312-50V10 · Question #517
A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software program properly hand
The correct answer is C. Fuzzing. Fuzzing is the security testing technique of feeding a program random, malformed, or invalid inputs to uncover crashes, bugs, and vulnerabilities.
Question
A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software program properly handles a wide range of invalid input?
Options
- AMutating
- BRandomizing
- CFuzzing
- DBounding
How the community answered
(62 responses)- A8% (5)
- B2% (1)
- C85% (53)
- D5% (3)
Why each option
Fuzzing is the security testing technique of feeding a program random, malformed, or invalid inputs to uncover crashes, bugs, and vulnerabilities.
Mutating refers to mutation testing, which modifies source code to evaluate test suite quality, not to test how a program handles invalid input.
Randomizing is not a recognized formal software testing technique - it is a general concept, not a defined methodology for invalid input handling.
Fuzzing (also called fuzz testing) is the automated process of supplying a program with large amounts of random, unexpected, or invalid data to observe failures such as crashes, memory leaks, or assertion errors. It is specifically designed to test how software handles a wide range of invalid input. Tools like AFL and libFuzzer implement this technique to discover security vulnerabilities and stability issues.
Bounding refers to boundary value analysis, which tests values at the edges of valid input ranges rather than broadly generating invalid or malformed input.
Concept tested: Fuzz testing for invalid input handling
Source: https://owasp.org/www-community/Fuzzing
Topics
Community Discussion
No community discussion yet for this question.