CISSP Question #1415: Real Exam Question with Answer & Explanation

The correct answer is C: Negative testing. Negative testing is the best method a security practitioner can use to ensure that systems and sub-systems gracefully handle invalid input. Negative testing is a type of software testing that involves providing invalid, unexpected, or erroneous input to the system or sub-system,

Submitted by fernanda_arg· Mar 5, 2026Software Development Security

Question

Which of the following is the BEST method a security practitioner can use to ensure that systems and sub-systems gracefully handle invalid input?

Options

AUnit testing
BIntegration testing
CNegative testing
DAcceptance testing

Explanation

Negative testing is the best method a security practitioner can use to ensure that systems and sub-systems gracefully handle invalid input. Negative testing is a type of software testing that involves providing invalid, unexpected, or erroneous input to the system or sub-system, and verifying how it responds or handles the input. Negative testing can help to identify and eliminate bugs, errors, exceptions, and vulnerabilities in the system or sub-system, and to ensure that it does not crash, freeze, or behave unpredictably when faced with invalid input. Negative testing can also help to improve the security, reliability, and usability of the system or sub-system, and to ensure that it meets the functional and non-functional requirements.

Topics

#negative testing#input validation#software testing#secure coding

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions