EC-Council
412-79V9 · Question #102
412-79V9 Question #102: Real Exam Question with Answer & Explanation
Sign in or unlock 412-79V9 to reveal the answer and full explanation for question #102. The question stem and answer options stay visible for context.
Question
Fuzzing testing or fuzzing is a software/application testing technique used to discover coding errors and security loopholes in software, operating systems, or networks by inputting massive amounts of random data called fuzz, to the system in an attempt to make it crash. Fuzzers work best for problems that can cause a program to crash, such as buffer overflow, cross-site scripting, denial of service attacks, format bugs, and SQL injection. Fuzzer helps to generate and submit a large number of inputs supplied to the application for testing it against the inputs. This will help to identify the SQL inputs that generate malicious output. Suppose a pen tester knows the underlying structure of the database used by the application (i.e., name, number of columns, etc.) that she is testing. Which of the following fuzz testing she will perform where she can supply specific data to the application to discover vulnerabilities?
Options
- AClever Fuzz Testing
- BDumb Fuzz Testing
- CComplete Fuzz Testing
- DSmart Fuzz Testing
Unlock 412-79V9 to see the answer
You've previewed enough free 412-79V9 questions. Unlock 412-79V9 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.