CompTIA Security+ Question E-79

Methods to test the responses of software and web applications to unusual or unexpected inputs are known as:

A. Brute force.
B. HTML encoding.
C. Web crawling.
D. Fuzzing.

Answer: D

Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.

CompTIA Security+ Question E-71

Fuzzing is a security assessment technique that allows testers to analyze the behavior of software applications under which of the following conditions?

A. Unexpected input
B. Invalid output
C. Parameterized input
D. Valid output

Answer: A

Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.