Exam ID HP0-A103
Exam type Proctored exam taken at dedicated testing center
Exam duration 1 hour
Exam length 60 questions
Passing score 70%
Delivery languages English
Related Certifications
Supporting courses These recommended courses help you prepare for the exam:
Option 1
Option 2

Register for this Exam


No online or hard copy reference material will be allowed at the testing site. This exam may contain beta test items for experimental purposes.
During the exam, you can make specific comments about the items (i.e. accuracy, appropriateness to audience, etc.). HPE welcomes these comments as part of our continuous improvement process.

Exam description

This exam tests your skills on Fortify Security Solutions, including application security associated with designing a security solution for Web applications and Web services using Fortify products. Additionally, this exam will test your ability to apply the Fortify Security Solution within the development, testing and production phases in a business environment.
This certification exam is designed for candidates with “on the job” experience. The associated training courses provide a foundation, but you are expected to have experience in real world situations.

Who should take this exam?

New candidates who want to acquire the HP ATP - Fortify Security V1 certification.

Exam contents

This exam has 60 questions. Here are types of questions to expect:
  • Multiple choice (multiple responses)
  • Multiple choice (single response)

Tips for taking this exam

This exam assesses whether you have the knowledge and skills to navigate and utilize Fortify Security products as a security solution in a business development and production environment.
Take the time to read the entire question and consider all of the options carefully before you answer. If the question indicates that it features an exhibit, study the exhibit and reread the question. Make sure to select the answer that correctly responds to the question that is asked, not simply an answer that includes some correct information.
If the question asks for more than one answer, remember to select each correct answer. You will not receive partial credit for a partially correct answer.


This exam validates that you can successfully perform the following:

OpenSAMM: Building Security into Software Development

  • Apply the Software Assurance Maturity Model (SAMM) to an organization’s security infrastructure
  • Use the SAMM guidelines to evaluate the needs of your softwre security practices
  • Determine the HPE Enterprise Security products as they correlate to SAMM compliancy to your organization’s security practices


Examine Common Vulnerabilities

  • List the OWASP Top 10 Application Security Risks
  • Perform a basic Threat Model and Risk Assessment
  • Integrate security activities into a basic SDLC


Utilization of Fortify Products

  • Identify Fortify Products and how they satisfy the guidelines of the OpenSAMM initiative
  • Describe Reporting and Incident Analysis
  • Describe architecture and structure of Fortify Products in business security environment
  • Present overview of implementation requirements for Fortify Product Suite


Fortify Software Security Center

  • Tune scan results
  • Upload and download scans in SSC
  • Create projects in SSC
  • Connect to SSC from AWB
  • Generate reports to show outstanding issues & progress on security goals
  • Integrate security activities into your SDLC


Fortify Software Code Analyzer

  • Navigate Audit Workbench
  • Audit and suppress issues
  • Identify information on security issues


HP WebInspect Introduction


  • Define operational capabilities of WebInspect
  • License and Activate WebInspect
  • Navigate the operational displays of WebInspect


Fortify Runtime

  • List the benefits of using Fortify Runtime
  • Describe how Fortify Runtime correlates testing

Valuable and relevant learning resources developed before the Hewlett-Packard Company separation might contain some content and brand elements that have not been updated for Hewlett Packard Enterprise. Learning resources with the highest usage will be updated.