IT Questions and Answers :)

Thursday, October 25, 2018

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

  • Cross-site scripting
  • Fuzzing
  • Cross-site request forgery
  • Input validation 

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

EXPLANATION

You can use fuzzing to inject semi-random data into a program or protocol stack in order to detect bugs.

Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.

Fuzz testing was developed at the University of Wisconsin Madison in 1989 by Professor Barton Miller and his students. Their (continued) work can be found at http://www.cs.wisc.edu/~bart/fuzz/ ; it's mainly oriented towards command-line and UI fuzzing, and shows that modern operating systems are vulnerable to even simple fuzzing.


Share:

Popular Posts