Application Security Fundamentals


$324.00 USD


The majority of today's commercial systems use a relational database backend. This course will enable testers to directly query the database to verify the results of their tests as well as insert test data into the database.

A single database can serve as the foundation for multiple applications, integrating their data and providing concurrency control. This course will enable testers to directly interact with a database independently of any given application, and thus be able to explicitly test the integrity and accuracy of corporate data and it’s adherence to corporate business rules.

Attendees will learn the SQL constructs and features necessary to test existing database applications as well as review the principles of good database design that help prevent data corruption and anomalies in the first place.

Preventing and testing for SQL Injection vulnerability will also be covered.

Length of course:

6 hours 50 min

Course Outline:

  • Module 1 - Relational DBMS Basics for Testers  
    • Creating tables with SQL
    • Table design principles
    • Update, insertion, and deletion anomalies
    • Static Testing: Reading an ERD
  • Module 2 - What a tester needs to know about SQL
    • SQL Basics – Select, Insert, Update, Delete
    • Using Aggregation to determine data health
    • Combining Data from Multiple Tables with Joins
    • Foreign Key Problems
    • Using Sub-queries
    • Generating Test Data
    • Views
    • Indices
  • Module 3 - Protecting against Database hacks: SQL Injection
    • Example injection attacks
    • Testing for SQL Injection Vulnerability
    • What vulnerabilities are inherent in the SQL code?
  • Module 4- Summary and review
    • What Color Do You Want that Database?
    • Testing Scalable Architectures
    • Transaction Process Monitor (TPM)
    • Database Integrity
    • UML Database Model
    • Outer Join example for testing 
    • Useful Queries for Data Verification
    • Where do we go from here?


  • The course was written by IIST and is licensed for sale by Expertley.

Payment & Security

American Express Apple Pay Google Pay Mastercard Shop Pay Union Pay Visa

Your payment information is processed securely. We do not store credit card details nor have access to your credit card information.

You may also like