes complex security concepts easy to understand and implement. In addition to being a valuable resource for those studying for the CSSLP examination, this book is also an indispensable software security reference for those already part of the certified elite. A robust and comprehensive appendix makes this book a time-saving resource for anyone involved in secure software development.

「Nielsen BookData」より


  • Secure Software Concepts Introduction Objectives Holistic Security Implementation Challenges Quality and Security Design Security Concepts Security Concepts in the SDLC Security Policies: The What and Why of Security Security Methodologies Security Frameworks Regulations, Privacy, and Compliance Acquisitions Summary Review Questions References Secure Software Requirements Introduction Objectives Sources for Security Requirements Summary Review Questions References Secure Software Design Introduction Objectives The Need for Secure Design Secure Design and Architecture Review Summary Review Questions References Secure Software Implementation / Coding Introduction Objectives Who is to be blamed for Insecure Software? Fundamental Concepts of Programming Software Development Methodologies Common Software Vulnerabilities and Countermeasures Defensive Coding Practices Secure Software Processes Summary Review Questions Commonly Used Opcodes in Assembly HTTP/1.1 Status Codes and Reason Phrases (IETF RFC 2616) References Secure Software Testing Introduction Objectives Quality Assurance Software Security Testing Defect Reporting and Tracking Tools for Security Testing Summary Review Questions Chapter Appendix: Security Testing Tools Reconnaissance Tools Vulnerability Scanners Fingerprinting Tools Sniffers/Protocol Analyzers Password Crackers Web Security Tools: Scanners, Proxies, and Vulnerability Management Wireless Security Tools Reverse Engineering Tools Source Code Analyzers Vulnerability Exploitation Tools Security-Oriented Operating Systems Privacy Testing Tools References Software Acceptance Introduction Objectives Guidelines for Software Acceptance Legal Protection Mechanism Verification and Validation Summary Review Questions Software Deployment, Operations, Maintenance, and Disposal Introduction Objectives Installation and Deployment Operations and Maintenance Disposal Summary Review Questions Appendix Index

「Nielsen BookData」より


書名 Official (ISC)2 Guide to the CSSLP
著作者等 Paul, Mano
シリーズ名 ISC2 Press
出版元 Taylor & Francis Inc
刊行年月 2011.06.17
ページ数 572p
ISBN 9781466502932
言語 英語
出版国 アメリカ合衆国