1. Home
  2. ISTQB Certified Tester - Security Tester

ISTQB Certified Tester - Security Tester

istqb-certification

  • Plan, perform, and evaluate security tests from a variety of perspectives 
  • Evaluate an existing security test suite and identify any additional security tests needed.
  • Analyze a given set of security policies and procedures, along with security test results, to determine effectiveness.
  • For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
  • Analyze a given situation and determine which security testing approaches are most likely to succeed in that situation.
  • Identify areas where additional or enhanced security testing may be needed.
  • Evaluate effectiveness of security mechanisms.
  • Help the organization build information security awareness.
  • Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
  • Analyze a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
  • Analyze and document security test needs to be addressed by one or more tools.
  • Understand the role of security standards (including security test standards), where to find them, and how to stay current with security developments worldwide.
 
With the prevalence of cyber security breaches, it is clear that more attention is needed in testing that security defenses are in place and working effectively. This course and certification covers much more than just penetration testing. Certainly, penetration testing is an important part of security testing, but there are many other threats and vulnerabilities that require other security testing approaches. 
 
Who Should Attend?
  • Security testers
  • Software testers who wish to develop a specialty in security testing
  • Security administrators who wish to learn how to test new and existing defenses
  • Developers who want to learn secure coding techniques
  • Project managers who want to learn how security testing fits in the project lifecycle

ISTQB® Certification & Exam
The cost of the class includes an exam voucher for the ISTQB CT-ST exam.* Exam vouchers are distributed at the end of the class. Passing the exam will grant you an ISTQB CT-ST certification.

Prerequisites
You must have obtained an ISTQB Foundation Level Certification (CTFL) to be eligible for the ISTQB® Security Tester (CT-ST) certification.

*This purchase does NOT fall under our Coveros guarantee of retaking the class if you do not pass the exam within 30 days of taking the class. This purchase includes just one (1) exam voucher. All additional vouchers will need to be purchased with an exam provider.

 

Course Outline
The Basis of Security Testing
Security Risks
Information Security Policies and Procedures
Security Auditing and Its Role in Security Testing
 
Security Testing Purposes, Goals and Strategies 
Introduction
The Purpose of Security Testing
The Organizational Context
Security Testing Objectives
The Scope and Coverage of Security Testing Objectives
Security Testing Approaches
Improving the Security Testing Practices
 
Security Testing Processes
Security Test Process Definition
Security Test Planning
Security Test Design
Security Test Execution
Security Test Evaluation
Security Test Maintenance
 
Security Testing Throughout the Software Lifecycle
Role of Security Testing in a Software Lifecycle
The Role of Security Testing in Requirements
The Role of Security Testing in Design
The Role of Security Testing in Implementation Activities
The Role of Security Testing in System and Acceptance Test Activities
The Role of Security Testing in Maintenance
 
Testing Security Mechanisms 
System Hardening
Authentication and Authorization
Encryption
Firewalls and Network Zones
Intrusion Detection
Malware Scanning
Data Obfuscation
Training
 
Human Factors in Security Testing
Understanding the Attackers
Social Engineering
Security Awareness
 
Security Test Evaluation and Reporting
Security Test Evaluation
Security Test Reporting
 
Security Testing Tools
Types and Purposes of Security Testing Tools
Tool Selection
 
Standards and Industry Trends
Understanding Security Testing Standards
Applying Security Standards
Industry Trends
 
Class Daily Schedule
3-Day Daily Schedule: 9:00am-5:00pm ET/6:00am-2:00pm PT
Times represent the typical daily schedule. Please confirm class schedule at registration.
 
Training Course Fee Includes
  • Easy course access: Attend training right from your computer. Easy and quick access fits today’s working style and eliminates expensive travel and long days in the classroom.
  • Live, expert instruction: Instructors are sought-after practitioners, highly-experienced in the industry who deliver a professional learning experience in real-time.
  • Valuable course materials: Courses cover the same professional content as our classroom training, and students have direct access to valuable materials.
  • Rich virtual learning environment: A variety of tools are built in to the learning platform to engage learners through dynamic delivery and to facilitate a multi-directional flow of information.
  • Hands-on exercises: An essential component to any learning experience is applying what you have learned. Using the latest technology, your instructor can provide hands-on exercises, group activities, and breakout sessions.
  • Real-time communication: Communicate real-time directly with the instructor. Ask questions, provide comments, and participate in the class discussions.
  • Peer interaction: Networking with peers has always been a valuable part of any classroom training. Live Virtual training gives you the opportunity to interact with and learn from the other attendees during breakout sessions, course lecture, and Q&A.
  • Small class size: Live Virtual courses are limited in small class size to ensure an opportunity for personal interaction.