An internal audit has detected that a number of archived tapes are missing from secured storage. There
was no recent need for restoration of data from the missing tapes. The location is monitored by access
control and CCTV systems. Review of the CCTV system indicates that it has not been recording for three
months. The access control system shows numerous valid entries into the storage location during that
time. The last audit was six months ago and the tapes were accounted for at that time. Which of the
following could have aided the investigation?

Methods to test the responses of software and web applications to unusual or unexpected inputs are
known as:

Which of the following application security testing techniques is implemented when an automated
system generates random input data?

Which of the following security concepts identifies input variables which are then used to perform
boundary testing?

Which of the following describes purposefully injecting extra input during testing, possibly causing an
application to crash?

A security administrator wants to test the reliability of an application which accepts user provided
parameters. The administrator is concerned with data integrity and availability. Which of the following
should be implemented to accomplish this task?

Fuzzing is a security assessment technique that allows testers to analyze the behavior of software
applications under which of the following conditions?

Which of the following application security principles involves inputting random data into a program?

An IT security technician is actively involved in identifying coding issues for her company.
Which of the following is an application security technique that can be used to identify unknown
weaknesses within the code?

Which of the following would Jane, an administrator, use to detect an unknown security vulnerability?