Archive for the ‘Test Papers for Testing’ Category

Some Important Questions on Scecurity Testing :

Questions-Answer:

1. What is Authorization?

a) Authorization means checking permission

b) Authorization means checking credential.

c) Authorization means checking proper navigation

d) Authorization means checking approval

Ans:  a

2. What is Authentication?

a) Authentication means checking permission

b) Authentication means checking credential.

c) Authentication means checking proper navigation

d) Authentication means checking approval

Ans:  b

3. Why we do security testing?

a) To maintain Quality

b) To check authorized activities

c) To make application secure and maintains functionality as intended

d) To remove vulnerabilities

Ans:  d

4. Which methods/techniques are used for security testing?

a) Functional and Risk based  security testing

b) XSS and SQL injection

c) Password cracking and URL Manipulation

d) Get and Post

Ans:  b

 5. What is “Vulnerability”?

a) Bugs in the application

b) Cause in the web application

c) Weakness in the web application

d) Change in the application

Ans:  c

 6. Security Tests are created on the basis of:

a) More faults

b) Approches

c) Methods

d) Roles

Ans:  d

7. Security Testing is a type of:

a) Review Testing

b) Recovery Testing

c) Performance Testing

d) Functionality Testing

Ans:  a

8. Static analysis is best described as:

a) The analysis of batch programs

b) The reviewing of test plans.

c) The analysis of program code.

d) The use of black box testing.

9. Which symbol is used to test SQL injection?

a) Hash

b) Double Quotes

c) Ampersand

d) Single Quote

10. What is the full form of XSS?

a) Cross-Site Scripting

b) Cross-Side Scripting

c) Xml-Site Scripting

d) Xml-Side Scripting

Ans: a

Advertisements

1. Where cookies are store?

a)  Web browser

b) Web server

c) Remote server

d) All of above

Ans: a)

2. Can two different browsers share same cookies?

a) Yes

b) No

Ans: b)

3. Use of too many cookies slow down the:

a) System

b) Server

c) Browse

Ans: c)

4. Can one domain access another’s domains cookies?

a) Yes

b) No

Ans: b)

5. Tester can test which cookies?

a) Session

b) Persistent

c) Third party

d) All of above

Ans: d)

6. How many cookies are supported by one domain?

a) 50

b) 300

c) 250

d) 70

Ans: a)

7. Cookie testing is a kind of:

a) Functional testing

b) Security testing

c) Load testing

d) a and b both

Ans: d)

8. Which one field never stored in the cookie even not in the encrypted form?

a) User id

b) Session id

C) credit card no

d) All of above

Ans: c)

9. Is cookies require server resources?

a) Yes

b) No

c) May be in some particular cases

Ans: b)

10. Which tools are used for cookie testing?

a) MAXA and Bosch Power

b) OWASP

c) Paros Dynamic

d) Web Scarab

Ans: a)