COVID-19 Response at Fishpond.com.au

Read what we're doing...

Official (ISC)2 Guide to the CSSLP (
By

Rating

Product Description
Product Details

Table of Contents

Secure Software Concepts
Introduction
Objectives
Holistic Security
Implementation Challenges
Quality and Security
Design Security Concepts
Security Concepts in the SDLC
Security Policies: The What and Why of Security
Security Methodologies
Security Frameworks
Regulations, Privacy, and Compliance
Acquisitions
Summary
Review Questions
References

Secure Software Requirements
Introduction
Objectives
Sources for Security Requirements
Summary
Review Questions
References

Secure Software Design
Introduction
Objectives
The Need for Secure Design
Secure Design and Architecture Review
Summary
Review Questions
References

Secure Software Implementation / Coding
Introduction
Objectives
Who is to be blamed for Insecure Software?
Fundamental Concepts of Programming
Software Development Methodologies
Common Software Vulnerabilities and Countermeasures
Defensive Coding Practices
Secure Software Processes
Summary
Review Questions
Commonly Used Opcodes in Assembly
HTTP/1.1 Status Codes and Reason Phrases (IETF RFC 2616)
References

Secure Software Testing
Introduction
Objectives Quality Assurance
Software Security Testing
Defect Reporting and Tracking
Tools for Security Testing
Summary
Review Questions
Chapter Appendix: Security Testing Tools
Reconnaissance Tools
Vulnerability Scanners
Fingerprinting Tools
Sniffers/Protocol Analyzers
Password Crackers
Web Security Tools: Scanners, Proxies, and Vulnerability Management
Wireless Security Tools
Reverse Engineering Tools
Source Code Analyzers
Vulnerability Exploitation Tools
Security-Oriented Operating Systems
Privacy Testing Tools
References

Software Acceptance
Introduction
Objectives
Guidelines for Software Acceptance
Legal Protection Mechanism
Verification and Validation
Summary
Review Questions

Software Deployment, Operations, Maintenance, and Disposal
Introduction
Objectives
Installation and Deployment
Operations and Maintenance
Disposal
Summary
Review Questions
Appendix

Index

About the Author

Manoranjan (Mano) Paul is the Software Assurance Advisor for the (ISC)2, the global leader in information security education and certification, representing and advising the organization on software assurance strategy, training, education and certification. His information security and software assurance experience includes designing and developing security programs from compliance-to-coding, security in the SDLC, writing secure code, risk management, security strategy, and security awareness training and education. Mr. Paul started his career as a shark researcher in the Bimini Biological Field Station, Bahamas. His educational pursuit took him to the University of Oklahoma where he received his Business Administration degree in Management Information Systems (MIS) with various accolades and the coveted 4.0 GPA. Following his entrepreneurial acumen, he founded and serves as the CEO & President of Express Certifications, a professional certification assessment and training company that developed studISCope, (ISC)2's official self assessment offering for prospective certification candidates. Express Certifications is also the self assessment testing company behind the US Department of Defense certification education program as mandated by the 8570.1 directive. He also founded SecuRisk Solutions, a company that specializes in security product development and consulting. Before Express Certifications and SecuRisk Solutions, Mr. Paul played several roles from software developer, quality assurance engineer, logistics manager, technical architect, IT strategist, and security engineer/program manager/strategist at Dell Inc. Mr. Paul is an appointed faculty member and Vice President of the Capitol of Texas Information System Security Association (ISSA) chapter. He is a contributing author for the Information Security Management Handbook, writes periodically for the Certification magazine and has contributed to security topics for the Microsoft Solutions Developer Network (MSDN). He has been featured in various domestic and international security conferences and is an invited speaker and panelist, delivering talks and keynotes in conferences such as the CSI (Computer Security Institute), Burton Group Catalyst, SC World Congress, TRISC (Texas Regional Infrastructure Security Conference) and OWASP. Mr. Paul holds the following professional certifications - CSSLP, CISSP, AMBCI, MCSD, MCAD, CompTIA Network+ and the ECSA certification.

Ask a Question About this Product More...
Write your question below:
Look for similar items by category
How Fishpond Works
Fishpond works with suppliers all over the world to bring you a huge selection of products, really great prices, and delivery included on over 25 million products that we sell. We do our best every day to make Fishpond an awesome place for customers to shop and get what they want — all at the best prices online.
Webmasters, Bloggers & Website Owners
You can earn a 8% commission by selling Official (ISC)2 Guide to the CSSLP ((Isc)2 Press) on your website. It's easy to get started - we will give you example code. After you're set-up, your website can earn you money while you work, play or even sleep! You should start right now!
Authors / Publishers
Are you the Author or Publisher of a book? Or the manufacturer of one of the millions of products that we sell. You can improve sales and grow your revenue by submitting additional information on this title. The better the information we have about a product, the more we will sell!
Item ships from and is sold by Fishpond.com, Inc.
Back to top