Topics
Module 1 - The Basis of Security Testing
- Security Risks
- Information Security Policies and Procedures
- Security Auditing and Its Role in Security Testing
Module 2 - Security Testing Purposes, Goals and Strategies
- Introduction
- The Purpose of Security Testing
- The Organizational Context
- Security Testing Objectives
- The Scope and Coverage of Security Testing Objectives
- Security Testing Approaches
- Improving the Security Testing Practices
Module 3 - Security Testing Processes
- Security Test Process Definition
- Security Test Planning
- Security Test Design
- Security Test Execution
- Security Test Evaluation
- Security Test Maintenance
Module 4 - Security Testing Throughout the Software Lifecycle
- Role of Security Testing in a Software Lifecycle
- The Role of Security Testing in Requirements
- The Role of Security Testing in Design
- The Role of Security Testing in Implementation Activities
- The Role of Security Testing in System and Acceptance Test Activities
- The Role of Security Testing in Maintenance
Module 5 - Testing Security Mechanisms
- System Hardening
- Authentication and Authorization
- Encryption
- Firewalls and Network Zones
- Intrusion Detection
- Malware Scanning
- Data Obfuscation
- Training
Module 6 - Human Factors in Security Testing
- Understanding the Attackers
- Social Engineering
- Security Awareness
Module 7 - Security Test Evaluation and Reporting
- Security Test Evaluation
- Security Test Reporting
Module 8 - Security Testing Tools
- Types and Purposes of Security Testing Tools
- Tool Selection
Module 9 - Standards and Industry Trends