nerdexam
EC-Council

312-50V11 · Question #517

A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software program properly hand

The correct answer is C. Fuzzing. Fuzzing is a dynamic software testing technique that automatically submits large quantities of random, malformed, or unexpected inputs to an application to discover crashes, vulnerabilities, or improper error handling.

Vulnerability Analysis

Question

A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software program properly handles a wide range of invalid input?

Options

  • AMutating
  • BRandomizing
  • CFuzzing
  • DBounding

How the community answered

(59 responses)
  • A
    7% (4)
  • B
    2% (1)
  • C
    88% (52)
  • D
    3% (2)

Why each option

Fuzzing is a dynamic software testing technique that automatically submits large quantities of random, malformed, or unexpected inputs to an application to discover crashes, vulnerabilities, or improper error handling.

AMutating

Mutation testing modifies existing source code or test cases to verify that the test suite detects the changes, rather than feeding invalid inputs to the program.

BRandomizing

Randomizing is not a formal, recognized software testing methodology and does not describe a structured approach to invalid input generation.

CFuzzingCorrect

Fuzzing (fuzz testing) specifically targets robustness by generating invalid, unexpected, or random data as inputs and observing whether the program crashes or behaves insecurely. It is widely used in security testing to uncover input validation flaws, buffer overflows, and other vulnerabilities that may not surface during normal testing.

DBounding

Boundary value testing (bounding) uses inputs at the edges of valid ranges, not arbitrary invalid or malformed data, to test how a program handles limit conditions.

Concept tested: Fuzz testing for input validation vulnerabilities

Source: https://owasp.org/www-community/Fuzzing

Topics

#fuzzing#invalid input testing#vulnerability discovery#software testing

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice