Unit 4 Soft
Unit 4 Soft
**
- **Stability**: How well the system performs over time under continuous use.
1. **Load Testing**:
- **Example**: Testing with 1,000 users to measure response time for different
operations.
2. **Stress Testing**:
- **Purpose**: Pushes the system beyond its limits to identify breaking points
and how the system behaves under extreme conditions.
- **Example**: Gradually increasing user numbers until the system fails to see
how it handles high stress.
3. **Spike Testing**:
4. **Endurance Testing**:
- **Purpose**: Tests the system over an extended period to identify issues like
memory leaks or resource exhaustion.
5. **Configuration Testing**:
1. **Test Planning**:
- Define objectives and success criteria for the tests, focusing on key use cases
that reflect real-world usage.
3. **Test Execution**:
5. **Reporting**:
- Document results, including response times and resource usage, and provide
recommendations for improvements.
6. **Re-testing**:
#### **Conclusion**
1. **Vulnerability Scanning**:
3. **Security Auditing**:
4. **Risk Assessment**:
5. **Ethical Hacking**:
1. **Authentication Mechanisms**:
- Verify that user authentication processes (e.g., login, password resets) are
secure.
3. **Data Protection**:
4. **Input Validation**:
- Ensure data sanitization techniques are used to handle user input securely.
- Assess how errors are managed to prevent the disclosure of system details
that could aid an attacker.
- Verify that security-relevant events are logged and monitored for signs of
intrusion.
6. **Session Management**:
7. **Configuration Management**:
- Check that default passwords are changed and unused services are disabled.
8. **Third-Party Dependencies**:
9. **Network Security**:
- For mobile applications, check for secure data storage, proper permissions,
and secure communication.
1. **Test Planning**:
3. **Test Execution**:
- Use manual and automated tools to identify and exploit vulnerabilities and
weak points.
5. **Reporting**:
- Document test results, prioritize risks, and recommend strategies for
mitigation and improvement.
6. **Re-testing**:
#### **Conclusion**
Security Testing is essential for ensuring that new software versions do not
introduce vulnerabilities. By leveraging different types of security tests and
focusing on key areas, organizations can proactively address potential risks and
protect user data. Incorporating security testing into the software development
lifecycle helps maintain a strong security posture and safeguard against potential
threats.
1. **Test Planning**
- **Select Tools**: Choose appropriate load testing tools (e.g., Apache JMeter,
LoadRunner, Gatling) to execute the tests.
3. **Test Design**
- **Create Test Scripts**: Develop scripts that simulate user interactions with
the application. This may include logging in, performing transactions, or
accessing different features.
4. **Test Execution**
- **Run the Test**: Execute the load test according to the defined scenarios,
gradually increasing the number of users to reach the target load.
6. **Analysis**
7. **Reporting**
8. **Re-testing**
- **Re-run Tests**: Conduct additional load tests to verify that the issues have
been resolved and the application meets performance expectations.
### **Key Metrics in Load Testing**
1. **Response Time**
2. **Throughput**
3. **Concurrent Users**
4. **Error Rate**
5. **Resource Utilization**
- **Definition**: The amount of system resources (CPU, memory, disk I/O)
used during the test.
6. **Latency**
7. **Peak Load**
8. **Load Time**