Capsule 12

Cybersecurity Testing

General Information about the Capsule

Name: Cybersecurity Testing
Identifier: ENACTEST_ID_12
Language: English
Category: Teaching material
Keywords: Cybersecurity, security testing, non-functional testing, DAST, SQL injection, Cross-stite scripting, XSS

Description:
This capsule teaches the fundamentals of cybersecurity testing and how to apply frequently used techniques that can be used for testing the security of web software as well as using some of the most commonly used tools for simulating cyber-attacks.  

The capsule sets out to cover the basics of cybersecurity testing applying the OWASP testing methodology and leveraging Dynamic Application Security Testing (DAST).

After having carried out this class, students will understand the fundamentals of cybersecurity web testing, basic techniques for testing web security and how to use tools for cybersecurity testing. 

Supporting Materials

Poster Slides Setup GitHub

Cost: Free
Copyright and Other Restrictions: Yes
Description: Licensed for educational and research purposes.

Educational

Interactivity Type: Interactive
Learning Resource Type: Teaching material with accompanying software
Interactivity Level: Medium
Intended End-User Role: Learner (Master’s students , final year Bachelor’s students)

Context: Higher Education
Typical Age Range: Adult learners (18+ years)
Difficulty Level: Intermediate
Description of Learning Objectives:

  • Understand the role of security in software development
  • Gain knowledge of security testing types and Strategies
  • Identify Common Software Vulnerabilities
  • Use Industry-Standard Tools for Testing
  • Build a Security Mindset
  • Apply Testing in Real or Simulated Environments
  • Prepare for Real-World Development & Testing Challenges

Prerequisites

  • Software development fundamentals
  • Web application concepts
  • Testing concepts
  • SQL basics
  • Development tools & environments

Classification of the Learning Objectives According to Bloom’s Taxonomy

  • Understand: Cybersecurity, SQL Injection, Cross-site scripting
  • Apply: Cyber attacking techniques to find vunerabilities
  • Analyze: Outcomes of attacks to secure web vunerabilities
  • Evaluate:Apply techniques to real case scenario

Learning Sequence
Introduction to cybersecurity
Activity 1: Dynamic application security testing fundamentals
Activity 2: Cybersecurity testing tools
Activity 3: Application of cyber attack techniques to real life scenario

Expected Consequences
Students will develop skills in using SQL injection and Cross-site scripting for testing

More information