Skip to main content

Certified Information Systems Security Tester (CISST)(Trainer Led)

Certified Information Systems Security Tester (CISST)(Trainer Led)

Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical).

Information Security Testing and Assessment is a process of identifying different security vulnerabilities in your technology infrastructure. The risks found in the vulnerability assessment are issues that may be exploited by a malicious individual or program to gain access to your confidential and proprietary data.

Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protect data and maintain functionality as intended. Due to the logical limitations of security testing, passing security testing is not an indication that no flaws exist or that the system adequately satisfies the security requirements.

Typical security requirements may include specific elements of confidentiality, integrity, authentication, availability, authorization and non-repudiation. Actual security requirements tested depend on the security requirements implemented by the system. Security testing as a term has a number of different meanings and can be completed in a number of different ways. As such a Security Taxonomy helps us to understand these different approaches and meanings by providing a base level to work from.

Course Duration: 30–35 Hours
Certification Validity: Lifetime

Share:
Description

Course Details

  • Course Duration: 30 to 35 Hours

  • Exam Pattern: 100 Multiple Choice Questions (80% passing – 80 out of 100 correct)

  • Exam Duration: 90 to 120 Minutes

  • Exam Format: Online, non-proctored, available anytime within 8 months

  • Exam Attempts: 2 attempts with each voucher (additional vouchers available if required)

  • Certification Validity: Lifetime


Course Outline

Module Information – 1

  1. Security Risks

  2. Asset Identification

  3. Assessing Risk Analysis Effectiveness

  4. Information Security Policies and Procedures

  5. Analysis of Security Policies and Procedures

  6. Security Auditing and Its Role in Security Testing

  7. Security Risk Assessment

  8. Security Triad (Confidentiality, Integrity, Availability)

  9. Introduction to Security Testing

  10. The Purpose of Security Testing

  11. Organizational Context of Testing

  12. Security Testing Objectives

  13. Information Assurance vs Security Testing

  14. Scope & Coverage of Security Testing Objectives

  15. Analysis of Security Approaches

  16. Failures in Security Test Approaches

  17. Stakeholder Identification

Module Information – 2
18. Improving Security Testing Practices
19. Security Test Process Definition
20. Lifecycle Alignment & Security Testing Tasks
21. Security Test Planning
22. Security Test Design
23. Implementing Policy-Based Security Tests
24. Security Test Execution
25. Security Test Evaluation
26. Security Test Maintenance
27. Role of Security Testing in a Lifecycle
28. Role of Security Testing in Design
29. Role of Security Testing in Implementation Activities
30. Component Test Analysis & Design
31. Analyzing Component Test Results
32. Component Integration Test Analysis & Design
33. Role of Security Testing in System & Acceptance Testing
34. Defining Security-Oriented Acceptance Criteria

Module Information – 3
35. Role of Security Testing in Maintenance
36. Testing Effectiveness of System Hardening
37. Authentication & Authorization
38. Firewalls & Network Zones
39. Encryption, Intrusion Detection, Malware Scanning, Data Obfuscation
40. Security Training
41. Security Awareness
42. Attack Motivations
43. Social Engineering & Security Awareness
44. Revising Security Expectations
45. Security Test Reporting
46. Reporting Security Test Status
47. Reporting Security Test Results
48. Types & Purposes of Security Test Tools
49. Tool Selection
50. Open Source Tools
51. Benefits of Standards
52. Applying Security Standards


Target Audience

This certification is designed for advanced professionals in information security and IT testing, including:

  • IT Managers, Security Consultants, Security Analysts, and Network Engineers

  • Professionals with prior Ethical Hacking knowledge

  • Managers responsible for PCI DSS compliance

  • Fraud Management & Prevention staff

  • Information Security Managers & Officers

  • Payment Application Vendors and Project Managers in security-driven environments

Item added to wishlist View Wishlist
Item removed from wishlist
Item added to cart View Cart
WhatsApp
Shopping Cart
Close
Cart
  • No products in the cart.
Your cart is currently empty.
Please add some products to your shopping cart before proceeding to checkout.
Browse our shop categories to discover new arrivals and special offers.