312-50V10 · Question #142
Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?
The correct answer is D. Fuzzing Testing. Fuzzing is an adaptive testing technique that sends massive amounts of random or malformed data as input to discover vulnerabilities, crashes, or unexpected behavior in an application.
Question
Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?
Options
- AFunction Testing
- BDynamic Testing
- CStatic Testing
- DFuzzing Testing
How the community answered
(49 responses)- A2% (1)
- B6% (3)
- C2% (1)
- D90% (44)
Why each option
Fuzzing is an adaptive testing technique that sends massive amounts of random or malformed data as input to discover vulnerabilities, crashes, or unexpected behavior in an application.
Function testing validates that specific application functions meet defined requirements using expected inputs, not random or massive data volumes.
Dynamic testing refers broadly to executing the application to observe its behavior, but it does not specifically describe the technique of injecting large amounts of random data.
Static testing analyzes source code, documentation, or binaries without executing the program, making it unable to observe runtime output changes from random inputs.
Fuzzing (fuzz testing) is specifically defined as the practice of submitting large volumes of random, malformed, or unexpected data to an application to observe how it responds. In the context of SQL injection testing, fuzzers generate varied malicious payloads to uncover input validation flaws and coding errors that static or structured tests might miss.
Concept tested: Fuzz testing for SQL injection discovery
Source: https://owasp.org/www-community/Fuzzing
Topics
Community Discussion
No community discussion yet for this question.