Which of the following is an automated software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program?
A.
Gray box testing
B.
White box testing
C.
Black box testing
D.
Fuzzing
Explanation:
The programs and frameworks that are used to create fuzz tests or perform fuzz testing are called fuzzers. Fuzzing has evolved from a niche technique into a full testing discipline with support from both the security research and traditional QA testing communities. Fuzzing (Fuzz testing) is anautomated software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program. The program is then monitored for exceptions such as crashes or failing built-in code assertions. Fuzzing is commonly used to test for security problems in software or computer systems.
Answer option C is incorrect. Black box testing is also known as specification-based testing. It ignores the internal logic of an application. It refers to test activities using specification- basedtesting methods to discover errors in an application. The test activities are based on requirements and specifications of the application. It focuses on the following errors:
Specification-based function errors
Specification-based component/system behavior errors Specification-based performance errors
User-oriented usage errors
Black box interface errorsAnswer option B is incorrect. White box testing, also known as Clear box or Glass box testing, takes into account the internal mechanism of a system or application. The connotations of “Clear box” and “Glass box” indicate that a tester has full visibility of the internal workings of the system. It uses knowledge of the internal structure of an application. It is applicable at the unit, integration, and system levels of the software testing process. It consists of the following testing methods:
Control flow-based testing
o Create a graph from source code.
o Describe the flow of control through the control flow graph. o Design test cases to cover certain elements of the graph.Data flow-based testing
o Test connections between variable definitions.
o Check variation of the control flow graph.
o Set DEF (n) contains variables that are defined at node n.
o Set USE (n) are variables that are read.Answer option A is incorrect. Gray box testing is a combination of black box and white box testing. It is non-intrusive and impartial, as it does not require that a tester have access to the source code. It treats a system as a black box in the sense that it must be analyzed from the outside. Basically, it is used to find out defects related to bad design or bad implementation of the system. This type of testing is more commonly used with Web applications, as the Internet has a pretty stable interface.