Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • Myths, Facts, Scenarios & Methodologies of Security Testing

    • 0
    • 2
    • 0
    • 1
    • 0
    • 0
    • 0
    • 0
    • 602
    Comment on it

    Myths/Facts of Security Testing

     

    Let's talk on an intriguing points on Myths and facts of security testing:

     

    Myth #1 We needn't need a security approach as we have a little business
    Fact : Everyone and each organization require a security strategy/policy

     

    Myth #2 There is no arrival on interest in security testing
    Fact : Security Testing can point out zones for improvement that can enhance proficiency and decrease downtime, empowering most extreme throughput.

     

    Myth #3 Only way/approach to secure is to unplug it.
    Fact : The main and the most ideal approach to secure association is to discover "Perfect Security". Perfect security can be accomplished by performing stance assessment and compare with business, legal and industry justifications.

     

    Myth #4 Internet isn't safe. I will buy software or equipment to shield the system and save business.
    Fact : One of the most serious issues is to buy software and equipment for security. Rather, association should to understand security first and after that apply it.

     

    Conclusion:


    Security testing is most imperative testing for an application and check whether private information stays confidential. In this sort of testing, tester plays a role of the attacker and play around the system to discover security related bugs. This security testing is essential in IT industry to ensure information by all means.


    Test Scenarios for Security Testing:

     

    Test scenarios to give you a look at security test cases -

     

    • Password/SecretKey ought to be in encrypted format
    • Application or System ought not permit invalid users
    • Check cookies/treats and session time for application
    • For financial sites/locales, Browser back catch ought not work.


    Methodologies/Procedures

     

    In security testing, different methodologies are taken after, and they are as per the following:

     

    Tiger Box : This hacking is normally done on a laptop which has a multiple of Operating Systems and hacking devices. This testing helps entrance analyzers and security analyzers to lead vulnerabilities appraisal and assaults.


    Black Box : Tester is approved to do testing on everything about the network topology and the innovation/technology.


    Grey Box : Partial data is given to the tester about the system, and it is mixture of white and black box models.


    Roles you should know!

     

    Hackers - Access PC system or network without approval/authorization


    Crackers - Break into the systems to steal or destroy information


    Ethical Hacker - Performs a large portion of the breaking activities but with permission from owner


    Script Kiddies or parcel monkeys - Inexperienced Hackers with programming aptitude

     

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: