ISTQB Certified Tester - Advanced Level: Security Tester
Course Description
In the online world, organisations are vulnerable. As more and more services become connected and available, the security risk increases. However, security is not just securing the technology. It encompasses the people within an organisation and the processes they follow. It covers physical security, social engineering, tools and techniques and, importantly, an understanding of the mindset of malicious users. The ISTQB Advanced Level Security Tester provides attendees with a range of security testing tools, techniques and processes, built on the experience of the our Security Testing team. You might even learn to pick a lock or two!
Duration: 4 days
Prerequisites
To be able to obtain an Advanced Level Security Tester certification, candidates must hold the ISTQB Certified Tester Foundation Level qualification (or ISEB equivalent). You need to have at least 18 months of practical experience in the software testing field. A basic understanding of security testing concepts would be an advantage.
Course Objectives
On completion of this course, attendees will be fully prepared to take the ISTQB Certified Tester Advanced Level Security Tester examination. The exam is taken at the end of the fourth day.
The Basis of Security Testing
Security Risks
Information Security Policies and Procedures
Security Auditing and its Role in Security Testing
Security Testing Purposes, Goals and Strategies
The Purpose of Security Testing
The Organizational Context
Security Testing Objectives
The Scope and Coverage of Security Testing Objectives
Security Testing Approaches
Improving the Security Testing Practices
Security Testing Processes
Security Test Process Definition
Security Test Planning
Security Test Design
Security Test Execution
Security Test Evaluation
Security Test Maintenance
Security Testing Throughout the Software Lifecycle
Role of Security Testing in a Software Lifecycle
The Role of Security Testing in Requirements
The Role of Security Testing in Design
The Role of Security Testing in Implementation Activities
The Role of Security Testing in System and Acceptance Test Activities
The Role of Security Testing in Maintenance
Testing Security Mechanisms
System Hardening
Authentication and Authorization
Encryption
Firewalls and Network Zones
Intrusion Detection
Malware Scanning
Data Obfuscation
Training
Human Factors in Security Testing
Understanding the Attackers
Social Engineering
Security Awareness
Security Test Evaluation and Reporting
Security Test Evaluation
Security Test Reporting
Security Testing Tools
Types and Purposes of Security Testing Tools
Tool Selection
Standards and Industry Trends
Understanding Security Testing Standards
Applying Security Standards
Industry Trends
Who should attend?
Requirements Engineers, Functional Testers, Test Managers, Developers, Test Automation Specialists, Performance Test Specialists, Test Environment Specialists, Security Testing Specialists and anyone else wishing to take the Advanced Level Security Tester Exam.
Related Certifications
ISQB Certified Tester Advanced Level Test Manager
ISTQB Certified Tester Advanced Level Test Analyst
ISTQB Certified Tester Advanced Level Technical Test Analyst
ISSECO Certified Professional for Secure Software Engineering