Course Catalog / Learning Path / Q/A Test Engineer

Q/A Test Engineer

Overview

The Quality Assurance (QA)/Test Engineer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for assessing and testing the quality of specifications and technical design.

Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 70

Total Duration: 18 hours

Total CPE Credits: 22

The Courses

View All Courses Download Learning Path Catalog Download Course Catalog

Course Catalog / Learning Path / Q/A Test Engineer

Q/A Test Engineer

Overview

Learning Path Details

The Courses

TST 302 – Application Penetration Testing (Coming Soon)

TST 301 – Infrastructure Penetration Testing (Coming Soon)

TST 360 – Penetration Testing for Authentication Vulnerabilities (New)

TST 359 – Penetration Testing Network Infrastructure (New)

TST 358 – Penetration Testing Wireless Networks (New)

TST 357 – Penetration Testing for Hardcoded Secrets (New)

TST 356 – Penetration Testing for Cross-Site Scripting (XSS) (New)

TST 355 – Penetration Testing for Authorization Vulnerabilities (New)

TST 354 – Penetration Testing for Memory Corruption Vulnerabilities (New)

TST 353 – Penetration Testing for SQL Injection (New)

TST 352 – Penetration Testing for Injection Vulnerabilities (New)

TST 351 – Penetration Testing for TLS Vulnerabilities (New)

TST 202 – Penetration Testing Fundamentals (New)

TST 205 – Performing Vulnerability Scans (New)

TST 275 – Testing for Use of a One-way Hash without a Salt (CWE-759)

TST 274 – Testing for Integer Overflow or Wraparound (CWE-190)

TST 272 – Testing for Open Redirect (CWE-601)

TST 271 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)

TST 270 – Testing for Incorrect Calculation of Buffer Size (CWE-131)

TST 269 – Testing for Use of a Broken or Risky Cryptographic Algorithm (CWE-327)

TST 268 – Testing for Use of a Potentially Dangerous Function (CWE-676)

TST 267 – Testing for Incorrect Permission Assignment for Critical Resource (CWE-732)

TST 266 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

TST 265 – Testing for Incorrect Authorization (CWE-863)

TST 264 – Testing for Download of Code without Integrity Check (CWE-494)

TST 262 – Testing for Cross Site Request Forgery (CSRF): CWE-352

TST 261 – Testing for Execution with Unnecessary Privileges (CWE-250)

TST 260 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)

TST 259 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)

TST 258 – Testing for Missing Encryption of Sensitive Data (CWE-311)

TST 257 – Testing for Use of Hard-Coded Credentials (CWE-798)

TST 256 – Testing for Missing Authorization (CWE-862)

TST 255 – Testing for Missing Authentication for Critical Function (CWE-306)

TST 254 – Testing for Cross-site Scripting (CWE-79)

TST 253 – Testing for Classic Buffer Overflow (CWE-120)

TST 252 – Testing for OS Command Injection (CWE-78)

TST 251 – Testing for SQL Injection (CWE-89)

TST 231 – Testing for OWASP 2017: Insufficient Logging & Monitoring

TST 230 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities

TST 229 – Testing for OWASP 2017: Insecure Deserialization

TST 228 – Testing for OWASP 2017: Cross Site Scripting (XSS)

TST 227 – Testing for OWASP 2017: Security Misconfiguration

TST 226 – Testing for OWASP 2017: Broken Access Control

TST 225 – Testing for OWASP 2017: XML External Entities

TST 224 – Testing for OWASP 2017: Sensitive Data Exposure

TST 223 – Testing for OWASP 2017: Broken Authentication

TST 222 – Testing for OWASP 2017: Injection

TST 101 – Fundamentals of Security Testing (UPDATED)

ENG 312 – How to Perform a Security Code Review (Updated)

ENG 211 – How to Create Application Security Design Requirements (Updated)

ENG 205 – Fundamentals of Threat Modeling (Updated)

ENG 123 – Essential Security Engineering Principles

ENG 114 – Essential Risk Assessment

DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities

DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities

DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization

DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)

DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration

DES 226 – Applying OWASP 2017: Mitigating Broken Access Control

DES 225 – Applying OWASP 2017: Mitigating XML External Entities

DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure

DES 223 – Applying OWASP 2017: Mitigating Broken Authentication

DES 222 – Applying OWASP 2017: Mitigating Injection

DES 217 – Application, Technical & Physical Access Controls

DES 205 – Message Integrity Cryptographic Functions

DES 204 – Role of Cryptography in Application Development

DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management

DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing

AWA 102 – Secure Software Concepts

AWA 101 – Fundamentals of Application Security (UPDATED)