312-50V10 · Question #720
The "black box testing" methodology enforces what kind of restriction?
The correct answer is D. Only the external operation of a system is accessible to the tester.. Black box testing restricts the tester to interacting only with the external interfaces of a system, with no visibility into internal code or logic. This mirrors how an end user or external attacker would interact with the system.
Question
The "black box testing" methodology enforces what kind of restriction?
Options
- AOnly the internal operation of a system is known to the tester.
- BThe internal operation of a system is completely known to the tester.
- CThe internal operation of a system is only partly accessible to the tester.
- DOnly the external operation of a system is accessible to the tester.
How the community answered
(57 responses)- A2% (1)
- B2% (1)
- C4% (2)
- D93% (53)
Why each option
Black box testing restricts the tester to interacting only with the external interfaces of a system, with no visibility into internal code or logic. This mirrors how an end user or external attacker would interact with the system.
Knowing only the internal operation while being blind to external behavior does not describe any standard testing methodology and is the inverse of the correct answer.
Full knowledge of internal operation describes white box (or clear box) testing, not black box testing.
Partial access to internal operation describes gray box testing, which is a hybrid approach between black and white box testing.
In black box testing, the tester has no knowledge of or access to the internal implementation - only the external inputs and outputs are observable. This approach simulates real-world attack scenarios where an adversary has no insider knowledge of the system's architecture or source code. It tests the system purely from an external, functional perspective.
Concept tested: Black box vs white box testing methodology
Source: https://csrc.nist.gov/glossary/term/black_box_testing
Topics
Community Discussion
No community discussion yet for this question.