Analyzing Application Assessments Flashcards
A comprehensive testing program validates the effectiveness of protecting confidentiality,
integrity, and availability
Software Assessments
Process of reviewing uncompiled source code either manually or using automated
tools
Static Code Analysis
The process of validating software design through mathematical modeling of
expected inputs and outputs
Formal Verification Method
Beta testing by the end users that proves a program is usable and fit-for-purpose
in real-world conditions
User Acceptance Testing (UAT)
The process of checking that updates to code do not compromise existing security
functionality or capability
Security Regression Testing
The process of analyzing the structure of hardware or software to reveal more
about how it functions
Reverse Engineering
Software that has been assembled into the binary instructions that are expressed
as hexadecimal digits native to the processor platform
Machine Code
Reverse engineering software that converts machine language code into assembly
language code
Disassembler
A compiled software program is converted to binary machine code using the
instruction set of the CPU platform and is represented in human-readable text
Assembly Code
A reverse engineering tool that converts machine code or assembly language
code to code in a specific higher-level language or pseudocode
Decompiler
Code that is easier for humans to read, write, and understand
High-level Code
The execution of a compiled program to analyze the way it executes and interacts
with a system or network
Dynamic Analysis
A dynamic testing tool used to analyze software as it executes
Debugger
A software testing method that evaluates how software performs under extreme
load
Stress Test
A dynamic code analysis technique that involves sending a running application
random and unusual input to evaluate how the application responds
Fuzzing