Page 112 - SOFTWARE TESTING & QUALITY ASSURANCE
P. 112

Unit 7: Documentation and Security Testing



                     (e)  The tester has the knowledge of the entire system architecture and potential vulnerabilities
                         of the system.
                     (f)   The main aim of computer forensics is to conduct a structured investigation of a cyber
                         crime to find out what happened and who was responsible for it.
               2.   Fill in the blanks
                     (a)  __________________  material creates interest in the customer or  end user  to buy the
                         product.
                     (b)  In many software products, __________________ is done when the user tries to install the
                         software.
                     (c)   The software displays the __________________ when it encounters unusual or exceptional
                         events.
                     (d)  ______________  make use of weak codes  in the software to carry out an attack on the
                         software.
                     (e)  The tester will use a common __________________ to record all the threats that he/she has
                         detected in the system.
                     (f)   The __________________ perform extra processing of the input data for proper handling of
                         buffers in the software.

               3.   Select a suitable choice for every question:
                     (a)  Identify which among the following is not documentation.
                                    (i)   Labels and stickers                            (ii)   Tutorials and wizards
                                  (iii)   End User License Agreement         (iv)   User feedback report
                     (b)  What is a legal document?
                                    (i)   Warranty                                             (ii)   End User License Agreement
                                  (iii)    Registration form                             (iv)    Error messages
                     (c)   What is called as short version of a user manual?

                                    (i)   Tutorials      (ii)   Wizards      (iii)   Online help          (iv)    Installation guide
                     (d)  What is the most important aspect of software security?
                                    (i)   Cost              (ii)   Time             (iii)   Information         (iv)   Quality
                     (e)  Which is  the step that follows soon  after  identifying  the threats in software threat
                         modeling?

                                    (i)   Identify assets                                    (ii)   Decompose the application
                                  (iii)  Rate the threats                                  (iv)   Document the threats
               7.6   Review Questions

                1.   Do you believe that  documentation is a window that provides user a complete view of the
                     product?
                2.   Documentation testing is a crucial element of any software testing process. Justify
                3.   Do you think software components can be called  as documentation? If yes, explain with
                     examples.

                4.   “Software security testing  tests the software behavior  when the software is  attacked by some
                     external element.” What do you consider as external element and how would you ensure testing
                     the same?





                                        LOVELY PROFESSIONAL UNIVERSITY                          105
   107   108   109   110   111   112   113   114   115   116   117