SE4452 Testing FINAL Flashcards

Question

What is the objective of integration testing?

Answer 1

to take unit tested modules and build a system structure based on the prescribed design verify whether the implementation at the system architecture level conforms to the Quality requirements

Answer 2

- entire modules are fully integrated - all test cases executed - all severe and moderated defects found have been fixed

Answer 3

verify whether the implementation at the system-level conforms to the Quality requirements.

Answer 4

In the real (production) environment if available, or an emulated environemnt

Answer 5

The production/live environment

Answer 6

Testing is concerned with confirming the presence of defects Debugging is concerned with locating and repairing defects

Answer 7

IDBEC ``` Identify test conditions Design test cases Build test cases Execute Compare test with expected output ```

Answer 8

LDRR Locate defect Design defect repair Repair defect Re-test

Answer 9

A description of circumstances that could be examined

Answer 10

Functionality Structural/system User-acceptance

Answer 11

The details of a test condition Consists of test data and expected output

Answer 12

A collection of test cases

Answer 13

Implement preconditions (set up environment) Prepare test scripts

Answer 14

``` comparison info what screen data to capture when/were to read input control info testing concurrent activities ```

Answer 15

1. observe behavior | 2. analyze behavior to check if it is correct

Answer 16

- plain language - state diagram - formal math specification

Answer 17

Does it: - cover certain quality requirements - cover certain parts of functionality - cover certain parts of internal logic

Answer 18

Test all possible inputs (or at least partition of inputs)

Answer 19

Cover the underlying code (all statements, branches, loops)

Answer 20

- meet deadline, budget (management) - achieve desired coverage - achieve desire failure intensity

Answer 21

A test data selection technique, to test if unit correctly implements all functionalities

Answer 22

Test selection technique that targets failures at the boundaries of equivalence classes

Answer 23

False certainly they certainly can certainly

Answer 24

Control Flow Graph A directed labeled graph in which nodes are statements (or groups of statements) and edges represent flow of control

Answer 25

statement edge (branch) condition path

Answer 26

Each edge is executed at least once (covers true/false conditions)

Answer 27

Edge coverage + all combinations of predicate outcomes

Answer 28

All paths (from initial to final node) are covered at least once

Answer 29

All statements executed

Answer 30

3 cases that execute the loop: zero times (skips the loop) once more than once

Answer 31

Replaces subordinate modules Uses modules' exact interface, may do minimal data manipulation, provides verification of entry, returns control

Answer 32

Main program that accepts test case data, passes data to unit being tested, returns results

Answer 33

To select a subset of tests that will reveal all failures in a program

Answer 34

Input domain is large Input domain has complex structure

Answer 35

Testing a program against every element in its input domain

Answer 36

They do not overlap

Answer 37

1. completeness | 2. efficiency (avoid redundancy)

Answer 38

Using one variable from each equivalence class in a test case Min # of classes is equal to number of classes in the partition with the most subsets

Answer 39

Using the cartesian product of the partition subsets

Answer 40

expected (valid) inputs | unexpected (invalid) inputs

Answer 41

False - strong equivalence classes are a multiple fault assumption

Answer 42

Classes based on valid and valid inputs

Answer 43

classes based on valid values of inputs

Answer 44

ratio of : number of failures exposed _______________ total failures that exist

Answer 45

By only using one element from each equivalence class

Answer 46

One class of valid strings one class of invalid strings

Answer 47

one class of legal arrays one class with the empty array one class with arrays that are too large

Answer 48

Uni-dimensional (weak) partitioning: partition input domain one variable at a time Multidimensional (strong) partitioning: input domain is the set product of input variables

Answer 49

1. Identify input domain 2. Equivalence classing 3. Combine classes 4. Identify infeasible classes

Answer 50

1. partition input domain 2. identify boundaries for each partition 3. select test data

Answer 51

3 The boundary, before, and after

Answer 52

When the program is a function of independent variables that represent bounded physical quanitities

Answer 53

No consideration of the function of program or semantic meaning of variables

Answer 54

That all possible conditions are accounted for

Answer 55

When applied to structure

Answer 56

When applied to a specification

Answer 57

Conditions Condition entries Actions Action entries

Answer 58

Only boolean value conditions

Answer 59

Several values as conditions

Answer 60

The default rule

Answer 61

Rules must be complete (every combination of conditions + default rule present) Rules must be consistent (every combination of conditions results in only 1 set of actions)

Answer 62

1. Determine actions, conditions, max # rules 2. Encode possible rules, actions for each rule 3. Simplify rules (reduce # columns)

Answer 63

Each rule is a test case conditions are equivalence classes of inputs actions are outputs

Answer 64

- unit test framework - languages (built in, external modules) - test protocols (TAP) - test location (server/client side)

Answer 65

Javascript test framework

Answer 66

Functionality, Performance, Security, Load, Stress, Scalability, Robustness testing (SSSLRP F)

Answer 67

Testing: Confirming the presence of defects Debugging: Locating and fixing defects

Answer 68

The driver, which runs TestCases and reports test results

Answer 69

A test environment used by multiple tests

Answer 70

Test anything protocol?

Answer 71

Allows communication between unit tests and a test harness

Answer 72

1. describe (), which is the test suite/group | 2. it(), which is the individual test

Answer 73

before beforeEach after afterEach

Answer 74

1. cover all statements 2. cover all branches 3. cover all loops

Answer 75

1. Meet Deadline 2. Exhaust Budget 3. Achieved Desired Coverage 4. Achieved Desired Failure Intensity

Answer 76

1. Unit Testing 2. Integration Testing 3. System Testing 4. User acceptance testing

Answer 77

When test cases are creates in an array, and the it function is inside a loop iterating through array

Answer 78

targets failures in applications at the boundaries of equivalence classes

Answer 79

Unit, Integration Testing

Answer 80

1. Statement testing 2. Edge (decision) testing 3. Condition testing 4. Path testing

Answer 81

1. Entire modules are fully integrated 2. all test cases are executed 3. Severe and moderate defects have been fixed

Answer 82

1. Large size of test | 2. complex structure of system

Answer 83

Decision table

Answer 84

The program exhibits the same behaviour under testing compared to production. This ensure only one test case for each equivalence class is sufficient

Answer 85

1. All expected inputs | 2. All unexpected inputs

Answer 86

No, because it is highly dependent on clarity of quality requirements

Answer 87

EC weak robust

Answer 88

(multiple fault assumption) one from each class in cartesian product

Answer 89

selecting paths through control flow to explore sequences of events related to the status of variables

Answer 90

- rigorous test definitions - mathematical analysis - precise measurements

Answer 91

1. Emulated Environment | 2. Real Production Environment

Answer 92

Testing: Confirming the presence of defects Debugging: Locating and fixing defects

Answer 93

1. tast data to input | 2. expected output

Answer 94

Collection of one or more test cases

Answer 95

1. Set up the environment | 2. prepare test scripts

Answer 96

Contain data and instructions for testing

Answer 97

System that performs checking of correctness of observed behaviour

Answer 98

Determination of input-output behaviour

Answer 99

1. cover all statements 2. cover all branches 3. cover all loops

Answer 100

The percentage of parts of an implementation exercised by a test suite

Answer 101

Calls out the parts of an implementation that must be exercised to satisfy an implementation-based test model

Answer 102

A sequence of statements in a program unit

Answer 103

An execution instance of a program unit

Answer 104

A fault may occur to make the program take an unintended path

Answer 105

A decision-to-decision path, which is a collection of chains obtained from a CFG?

Answer 106

1 indegree, 1 outdegree

Answer 107

1. single node with indeg=0 (initial) 2. single node with outdeg=0 (final) 3. single node with branch 4. single node, no branch 5. Maximal chain of nodes

Answer 108

F: It is a condensation graph

Answer 109

Enable precise descriptions of test coverage

Answer 110

F: metrics quantify testing effectiveness

Answer 111

Statement coverage

Answer 112

Every predicate outcome coverage

Answer 113

Multiple Condition Coverage

Answer 114

predicate/edge coverage | branch coverage

Answer 115

Dependent DD-path pair coverage

Answer 116

loop coverage

Answer 117

Tests evaluate each predicate to true and false (does NOT consider every boolean combination) Edge coverage

Answer 118

Includes edge coverage + coverage of dependent path pairs

Answer 119

Iff there is a define/reference relationship between the paths

Answer 120

Tests all possible outcomes of boolean expressions

Answer 121

Tests each possible combination of inputs for each decision

Answer 122

A modification of MCC, which requires each condition to independently affect the outcome of a decision

Answer 123

1. traverse the loop | 2. Exit (skip) the loop

Answer 124

``` The loop index is given a: minimum minimum + nominal maximum - maximum ```

Answer 125

Loop structure can be collasped into a single node

Answer 126

Apply data flow analysis testing techniques

Answer 127

Start with inner most loop, proceed outwards

Answer 128

- determine gaps in test cases - identify tests to fill gaps - establish quantitative measure for efficiency and effectiveness

Answer 129

1. Meet Deadline 2. Exhaust Budget 3. Achieved Desired Coverage 4. Achieved Desired Failure Intensity

Answer 130

It is insensitive to some control structures

Answer 131

False: same rank as NON-branching statements

Answer 132

Whether boolean expressions are evaluated to both true and false. The entire Boolean expression is considered one true/false predicate

Answer 133

- switch cases - exception handlers - interrupt handlers

Answer 134

Produces gaps in test code written in languages that support short-circuit logic operators

Answer 135

When the entirety of a statement is not necessarily executed e.g. (f1() || f2()) If f1() is true, f2() is never invoked

Answer 136

Whether each function is invoked

Answer 137

Whether each function call is executed

Answer 138

Reports the T/F outcome of each boolean expression (measures each sub-expression independently)

Answer 139

Hypothesis: faults commonly occur in interfaces between modules

Answer 140

Condition/decision coverage A hybrid measure, the union of condition and decision coverage

Answer 141

call pair coverage

Answer 142

Whether every possible combination of Boolean sub-expressions occurs

Answer 143

path coverage

Answer 144

Condition coverage | but MCC has more test cases

Answer 145

Tedious to determine minimum set of test cases required

Answer 146

Whether each possible path is executed

Answer 147

1. 0 iterations | 2. >0 iterations

Answer 148

1. number of paths is exponential to number of branches | 2. many paths are impossible to execute

Answer 149

1. number of paths is exponential to number of branches | 2. many paths are impossible to execute

Answer 150

Whether test has exercised each path of length n branches

Answer 151

to identify the test data for the application and to test if it correctly implements all functionalities

Answer 152

Explicit knowledge of the internal workings of the system (example examining the code) is used to select test data

Answer 153

Given a program, it's graph is a directed and labelled graph where nodes: are individual or groups of statements and edges: represent flow of control

Answer 154

All practically possible paths through a graph, based on program logic

Answer 155

The program exhibits the same behaviour under testing compared to production. This ensure only one test case for each equivalence class is sufficient

Answer 156

Capture the essence of V

Answer 157

a linear combination of elements of B

Answer 158

1. select a baseline path, with as many decisions as possible 2. retrace the paths visited and flip conditions one at a time 3. repeat until all flips considered

Answer 159

The upper bound on number of test cases to achieve edge coverage

Answer 160

lower bound of number of test cases | because of loops

Answer 161

source code | path selection criterion

Answer 162

1. generate CFG 2. select paths 3. generate test input data 4. feasibility test of path 5. evaluate output

Answer 163

All theoretically possible paths through a graph

Answer 164

All practically possible paths through a graph, based on program logic

Answer 165

Targeting faults in the application using regions that contain expected inputs and unexpected inputs

Answer 166

classes of valid inputs

Answer 167

classes of valid and invalid inputs

Answer 168

(single fault assumption) one from each class

Answer 169

(multiple fault assumption) one from each class in cartesian product

Answer 170

1. Equivalence Class Testing (ECT) 2. Boundary Value Testing (BVT) 3. Decision Table Testing (DTT)

Answer 171

1. Testing effort 2. Testing efficiency 3. Testing effectiveness

Answer 172

Identification effort vs. execution effort Graph 1: identification effort vs. sophistication Graph 2: execution effort vs. sophistication (graph 1 and 2 are inversely proportional)

Answer 173

False, however structural testing can provide metrics for the quantification of efficiency

Answer 174

False, however structural testing provides metrics for the quantification of effectiveness

Answer 175

Equivalence Class testing

Answer 176

Equivalence class testing

Answer 177

Equivalence class testing or Decision Table Testing

Answer 178

Decision Table Testing

Answer 179

1. Rigorous Test Definitions 2. Mathematical Analysis 3. Precise measurements

Answer 180

No, nearly impossible within practical time boundary. Instead, heuristics are applied.

Answer 181

Effectiveness

Answer 182

% of code parts executed by a test suite

Answer 183

A path is a sequence of statements in a program

Answer 184

A path is an execution instance of the program unit

Answer 185

They enable a precise description of test coverage

Answer 186

The extend to which a set of test cases covers a program

Answer 187

A family of test strategies based on selecting paths to explore sequences of events related to status of variables

Answer 188

control flow graph

Answer 189

1. defined then defined again 2. undefined but referenced 3. defined but not referenced

Answer 190

(d) Defined, created, initialized (u) used - (c) in calculation - (p) in predicate (k) killed, undefined, released

Answer 191

A statement where a variable is defined DEF(v,n)

Answer 192

A statement where a variable is used (predicate=p-use, calculation=c-use) USE(v,n)

Answer 193

Multiple Condition Coverage

Answer 194

determine gaps in test cases

Answer 195

The percentage of executable statements of code excised by set of test cases

Answer 196

does not report on some control structures

Answer 197

reports if boolean expressions in control structures are evaluated to true and false values

Answer 198

produces gaps in tested code if language short circuits logical operators

Answer 199

Reports on whether each function in the program has been invoked

Answer 200

Reports on whether each function call in the program has been executed

Answer 201

reports on the true-false outcome of each boolean sub expression (Like Decision coverage but better sensitivity to control flow)

Answer 202

reports whether every possible combination of boolean sub expressions occurs

Answer 203

reports on every possible combination of boolean sub expressions that occur, but requires enough test cases to verify every condition that can effect the result of its encompassing decision

Answer 204

reports on whether each possible path in each function has been followed

Answer 205

1. # of paths exponential to number of branches | 2. Many paths are impossible to exercise due to relationship of data

Answer 206

False, DECISION coverage includes STATEMENT coverage

Answer 207

to generate effective & efficient test cases

Answer 208

1. select a baseline path corresponding to normal program execution 2. Retrace paths visited 3. Flip the conditions one at a time 4. Process repeats until all conditions have been considered

Answer 209

Used to identify upper bound on number of test cases to ensure edge coverage. Due to loops, actually usually the lower bound

Answer 210

1. Generation of CFG 2. Selection of paths 3. Generation of test input data 4. Feasibility test of a path 5. Evaluation of test case output

Answer 211

Functional testing

Answer 212

Path Testing

Answer 213

Basis path testing

Answer 214

1. Defined then defined again 2. Undefined but referenced 3. Defined but not referenced

Answer 215

Defined, created, initialized

Answer 216

calculation

Answer 217

killed, undefined, released

Answer 218

Systematic technique for constructing new system architecture; conducting tests to uncover errors associated with interface & interaction among units

Answer 219

1. Internal (Invocation, Parameters, Invocation return) 2. External (Event, I/O) 3. Interaction

Answer 220

1. Based on functional decomposition 2. Based on call graph 3. Based on paths

Answer 221

``` a triple (x,d,u) x is a variable d is a definition node of x u is a statement or predicate usage node of x ``` AND there is a subpath from d to u, with no other definition of x between d and u

Answer 222

A definition-use subpath with respect to v from node m to n, where DEF(v,m) and USE(v,n)

Answer 223

A definition-clear subpath. Same as a du-path, but there are no other defining nodes for v in the path

Answer 224

All-defs criteria | All-uses criteria

Answer 225

Each definition of variable has a clear path to A use of variable

Answer 226

For every variable, there are dc-paths from every defining node of v to EVERY use of v AND to the successor node of each USE(v,n)

Answer 227

All-C-Uses | All-P-Uses

Answer 228

All du paths criteria Requires that every du path from every definition to use be exercised under test

Answer 229

If every test suite that satisfies C1 also satisfies C2

Answer 230

False - only if they both subsume each other

Answer 231

interfaces and interaction among units

Answer 232

- take unit tested modules and build a system structure, replacing stubs - very whether system architecture conforms to quality requirements

Answer 233

- internal (between units) - external (events, I/O) - interaction (among modules)

Answer 234

1. Based on functional decomposition 2. Based on call graph 3. Based on paths

Answer 235

Non-incremental | incremental

Answer 236

top down bottom up sandwich

Answer 237

- test top layer first (main) - gradually add units reference/required by tested units - requires test stubs to simulate input/output of missing subsystem

Answer 238

- test cases defined in terms of functional requirements | - verifies major control points early in test process

Answer 239

- stubs will be discarded (waste) - writing stubs difficult - no significant data flow can occur until later in testing process

Answer 240

test lowest level first gradually include units that reference/require previously tested units requires test drivers

Answer 241

verifies low level data processing early no need for stubs

Answer 242

driver modules needed (waste) drivers do no contain complete algorithm --> testing may be incomplete

Answer 243

A "fake" routine that requires a subsystem and passes a test case to it

Answer 244

hybrid of top down and bottom up proceeds using functional groups of units, based on control/data processing integration within group alternates between low and high

Answer 245

Advantages of top down and bottom up Minimizes need for drivers and stubs

Answer 246

Requires disciplined approach so that integration doesnt tend towards big bang scenario

Answer 247

interaction dependency

Answer 248

the call graph

Answer 249

1. pair wise | 2. neighborhood

Answer 250

restrict testing essions to just a pair of units in the call graph

Answer 251

one for each edge in the call graph

Answer 252

the set of nodes that are one call edge away from the given node

Answer 253

reduces number of test sessions

Answer 254

flow dependency

Answer 255

interaction among units beyond testing interfaces among seperately tested units

Answer 256

structural

Answer 257

behavioral

Answer 258

a statement that begins or resumes execution

Answer 259

a statement that terminates execution (ends or transfers control to another unit)

Answer 260

Module execution path | - a sequence from a source to sink node, with no sink node in between

Answer 261

A mechanism where one unit transfers control to another

Answer 262

A module message path - a sequence of MEPs and messages, that crosses unit boundaries

Answer 263

a directed graph where nodes are MEPs and edges are messages

Answer 264

composition of units and composition based integration testing

Answer 265

continous integration regular, comprehensive and automatic building and testing

Answer 266

the build the tests the deployment

Answer 267

1. commit changes to source code 2. build server executes master build script (or delegates) 3. Notify team of build results thrrough feedback machanism

Answer 268

1. environment based on stability 2. maintain a code repository 3. commit frequently 4. build every commit 5. add testing to build 6. make the build self-testing

Answer 269

False: Interaction-based testing is behavioural

Answer 270

True Interface -> Structure

Answer 271

- new code must be reviewed - new code mut be unit tested - release note must be available

Answer 272

CI - continuous improvement CT - testing CD - delivery & deployment CM - monitoring

Answer 273

CI - continuous improvement CT - testing CD - delivery & deployment CM - monitoring

Answer 274

For every variable v, T contains all def-clear paths from every def of v to every p-use of v AND if a def of v has no p-uses, there is a def-clear path to at least one c-use

Answer 275

For every variable v, T contains all def-clear paths from every def of v to every c-use of v AND if a def of v has no c-uses, there is a def-clear path to at least one p-use

Answer 276

ensures changes in a program do not affect functionality, features and behaviour that should not be affected

Answer 277

1. Test All 2. Random 3. Selecting Modification Traversing Tests

Answer 278

Select a subset of original tests so that successful execution of modified code implied all functionality carried over from previous version of code is covered

Answer 279

Does not discard any tests that will traverse a modified or impacted statement

Answer 280

execution trace of program p for test t is the sequence of nodes in a CFG that are traversed when p is executed against t

Answer 281

Does not discard any tests that will traverse a modified or impacted statement

Answer 282

execution trace of program p for test t is the sequence of nodes in a CFG that are traversed when p is executed against t

Answer 283

many times throughout product life, possibly once after every modification

Answer 284

exhaustive

Answer 285

identifying obsolete tests to exclude from regression testing

Answer 286

not feasible with tight deadlines

Answer 287

may not select all tests that exercise modified part of code

Answer 288

a test vector for node n is the set of tests that traverse n the CFG

Answer 289

Used in test selection Built for each node of CFG(P) and CFG(P')

Answer 290

traverse CFG(P) and CFG(P') using a recursive descent procedure If n and n' are syntactically different, all tests in test(n) are added to Tr

Answer 291

1. find execution trace for each test in T 2. Extract test vector Test(n) for each node n 3. Build syntax tree for each node in CFG(P) and CFG(P') 4. Use SelectTests to determine Tr

Answer 292

The set of statements in P that lie in trace(t) and affect the value of v at location L DS(t,v,L)

Answer 293

the dynamic slice is empty

Answer 294

Dynamic dependence graph Shows data dependence between statements Needed to obtain dynamic slice

Answer 295

1. Add a node for each declaration (no edges) 2. Add the first node in trace(t) 3. For each successive statement in trace(t): - add a new node n - add control/data dependence edges from n to existing nodes

Answer 296

1. obtain trace(t) 2. Build DDG 3. Identify node n (from L) that contains last assignment to v 4. Find the set DS(t,v,n) of all nodes reachable from n, including n itself) If any modified statements are in DS(t), add t to Tr

Answer 297

Set of tests that traverse node n in a CFG

Answer 298

testable entities

Answer 299

statements branches def-use paths functions

Answer 300

1. compute all subsets of Tr, starting with smallest one | 2. Stop when a subset that covers all entities covered by Tr is found

Answer 301

1. compute all subsets of Tr, starting with smallest one | 2. Stop when a subset that covers all entities covered by Tr is found

Answer 302

1. find t in Tr that covers max # of entities 2. Add t to Tr min 3. Remove t from Tr, remove covered entities from consideration 4. Repeat until all entities covered

Answer 303

1. identify testable entity 2. For every t, determine which entities are covered 4. Find minimal subset Tr min that covers every entity

Answer 304

- don't discard tests that could reveal an error | - increase likelihood of revealing faults earlier in testing

Answer 305

cost(execution time) | risk (of NOT running test)

Answer 306

1. identify testable entity 2. For each test in T, compute number of entities covered 3. Arrange tests in order of respective coverage

Answer 307

verify whether implementation at system level conforms to QR (quality requirements)

Answer 308

a constructed "reasonably stable" emulated-production enviornment

Answer 309

``` Functionality performance security load stress scalability robustness ```

Answer 310

performance of system as defined in quality framework

Answer 311

loading screens | multi-threaded UIs

Answer 312

benchmarking | profiling

Answer 313

absolute performance of application

Answer 314

coarse-grained

Answer 315

execution runtime memory usage response time

Answer 316

- reduce I/O routines - lazy evaluation (dont read/compute something until you need it) - hashing, caching (combine database queries)

Answer 317

contiguous

Answer 318

Use hash-based structures - for sorted order ---> TreeMap - for insertion order --> LinkedHashSet

Answer 319

- stop when you know the answer - hoist loop-invariant code outside the loop - use lookup tables

Answer 320

caching previous results

Answer 321

Compiler may already be optimizing code

Answer 322

relative system statistics (fine-grained)

Answer 323

- point profile (events simple, independent) | - context profile (simple ordered events)

Answer 324

context profile

Answer 325

1. insertion (place profiling code into program) | 2. sampling (monitor CPU at regular intervals, save snapshot)

Answer 326

pros: accurate, can be used on multiple platforms cons: requires recompiling, may affect performance

Answer 327

pro: no modification of app required cons: - less accurate - small methods may be missed - hard to monitor memory usage

Answer 328

Android Profiler | Java hprof

Answer 329

- CPU profiling slows down code a lot - CPU samples dont measure everything - output files are very large

Answer 330

1. confidentiality 2. integrity 3. authentication 4. authorization 5. availability 6. non-repudiation

Answer 331

A measure intended to prevent the later denial that an action happened, or a communication that took place etc.

Answer 332

1. security architecture adheres to security policy 2. security mechanisms are trustworthy 3. applications that constitute the system are trustworthy (not malware)

Answer 333

specification used as a guide to enforce security constraints

Answer 334

subsystems communication links between the subsystems

Answer 335

threat/severity modeling

Answer 336

1. identify assets w/ security quality requirements 2. create architecture overview 3. decompose application 4. identify threats 5. document threats 6. rank threats

Answer 337

- damage potential - reproducibility (probability of success) - exploitability - affected users

Answer 338

- develop software sensors - create self-diagnostic models - automatically disable features when attacked - evolve software by learning from attacks

Answer 339

``` vulnerability scanning security scanning penetration testing ethical hacking risk assessment security auditing posture assessment and security testing password cracking ```

Answer 340

a number of penetration tests over the wide network on the system under test.

Answer 341

It combines Security Scanning, Ethical Hacking and Risk Assessments to show an overall Security Posture of the organization.

Answer 342

interviews, discussions, analysis

Answer 343

verify that they... - have been developed using secure coding practices OR -are not malware

Answer 344

C/C++ code - buffer overflow - format string - integer

Answer 345

An instance of a fault in qr, development, or configuration of software that can violate security policy

Answer 346

``` buffer overflows heap overflows format string vulnerabilities cross-site scripting XSS cross site request forgery XSRF Cross site script inclusion XSSI SQL injection path traversal DoS configuration vulnerabilities AJAX vulnerabilities ```

Answer 347

Reading/writing past the end of a buffer causes overflow, so any data allocated near buffer can be read and modified

Answer 348

1. arrange for code to be available in buffer | 2. overflow buffer so program jumps to attack code

Answer 349

1. inject the code as input string | 2. use code already in the program

Answer 350

- write good code - non-executable buffers testing - array bounds checking - code pointer integrity testing - fault injection tools - static analysis tools

Answer 351

cross site scripting attacker injects code into contents of website

Answer 352

-reflected attack: attack is in the request itself (URL) stored attack: attack is stored in the application, victim triggers attack by browsing to page on server

Answer 353

attacker injects script into SQL query, can read or overwrite database

Answer 354

Don't build queries with string concatenation, use API calls instead

Answer 355

cross site request forgery allows attacker to transmit unauthorized commands from a user the website trusts

Answer 356

Cross site script inclusion attacker enforces server to perform actions user did not intend to perform

Answer 357

attacker can read files from folders they should not have access to

Answer 358

denial of service allows attacker to make a server unable to service ordinary requests - overload server with requests - manipulate security holes (crash server, overload memory, etc)

Answer 359

attacker controls system by knowing default system configurations such as usernames, passwords, setting

Answer 360

Attacker can access copy of same application and see default configuration

Answer 361

malicious software program that works against system's user or owner

Answer 362

identifies malware by looking for unique signatures in code of each program maintains a database of virus signatures

Answer 363

nature | operation

Answer 364

``` viruses worms trojan horses backdoors mobile code adware sticky software ```

Answer 365

self-replicating malware that must be executed by user to propagate

Answer 366

self-replicating (like virus) that uses internet to spread, does not require human intervention. Can spread in data packets in software or via email

Answer 367

seemingly innocent program containing hidden malware easy to create on windows, as file type determined by extension not header

Answer 368

create covert access channel that attacker can use to connect, control or spy on user

Answer 369

targets mobile users, pretends to create better browsing experience (java applets, ActiveX) user may see warning, but most will click okay

Answer 370

forces ads on users, usually bundled with free software gathers user data, slows performance

Answer 371

prevents users from uninstalling does not support uninstall feature OR uses key registry to launch malware on boot

Answer 372

verify QR related to systems ability to remain stable for long period under full load

Answer 373

verify QR related to how gracefully system handles extreme load conditions, and level of data loss under extreme load

Answer 374

verify qr related to ability t oscale up to its engineering limits

Answer 375

data storage computing capacity network bandwidth

Answer 376

availability degraded node on-line insertion and removal power cycling

Answer 377

verify qr related to ability to recover from failures without impacting operation of system

Answer 378

verify qr related to ability to remain operational after portion of system becomes non-operational (AKA failure containment)

Answer 379

verify qr related to handling and recover due to on-line insertion and removal of modules

Answer 380

verify qr related to system recovery after power is restored from glitch in deployment environment

Brainscape's Knowledge GenomeTM

SE4452 Testing FINAL Flashcards

Brainscape's Knowledge Genome^TM