Course Overview

The A4Q Cyber Security Essentials course provides an introductory understanding of information security principles tailored for professionals involved in developing IT systems, software, or embedded systems. Designed for developers, testers, project managers, and business analysts, the course is aligned with recognized standards such as ISO/IEC 27034-1 and the Microsoft Security Development Lifecycle (MSDL). Participants will gain foundational knowledge on how to manage security risks, implement secure development practices, and perform effective security testing.

Key Learning Areas

• IT Security Fundamentals: Understand key security concepts such as accountability, authentication, authorization, availability, and confidentiality. Identify vulnerabilities, threats, and weaknesses in systems, and learn the role of security standards.

• Threat Analysis: Explore threat taxonomies, types of malware, and attack surfaces. Study common web security threats such as Injections, DoS/DDoS, XSS, CSRF, and authentication flaws. Learn about social engineering and wireless network security.

• Security in the Software Lifecycle: Understand the processes of the Secure Development Lifecycle (SDLC), including threat modeling, secure coding, security testing, and defect management.

• Practical Resources and References: Use ISTQB documents, security standards, recommended books, and online resources to deepen your learning.

Internationally Accredited Software Quality Assurance Training

SASTQB

SASTQB is the Southern African Software Testing Qualification Board.