Course Content and Agenda

The course consists of six modules, spread over four days.

  • Security Risks
  • Information Security Policies and Procedures
  • Security Auditing and its Role in Security Testing
  • Introduction
  • The Purpose of Security Testing
  • The Organisational Context
  • Security Testing Objectives
  • The Scope and Coverage of Security Testing Objectives
  • Security Testing Approaches
  • Improving the Security Testing Practices
  • Test Process Definition
  • Test Planning
  • Test Design
  • Test Execution
  • Test Evaluation
  • Test Maintenance
  • The role of Security Testing in a Software Lifecycle
  • The role of Security Testing in Requirements
  • The role of Security Testing in Design
  • The role of Security Testing in Implementation Activities
  • The role of Security Testing in System and Acceptance Test Activities
  • The role of Security Testing in Maintenance
  • System Hardening
  • Authentication and Authorisation
  • Encryption
  • Firewalls and Network Zones
  • Intrusion Detection
  • Malware Scanning
  • Data Obfuscation
  • Training
  • Understanding Attackers
  • Social Engineering
  • Security Awareness