security tester

  • 当前位置:
  • Project Introduction
  • >
  • ISTQB®/CSTQB®
  • >
  • ISTQB Professional Level
  • >
  • security tester

Intended Audience

The Advanced Level Security Tester qualification is aimed at people who have already achieved an advanced point in their careers in software testing and wish to develop further their expertise in security testing. The modules offered at the Advanced Level cover a wide range of testing topics.

Business Outcomes

  • Plan, perform and evaluate security tests from a variety of perspectives – policy-based, risk-based, standards-based, requirements-based and vulnerability-based.
  • Align security test activities with project lifecycle activities.
  • Analyze the effective use of risk assessment techniques in a given situation to identify current and future security threats and assess their severity levels.
  • Evaluate the existing security test suite and identify any additional security tests.
  • Analyze a given set of security policies and procedures, along with security test results, to determine effectiveness.
  • For a given project scenario, identify security test objectives based on functionality, technology attributes and known vulnerabilities.
  • Analyze a given situation and determine which security testing approaches are most likely to succeed in that situation.
  • Identify areas where additional or enhanced security testing may be needed.
  • Evaluate effectiveness of security mechanisms.
  • Help the organization build information security awareness.
  • Demonstrate the attacker mentality by discovering key information about a target, performing actions on a test application in a protected environment that a malicious person would perform, and understand how evidence of the attack could be deleted.
  • Analyze a given interim security test status report to determine the level of accuracy, understandability, and stakeholder appropriateness.
  • Analyze and document security test needs to be addressed by one or more tools.
  • Analyze and select candidate security test tools for a given tool search based on specified needs.
  • Understand the benefits of using security testing standards and where to find them.

Exam Content

Exam Mode

  • The Advanced Security Tester exam is comprised of 45 multiple choice questions.
  • Pass mark grade of 65% to be completed.
  • 120 minutes test time. Participants that take the exam not in their spoken language, will receive additional 25% time, and will have 30 minutes more, or a total of 150 min.

Scan the QR code below on WeChat to learn about ISTQB Security Tester  module certification introduction