ISTQB® Certified Tester - Advanced Level, Security Testing
This Advanced Level Certified Security Tester syllabus is intended to build upon the knowledge of a Foundation Level tester who has some experience in security testing and who wishes to build on that knowledge.
- Plan, perform and evaluate security tests from a variety of perspectives – policy-based, risk-based, standards-based, requirements-based and vulnerability-based.
- Align security test activities with project lifecycle activities.
- Analyze the effective use of risk assessment techniques in a given situation to identify current and future security threats and assess their severity levels.
- Evaluate the existing security test suite and identify any additional security tests.
- Analyze a given set of security policies and procedures, along with security test results, to determine effectiveness.
- For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
- Analyze a given situation and determine which security testing approaches are most likely to succeed in that situation.
- Identify areas where additional or enhanced security testing may be needed.
- Evaluate effectiveness of security mechanisms.
- Help the organization build information security awareness.
- Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
- Analyze a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
- Analyze and document security test needs to be addressed by one or more tools.
- Analyze and select candidate security test tools for a given tool search based on specified needs.
- Understand the benefits of using security testing standards and where to find them
ITCB Israeli Testing Certification Board
The ITCB and iSQI have shared a strong partnership from iSQI’s very beginning in 2004. As a result of this professional partnership built on mutual trust, both ITCB and iSQI have gained vastly throughout the years of successful collaboration.more >
Héctor Santa María Bravo
iSQI has always been a key element in our training business line. Besides being leader in IT certification examinations, they have also demonstrated leadership in bringing together special interest groups and creating certification courses.more >
Being part of the large portfolio of professional certifications offered by iSQI enhanced the visibility of the Certified Professional for Usability and User Experience (CPUX) dramatically.more >