Chapter 5 - Secure Software Testing Flashcards
List software security testing standards.
ISO 9126
Open Source Security Testing Methodology Manual (OSSTMM)
System Security Engineering Capability Maturity Model (SSE-CMM)
What are the different kinds of reliability testing?
Unit
Integration
Logic
Regression
What are the different kinds of recoverabiity testing?
- Performance (Load, Stress)
* Scalability
What are the different types of resiliency testing, and what’s another name for it?
- White box
- Black box
Also called security
What other kinds of software QA testing are there besides reliability, recoverability, and resiliency?
- Environment
- Privacy
- User acceptance
What is reliability teting?
Functional testing. Does the software function as it is supposed to according to the requirements of the business owner.
Who conducts unit testing?
Typically developers.
What does unit testing do?
Tests each part in isolation for build and compilation errors as well as functioal logic.
What are drivers and stubs in the software testing context?
Drivers are testing code that simulates a function’s caller.
Stubs are testing code simulates a called unit.
Both can be used to mock objects to remove testing dependencies.
What are the benefits of unit testing?
- Validate functional logic.
- Find out inefficiencies, complexities, and vulnerabilities in code, as the code is tested after being isolated into units, as opposed to being integrated and tested as a whole.
- Automate testing processes by integrating easily with automated build scripts and tools
- Extend test coverage.
- Enable collective code ownership in agile development.
What is integration testing?
Aggregating multiple units of code together for testing.
What is logic testing?
Testing that validates the accuracy of the software processing logic.
When is logic testing most important?
When software has high cyclomatic complexity.
What kind of testing tests predicates, and what are they?
Logic testing.
A predicate is something that is affirmed or denied of the subject in a proposition in logic.
What is regression testing? What is it’s other name?
Regression testing is testing that is performed to ensure that changes to software don’t reintroduce old defects.
Verification testing.