Certified Information Systems Security Tester (CISST)

Certified Information Systems Security Tester (CISST)
Certified Information Systems Security Tester (CISST)

Certified Information Systems Security Tester (CISST)

The CISST® certification validates expertise in identifying vulnerabilities, conducting security testing, and assessing risks across IT systems. It equips professionals with knowledge of policies, auditing, lifecycle testing, and advanced security practices including authentication, encryption, intrusion detection, and security standards.

E-Course Duration: 30–35 Hours
Certification Validity: Lifetime

Categories:
Share:
Description
Additional Info
Description

Certified Information Systems Security Tester (CISST)®
Information Security Testing is critical for protecting systems from unauthorized access, disruption, or misuse. The Certified Information Systems Security Tester (CISST)® equips professionals with comprehensive knowledge and skills to identify vulnerabilities, conduct structured security testing, and assess the effectiveness of organizational security policies and controls.

This certification emphasizes confidentiality, integrity, authentication, availability, authorization, and non-repudiation within IT systems, providing a structured approach to testing methods, tools, and lifecycle integration.

Course Details

  • E-Course Duration: 30 to 35 Hours

  • Exam Pattern: 100 Multiple Choice Questions (80% passing – 80 out of 100 correct)

  • Exam Duration: 90 to 120 Minutes

  • Exam Format: Online, non-proctored, available anytime within 8 months

  • Exam Attempts: 2 attempts with each voucher (additional vouchers available if required)

  • Certification Validity: Lifetime

Course Outline

Module Information – 1

  1. Security Risks

  2. Asset Identification

  3. Assessing Risk Analysis Effectiveness

  4. Information Security Policies and Procedures

  5. Analysis of Security Policies and Procedures

  6. Security Auditing and Its Role in Security Testing

  7. Security Risk Assessment

  8. Security Triad (Confidentiality, Integrity, Availability)

  9. Introduction to Security Testing

  10. The Purpose of Security Testing

  11. Organizational Context of Testing

  12. Security Testing Objectives

  13. Information Assurance vs Security Testing

  14. Scope & Coverage of Security Testing Objectives

  15. Analysis of Security Approaches

  16. Failures in Security Test Approaches

  17. Stakeholder Identification

Module Information – 2
18. Improving Security Testing Practices
19. Security Test Process Definition
20. Lifecycle Alignment & Security Testing Tasks
21. Security Test Planning
22. Security Test Design
23. Implementing Policy-Based Security Tests
24. Security Test Execution
25. Security Test Evaluation
26. Security Test Maintenance
27. Role of Security Testing in a Lifecycle
28. Role of Security Testing in Design
29. Role of Security Testing in Implementation Activities
30. Component Test Analysis & Design
31. Analyzing Component Test Results
32. Component Integration Test Analysis & Design
33. Role of Security Testing in System & Acceptance Testing
34. Defining Security-Oriented Acceptance Criteria

Module Information – 3
35. Role of Security Testing in Maintenance
36. Testing Effectiveness of System Hardening
37. Authentication & Authorization
38. Firewalls & Network Zones
39. Encryption, Intrusion Detection, Malware Scanning, Data Obfuscation
40. Security Training
41. Security Awareness
42. Attack Motivations
43. Social Engineering & Security Awareness
44. Revising Security Expectations
45. Security Test Reporting
46. Reporting Security Test Status
47. Reporting Security Test Results
48. Types & Purposes of Security Test Tools
49. Tool Selection
50. Open Source Tools
51. Benefits of Standards
52. Applying Security Standards

Target Audience

This certification is designed for advanced professionals in information security and IT testing, including:

  • IT Managers, Security Consultants, Security Analysts, and Network Engineers

  • Professionals with prior Ethical Hacking knowledge

  • Managers responsible for PCI DSS compliance

  • Fraud Management & Prevention staff

  • Information Security Managers & Officers

  • Payment Application Vendors and Project Managers in security-driven environments

Additional Info
Related Products
ISO 22000:2018 – Certified Lead Auditor
ISO 22000:2018 – Certified Lead Auditor
Add to wishlist
GAQM Certified Training Programs
ISO 22000:2018 – Certified Lead Auditor
Certified Agile Scrum Product Owner (CASPO)
Certified Agile Scrum Product Owner (CASPO)
Add to wishlist
Agile Management Training Programs, GAQM Certified Training Programs
Certified Agile Scrum Product Owner (CASPO)
Certified Web Developer (CWD)
Certified Web Developer (CWD)
Add to wishlist
GAQM Certified Training Programs, Web Development Training Program
Certified Web Developer (CWD)
Master of Business Administration (MBA)
Master of Business Administration (MBA)
Add to wishlist
GAQM Certified Training Programs
Master of Business Administration (MBA)
Item added to wishlist View Wishlist
Item removed from wishlist