ISTQB Advanced Security Tester

In-house
English

Equips testers with knowledge of how to find security flaws and to determine if defenses are working correctly.

After this training, you can (a.o.):

Plan, perform and evaluate security tests from a variety of perspectives
Analyze a given situation and determine which security testing approaches are most likely to succeed in that situation
Evaluate effectiveness of security mechanisms, such as firewalls and encryption
Understand the attacker mentality so that effective defenses can be established and tested
Know how to deal with the human risks in Information Security
Analyze and document security test needs to be addressed by one or more tools

Description

With the prevalence of cyber security breaches, it is clear that more testing is needed to be sure that security defenses are in place and working effectively.

This four-day accredited course prepares you for the exam “ISTQB Advanced Security Tester” and meets the requirements as set by ISTQB. You will gain detailed knowledge of security risks, vulnerabilities and defenses in order to create and perform tests that validate the effectiveness of existing and new security defenses in a given context.

Who should attend this training?

The training is aimed at people who already have achieved an advanced point in their careers in software testing and wish to develop their expertise in security testing.

This training is meant for:

Security testers
Software testers who wish to develop a specialty in security testing
Security administrators who wish to learn how to test new and existing defenses
Developers who want to learn secure coding techniques
Managers who want to learn how security testing fits in the project lifecycle

Prior knowledge or training required

You possess the ISTQB Foundation Certificate in Software Testing and have 3+ years of software testing and related experience.

Structure of this training

The training lasts four days in which you will learn all about security testing. In the Virtual Classroom these wil be four days of 5 hour online meetings.

The exam consists of 45 multiple-choice questions and will take place on an extra day after the course. With a score of 65% or higher you get the ISTQB Advanced Security Tester Certificate.

Course outline

The Basis of Security Testing

Security Risks
Information Security Policies
Security Auditing

Security Testing Purposes, Goals and Strategies

Security Testing
- Purpose
- Objectives
- Scope and Coverage
- Approaches
Improving the Security Testing Practices

Security Testing Processes

Security Test Process Definition
Security Test Maintenance

Security Testing Throughout the Software Lifecycle

Role of Security Testing in a Software Lifecycle

Testing Security Mechanisms

Human Factors in Security Testing

Understanding the Attackers
Social Engineering

Security Test Evaluation and Reporting

Security Testing Tools

Types and Purposes
Tool Selection

Standards and Industry Trends

Understanding and Applying Security Testing Standards
Industry Trends

Training information Virtual Classroom

- Location and dates: check the training calendar
- Schedule: 14.00 – 19.00
- Fee: € 1.895, excluding VAT, excluding examination fee €275
- Training material included in the training fee
- Three months free e-coaching
- Information: phone +31 (0)40 – 202 1803 or e-mail opleidingen@improveqs.nl

Your trainer from the USA

Randall (Randy) W. Rice is a thought-leading author, speaker and consultant in the field of software testing and software quality.

Randy has over 40 years experience building and testing mission-critical projects in a variety of environments. He has worked in the roles of software developer, system designer, project manager, QA manager, test manager, management consultant and trainer.

Randy was the chair of the ISTQB’s Working Party for the current Advanced Security Tester Syllabus and he is an officer of the American Software Testing Qualifications Board (ASTQB).