CompTIA
SY0-301 · Question #470
SY0-301 Question #470: Real Exam Question with Answer & Explanation
The correct answer is B: Fuzzing. Fuzzing tests application reliability by supplying malformed or unexpected user-provided parameters to uncover crashes, data integrity failures, and availability issues.
Question
A security administrator wants to test the reliability of an application which accepts user provided parameters. The administrator is concerned with data integrity and availability. Which of the following should be implemented to accomplish this task?
Options
- ASecure coding
- BFuzzing
- CException handling
- DInput validation
Explanation
Fuzzing tests application reliability by supplying malformed or unexpected user-provided parameters to uncover crashes, data integrity failures, and availability issues.
Common mistakes.
- A. Secure coding refers to development best practices for writing robust and safe code, not a testing technique used to actively probe a running application with unexpected inputs.
- C. Exception handling is a mechanism built into application code to gracefully manage errors at runtime, not a testing approach for evaluating how the application responds to malformed parameters.
- D. Input validation is a preventive control that checks and sanitizes user input before processing, not a reliability testing technique for evaluating application behavior under unexpected or adversarial input.
Concept tested. Fuzzing for application reliability and availability testing
Reference. https://owasp.org/www-community/Fuzzing
Community Discussion
No community discussion yet for this question.