ISTQB Advanced Security Tester eLearning

Become an certified security testing professional

Are you an experienced tester wishing to further develop your expertise in security testing? You’ve found it! The ISTQB Advanced Level Security Tester is an internationally recognised qualification that will help you better understand security testing, as well as execute it.

This course will help you plan, perform and evaluate security tests from a variety of perspectives, including policy, risk, standards, requirements and vulnerability. By the conclusion of the course, you will be able to align security test activities with project lifecycle activities, analyse effectiveness of risk assessment techniques, and determine the best security test tool based on specified needs.

TARGET AUDIENCE: The ISTQB Advanced Level Certified Security Tester course is designed for testers possessing ISTQB Foundation Level certification or higher. Some experience in technical testing and a level of exposure to security testing is also recommended.

This course will benefit experienced Testers wanting to differentiate themselves by building skills in security testing. It is also for Security Testers wanting to advance their skills and align them with industry best practice, and who want to be certified for recognition among employers, clients and peers.

Course Content

• The Basis of Security Testing
• Security Testing Purposes, Goals and Strategies
• Security Testing Processes
• Security Testing Throughout the Software Lifecycle
• Testing Security Mechanisms
• Human Factors in Security Testing
• Security Test Evaluation and Reporting
• Security Testing Tools
• Standards and Industry Trends

Learning Outcomes

• Plan, perform and evaluate security tests from a variety of perspectives.
• Evaluate an existing security test suite and identify any additional security tests needed.
• Analyse a given set of security policies and procedures, along with security test results, to determine effectiveness.
• For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
• Analyse a given situation and determine which security testing approaches are most likely to succeed in that situation.
• Identify areas where additional or enhanced security testing may be needed.
• Evaluate effectiveness of security mechanisms.
• Help the organisation build information security awareness.
• Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
• Analyse a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
• Analyse and document security test needs to be addressed by one or more tools.

Concepts and Terminology

• Acceptance Testing
• Application Lifecycle Model
• Asset Identification
• Attack Scenarios
• Authentication
• Authorisation
• Component Integration Testing
• Component Level
• Computer System Attacks
• Concepts and Terminology
• Data Gathering Mechanisms
• Data Obfuscation Approaches
• Encryption
• Firewall
• Human Behaviour
• Intrusion Detection Tools
• Malware Scanning Tools
• Network zones
• Open Source Tools
• Risk Assessment
• Security Audit
• Security Awareness
• Security Standards
• Security Test Evaluation
• Security Test Execution
• Security Test Maintenance
• Security Test Planning Objectives
• Security Test Reporting
• Security Testing Practices
• Security Testing Tools
• Social Engineering
• Software Lifecycle
• System Hardening
• System Testing
• Test Design
• Test Environment

Practicalities

Our online package allows for self-paced learning and the flexibility to study within your own schedule for 6 months. After your order you will receive instructions how to start the course within two business days.

Planit Virtual Academy works best on the following browsers:

• MS Internet Explorer 10, 11
• MS Edge
• Mozilla Firefox version 45 Extended Support Release (ESR)
• Google Chrome 54
• Safari OS X
• Mobile Browser Android >4 and iOS >9

Examination

The 120 minute exam is conducted online and consists of 45 multiple choice questions, with a grade of 65% required to pass. Participants that take the exam not in their spoken language will receive an additional 25% time for a total of 150 minutes.

We recommend that you take the certificate exam after the course, and book and pay your own exam either in e-exam format from test center at Sovelto  or in paper-based format from http://www.fistb.fi/en/certifications/exam-calendar.

Keywords: ISTQB, Sertifoituminen, Testaus