23 Jul Practice Test Question – Software Security Techniques
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
What software security technique can be added to a Secure DevOps approach to automate the evaluation of how software will respond to mutated input?
A. Fuzz testing
B. Penetration testing
C. Vulnerability scanning
Correct Answer: A
Fuzz testing specifically evaluates the performance of applications in response to mutated input combinations. Penetration testing is a manual, not automated, process. Vulnerability scanning may be automated but does not necessarily include the use of mutated input. Decompilation attempts to reverse engineer code.