CompTIA Security+ Question J-52

Which of the following application security principles involves inputting random data into a program?

A. Brute force attack
B. Sniffing
C. Fuzzing
D. Buffer overflow

Answer: C

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.