ISTQB Advanced Security Tester Certificate eLearning course
Develop a truly niche skillset in security testing and gain recognition as an advanced security testing professional.
Become an certified security testing professional
Are you an experienced tester wishing to further develop your expertise in security testing? You’ve found it! The ISTQB Advanced Level Security Tester is an internationally recognised qualification that will help you better understand security testing, as well as execute it.
This course will help you plan, perform and evaluate security tests from a variety of perspectives, including policy, risk, standards, requirements and vulnerability. By the conclusion of the course, you will be able to align security test activities with project lifecycle activities, analyse effectiveness of risk assessment techniques, and determine the best security test tool based on specified needs.
This course will benefit experienced Testers wanting to differentiate themselves by building skills in security testing. It is also for Security Testers wanting to advance their skills and align them with industry best practice, and who want to be certified for recognition among employers, clients and peers.
- Plan, perform and evaluate security tests from a variety of perspectives.
- Evaluate an existing security test suite and identify any additional security tests needed.
- Analyse a given set of security policies and procedures, along with security test results, to determine effectiveness.
- For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
- Analyse a given situation and determine which security testing approaches are most likely to succeed in that situation.
- Identify areas where additional or enhanced security testing may be needed.
- Evaluate effectiveness of security mechanisms.
- Help the organisation build information security awareness.
- Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
- Analyse a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
- Analyse and document security test needs to be addressed by one or more tools.
The ISTQB Advanced Level Certified Security Tester course is for testers possessing ISTQB Foundation Level certification or higher. Some experience in technical testing and a level of exposure to security testing is also recommended.
Contents of ISTQB Advanced Security Tester
- The Basis of Security Testing
- Security Testing Purposes, Goals and Strategies
- Security Testing Processes
- Security Testing Throughout the Software Lifecycle
- Testing Security Mechanisms
- Human Factors in Security Testing
- Security Test Evaluation and Reporting
- Security Testing Tools
- Standards and Industry Trends
Concepts and Terminology
- Acceptance Testing
- Application Lifecycle Model
- Asset Identification
- Attack Scenarios
- Component Integration Testing
- Component Level
- Computer System Attacks
- Concepts and Terminology
- Data Gathering Mechanisms
- Data Obfuscation Approaches
- Human Behaviour
- Intrusion Detection Tools
- Malware Scanning Tools
- Network zones
- Open Source Tools
- Risk Assessment
- Security Audit
- Security Awareness
- Security Standards
- Security Test Evaluation
- Security Test Execution
- Security Test Maintenance
- Security Test Planning Objectives
- Security Test Reporting
- Security Testing Practices
- Security Testing Tools
- Social Engineering
- Software Lifecycle
- System Hardening
- System Testing
- Test Design
- Test Environment
The 120 minute exam is conducted online and consists of 45 multiple choice questions, with a grade of 65% required to pass. Participants that take the exam not in their spoken language will receive an additional 25% time for a total of 150 minutes.
The cost of the exam is not included. We recommend that you take the certificate exam after the course, and book and pay your own exam (either in paper-based format or in electronic format) from http://www.fistb.fi/en/certifications/exam-calendar.
Training provided in cooperation with: Planit and Knowit