Security testing is a process to determine that an IS (Information System) protects data and maintains functionality as intended.
The six concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorization, availability, and non-repudiation.