SKILL BENCHMARK

CSSLP: Secure Software Testing Competency

  • 25m
  • 25 questions
The Secure Software Testing Competency benchmark assesses your knowledge of essential testing types, as well as how to apply best practices for security testing and quality assurance, bug tracking, and the ISO 9126, SSE-CMM, OSSTMM, and DIACAP standards. You will be evaluated on your skills in performing secure software testing by tracking security errors, securing test data, and verifying and validating testing results. A learner who scores high on this benchmark demonstrates that they have the skills necessary to recognize and apply testing concepts and use secure software testing best practices.

Topics covered

  • classify and track security errors using bug tracking and risk scoring
  • describe the DoD Information Assurance Certification and Accreditation Process standard
  • describe the open source security testing methodology manual standard
  • describe the Systems Security Engineering Capability Maturity Model standard
  • distinguish between bug tracking states
  • distinguish between nonfunctional testing methods
  • distinguish between white, grey, and black box testing
  • identify characteristics of functional testing
  • identify environment best practices for ensuring secure software testing
  • identify the four steps in the penetration process
  • identify undocumented functionality in software
  • perform an impact assessment
  • recognize characteristics of attack surface validation for software testing
  • recognize characteristics of cryptographic validation
  • recognize characteristics of regression testing
  • recognize characteristics of simulation testing
  • recognize characteristics of testing for failure
  • recognize how test data is required by different test types
  • recognize how to perform unit testing
  • recognize importance of securing test data such as privacy and referential integrity
  • recognize that there are security implications of test results
  • recognize the areas covered by the ISO 9126 standard
  • recognize the different categories of software testing, such as incremental integration testing and usability testing
  • recognize the importance of performing verification and validation testing
  • test data lifecycle management