Code Quality and Testing 3.6 Flashcards

1
Q

Static Application Security Testing (SAST)

A

Automation to help to identify security flaws. Many security vulnerabilities will be found easily. Cant find everything this way however. It will get false positives, verify everything.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Dynamic Analysis (Fuzzing)

A

It sends a random input to an application just to see how the app will react. We are looking to see if it will behave abnormally. Fuzzing is very resource and time demanding. There are many types of fuzzing engine options that specialize in different platforms/languages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Stress Testing

A

The software is intended to work with a single user, but what happens when you add 1000 users? The idea of the stress test is to see how the app will react when under load. We do this using a stress testing tool. When the app hits the limit, you start to see unintended results. Things that aren’t supposed to be seen, start to appear. There are extensive automation options for stress testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Sandboxing

A

A testing playground that looks as if its running in a production environment. The QA team can try to run things as they are supposed to be in production and test everything without causing harm to anything.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Model Verification and Validation

A

At the end of the development cycle you verify if the software is working properly and the app is built well. This is where you check to see if the app meets the high level requirements as it was intended.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Compiled Code

A

You don’t see the source code. This is where the blocks of code are put together to see if the application has come together properly. The compiled code is specific to an OS and CPU. Logical bugs can be identified and fixed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Runtime Code

A

You can see the code. The code instructions execute when the app is run. You will only find the bugs when the app is run.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly