SY0-301 · Question #824
SY0-301 Question #824: Real Exam Question with Answer & Explanation
The correct answer is B: Application fuzzing. Application fuzzing (fuzz testing) is a dynamic testing technique that sends malformed, random, or unexpected inputs to an application to trigger unexpected behavior, crashes, or security exceptions - thereby revealing unknown vulnerabilities that have not yet been documented or
Question
Options
- APatch management
- BApplication fuzzing
- CID badge
- DApplication configuration baseline
Explanation
Application fuzzing (fuzz testing) is a dynamic testing technique that sends malformed, random, or unexpected inputs to an application to trigger unexpected behavior, crashes, or security exceptions - thereby revealing unknown vulnerabilities that have not yet been documented or patched. It is specifically designed to find zero-day and undiscovered flaws. Option A (patch management) addresses known vulnerabilities, not unknown ones. Option C (ID badge) is a physical access control with no relevance to software vulnerability discovery. Option D (application configuration baseline) documents expected configuration states and can detect unauthorized changes, but it does not actively probe for unknown code-level vulnerabilities the way fuzzing does.
Community Discussion
No community discussion yet for this question.