Answer / balu

using three methods the sequerity is provided

1) Authorazation/Authentication
Allowing valid user and preventing invalid users.....

2) Access Control
Permission to valid user to access user
fctionalitites in software build.

3) Encryption/Dis\cryption
Data conversions in b/n client process and server
provcess to prevent third party avccessing

Answer / anjani dubey

There is different type of methods are using for security
testing
1)Authorization and Authentication:For checking the valid
and invalid user.
2)Access Control:access permission to valid user to access
user functionalities in application.
3)Encryption and Decryption: Data conversions in between
client process and server process to prevent third party
accessing

The above techniques using for security testing for web
application.

Answer / chandu

to provide the security to webapplictions by giving some
algorithms and security certificates, i can give one example.

suppose dotnet application provides itself security to its
applications, like sha algorithm,or we can purchase security
certificates,
testing point of view we can check weather the data is
encrypting or not and one more we should check the URL paths
whether the url is showing our usernames and passwords

thanks
chandu

Answer / gowrisankar.m

Security Testing means, One will perform Testing on the
Security Issues of that Application. i.e checking whether it
is properly secured or not. This can be done in 3 ways.

1) Authorization Testing:
---------------------------
It means testing the application by entering different User
Names and Passwords. The application should work only
Authorized persons only.

2)Direct URl Testing:
----------------------
It means by performing Testing on application by copying
the URL's of some secured pages and past it in the Browser,
then it should not work.

3)Firewall Leakage Testing :
-----------------------------
This testing involves that the User Enters in to the
Application as one level of user and try to Access the
application as another Level of User, then the application
should not work for this actions.

Answer / naren

Security testing means whether our web application is
vulnerable for hackers.
1.X-SS Cross Site Scripting
2.URL Injection

1.Testing engineer find a new bugs But that function not avaiable in testcase. How do approach the develper to fixes bugs ?

1 Answers  

. Diff. between Application server and web server? 2. Default port number of Tomcat? 3. bug life cycle? 4. what is defered status in defect life cycle? 5. smoke test? 6. Do you use any automation tool for smoke testing?? 7. verification and validation? 8. Testing process in your comp.? 9. Testing methodology? 10.when a bug is found what is the 1st action? 11.what is best bug in your current proj. which you found?? 12.what is test plan and explain its contents? 13.Advantages of automation over mannual testing? 14.explain some SDLC models? 15.ADhoc testing? 16.what is mean by release notes? 17.what are all the contents of release checklist? 18.when a new build comes what is 1st action?(performing smoke test). 19.how many test cases will you write for 1 day? 20.what is the bugbase do you use in your comp.?

3 Answers   BeBo Technologies,

What is Service Pack?

2 Answers  

Written Paper at Net Solutions: 1) Difference between Smoke Testing and Sanity Testing. 2) Bug life cycle. 3) Write the steps followed in STLC in your company. 4) Define: 1) BVA (Boundary Value Analysis) 2) ECP (Equivalence Class Partitioning) 5) Write test cases for a login screen with following fields/buttons: Username: Password: Login (Button) Cancel (Button)

2 Answers   Net Solution,

In Testing why We need to Write Testcases compalsarly.

19 Answers   BirlaSoft,

what is Software Development Life Cycle (SDLC)?

1 Answers   iFlex, STC,

I give you a functional requirement document(FRD) of 10 pages.Now you tell me,how to calculate Test effort,As i Need to say to the client ?

3 Answers   Satyam,

Scenario-based testing Option 1 concentrates on actor and software interaction Option 2 misses errors in specifications Option 3 misses errors in subsystem interactions Option 4 Both 1 abd 2

0 Answers   Infosys,

What types of code coverage do you know?

1 Answers   3i Infotech,

what is forward & backword tracebility matrix?

1 Answers  

compatibility testing?

2 Answers   NDS,

In testing environment have you ever found any areas for improvement while you at work. (Please give some real life example).

0 Answers