Reply / rajendra prasad reddy
The security testing means "how safe system working from
the level of security testing varies with the type of
the application/product/project may be any one of the
3.Web based Application
when we are coming down from desk top to web based
application the security measures increases.
For testing strategy varies with the type of application.
some important areas of security testing are
1.Uncontrolled System Access(By intruders)
2.Operating system flaws
3.Communication system Flaws
4.Weak encryption algorithims.....etc
Reply / sivakumar kundan
The process to determine that an information system (IS)
protects data and maintains functionality as intended.
Reply / vamci
general aspects of security testing
Reply / uday kumar
Security Testing mainly deals with Authorization and
Authentication: Users need to be user accts to enter into
Authorization: Users must have permissions to view the pages
Reply / Monica
Security is a primary concern when communicating and
conducting business- especially sensitive and business-
critical transactions - over the internet.
The user wants assurance that personal and financial
information is secure. Finding the vulnerabilities in
an application that would grant an unauthorized user
access to the system is important.
Reply / prasadbabu1
In security testing you must and should conduct
session Tracking is very important in web applications.
Reply / suneel reddy
Security is nothing but we check authorization and access
we check with firewalls and cryptography in web applications
Reply / jay
exclamation privilege, cookies poisoning, cross-site
scripting, sql injection, spoofing password, access
denial, authorization, etc are included in security test on
Reply / ravinder
verify the application whether it is securable are not from
unauthorerised access and permissions.
during security testing testing team verifies
Reply / anitha
DURING THIS TESTING TESTERS WILL VERIFY THE SECURITY ISSUES
OF THE APPLICATION LIKE AUTHORIZATION AND ACCESS CONTROL
Reply / 423553
security testing mainly focuses on testing any
organization's system strength or safety.For example it
could be testing for external threats.
Reply / karthikbk_2000
Security testing is verifying whether the user has access
to particular webpages he is trying to access to ( web
applications) and granting privileges according to that
In client server technology user tries to access server
pages which should be through a third party and hence
certain security layers should be passed.( credit card
Reply / firstname.lastname@example.org
we oprate our system so its our responsbility for our
security testing we will have to follow some preqations for
1.if we are using internet so its may ne problemetic
because some of the viruses and hackers corrept our systen
so should save form these.
2.firewall should be on and make some inbound and outbound
3.should be installed licence antivirus in our system.
4.if we always use pendrive in our syatem it may be
harmfull for our system so when we connect usbdrive firstly
press shift key continu then insert usbdrive.
5.our system password may be complex .
6.we should apply group policy sothat normal user could not
access other programs.
Reply / daviddaniel
Securing the USER'S files(data) or information from the
unauthorised user or especially from the "HACKERS"
Reply / b.sivashankari
The security testing is performed to check whether there is
any information leakage in the sense by encrypting the
application or using wide range of software’s and
hardware's and firewall etc.
Before planning for Security Testing, you will need to
think about the following parameters:
Authentication - Testing the authentication schema means
understanding how the authentication process works and
using that information to circumvent the authentication
mechanism. Basically, it allows a receiver to have
confidence that information it receives originated from a
specific known source.
Authorization - Determining that a requester is allowed to
receive a service or perform an operation.
Confidentiality - A security measure which protects the
disclosure of data or information to parties other than the
Integrity – Whether the intended receiver receives the
information or data which is not altered in transmission.
Non-repudiation - Interchange of authentication information
with some form of provable time stamp e.g. with session id