Explain about Security Testing in webbased application?

Answers were Sorted based on User's Feedback



Explain about Security Testing in webbased application?..

Answer / ramyab.mca@gmail.com

Hai...

Security Testing:

Following are some test cases for web security testing:

Test by pasting internal url directly into browser address
bar without login. Internal pages should not open.
If you are logged in using username and password and
browsing internal pages then try changing url options
directly. I.e. If you are checking some publisher site
statistics with publisher site ID= 123. Try directly
changing the url site ID parameter to different site ID
which is not related to logged in user. Access should
denied for this user to view others stats.
Try some invalid inputs in input fields like login
username, password, input text boxes. Check the system
reaction on all invalid inputs.
Web directories or files should not be accessible directly
unless given download option.
Test the CAPTCHA for automates scripts logins.
Test if SSL is used for security measures. If used proper
message should get displayed when user switch from non-
secure http:// pages to secure https:// pages and vice
versa.
All transactions, error messages, security breach attempts
should get logged in log files somewhere on web server.

K,Byeee...
Thanks & Regards
B.Ramyasri

Is This Answer Correct ?    8 Yes 2 No

Explain about Security Testing in webbased application?..

Answer / jyoti

Security Testing involves below points
1) Authorization Testing : Testing of different users
authority to view specific information.
i.e. Specific authority to enter in administration area

2) Access control testing : Access allocation to users
i.e. team members cannot access TL or PM data
PM can access TL's data.

Is This Answer Correct ?    6 Yes 0 No

Post New Answer

More Manual Testing Interview Questions

What is baseline?

6 Answers  


Explain test case?

4 Answers   IBM,


Whar are the different types of defects/errors are commonly appear during the real time software testing?

5 Answers   CTS,


If the product is released to client and then you found some bug which you can see in high resolution screen in testing environment but on client side it was hidden under low resolution screen and it is an important functionality in that case what would be your role as a tester?

2 Answers  


What is Interoperability Testing? What is Risk Based Testing?

1 Answers  


How you assign severity for a defect?

2 Answers   Four soft,


Could some one tell me test cases for multi line text boxes like Notes field?

0 Answers  


when will go for compatibility testing and when you use the testing metrics?

2 Answers  


developer says it is not defect.then as a test engineer what u will do?

8 Answers   Cognizant,


what is risk based testing ?

6 Answers   Patni,


1.what is function incrementation and Bing- Bang 2. Drivers are also known as: a. Spade b. Test harness c. scaffolding

1 Answers   ISTQB,


you r a tester having good knowledge of coding.now in ur company developers are having some problem in coding will u (tester) help them.

2 Answers  


Categories