Security Testing — OTHM Qualifications Vocationally-Related Qualification Computer Science Revision
Security testing involves understanding methods and performing tests on web and mobile applications. Learners must adhere to ethical and professional stand
Topic Synopsis
Security testing involves understanding methods and performing tests on web and mobile applications. Learners must adhere to ethical and professional standards while identifying vulnerabilities.
Key Concepts & Core Principles
- Defence in Depth: A layered security approach combining physical, technical, and administrative controls to protect assets. Students must understand how firewalls, intrusion detection systems, encryption, and access controls work together.
- Ethical Hacking Methodologies: The systematic process of identifying vulnerabilities using frameworks like the Cyber Kill Chain or MITRE ATT&CK. Key skills include reconnaissance, scanning, exploitation, and reporting.
- Digital Forensics Process: The preservation, acquisition, analysis, and presentation of digital evidence. Students should know the chain of custody, forensic imaging (e.g., dd, FTK Imager), and analysis of file systems (NTFS, FAT32).
- Risk Management Frameworks: How to assess, treat, and monitor risks using standards like ISO 27001 or NIST. Concepts include risk appetite, asset valuation, threat modelling (e.g., STRIDE), and control selection.
- Cryptography Fundamentals: Symmetric vs. asymmetric encryption, hashing algorithms (SHA-256), digital signatures, and PKI. Understanding how these protect data at rest and in transit is critical.
Exam Tips & Revision Strategies
- Always get written consent before testing.
- Use a structured methodology like OWASP Testing Guide.
- Prioritise findings based on risk severity.
- Structure your practical assessment output as a professional pentest report: include an executive summary, methodology, findings with CVSS scores, and remediation steps. Examiners reward clarity and professionalism.
- In written questions, always link testing methods to specific cyber kill chain phases or attacker motivations to demonstrate applied, rather than rote, learning.
- When performing mobile app testing in a lab environment, capture screenshots of both the vulnerable state and the fixed state (if remediation is part of the task) to evidence your practical skills.
- Revise key legislation (e.g., Computer Misuse Act 1990, GDPR) and how they apply to security testing; you may be asked to state what constitutes legal testing and the consequences of unauthorised access.
Common Misconceptions & Mistakes to Avoid
- Testing without permission or exceeding scope.
- Misinterpreting test results or false positives.
- Neglecting to secure test data or report confidentially.
- Running automated scanners without manual verification, leading to false positives being reported as genuine vulnerabilities and overlooked false negatives.
- Confusing penetration testing with vulnerability scanning, failing to articulate the importance of human analysis, exploitation validation, and business impact assessment.
- Neglecting to document testing steps and timestamps, making it difficult to reproduce findings or prove compliance with agreed testing windows.
Examiner Marking Points
- Describes various security testing methods (penetration testing, vulnerability scanning).
- Performs web application security tests using appropriate tools.
- Performs mobile application security tests effectively.
- Documents findings and recommends remediation.
- Follows ethical guidelines and obtains proper authorisation.
- Award credit for demonstrating the ability to explain and differentiate between black-box, white-box, and grey-box testing methodologies, including their appropriate use cases.
- Expect evidence of performing authenticated and unauthenticated web application testing using at least two common tools (e.g., Burp Suite, OWASP ZAP), with clear justification of tool selection.
- Look for detailed, structured vulnerability reports that include risk ratings, proof-of-concept steps, and remediation advice aligned with industry standards like OWASP Top 10.