Home > Software > Testing > Manual-Testing
Interview Questions   Tutorials   Discussions   Programs   Videos   

Manual-Testing - What is mean security testing ? define with example

asked marvit October 7, 2014 02:19 AM  

What is mean security testing ? define with example


1 Answers

answered By shallu   0  

Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protect data and maintain functionality as intended. Due to the logical limitations of security testing, passing security testing is not an indication that no flaws exist or that the system adequately satisfies the security requirements. Typical security requirements may include specific elements of confidentiality, integrity, authentication, availability, authorization and non-repudiation. Actual security requirements tested depend on the security requirements implemented by the system. Security testing as a term has a number of different meanings and can be completed in a number of different ways. As such a Security Taxonomy helps us to understand these different approaches and meanings by providing a base level to work from.

Example Security Testing Techniques

Spoofing Identity

–Attempt to force the application to use no authentication; is there an option to allows this, which a non-administrator can use? –Can you view a valid user’s credentials on the wire or in persistent storage? –Can “security tokens” (e.g. a cookie) be replayed to bypass an authentication stage?

Tampering with the data

–Is it possible to tamper with than rehash the data? –Create invalid hashes and digital sgnatures to verify they are checked correctly.


–Do conditions exist that prevent logging or auditing? –Is it possible to create requests that create incorrect data in an event log?

   add comment

Your answer

Join with account you already have



Ready to start your tutorial with us? That's great! Send us an email and we will get back to you as soon as possible!