Overview
The Embedded QA/Test Engineer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for verifying and assuring the application security of embedded systems.
The Embedded QA/Test Engineer learning path provides learners with a solid understanding of applied testing techniques and a well-rounded base of knowledge to perform their tasks. This path also explores security best practices for conducting penetration tests and vulnerability assessment activities on embedded systems.
- ATK 201 – Using the MITRE ATT&CK Framework
- DES 212 – Architecture Risk Analysis & Remediation
- DES 255 – Securing the IoT Update Process
- DES 260 – Fundamentals of IoT Architecture & Design
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- TST 202 – Penetration Testing Fundamentals
- CYB 250 Cyber Threat Hunting: Tactics, Techniques, and Procedures (TTP)
- CYB 301 – Fundamentals of Ethical Hacking
- DSO 302- Automated Security Testing
- ENG 312 – How to Perform a Security Code Review
- ICS 310 Protecting Information and System Integrity in Industrial Control System Environments
- SDT 301 Testing for Injection (NEW)
- SDT 302 Testing for Identification and Authentication Failures (NEW)
- SDT 303 Testing for Cryptographic Failures (NEW)
- SDT 304 Testing for Insecure Design (NEW)
- SDT 305 Testing for Broken Access Control (NEW)
- SDT 306 Testing for Security Misconfiguration (NEW)
- SDT 307 Testing for Server-Side Request Forgery (SSRF) (NEW)
- SDT 308 Testing for Software and Data Integrity Failures (NEW)
- SDT 309 Testing for Vulnerable and Outdated Components (NEW)
- SDT 310 Testing for Security Logging and Monitoring Failures (NEW)
- SDT 311 – Testing for Integer Overflow or Wraparound
- SDT 312 – Testing for (Path Traversal) Improper Limitation of a Pathname to a Restricted Directory
- SDT 313 – Testing for (CSRF) Cross Site Request Forgery
- SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
- SDT 315 – Testing for Incorrect Permission Assignment for Critical Resource
- SDT 316- Testing for Use of Hard-Coded Credentials
- SDT 317 – Testing for Improper Control of Generation of Code
- SDT 318 – Testing for Insufficiently Protected Credentials
- SDT 319 – Testing for Out-of-bounds Read
- SDT 320 – Testing for Out-of-bounds Write
- SDT 321 – Testing for Uncontrolled Resource Consumption
- SDT 322 – Testing for Improper Privilege Management
- SDT 323 – Testing for Improper Input Validation
- SDT 324 – Testing for Improper Restriction of Operations within the Bounds of a Memory Buffer
- SDT 325 – Testing for NULL Pointer Dereference
- SDT 326 – Testing for Use After Free
- TST 301 – Infrastructure Penetration Testing
- TST 302 – Application Penetration Testing
- TST 351 – Penetration Testing for TLS Vulnerabilities
- TST 352 – Penetration Testing for Injection Vulnerabilities
- TST 353 – Penetration Testing for SQL Injection
- TST 354 – Penetration Testing for Memory Corruption Vulnerabilities
- TST 355 – Penetration Testing for Authorization Vulnerabilities
- TST 356 – Penetration Testing for Cross-Site Scripting (XSS)
- TST 357 – Penetration Testing for Hardcoded Secrets
- TST 358 – Penetration Testing Wireless Networks
- TST 359 – Penetration Testing Network Infrastructure
- TST 360 – Penetration Testing for Authentication Vulnerabilities
Learning Path Details
Number of Courses: 56
Total Duration: 15 hours
Total CPE Credits: 18