Q1. Which one of the following is not a security testing method?
Vulnerability assessment
Penetration testing
Risk mitigation strategy
Gray box testing
Q2. A user is trying to access a web server that requires authentication and authorization. However, the system has given access to the web application without the user entering the password? This type of security issue is known as what?
Accountability error
Vulnerability
Penetration testing
Access control
Q3. Which type of tests, among the following, are a part of the software code review process? (This is a drag-and-drop type of a question. Here, you can draw a line from the list of answers from the left to the empty box to the right.)
Q4. Test coverage analysis provides what?
Metrics needed for the code coverage
Authentication errors
Code review timelines
Interface design
Q5. Which one the following BEST describes a synthetic transaction?
Vulnerability testing
Penetration testing
Concurrency testing
API testing
Q6. When a threat event exploits...