Testing Methods (Software) Flashcards
What are the three types of system testing?
Black-box
White-box
Grey-box
What is Black-box testing?
The tester is given no information about the system or program before testing.
What is White-box testing?
The tester is given the full details of the system or app, including the source code, diagrams, and user credentials before the test.
What is Grey-box testing?
This is a mixture of Black-box and White-box.
Structured Exception Handling (SEH)
Provides control over what the application should do when faced with a runtime error.
What is Input Validation and what attacks does it perform?
Applications verify that information received from a user matches a specific format or range of values.
Cross-Site Scripting
SQL Injection
Buffer Overflow
How does Static Analysis run its test?
Source code of an application is reviewed manually or with automatic tools “without running code”.
How does Dynamic Analysis test the program?
Analysis and testing of a program occurs while its being executed, or run.
When performing Fuzzing, what is injected into the input field, and what kind of errors are you looking for?
Injection of randomized data into a software program in order to try and get it to fail, memory leak, or find error handling issues and improper input validation.