The CSSLP is a fixed length computer based examination and is offered through Pearson VUE Testing Centers throughout the world. While taking the test, every candidate responds to 175 items on the exam. The majority of questions are four-option multiple-choice items with one correct key. However, some advanced items such as drag-and-drop, hot spot, scenario-based questions, matching items etc. are included in the test. At the end of the exam administration, candidates receive their pass/fail decision. Failing candidates receive feedback on their exam performance by domains; however, candidates who pass the exam only receive their congratulatory letter describing their next step in acquiring the credential. The Certified Secure Software Lifecycle Professional (CSSLP) certification examinations tests the knowledge of candidates to validate that software professionals have the expertise to incorporate security practices - authentication, authorization and auditing - into each phase of the software development lifecycle (SDLC), from software design and implementation to testing and deployment.Candidates must score 700 out of 1000 points on the scaled score to pass the exam. Since the cut-score of each exam form could be different, the raw cut-score is converted into 700 scaled score so that score reporting is consistent. Equating is conducted among the forms to make sure that each exam form is equitable on the difficulty of each exam form administered.
The CSSLP examination requires candidates to demonstrate the following knowledge, skills and abilities: secure software concepts (13 percent); secure software requirements (14 percent); secure software design (16 percent); secure software implementation/programming (16 percent); secure software testing (14 percent); secure lifecycle management (10 percent); software deployment, operations, and maintenance (9 percent) and supply chain and software acquisition (8 percent).