spacer
  • SANS Site Network
    • Current Site
    • spacer Certification
    • Choose a different site Help
    • spacer Training
    • spacer Internet Storm Center
    • spacer Cyber Security Graduate School
    • spacer Security Awareness Training
    • spacer Penetration Testing
    • spacer Cyber Defense Foundations
    • spacer IT Audit
    • spacer Computer Forensics
    • spacer Software Security
  • Certifications
    • Why Certify?
    • Get Certified »
      • Roadmap
      • How To Certify
      • Register
    • Renewal
    • Categories »
      • Security Administration
      • Forensics
      • Management
      • Audit
      • Software Security
      • Legal
      • GSE
    • FAQ
    • Gold Overview
    • DoDD 8570
    • Retired Certifications
  • Exams
    • Overview
    • Preparation
    • Proctor »
      • Program Details
      • FAQ
      • Policy
      • Computer Requirements
    • Testing Centers
    • Deadlines
    • Technical Issues
    • FAQ
    • Retakes and Extensions
    • Challenge
    • Feedback Procedure
  • Certified Professionals
    • Directory
    • Success Stories
    • Heroes
    • Advisory Board
    • Job Listings
    • Logos
  • Resources
  • About
    • Mission
    • Program Overview
    • Full GIAC Brochure
    • ANSI Accreditation
    • Ethics »
      • Code of Ethics
      • Ethics Council
      • Report Violation
    • Policies »
      • Privacy Policy
      • Proctor Policy
      • ADA Policy
      • EEOC Policy
    • Procedures »
      • Grievance Procedure
      • Exam Feedback Procedure
    • FAQ
    • Contact

Certification:

GSSP-JAVA
 

GIAC Secure Software Programmer-Java

GSSP-JAVA

View Professionals »

Target

Individuals who are responsible for coding secure software applications, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills.

The GIAC Secure Software Programmers certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common programming errors that lead to most security problems.

GIAC Certified secure software programmers (GSSP) have the knowledge, skills, and abilities to write secure code and recognize security shortcomings in existing code.


Course

Preparing for the GSSP-JAVA Exam: Candidates may choose to prepare for the GSSP-JAVA exam by taking the SANS Training Course: DEV541: Secure Coding in Java/JEE: Developing Defensible Applications

*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*

Requirements

  • 1 proctored exam
  • 75 questions
  • Time limit of 3 hours
  • Minimum Passing Score of 73.3%

NOTE:

GIAC reserves the right to change the specifications for each certification without notice. The GSSP-Java changed from a 150 question format to a 75 question format exam with a passing point of 73.3% for all candidates receiving access to their certification attempts on or after 12/22/10. To verify the format of your current certification attempt, please read the Certification Information found in your portal account at https://exams.giac.org/pages/attempts.

Renew

Certifications must be renewed every 4 years. Click here for details.

Delivery

NOTE: GIAC exams are NOT given the day after the conference ends.

Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our proctored exam procedure.

Links

  • Certified Professionals (GSSP-JAVA)
  • Recertification
  • Exam Feedback Procedure
  • Grievance Procedure
  • Proctored exam procedure
  • SANS Information Security Reading Room

Bulletin (Part 2 of Candidate Handbook)

The topic areas for each exam part follow:
Exam Certification Objectives Certification Objective Outcome Statement
Application Faults & Logging The candidate will understand how to properly handle expected and unexpected application faults
Authentication The candidate will understand the importance of implementing secure authentication controls
Authorization The candidate will understand the importance of implementing secure authorization controls
Common Web Application Attacks The candidate will demonstrate an understanding of common web application attacks and vulnerabilities.
Data Validation The candidate will understand how data validation can be used to prevent common vulnerabilities
Encryption The candidate will understand how to use Java APIs to encrypt data in transit and data at rest
Java Language and Platform Security The candidate will understand the security implications of language and platform features built in to Java
Secure SDLC The candidate will demonstrate an understanding of how to perform security activities as part of the SDLC
Session Management The candidate will understand the importance of secure session management controls

Where to Get Help

Training is available from a variety of resources including on line, course attendance at a live conference, and self study.

Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.

Finally, college level courses or study through another program may meet the needs for mastery.

The procedure to contest exam results can be found at www.giac.org/about/procedures/grievance.

  • Software Security
  • GSSP-JAVA
  • GWEB
  • GSSP-.NET
spacer

Latest Papers

Logging and Monitoring to Detect Network Intrusions and Compliance Violations in the Environment
By Sunil Gupta | GCIA | 7008

Using and Configuring Security Onion to detect and prevent Web Application Attacks
By Ashley Deuble | GCIA | 7994

Attributes of Malicious Files
By Joel Yonts | GCIH | 7194

Small Business: The New Target What can they Do?
By Robert Comella | GCIA | 5138

View More Papers »

Latest Tweets @GIAC_Certs

GIAC is seeking SME's for our Windows Security Admin job tas [...]
August 31, 2012 - 6:48 PM

GIAC is seeking SMEs for 2012 Forensic Analyst (GCFA) job ta [...]
March 7, 2012 - 3:07 PM

This week's featured question is from our Forensics Analyst [...]
December 27, 2011 - 6:18 PM

Latest Professionals

Christiaan Ehlers | GWAPT | 3648

Valerie Feehan | GCFW | 3805

Tim Kitchens | GREM | 3386

View More Professionals »

 

Contact Us

Phone: 301-654-7267
Mon-Fri 9am-8pm EST/EDT
Questions: info@giac.org
More »

(ISC)2 and CISSP are registered marks of the International Information Systems Security Certification Consortium, Inc.
Related searches:
security secure training candidate software
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.