Jump to content


Re: Security+ Question

  • Please log in to reply
2 replies to this topic

#1 netsurfer802



  • Joined: 27-September 10

Posted 14 January 2013 - 01:25

Can somebody think of a real life example of this?

Which of the following is another name for fizzing third party proprietary software?
A. Grey box testing
B. Black box testing
C. White box testing
D. Blue jacking
Answer: B

#2 primexx


    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 24-April 05

Posted 14 January 2013 - 02:39


#3 +goretsky


    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 12-March 04
  • Location: Southern California
  • OS: Windows 8.1 Pro (x86)
  • Phone: HTC One M8 Windows Phone

Posted 15 January 2013 - 10:35


I think he meant fuzzing, e.g., sending malformed data to an application to see how it responds.

That is actually an extremely poorly thought-out question, because fuzzing is a testing technique that can be applied to any kind of software (commercial off the shelf, proprietary, open source) that you have licensed, created, downloaded, etc.

Some examples of fuzzing in action:
  • At my last job (VoIP hardware manufacturer) we used a box from Ixia to generate malformed/out-of-spec SIP traffic in order to test our PBXes and handsets.
  • At my current employer (software developer) we fuzz our own software (COTS stuff) to see how resilient it is to things like malformed/corrupt software updates using internally developed tools.
I would say either of these applications is a "white box" test, since we are the creator of the product being tested. On the other hand, in the first test, I used a third-party fuzzing tool purchased from another company—I'm not sure if that affects the answer to the question, though.


Aryeh Goretsky