Select the threat category for the below request-response Web Request - http://www.somesite.com/page.asp?pageid=10&lang=en&title=Section%20Title Response -
SQL Injection
Cross Site Scripting
Authentication
Forceful browsing
Select Security Testing tools
TamperIE
CookieMonitor
SQL Profiler
All the above
Select the correct script for testing SQL injection threat (Select more than one)
CUST001' AND ‘1’=’1
CUST1001' DROP TABLE OrderDetail --
CUST1001’ OR 1 = 1--
Security testing includes
Penetration testing
Vulnerability Testing
Risk Assessment
None of the above
Select security Testing Objectives
Confidentiality
Integrity
Availability
Functionality Testing
Cross Site Scripting can be executed from (select more than one)
Java Script
VB Script
SQL Server Management Studio
Web service
ActiveX
Flash
Cross Site Scripting can be used to
Steal cookies
Hijack accounts
Execute Flash/ActiveX contents
Force user to download s/w
‘X’ has given a data on a person age, which should be between 1 to 99. Using BVA which is the appropriate one
0,1,2,99
1, 99, 100, 98
0, 1, 99, 100
–1, 0, 1, 99
Which is not a Component testing
Check the memory leaks
Check the robustness
Check the branch coverage
Check the decision tables
Contract and regulation testing is a part of
System testing
Acceptance testing
Integration testing
Smoke testing