Domain 5: Secure Software Testing (14%)

During the software development process, vulnerabilities are discovered through software testing. This CSSLP domain accounts for 14% of the exam weightage, which comprehends how to develop security test cases, methodologies, and security testing plans. It also covers how to check and verify documentation (e.g., installation and setup instructions, problem warnings, user guides, and release notes), how to discover undocumented functionality, and how to analyze the security implications of test results (e.g., impact on product management, prioritization, and break build criteria). The candidate is required to be knowledgeable about the following topics in this domain: