CSSLP 2024: Secure Software Testing

CSSLP 2024 | Expert

14 videos | 1h 48m 7s
Includes Assessment
Earns a Badge

(1)

Domain 6 of the CSSLP, Secure Software Testing, contains some of the most stunningly creative topics in the entire curriculum. For example, fuzz testing has been used to uncover not just vulnerabilities, but even obscure undocumented functionality. In this course, you'll learn how to contrast functional and non-functional security testing, white-box and black-box testing, while exploring testing environments in known and unknown configurations. Then, you'll explore security standards and guidelines, including the OWASP Testing Guide, SEI CERT best practices, OSSTMM framework, and NISTIR 8397. Next, you'll learn about vulnerability scanning and penetration testing, including attack surface validation, fuzz testing, simulation testing, and failure testing. You'll analyze the importance of entropy in cryptographic validation, study pseudorandom number generators, and study the role of undocumented functionality in secure development. Finally, you'll distinguish between defects, errors, and vulnerabilities, learn about CVSS scores, and review verification, validation, and acceptance testing techniques to ensure software quality and usability. This course prepares learners for the Certified Secure Software Lifecycle Professional (CSSLP) exam.

WHAT YOU WILL LEARN

Discover the key concepts covered in this course

Define and contrast functional and non-functional security testing, as well as white-box and black-box testing

Define testing environment and contrast known and unknown environment testing

Describe the owasp testing guide, sei cert best practices, osstmm framework, nistir 8397 and other resources and standards for security testing

Define attack surface validation, vulnerability scanning and penetration testing

Define and analyze the uses of fuzzing (fuzz testing) and simulation testing

Define failure testing and analyze stress and break testing as well as run-time and compile-time fault injection
Outline the importance of high-quality and pseudorandom number generators in security and list sources and controls around entropy

Analyze security implications of documentation and undocumented functionality

Define examples of build and break criteria and the impact of security tests on the product roadmap

Distinguish defects, errors and vulnerabilities and analyze the role of cvss scores in addressing them

Contrast the generation of test data using automated tools with the secure reuse of production data in testing

Define and contrast verification and validation testing, and enumerate types of acceptance testing

Summarize the key concepts covered in this course

IN THIS COURSE

2m 38s

In this video, you will discover the key concepts covered in this course. FREE ACCESS
10m 55s

Find out how to define and contrast functional and non-functional security testing, as well as white-box and black-box testing. FREE ACCESS
3. Known and Unknown Testing Environments

5m 19s

During this video, you will learn how to define testing environment and contrast known and unknown environment testing. FREE ACCESS
4. Standards and Guidelines for Security Testing

5m 48s

Learn how to describe the OWASP Testing Guide, SEI CERT best practices, OSSTMM framework, NISTIR 8397 and other resources and standards for security testing. FREE ACCESS
5. Vulnerability Scanning and Penetration Testing

11m 52s

After completing this video, you will be able to define attack surface validation, vulnerability scanning and penetration testing. FREE ACCESS
6. Fuzzing (Fuzz Testing) and Simulation Testing

8m 40s

In this video, find out how to define and analyze the uses of fuzzing (fuzz testing) and simulation testing. FREE ACCESS
7. Types of Failure Testing

5m 48s

Upon completion of this video, you will be able to define failure testing and analyze stress and break testing as well as run-time and compile-time fault injection. FREE ACCESS
8. Entropy and Cryptographic Validation

12m 8s

Learn how to outline the importance of high-quality and pseudorandom number generators in security and list sources and controls around entropy. FREE ACCESS
9. Documentation and Undocumented Functionality

9m 17s

During this video, you will learn how to Analyze security implications of documentation and undocumented functionality. FREE ACCESS
10. Build and Break Criteria

8m 32s

Find out how to define examples of build and break criteria and the impact of security tests on the product roadmap. FREE ACCESS
11. Defects, Errors, Vulnerabilities, and CVSS Scores

6m 42s

In this video, find out how to distinguish defects, errors and vulnerabilities and analyze the role of CVSS scores in addressing them. FREE ACCESS
12. Considerations in Test Data

12m 12s

Discover how to contrast the generation of test data using automated tools with the secure reuse of production data in testing. FREE ACCESS
13. Verification, Validation, and Acceptance Testing

5m 23s

Learn how to define and contrast verification and validation testing, and enumerate types of acceptance testing. FREE ACCESS
14. Course Summary

2m 54s

In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course CSSLP 2024: Processes & Benchmarks for Secure Lifecycle Management

(2)

Course CSSLP 2024: Secure Software Lifecycle Management

(1)

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Software Testing

(147)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills and Salary Report

ESG Impact Report

CSSLP 2024: Secure Software Testing

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE