The security testing means "how safe system working from 
external threats"

the level of security testing varies with the type of 
application.

the application/product/project may be any one of the 
following
         1.Desk Top 
         2.client Server
         3.Web based Application

when we are coming down from desk top to web based 
application the security measures increases.
For testing strategy varies with the type of application.

some important areas of security testing are
         1.Uncontrolled System Access(By intruders)
         2.Operating system  flaws
         3.Communication system Flaws
         4.Weak encryption algorithims.....etc

security testing: 
  The process to determine that an information system (IS) 
protects data and maintains functionality as intended.

general aspects of security testing


Authorization
Access control
Encryption/Decryption

Security Testing mainly deals with Authorization and 
authentication

Authentication: Users need to be user accts to enter into 
App
Authorization: Users must have permissions to view the pages

Security is a primary concern when communicating and 
conducting business- especially sensitive and business- 
critical transactions - over the internet. 

The user wants assurance that personal and financial 
information is secure. Finding the vulnerabilities in
an application that would grant an unauthorized user
access to the system is important.

In security testing you must and should conduct 
session Tracking is very important in web applications.

Security is nothing but we check authorization and access 
controls
we check with firewalls and cryptography in web applications

exclamation privilege, cookies poisoning, cross-site 
scripting, sql injection, spoofing password, access 
denial, authorization, etc are included in security test on 
web application

verify the application whether it is securable are not from 
unauthorerised access and permissions.


during security testing testing team verifies

1)autherisation
2)access control
3)encription/decription

DURING THIS TESTING TESTERS WILL VERIFY THE SECURITY ISSUES
OF THE APPLICATION LIKE AUTHORIZATION AND ACCESS CONTROL

security testing mainly focuses on testing any
organization's system strength or safety.For example it
could be testing for external threats.

Security testing is verifying whether the user has access 
to particular webpages he is trying to access to ( web 
applications) and granting privileges according to that 
particular user.

In client server technology user tries to access server 
pages which should be through a third party and hence 
certain security layers should be passed.( credit card 
transactions)

Visit Below link to Know Answer

http://www.fullinterview.com

we oprate our system so its our responsbility for our 
security testing we will have to follow some preqations for 
this


1.if we are using internet so its may ne problemetic 
because some of the viruses and hackers corrept our systen 
so should save form these.

2.firewall should be on and make some inbound and outbound 
rules also.

3.should be installed licence antivirus in our system.

4.if we always use pendrive in our syatem it may be 
harmfull for our system so when we connect usbdrive firstly 
press shift key continu then insert usbdrive.

5.our system password may be complex .

6.we should apply group policy sothat normal user could not 
access other programs.

                          thaks.............

Securing the USER'S files(data) or information from the
unauthorised user or especially from the "HACKERS"

The security testing is performed to check whether there is 
any information leakage in the sense by encrypting the 
application or using wide range of software’s and 
hardware's and firewall etc.

Before planning for Security Testing, you will need to 
think about the following parameters:

Authentication - Testing the authentication schema means 
understanding how the authentication process works and 
using that information to circumvent the authentication 
mechanism. Basically, it allows a receiver to have 
confidence that information it receives originated from a 
specific known source.
Authorization - Determining that a requester is allowed to 
receive a service or perform an operation.
Confidentiality - A security measure which protects the 
disclosure of data or information to parties other than the 
intended.
Integrity – Whether the intended receiver receives the 
information or data which is not altered in transmission.
Non-repudiation - Interchange of authentication information 
with some form of provable time stamp e.g. with session id 
etc.

security testing is a process to check two thing one is
authentication and other is authorization.both are very
important for security testing.
authorization:in which a user is authorized for that page or
not. 
authentication: Users need to be user accts to enter into 
App.
developer check in security testing:
1-authentication
2-authorization
3-access control
4-encryption/description

Hi
Security in web simply means ,"how confidential the
information is from the other user other then the
supposed/actual recipient".

Hence Security testing signifies forbidding the leakage of
information during encryption of data. 

security testing means checking entry and exits.

security is much important the system,because other people
are hide the system thats way security testing is important.

Security is a primary concern when communicating and 
conducting business- especially sensitive and business- 
critical transactions - over the internet. 

The user wants assurance that personal and financial 
information is secure. Finding the vulnerabilities in
an application that would grant an unauthorized user
access to the system is important.

it is done at testing site to ensure that whether the 
application is eligible for further testing or not.