Which of the following would Jane, an administrator, use to detect an unknown security vulnerability?
A.
Patch management
B.
Application fuzzing
C.
ID badge
D.
Application configuration baseline
Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then
monitored for exceptions such as crashes, or failed validation, or memory leaks.
Incorrect Answers:
A: Patch management is the process of maintaining the latest source code for applications and operating systems. This helps protect a systems from known
attacks and vulnerabilities, but not from unknown vulnerabilities.
C: An ID badge is an aspect of physical security. It is used to control physical access to facilities and areas in a facility.
D: An Application configuration baseline defines the level of security that will be implemented and maintained for the application. A low baseline implements almost
no security while a high baseline does not allow users to make changes to the application.http://en.wikipedia.org/wiki/Fuzz_testing
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 218, 220Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 129, 229, 231-232