nerdexam
EC-Council

312-50V13 · Question #71

To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program. What t

The correct answer is D. Fuzzing. Fuzzing is an automated software testing technique that involves providing invalid, unexpected, or random data as input to a computer program to expose software bugs, memory leaks, or security vulnerabilities, often leading to crashes. This method is particularly effective for te

Submitted by ahmad_uae· Mar 6, 2026Vulnerability Analysis

Question

To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program. What term is commonly used when referring to this type of testing?

Options

  • ARandomizing
  • BBounding
  • CMutating
  • DFuzzing

How the community answered

(14 responses)
  • A
    7% (1)
  • D
    93% (13)

Why each option

Fuzzing is an automated software testing technique that involves providing invalid, unexpected, or random data as input to a computer program to expose software bugs, memory leaks, or security vulnerabilities, often leading to crashes. This method is particularly effective for testing how a program handles a wide range of improper inputs.

ARandomizing

Randomizing is a general term for making something random and does not specifically refer to the automated testing process of generating invalid input to crash a program.

BBounding

Bounding refers to testing at the boundaries or limits of input ranges (e.g., minimum, maximum values) to ensure correct handling, rather than specifically generating random invalid inputs to induce crashes.

CMutating

Mutating typically refers to altering existing test cases slightly to create new ones, or in a security context, modifying known malicious input to create variants, rather than generating entirely new random invalid input for robustness testing.

DFuzzingCorrect

Fuzzing is a testing technique that systematically injects malformed, unexpected, or random data (fuzz) into a computer program's inputs to discover software defects, such as crashes, memory leaks, or assertion failures, which often indicate underlying security vulnerabilities. It directly aligns with determining how a program handles a wide range of invalid input.

Concept tested: Fuzzing for vulnerability testing

Source: https://learn.microsoft.com/en-us/security/engineering/fuzzing

Topics

#fuzzing#software testing#vulnerability testing#input validation

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice