Explain about Security Testing in webbased application?
- 2 Answers
- 8668 Views
- Crea, I also Faced
- E-Mail Answers
Answer Posted / ramyab.mca@gmail.com
Hai...
Security Testing:
Following are some test cases for web security testing:
Test by pasting internal url directly into browser address
bar without login. Internal pages should not open.
If you are logged in using username and password and
browsing internal pages then try changing url options
directly. I.e. If you are checking some publisher site
statistics with publisher site ID= 123. Try directly
changing the url site ID parameter to different site ID
which is not related to logged in user. Access should
denied for this user to view others stats.
Try some invalid inputs in input fields like login
username, password, input text boxes. Check the system
reaction on all invalid inputs.
Web directories or files should not be accessible directly
unless given download option.
Test the CAPTCHA for automates scripts logins.
Test if SSL is used for security measures. If used proper
message should get displayed when user switch from non-
secure http:// pages to secure https:// pages and vice
versa.
All transactions, error messages, security breach attempts
should get logged in log files somewhere on web server.
K,Byeee...
Thanks & Regards
B.Ramyasri
| Is This Answer Correct ? | 8 Yes | 2 No |
Post New Answer View All Answers
Can any one share the domain knwoldege of Telecom Jeeva jeevachr@gmail.com
What are the qualities needed by a software tester?
Hi,friends i am going to write ICST certificate exam on augest.So can anybody post some of sample qusetions for ICST certificate exam.Really it will be useful for me
What is the main use of preparing a traceability matrix?
iam having 2+yr sof exp in manual testing, at present working in chennai,want to relocte to hyd .if any openings let me know.my id : vaniramymail.com
Hi, I am planing to give ISTQB - Foundation level exam. Can anyone forward the ISTQB materials at laxmi_002@rediffmail.com mail ID.
could u pls anyone tel me .."which is the best instute that provides eficient practical knowledge and also real-time oriented knowldge to do a project in manual and automation testing..in hyd" pls send me to dis mail-id if u find any..? sinducute17@gmail.com
Hi there Does anybody can respond to my Questions? Is some one there to answer my Questions posted in Software testing category.pls E-mail to sunitht27@yahoo.com
Can any one please tell me which is the best institute in Bangalore to learn QA (crash course)? Thanks
What do you do if the bug that you found is not accepted by the developer and he is saying its not reproducible.
What is the difference between baseline and traceability matrix?
What is the difference between load and stress testing?
What kind of testing to be done in client server application and web application? Explain
tell me 3 defects in FRS document, while doing FRS review which u have found in the last 3 years ? could u plz answer brahma412@yahoo.co.in
Please Provide me the link to download Testing Category questions and answers If some body has downloaded it pleae send it to me Pavan : Email pavan_cd@yahoo.com Quetion2 : Can any body Explain me about Testing thumb rules
