» » The CSSLP Prep Guide: Mastering the Certified Secure Software Lifecycle Professional

The CSSLP Prep Guide: Mastering the Certified Secure Software Lifecycle Professional download epub

by Ronald L. Krutz


Epub Book: 1234 kb. | Fb2 Book: 1737 kb.

Ronald l. Krutz, PhD, PE, CISSP, ISSEP, is a senior information system security consultant.

If you're an IT professional. Ronald l.

See a Problem? We’d love your help.

The first test prep guide for the new ISC2 Certified Secure Software. See a Problem? We’d love your help. Details (if other): Cancel. Thanks for telling us about the problem.

If you're an IT professional, security professional, software developer, project manager, software assurance tester, executive manager or employee of a government agency in a related field, your career may benefit from this certification.

by Alexander J. Fry, Ronald L. Krutz. Publisher: John Wiley & Sons. Release Date: August 2009.

Publisher: John Wiley & Sons.

Think of the domains as topics you need to master based on your professional experience and education. Domain 1. Secure Software Concepts. Domain 2. Secure Software Requirements.

Ronald L. Krutz, Alexander J. Fr. The first test prep guide for the new ISC2 Certified Secure Software Lifecycle Professional exam.

Like the SSCP (Systems Security Certified Practitioner) and the CISSP (Certified Information Systems Security Professional), it consists of seven domains aimed specifically at software, analysis and design.

It also came with a PDF copy of the book, which I found very useful

It has questions at the end of each chapter and comes with sample exams (which were nowhere near as hard as the real thing). It also came with a PDF copy of the book, which I found very useful.

This new study guide is aligned to cover all of the material included in the exam complete with recent updates.

A. J. Fry. CEH Certified Ethical Hacker Boxed Set (All-in-One). This new study guide is aligned to cover all of the material included in the exam complete with recent updates. The 10 domains are covered completely and as concisely as possible with an eye to acing the exam. Includes three practice exams. The GSEC Prep Guide: Mastering SANS GIAC Security Essentials. From the Publisher:Congratulations!

The first test prep guide for the new ISC2 Certified Secure Software Lifecycle Professional exam

The CSSLP (Certified Secure Software Lifecycle Professional) is a new certification that incorporates government standards and best practices for secure software development. It emphasizes the application of secure software methodologies during the software development cycle. If you're an IT professional, security professional, software developer, project manager, software assurance tester, executive manager or employee of a government agency in a related field, your career may benefit from this certification.

Written by experts in computer systems and security, The CSSLP Prep Guide thoroughly covers all aspects of the CSSLP certification exam, with hundreds of sample test questions and answers available on the accompanying CD.

The Certified Secure Software Lifecycle Professional (CSSLP) is an international certification incorporating new government, commercial, and university derived secure software development methods; it is a natural complement to the CISSP credential The study guide covers the seven domains of the CSSLP Common Body of Knowledge (CBK), namely Secure Software Concepts, Secure Software Requirements, Secure Software Design, and Secure Software Implementation/Coding and Testing,Secure Software Testing, Software Acceptance, and Software Deployment, Operations, Maintenance and Disposal Provides in-depth exploration and explanation of the seven CSSLP domains Includes a CD with hundreds of practice exam questions and answers

The CSSLP Prep Guide prepares you for the certification exam and career advancement.


Comments: (7)

Yalone
This book is great for its intended audience of software developers preparing for security certification. More than that, though, it provides a wealth of knowledge that can be applied directly to the software development process to ensure a debeloper's end product is not vulnerable to compromise, thus providing assurance to the client for whom the software is produced as well as the public who uses the resulting web sites. As an information security specialist I included concepts from this book to educate in-house developers who had not previously considered the need for certification and i was amazed to learn how little emphasis on security there had been in their software development training. Although I only scratched the surface during that training, I strongly recommended that each of them consider CSSLP certification or at least read the entire book to help them develop more secure applications.
Inth
Preparing for the CSSLP exam I bought all 3 books currently available. Even though the content in this one is incomplete for the totality of the current version of the test, the topics included are thoroughly covered, well written and easy to comprehend. As a technical reference, of the three, this is by far the best. I do hope the author and publisher consider is worthy of a revision. It would easily then rate 5 stars.
Sardleem
THe CSSLP Prep Guide is an excellent source for understanding the fundamentals and basics of Secure Software Development, however after sitting for the CSSLP exam the book misses the mark and is not very well suited for preparing to take the exam.

The exam is filled with subjectivity as you really have to understand the mindset of the person writing the question as the answers are what is BEST or PRIMARY or MOST IMPORTANT OR MUST BE DONE and the book can't really prepare you for that.

It will still be used as an excellent piece of reference material for buidling the overall security program within my organization but if I didn't pass the exam I will wait for the ISC(2) book or take a boot camp class to prepare for the re-take.
Auau
Granted this book came out well in advance of the (ISC)2 CSSLP CBK, but even so the book doesn't align well at all with the coursework offered by the (ISC)2 to prepare for the exam let alone clearly aligns with the domains in the Certification to begin with. If I could, after I had taken the class I would have returned this book for a refund (of course the timing didn't work out in my favor). In spite of all that I'd use this as, at most, a secondary resource. Then again, I'm somewhat jaded having acquired by CISSP via Shon Harris's excellent preparation book and video class-ware, and as such measure any other preparation material against that benchmark.
The Apotheoses of Lacspor
I found this used book for my study on software security and certification.
The book came in great condition and cheap, covers a wide range of information even it's not deep.
I would say the seller is great, fast shipment.
Thanks.
Der Bat
This book was created based on the CSSLP Candidate Information Bulletin. It covers almost all the topics, from Security Software Concepts to Software Disposal. It has a lot of material, although not all of them are well-organized.

One would think that after reading the PREP books a few times, you would be confident to answer at least 70% of the questions. Not in this case. After siting the exam, it turns out that you cannot directly find the answer from the book for most, if not all, of the questions. Like the review from another reviewer, this book CANNOT prepare you for the "MOST COMMON" or "FIRST THING TO DO", "LAST THING", "MOST EFFICIENT" kind of questions.

This book can be used as one of the reference material. But if you do not have intensive security software development experience, please do not use this book as the sole study material. You will be overwhelmed in the exam.

Finally, the shortcoming of the book might not be the book itself, it might be the structure of the exam instead. I hope the coming Official ISC book will give more guidance and examples for further candidates and prep book authors.
Balladolbine
The CSSLP Prep Guide provides an excellent source of IT Security information for all IT Security professionals including developers, architects, managers, etc. The text covers all phases of software development from concept to maintenance with an exceptional number of references to supporting material and a 40+ page glossary of terms and acronyms. The accompanying CD offers the reader the ability to practice the test questions on a chapter by chapter basis. In this reviewers opinion a manager that reads and understands this book will have a fuller picture of the requirements for a secure development process. As we all know, comprehensive and fully detailed requirements plus ample time for design are critical to the overall development cycle, while the next most vital step is extensive testing. In building secure software and/or systems these concepts are even more critical, but as we know are typically ignored. The book does an excellent job covering these important areas by spending more than a third of the text on secure software concepts, requirements and design as would be done if the lifecycle were executed correctly. Cross references and notes are used in various chapters to point the reader to specific information and/or tools on the Internet to clarify a term/concept which helps tremendously with highly technical text. Within the chapter that describes secure coding, not only are the various attack scenarios addressed but defensive coding practices are provided to ensure that a full picture for secure coding is presented. I would highly recommend that anyone who truly wants to be an IT Security professional not only read this book but maintain a reference copy in their library.
The CSSLP Prep Guide: Mastering the Certified Secure Software Lifecycle Professional download epub
Programming
Author: Ronald L. Krutz
ISBN: 047046190X
Category: Computers & Technology
Subcategory: Programming
Language: English
Publisher: Wiley; 1 edition (August 24, 2009)
Pages: 672 pages