Explain about Security Testing in webbased application?
Answer Posted / ramyab.mca@gmail.com
Hai...
Security Testing:
Following are some test cases for web security testing:
Test by pasting internal url directly into browser address
bar without login. Internal pages should not open.
If you are logged in using username and password and
browsing internal pages then try changing url options
directly. I.e. If you are checking some publisher site
statistics with publisher site ID= 123. Try directly
changing the url site ID parameter to different site ID
which is not related to logged in user. Access should
denied for this user to view others stats.
Try some invalid inputs in input fields like login
username, password, input text boxes. Check the system
reaction on all invalid inputs.
Web directories or files should not be accessible directly
unless given download option.
Test the CAPTCHA for automates scripts logins.
Test if SSL is used for security measures. If used proper
message should get displayed when user switch from non-
secure http:// pages to secure https:// pages and vice
versa.
All transactions, error messages, security breach attempts
should get logged in log files somewhere on web server.
K,Byeee...
Thanks & Regards
B.Ramyasri
Is This Answer Correct ? | 8 Yes | 2 No |
Post New Answer View All Answers
In what situation would you want to parameterize a text verification check?
Give the real-time example for back-to-back testing?
what r u r responsibilities in current project
can anyone help me regarding testing patterns?
Write the 10 high test cases for making video call/face time
what is the most critical bug u have to find in ur project.My application is ERP based,in this purchase module is there.plz tell me the answer?
What is frame level testing and how do we test it?
what is acid testing?
can someone give me a brief idea about embedded testing.. i know both embedded system concepts and testing concepts.. i just want to know what we have to do for embedded testing
What is test out put?
Can you explain tpa analysis?
A defect which could have been removed during the initial stage is removed in a later stage. How does this affect cost?
what is TAS language which is used as a language for some projects/
Where we have to use perl scripting in Testing approach and its importance
What is a test severity and test priority? difference between them with suitable examples?