Skip to main content

Glossary of Vulnerability Testing Terminology - 1

Ad hoc

Something that is ad hoc or that is done on an ad hoc basis happens or is done only when the situation makes it necessary or desirable, rather than being arranged in advance or being part of a general plan.


 

Ad hoc testing


 

Testing carried out using no recognized test case design technique.


 

Ad-lib test


 

(also ad hoc test), a test executed without prior planning; especially if the expected test outcome is not predicted beforehand. an undocumented test.


 

Anomaly


 

An anomaly is a rule or practice that is different from what is normal or usual, and which is therefore unsatisfactory.

Anything observed in the documentation or operation of software that deviates from expectations based on previously verified software products or reference documents.


 

Attack


 

An attempt to bypass security controls on a computer. The attack may alter, release, or deny data. Whether an attack will succeed depends on the vulnerability of the computer system and the effectiveness of existing countermeasures.

The act of trying to bypass security controls on a system. An attack may be active, resulting in the alteration of data; or passive, resulting in the release of data. Note: The fact that an attack is made does not necessarily mean that it will succeed. The degree of success depends on the vulnerability of the system or activity and the effectiveness of existing countermeasures.


 

Attack potential


 

The perceived potential for success of an attack, should an attack be launched, expressed in terms of an attacker's expertise, resources and motivation.


 

Availability


 

Assuring information and communications services will be ready for use when expected.


 

Availability of data


 

The state when data are in the place needed by the user, at the time the user needs them, and in the form needed by the user.


 

Backus-Naur Form


 

(also Backus normal form, BNF), a met language used to formally describe the syntax of another language.

A met language used to formally describe the syntax of a language.


 

Basic Encoding Rules (BER)


 

Standard rules for encoding data units described in ASN.1. Sometimes incorrectly lumped under the term ASN.1, which properly refers only to the abstract syntax description language, not the encoding technique. See also: Abstract Syntax Notation One.


 

Black-box testing


 

Functional test case design: Test case selection that is based on an analysis of the specification of the component without reference to its internal workings.

Fuctional testing. Testing that ignores the internal mechanism of a system or component and focuses solely on the outputs generated in response to the selected inputs and execution conditions.


 

Boundary value


 

A data value that corresponds to a minimum or maximum input, internal, or output value specified for a system or component. See also: stress testing.

An input value or output value which is on the boundary between equivalence classes, or an incremental distance either side of the boundary.


 

Boundary value analysis


 

(NBS) A selection technique in which test data are chosen to lie along "boundaries" of the input domain [or output range] classes, data structures, procedure parameters, etc. Choices often include maximum, minimum, and trivial values or parameters. This technique is often called stress testing.

A test case design technique for a component in which test cases are designed which include representatives of boundary values.

Comments

Post a Comment

Popular posts from this blog

SQL SERVER Questions And Answers

SQL SERVER Questions And Answers 1. What is an Entity? The basic data item stored in database is called entity. An entity can be any object, item, place, person, concept, or activity about which data is stored. 2. What is an attribute? An attribute is a property of an entity. It describes a part of an entity. Entity could have one or more attributes. 3. What is ER diagram? An Entity Relationship Diagram is diagrammatic representation of the logical structure of a database system. 4. Describe the concept of keys. Candidate key An attribute that uniquely identifies a row is called candidate key. It is also called das surrogate key. Primary key A candidate key that you choose to identify rows uniquely is called a primary key. Alternate key If there are multiple candidate keys in a table, the candidate keys that are chosen as primary key are called the alternate keys. Composite key When the key that uniquely identifies the rows of a table is made up of more than one attribute, it is ca...
Post a Comment
Read more

Testing Measurement

Someone has rightly said that if something can not be measured, it can not be managed or improved. There is huge value in measurement, but you should always make sure that you get some value out of any measurement that you are doing. You should be able to answer the following questions: What is the purpose of this measurement program? What data items you are collecting and how you are reporting it? What is the correlation between the data and conclusion? Value addition: Any measurement program can be divided into two parts. The first part is to collect data, and the second is to prepare metrics/chart and analyses them to get the valuable insight which might help in decision making. Information collected during any measurement program can help in: Finding the relation between data points, Correlating cause and effect, Input of future planning. Normally, any metric program involves certain steps which are repeated over a period of time. It starts with identifying what to measure. After t...
Post a Comment
Read more

What’s New with QTP 9.5?

This is the general overview giving the brief description of what is new in QTP9.5 New Features: 1.  New design time panes: Various new IDE panes have been introduced which does not provide any new functionality to add up but basically the operations which were in the deep sub menus are now put up in front. Available Keyword Pane: This pane shows all the available functions in the current test (either in-action or externally added), as well as all the objects in your object repository (local and external). The items are effectively separated into groups, making it easier to search for a relevant item. Double clicking any item in the pane will open it, and dragging the item to the main window will add it to the script in the drop position. Double clicking a function will not only open the hosting file in the main window, but also focus on the exact position of the function within the file. Test Flow Pane: This pane lays out the action call structure of the current test. It outlines...
Post a Comment
Read more