Center for Qualified CyberSecurity Excellence & Mastery

"Where Qualified Cyber Education Happens"

This class is unique in the security industry. As a follow on to the class How to Break and FIX Software Security, this 72 hour class is less lecture and more hands on labs. In this class students work on the actual application looking for security vulnerabilities that they are testing day in and day out. The security testing bootcamp takes top quality assurance testers into leading security testers with passion, knowledge and experience security testing their application.

Class Fee: $3,990
Time: 72 hrs
Learning Level: Entry
Contact Hours: 40 hr Lecture 32 hr labs
Prerequisites: Understanding of TCP/IP Protocols
Credits: 72 CPE / 3 CEU
Method of Delivery: Residential (100% face-to-face) or Hybrid
Instructor: TBD
Class Materials: SU textbook and testing software
Method of Evaluation: 95 % attendance 2. 100 % completion of Lab
Grading: Pass = Attendance+ labs & quizzes Fail > 95% Attendance

Sample Job Titles:
IA Operational Engineer
IA Security Officer
IS Analyst/Administrator
IS Manager/ IS Specialist
IS Security Engineer
IS Systems Security Manager
Platform Specialist/ Security Administrator
Security Analyst/ Security Control Assessor


This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.

Who should attend: 40 hrs Lecture  32 hr Labs
Porgramming Managers and your teams. Software testers, software developers, development and test managers, security auditors and anyone involved in software production for resale or internal use will find it valuable. Information Security and IT managers; Information Assurance Programmers; Information Security Analysts and Consultants; Internal Auditors and Audit Consultants; QA Specialists.

KU Outcomes

Machines a Dual Core 4M Ram, 350 Gig drives, running MS OS, linux, and VMWare Workstation

Tools for class - Whois, Google Hacking, Nslookup, Sam Spade, Traceroute, NMap, HTTrack, Superscan, Nessus, PSTool, Nbtstat, Solarwinds, Netcat, John the ripper, Nikto/Wikto, Web Scarab, HTTP Tunnel (hts.exe), LCP , Cain and Abel, Ettercap system hacking, John the Ripper Wireshark  sniffers, TCP dump, D sniff, tcpdump, Metasploit, ISS exploit, web app,Core Impact, Snort, Infostego, Etherape, Firefox with plugins (Hackbar, XSSme...), ebgoat, Ounce, Fortiyf, IDA pro Helix, X Wget, Cyrpto tool, 'Curl'

Learning Objectives



Corporate Requirements.  To achieve the required results, your company needs to provide access to a developer knowledgeable of the entire application, the complete threat model as well as details on past defects discovered in the application. This will enable a strategic attack plan to be created prior to the course that will be discussed and explained during the class.

Additionally, your company needs to make sure the students do all pre-class reading and all nightly assignments. This will be an intense several days of security education and testing that will push each student as they evolve from top quality assurance testers into lead security testers. Prizes should be provided to the students for each security defect discovered with special prizes to the top three teams based on the number and severity of the security bugs they find.

Grades -All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Those less comfortable and somewhere in between are not at a disadvantage vis-à-vis those more comfortable. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while your mitigating the threat step by step