GIPMC
  • Contact Us
img

Certified Advanced Software Security Tester (CASST)

Course Description:

The Security Tester qualification is for people who are already experienced in software testing and want to specialize more in security testing. The Advanced Level modules cover various testing topics. Application security testing is a method to check security requirements and find vulnerabilities in an application (like web, mobile, or thick client) and its parts. This includes both static and dynamic security testing. Security testing is very important for businesses, enterprise testing, and shared services. That's why Chief Information Security Officers (CISOs) and many information security groups are adding security testing as a new service. This certification helps show how attackers think by finding important information about a target and performing actions on a test application in a safe environment, similar to what a malicious person would do. It also helps understand how evidence of the attack could be erased. Prerequisites: Before pursuing the Certified Advanced So

$ 800.00 $ 555.00
Add to Cart
Buy Now

Browse Certifications Info

Certification Overview

The Security Tester qualification is for people who are already experienced in software testing and want to specialize more in security testing. The Advanced Level modules cover various testing topics. Application security testing is a method to check security requirements and find vulnerabilities in an application (like web, mobile, or thick client) and its parts. This includes both static and dynamic security testing. Security testing is very important for businesses, enterprise testing, and shared services. That's why Chief Information Security Officers (CISOs) and many information security groups are adding security testing as a new service. This certification helps show how attackers think by finding important information about a target and performing actions on a test application in a safe environment, similar to what a malicious person would do. It also helps understand how evidence of the attack could be erased. Prerequisites: Before pursuing the Certified Advanced Software Security Tester (CASST), candidates must have Certified Software Security Tester (CSST) or an equivalent certification. This ensures they already understand the testing process, design techniques, and planning well.

E-Course Duration: 20 to 25 Hours

Download Sample Exam

Exam Information

  • The exam has 40 multiple-choice questions. To pass, you need to answer at least 28 of them correctly, which is 70% of the total.

  • You can take the exams online with a webcam and a good internet connection. This means you can take the exams from anywhere and at any time.

  • The exam lasts for 1 hour, which is the same as 60 minutes.

  • During the exam with ProctorU, you can't use any outside sources for information. They'll tell you what materials you're allowed to have, like your ID.

  • If a candidate doesn't pass the exam on their second attempt, they have to wait at least fourteen (14) days before they can try again for the third time or any subsequent attempts. The exam can be retaken multiple times.

  • The Certified Advanced Software Security Tester (CASST)™ Certificate lasts forever.

  • CASST™ is a Trademark of GIPMC.

  • N/A

  • Please note that to obtain the Certified Advanced Software Security Tester (CASST)™ Certification, you must complete an E-Course from the GiPM portal as it is mandatory. This is because many questions in the actual exam are based on the E-Course content.
Download Brochure

Course Outline

Module Information - 1

    • Module 1 - Improving the Security Testing Practices
    • Module 2 - Security Test Process Definition
    • Module 3 - Lifecycle Alignment and Security Testing Tasks
    • Module 4 - Security Test Planning
    • Module 5 - Security Test Design
    • Module 6 - Implementing Policy-Based Security Tests
    • Module 7- Security Test Execution
    • Module 8 - Security Test Evaluation
    • Module 9 - Security Test Maintenance
    • Module 10 - Role of Security Testing in a Lifecycle
    • Module 11 - The Role of Security Testing in Design
    • Module 12 - The Role of Security Testing in Implementation Activities
    • Module 13 - Component Test Analysis & Design

Module Information - 2

    • Module 14 - Analyzing Component Test Results
    • Module 15 - Component Integration Test Analysis & Design
    • Module 16 - The Role of Security Testing in System and Acceptance Test Activities
    • Module 17 - Definition of Security-Oriented Acceptance Criteria
    • Module 18 - The Role of Security Testing in Maintenance
    • Module 19 - Testing the Effectiveness of System Hardening
    • Module 20 - Authentication and Authorization
    • Module 21 - Firewalls and Network Zones
    • Module 22 - Encryption, Intrusion Detection, Malware Scanning and Data Obfuscation
    • Module 23 - Training
    • Module 24 - Security Awareness
    • Module 25 - Attack Motivations
    • Module 26 - Social Engineering and Security Awareness
       

Module Information - 3

    • Module 27 - Revising Security Expectations
    • Module 28 - Security Test Reporting
    • Module 29 - Reporting Security Test Status
    • Module 30 - Reporting Security Test Results
    • Module 31 - Types and Purposes of Security Test Tools
    • Module 32 - Tool Selection
    • Module 33 - Open Source Tools
    • Module 34 - Benefits of Standards
    • Module 35 - Applying Security Standards

Target Audience

  • People who want to improve their understanding of Advanced Software Security Testing,
  • Software Testers who want to learn more about security testing,
  • Security testers who want to get a better certification to show their knowledge,
  • Security administrators who want to know more about testing the security of their organization,
  • And anyone who wants to know more about security testing at an Advanced Level.
Subscribe

Join Our Newsletter Now

Subscribe to GIPMC mailing list to receive update on new Certifications, Special Offers and Discount Information.