Course Catalog / Learning Path / Q/A Test Engineer

Q/A Test Engineer

Overview

The Quality Assurance (QA)/Test Engineer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for assessing and testing the quality of specifications and technical design.

The Embedded QA/Test Engineer learning path provides software testers and quality assurance (QA) professionals with the knowledge and techniques needed to ensure that application security standards are met. Learners will dive into applied testing techniques and best practices for planning and implementing strategies for quality management and testing.

Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 54

Total Duration: 20 hours

Total CPE Credits: 24

The Courses

View All Courses Download Learning Path Catalog Download Course Catalog

Course Catalog / Learning Path / Q/A Test Engineer

Q/A Test Engineer

Overview

Learning Path Details

The Courses

Testing for Use of a One-way Hash without a Salt (CWE-759)

Testing or Integer Overflow or Wraparound (CWE-190)

Testing for Open Redirect (CWE-601)

Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)

Testing for Incorrect Calculation of Buffer Size (CWE-131)

Testing or Use of a Broken or Risky Cryptographic Algorithm (CWE-327)

Testing for Use of a Potentially Dangerous Function (CWE-676)

Testing or Incorrect Permission Assignment for Critical Resource (CWE-732)

Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

Testing for Incorrect Authorization (CWE-863)

Testing for Download of Code without Integrity Check (CWE-494)

Testing for Cross Site Request Forgery (CSRF): CWE-352

Testing for Execution with Unnecessary Privileges (CWE-250)

Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)

Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)

Testing for Missing Encryption of Sensitive Data (CWE-311)

Testing for Use of Hard-Coded Credentials (CWE-798)

Testing for Missing Authorization (CWE-862)

Testing for Missing Authentication for Critical Function (CWE-306)

Testing for Cross-site Scripting (CWE-79)

Testing for Classic Buffer Overflow (CWE-120)

Testing for OS Command Injection (CWE-78)

Testing for SQL Injection (CWE-89)

Testing for OWASP 2017: Insufficient Logging & Monitoring

Testing for OWASP 2017: Use of Components with Known Vulnerabilities

Testing for OWASP 2017: Insecure Deserialization

Testing for OWASP 2017: Cross Site Scripting (XSS)

Testing for OWASP 2017: Security Misconfiguration

Testing for OWASP 2017: Broken Access Control

Testing for OWASP 2017: XML External Entities

Testing for OWASP 2017: Sensitive Data Exposure

Testing for OWASP 2017: Broken Authentication

Testing for OWASP 2017: Injection

Fundamentals of Security Testing

ENG 312 – How to Perform a Security Code Review

How to Create Application Security Design Requirements

Fundamentals of Threat Modeling

Essential Security Engineering Principles

Essential Risk Assessment

Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities

Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities

Applying OWASP 2017: Mitigating Insecure Deserialization

Applying OWASP 2017: Mitigating Broken Access Control

Applying OWASP 2017: Mitigating XML External Entities

Applying OWASP 2017: Mitigating Sensitive Data Exposure

Applying OWASP 2017: Mitigating Broken Authentication

Applying OWASP 2017: Mitigating Injection

Application, Technical & Physical Access Controls

Message Integrity Cryptographic Functions

Role of Cryptography in Application Development

Cryptographic Components: Randomness, Algorithms, and Key Management

Cryptographic Suite Services: Encoding, Encrypting & Hashing

Secure Software Concepts

Fundamentals of Application Security