Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Software Testing Foundations", Andreas Spillner/Tilo

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Software Testing Foundations", Andreas Spillner/Tilo Linz/Hans Schaefer
Date: Mon, 18 Feb 2008 15:50:49 -0800 
BKSWTSFD.RVW   20071115

"Software Testing Foundations", Andreas Spillner/Tilo Linz/Hans
Schaefer, 2007, 1-933952-08-3, U$44.95
%A   Andreas Spillner spillner@informatik.hs-bremen.de
%A   Tilo Linz tilo.linz@imbus.de
%A   Hans Schaefer hans.schaefer@ieee.org
%C   26 West Mission St, Suite 3, Santa Barbara, CA   93101-2432
%D   2007
%G   1-933952-08-3 978-1-933952-08-6
%I   Rocky Nook Inc.
%O   U$44.95 805-687-8727 fax 805-687-2204 joan@rockynook.com
%O  http://www.amazon.com/exec/obidos/ASIN/1933952083/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1933952083/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1933952083/robsladesin03-20
%O   Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   272 p.
%T   "Software Testing Foundations, Second Edition"

This book is intended to assist candidates who are writing the exam
for the International Software Testing Qualifications Board (ISTQB)
Certified Tester.

Chapter one stresses the importance of software and software quality,
and briefly outlines the structure of the ISTQB.  Chapter two contains
a very generic overview of the terms and process of software testing. 
The activities appear to be restricted to submission of test data or
cases, even though issues such as usability and maintainability are
discussed in relation to software quality.  (In addition, some of the
material is questionable: the non-iterative waterfall software
development model is illustrated with a graphic showing iteration.) 
Testing related to the various stages of the software development life
cycle is noted in chapter three.  The content is fairly limited,
without the scope and analysis of a work such as Gary McGraw's
"Software Security: Building Security In" (cf. BKSWSBSI.RVW).  "Static
Analysis," in chapter four, appears to be related to code analysis, or
code review.  However, while there is much discussion of roles,
meetings, and processes, there is little specificity of what is
actually being "inspected manually."  (The brief mentions of code
analysis tools supports the idea that source code review is the
subject of the text.)  Chapter five, entitled "Dynamic Analysis,"
provides more detail than did chapter one on actual test design and
techniques.  The text is quite formal and larded with jargon, though,
and clearer introductions of terms would definitely assist readers who
have not had formal training in the field.  Test management is the
topic of chapter six: a significant portion of the material repeats
from earlier sections of the book.  Some types of testing tools are
briefly described in chapter seven.

Presumably the book reflects the ISTQB certification.  If so, the
certification itself may be of limited utility.

copyright Robert M. Slade, 2007   BKSWTSFD.RVW   20071115


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
We need not worry so much about what man descends from--it's what
he descends to that shames the human race.              - Mark Twain
http://victoria.tc.ca/techrev/rms.htm


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Software Testing Foundations", Andreas Spillner/Tilo Linz/Hans Schaefer, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] Re: CISSP Exam Acronyms?, bwojasinski
Next by Date:  [CISSP-D] REVIEW: "Managing the Test People", Judy McKay, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] REVIEW: "Slamming Spam: A Guide for System Administrators", Robert Haskins/Dale Nielsen, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Thread:  [CISSP-D] REVIEW: "Managing the Test People", Judy McKay, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]