2: 2 Software Quality Assurance

Question 1

Code Review

Answer 1

Peer analysis to assess code

Question 2

What is Fagan

Answer 2

most formal level of code review. 1 Planning 2 Overview 3 Preparation 4 Meeting 5 Rework 6 Follow-up

Question 3

What is the goal of software testing

Answer 3

ensure finished code functions properly

Question 4

Software Model Validation

Answer 4

ensures its meeting the business requirements

Question 5

Stress Testing

Answer 5

used automated scripts to verify system capacity, run internally or through a vendor, increases load to determine system max capacity

Question 6

User Acceptance Testing (UAT)

Answer 6

get end user testing through their own test environments/simulations - beta testing

Question 7

Regression Testing

Answer 7

checks for unexpected side effects of minor/major changes to code

Question 8

Static Test

Answer 8

Use specialized testing software to examine code for common defects - code not actually ran

Question 9

Dynamic Test

Answer 9

Software executes code to verify its functioning correctly and doesn’t have security flaws

Question 10

What are synthetic transactions

Answer 10

Supply inputs to code with known, expected outputs

Question 11

Fuzzing

Answer 11

Provides many types of inputs to a software to attempt to confuse the code

Question 12

What are the 4 types of fuzzing inputs

Answer 12

Developer supplied input
Script supplying Input
Generational Fuzzing (generate random inputs)
Mutation Fuzzing (modifying real inputs)

Question 13

What are the benefits of code repositories

Answer 13

Coordinates change across multiple developers
Performs version control
Promotes code reuse, avoid dead code

Question 14

Git

Answer 14

Summary of changes

Question 15

Github

Answer 15

repository

Question 16

Origin Master

Answer 16

The shared version of the code available to all in the master repository

Question 17

Whitelist Control vs Blacklist Control

Answer 17

Whitelisting defaults all applications are banned and you allow specific ones. Blacklisting defaults all applications are unbanned and you ban specific ones.

Question 18

AppLocker

Answer 18

App control tech built into windows

Question 19

SIEM

Answer 19

Security Information and Event Management - Connect app control logs

Question 20

Host Software Baselining

Answer 20

identifies expected system software, so you can report deviations

Question 21

Library

Answer 21

share contained software code, allowing you to reuse code created by others to perform certain functions

Question 22

SDKS

Answer 22

software development kits: Provides components to work with IAM, graphs, work with platforms, testing

Question 23

APIs

Answer 23

Application Programming Interfaces: Services that run over the internet (i.e. reading tweets easily)