ISTQB® Certified Tester - Advanced Level, Security Testing

This Advanced Level Certified Security Tester syllabus is intended to build upon the knowledge of a Foundation Level tester who has some experience in security testing and who wishes to build on that knowledge.

To receive Advanced Level certification in the module “Security Tester”, candidates must hold a valid ISTQB® Certified Tester – Foundation Level certificate and have sufficient practical experience to be certified at Advanced Level, typically 3 years of relevant academic, practical, or consulting experience (Local ISTQB® Member Boards may have different recommendations on experience, please contact us).
 
This certification prepares people to work at an advanced level in cybersecurity as security testers. Advanced Level testers who have passed the “Advanced Security Tester” module exam should be able to accomplish the following Business Objectives:
  • Plan, perform and evaluate security tests from a variety of perspectives – policy-based, risk-based, standards-based, requirements-based and vulnerability-based.
  • Align security test activities with project lifecycle activities.
  • Analyze the effective use of risk assessment techniques in a given situation to identify current and future security threats and assess their severity levels.
  • Evaluate the existing security test suite and identify any additional security tests.
  • Analyze a given set of security policies and procedures, along with security test results, to determine effectiveness.
  • For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
  • Analyze a given situation and determine which security testing approaches are most likely to succeed in that situation.
  • Identify areas where additional or enhanced security testing may be needed.
  • Evaluate effectiveness of security mechanisms.
  • Help the organization build information security awareness.
  • Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
  • Analyze a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
  • Analyze and document security test needs to be addressed by one or more tools.
  • Analyze and select candidate security test tools for a given tool search based on specified needs.
  • Understand the benefits of using security testing standards and where to find them

 

Links:          Detailed Course Information   |     Syllabus     |    Board Website    |    Practice Exam

Exam:          Enroll for Test Center Exam

Available Training

Full Training Schedule

Online Exams

Testimonials

  • Pearson

    Managing Director EMEA
    Matthew Poyiadgi

    "We consider ourselves a proud partner of iSQI and support its commitment to achieving the highest assessment standards for its candidates. We wish them every success for the next decade and beyond!" more >

  • UXQB e.V.

    Founding Member
    Thomas Geis

    Being part of the large portfolio of professional certifications offered by iSQI enhanced the visibility of the Certified Professional for Usability and User Experience (CPUX) dramatically.more >

  • Testing Innovation

    Managing Director
    Mike Smith

    It has been my pleasure to work with iSQI for many years on a variety of projects. I have found the entrepreneurial spirit, flexibility and professionalism from iSQI top class. more >