Sign in to follow this  

Re: Security+ Question

Recommended Posts

netsurfer802    0

Can somebody think of a real life example of this?

Which of the following is another name for fizzing third party proprietary software?

A. Grey box testing

B. Black box testing

C. White box testing

D. Blue jacking

Answer: B


Share this post

Link to post
Share on other sites
primexx    372


Share this post

Link to post
Share on other sites
+goretsky    661


I think he meant fuzzing, e.g., sending malformed data to an application to see how it responds.

That is actually an extremely poorly thought-out question, because fuzzing is a testing technique that can be applied to any kind of software (commercial off the shelf, proprietary, open source) that you have licensed, created, downloaded, etc.

Some examples of fuzzing in action:

  • At my last job (VoIP hardware manufacturer) we used a box from Ixia to generate malformed/out-of-spec SIP traffic in order to test our PBXes and handsets.
  • At my current employer (software developer) we fuzz our own software (COTS stuff) to see how resilient it is to things like malformed/corrupt software updates using internally developed tools.

I would say either of these applications is a "white box" test, since we are the creator of the product being tested. On the other hand, in the first test, I used a third-party fuzzing tool purchased from another company?I'm not sure if that affects the answer to the question, though.


Aryeh Goretsky

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.