Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Software Testing Practice: Test Management", Andreas

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Software Testing Practice: Test Management", Andreas Spillner et al
Date: Thu, 24 Jan 2008 09:46:59 -0800 
BKSTPTMN.RVW   20071110

"Software Testing Practice: Test Management", Andreas Spillner et al,
2007, 978-1-933952-13-0, U$44.95
%A   Andreas Spillner spillner@informatik.hs-bremen.de
%A   Thomas Rossner thomas.rossner@imbus.de
%A   Mario Winter winter@gm.fh-koeln.de
%A   Tilo Linz tilo.linz@imbus.de
%C   26 West Mission St, Suite 3, Santa Barbara, CA   93101-2432
%D   2007
%G   978-1-933952-13-0 1-933952-13-X
%I   Rocky Nook Inc.
%O   U$44.95 805-687-8727 fax 805-687-2204 joan@rockynook.com
%O  http://www.amazon.com/exec/obidos/ASIN/193395213X/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/193395213X/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/193395213X/robsladesin03-20
%O   Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   321 p.
%T   "Software Testing Practice: Test Management"

This book is intended to assist candidates who are writing the exam
for the International Software Testing Qualifications Board (ISTQB)
Certified Tester.

Chapter one stresses the importance of software and software quality,
and explains that the text is based on the ISTQB Certified Tester
second ("Advanced") level, specifically the Test Manager module
(excluding the topic of reviews).  This chapter also presents an
overview of the first ("Foundation") level as background.  The tools
and processes used to structure testing are outlined in chapter two. 
Testing is examined, in chapter three, in relation to the software
life cycle.  Problems with different development models are analyzed,
but it is interesting that the complexity of the models is not covered
as a risk factor.  Criteria for a testing policy are discussed in
chapter four.  Chapter five mandates a formal test plan.  The
blueprint will be helpful for those who do not have a structure in
place, but appears overly committed to items that are not inherently
necessary for all trials.  Controls to ensure and follow the progress
of testing are detailed in chapter six.  Chapter seven explains some
of the common quality and process improvement models, and their
implications for testing.  Testing is used to detect faults or
deviations in software, and chapter eight looks at the classification
and handling of such issues.  Chapter nine examines risk analysis with
respect to software testing.  The material follows most standard
principles for risk management, and so is not wrong in any specifics,
but the text fails to present helpful means for using this technique
to best advantage.  Various important skills that should be contained
within the test team are listed in chapter ten.  Test metrics are
discussed, in chapter eleven, in an academic manner that is very
similar to the style of chapter nine.  In the same way, by attempting
to apply a single process of evaluation to all test management
software tools, the authors restrict the utility of chapter twelve. 
Chapter thirteen lists standards bodies, as well as some of the
guidelines that relate to software development and evaluation.

The book reflects the certification, and one cannot fault it for that. 
However, if the authors had been willing to move beyond the overall
coverage of principles, they might have produced a more useful work

copyright Robert M. Slade, 2007   BKSTPTMN.RVW   20071110


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
Q.  Does Usenet help stamp out ignorance?
A.  That depends on whether by `stamp out' you mean `eliminate'
or `reproduce rapidly in great quantity.' - Dr. Roger M. Firestone
http://victoria.tc.ca/techrev/rms.htm


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Software Testing Practice: Test Management", Andreas Spillner et al, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] The ISO 27000 Newsletter - Edition 17, laurahamp
Next by Date:  [CISSP-D] REVIEW: "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] The ISO 27000 Newsletter - Edition 17, laurahamp
Next by Thread:  [CISSP-D] REVIEW: "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]