Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT Sec > Automated Software Testing > Flashcards

Automated Software Testing Flashcards

1
Q

What are some common methods for testing software?

A

Unit tests, integration tests, black-box tests, positive/negative tests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is fuzzing in the context of software testing?

A

A technique for generating random inputs to trigger errors or crashes in a program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are some limitations of fuzzing?

A

Difficulty in passing specific checks, requiring expert knowledge, only detecting memory management errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is domain-specific automated testing?

A

A method of automated testing that leverages domain knowledge to create more efficient and effective test cases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a test oracle in software testing?

A

A function that determines whether a test passes or fails

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the properties of soundness and completeness for test oracles?

A

Soundness means that if the oracle says a test passes, then the test really passes. Completeness means that if the test really passes, then the oracle says the test passes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is version detection in software testing?

A

The task of identifying the software version of a system or a component

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is semantic versioning?

A

A systematic way of assigning version numbers to software components

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is fingerprinting in the context of version detection?

A

The process of generating a unique identifier for a version based on some methods such as strings, hashes, optional features, undefined behavior, bugs, and side channels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Transport Layer Security (TLS)?

A

The most commonly used security protocol for providing confidential, integral, and authenticated communication over the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the differences between TLS 1.2 and TLS 1.3?

A

TLS 1.3 has several improvements over TLS 1.2, such as a simplified handshake protocol, better security, and faster connection times

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is an X.509 certificate?

A

A digital certificate that binds a public key to an identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the basic steps for validating an X.509 certificate?

A

Verifying the signature, checking the validity time, matching the hostname, and checking the extensions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is domain-specific fuzzing?

A

A method of fuzzing that uses domain knowledge to create more efficient and effective fuzz operators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is combinatorial testing?

A

A method of generating inputs by covering value combinations of different input parameters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is differential testing?

A

A method of testing that compares the outputs of different implementations of the same functionality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is specification-guided testing?

A

A method of testing that derives partial oracles automatically from the specification

18
Q

What is the role of reduction function in differential testing?

A

A reduction function reduces the output of a test to a simpler form that can be compared across different implementations

19
Q

What are the use cases and challenges of version detection?

A

Use cases include penetration testing, threat intelligence, usability research, and compliance. Challenges include API usage, capabilities, configuration, documentation, and interaction

20
Q

What are the desired properties of a fingerprint in version detection?

A

Precise, small, efficient, and robust

21
Q

What is the role of a human oracle in software testing?

A

A human oracle is the ground truth for testing, which means if the human oracle says a test passes, then the test really passes

22
Q

What is the difference between soundness and completeness in the context of test oracles?

A

Soundness means that if the oracle says a test passes, then the test really passes. Completeness means that if the test really passes, then the oracle says the test passes

23
Q

What is the crash oracle in software testing?

A

The crash oracle is a simple oracle that fails a test if the program crashes

24
Q

What is model-based testing in software testing?

A

Model-based testing is a method of testing that uses models to construct sound and complete partial oracles

25
Q

What is differential testing in software testing?

A

Differential testing is a method of testing that compares the outputs of different implementations of the same functionality

26
Q

What is the reduction function in differential testing?

A

The reduction function reduces the output of a test to a simpler form that can be compared across different implementations

27
Q

What is specification-guided testing in software testing?

A

Specification-guided testing is a method of testing that derives partial oracles automatically from the specification

28
Q

What is the role of the reduction function in differential testing?

A

A reduction function reduces the output of a test to a simpler form that can be compared across different implementations

29
Q

What are the use cases and challenges of version detection?

A

Use cases include penetration testing, threat intelligence, usability research, and compliance. Challenges include API usage, capabilities, configuration, documentation, and interaction

30
Q

What are the desired properties of a fingerprint in version detection?

A

Precise, small, efficient, and robust

31
Q

What is Transport Layer Security (TLS)?

A

The most commonly used security protocol for providing confidential, integral, and authenticated communication over the internet

32
Q

What are the differences between TLS 1.2 and TLS 1.3?

A

TLS 1.3 has several improvements over TLS 1.2, such as a simplified handshake protocol, better security, and faster connection times

33
Q

What is an X.509 certificate?

A

A digital certificate that binds a public key to an identity

34
Q

What are the basic steps for validating an X.509 certificate?

A

Verifying the signature, checking the validity time, matching the hostname, and checking the extensions

35
Q

What is domain-specific fuzzing?

A

A method of fuzzing that uses domain knowledge to create more efficient and effective fuzz operators

36
Q

What is combinatorial testing?

A

A method of generating inputs by covering value combinations of different input parameters

37
Q

What is differential testing?

A

A method of testing that compares the outputs of different implementations of the same functionality

38
Q

What is specification-guided testing?

A

A method of testing that derives partial oracles automatically from the specification

39
Q

What is the role of reduction function in differential testing?

A

A reduction function reduces the output of a test to a simpler form that can be compared across different implementations

40
Q

What are the use cases and challenges of version detection?

A

Use cases include penetration testing, threat intelligence, usability research, and compliance. Challenges include API usage, capabilities, configuration, documentation, and interaction

IT Sec (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions