Methods to test the responses of software and web appli…

Methods to test the responses of software and web applications to unusual or unexpected inputs are known as:

Methods to test the responses of software and web applications to unusual or unexpected inputs are known as:

A.
Brute force.

B.
HTML encoding.

C.
Web crawling.

D.
Fuzzing.

Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then
monitored for exceptions such as crashes, or failed validation, or memory leaks.
Incorrect Answers:
A: Brute force is a type of attack that consists of systematically checking all possible keys or passwords until a match is found.
B: HTML encoding applies to web applications only. When user input is not properly escaped and encoded it could be exploited for cross-site scripting. User input
that encodes special characters without proper escaping can lead to malicious code execution in the DOM.
C: Web Crawling applies to web application and describes the action taken by a program as it browses from page to page on a web application.

http://en.wikipedia.org/wiki/Fuzz_testing

http://en.wikipedia.org/wiki/Brute-force_attack
https://blog.whitehatsec.com/tag/html-encoding/
http://projects.webappsec.org/w/page/13246986/Web%20Application%20Security%20Scanner %20Evaluation%20Criteria
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 218, 257
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 229,



Leave a Reply 0

Your email address will not be published. Required fields are marked *