which are then used to perform boundary testing?
Which of the following security concepts identifies input variables which are then used to perform boundary testing?
Which of the following application security testing tec…
Which of the following application security testing techniques is implemented when an automated system generates random input data?
Methods to test the responses of software and web appli…
Methods to test the responses of software and web applications to unusual or unexpected inputs are known as:
Which of the following is the developer performing when…
A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the
developer needs to test the entire application to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer performing
when testing the application?
which of the following types of testing?
An IT auditor tests an application as an authenticated user. This is an example of which of the following types of testing?
Which of the following reviews should Jane conduct?
Pete, a developer, writes an application. Jane, the security analyst, knows some things about the overall application but does not have all the details. Jane needs to
review the software before it is released to production. Which of the following reviews should Jane conduct?
which of the following types of testing?
A quality assurance analyst is reviewing a new software product for security, and has complete access to the code and data structures used by the developers.
This is an example of which of the following types of testing?
what the security company might do during a black box test?
Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has been hired to perform a penetration test against his
network. The security company asks Matt which type of testing would be most beneficial for him. Which of the following BEST describes what the security company
might do during a black box test?
which of the following types of testing?
The security consultant is assigned to test a client’s new software for security, after logs show targeted attacks from the Internet. To determine the weaknesses, the
consultant has no access to the application program interfaces, code, or data structures. This is an example of which of the following types of testing?
A process in which the functionality of an application …
A process in which the functionality of an application is tested without any knowledge of the internal mechanisms of the application is known as: