Security Testing Practice Exam
Security Testing Practice Exam
With the increasing number of cybercrime cases, security testing has become a very necessary part to sustain integrity, authentication, and availability too. The security testing professionals work to prevent any malicious attack and any other hacker risks so that the system continues to function properly without any risk. Moreover, security testing also includes dealing with security analysis and defences at every aspect of any system/software development.
Roles and Responsibilities
Some of the major roles and responsibilities of a Security testing professional include the following:
- Implementing, testing, and operating advanced software security techniques
- Working on troubleshooting and debug issues
- Providing services like engineering designs for new software solutions to handle security vulnerabilities.
Who should take this exam?
Candidates with a Bachelor’s degree in science and engineering can take this exam to validate their skills and build their career in the security and safety department. The major target audience is:
- Software developer
- Web developer
- Computer science graduates, and many more
Skills Required
- C/C++
- Java
- .Net
- Web applications
- Programming languages like Python and R-software
Career Prospects
- Security analyst
- Security engineer
- Software manager
- Testing engineer
Table of Content
The Security Testing Exam covers the following topics -
Introduction
• Learning Digital assets
• Need for computer security
• Learning Risk and vulnerabilities
Attacks, Security and Measures
• Evolution and attack types
• Learning Attack tools
• Learning Security levels
• Security Standards
Secured Software Cycle
• Security Lifecycle
• Learning Security Requirements
• Security use cases and modeling
• Learning Security Design and authentication
• Secured coding techniques and review
• Learning Security testing and remediation
C/C+ programming
• Learning UNIX/Linux and C/C++ evolution
• Attack types and countermeasures in C/C++
• Learning UNIX security and privileges
• Learning UNIX network programming
Windows programming
• Windows Security
• Learning .Net components and runtime security
• Learning .Net security design
• Identity, principal and permission
• Security techniques (type safety, role based and code access)
• Learning ASP.NET and remoting security
Java programming
• Java architecture and platform security
• Learning Cryptography API and secure sockets
• Learning JSSE and Java sandbox
• Applets and swing security
SOA-based security
• Learning TCP/IP protocols and socket security
• SOA basics and challenges
• Learning RPC and RMI security
• Learning DCOM and ActiveX security
Web Applications Security
• Web security concepts
• Identity management techniques
• Learning PKI and future
• Attack techniques (code injection and parameter passing)
• Emerging attack types and AVDL
Securing Mobile
• Mobile computing architecture and networks
• Learning NGN concepts and security
• Learning J2ME, Java card and USIM security
• Securing WAP, mobile agents and mobile networks
• Windows mobile security
Advance Java Security
• Servlet Security
• Learning Securing JSP, Java struts, JSF and EJB
Advance Web Services
• Learning Web service security model and standards
• Learning XML attacks and SSL usage
• Learning OFX and IFX
