Notice: This page requires JavaScript to function properly.
Please enable JavaScript in your browser settings or update your browser.
Security & Stress Testing | Non-Functional Testing
Introduction to Manual Testing & QA in Web Development
course content

Зміст курсу

Introduction to Manual Testing & QA in Web Development

Introduction to Manual Testing & QA in Web Development

1. Introduction to Software Testing & QA
2. Software Testing in Practice
3. Functional Testing
4. Non-Functional Testing

book
Security & Stress Testing

Introduction

Security Testing is an intricate subject which involves various methods and tools for testing the security vulnerabilities of an application.

The main area which requires security testing in our chat application is the login and registration system. Since security vulnerabilities in this domain can cause potential leakage or loss of data.

Relation of Security & Stress Testing

Stress Testing on the other hand tests how much processing load an application can withstand. Every application theoretically has a certain limit, for-example, a chat application can possibly handle a large number of messages every second, however, there will be a limit after which it will break. These limitations can be potentially abused hence causing the application to crash, damaging or corrupting the data, or creating unneeded nuisance. Therefore, Stress Testing is often a part of Security Testing. In other cases, real world scenarios, for-example having a large number of users connected to the application are tested.

Majority of the Security Testing requires some knowledge of the application code and how the application stores and retrieves data - if there is any database. Most of the time, we would write some basic test cases for Security and Stress Testing purposes which may include:

  • Test Case 1: Verify that users can create a limit number of accounts;
  • Test Case 2: Ensure that users can only access resources and functionalities based on their roles and permissions;
  • Test Case 3: Test for the ability to bypass authentication (e.g., SQL injection in the login form);

However, since there can be many complex ways of exploiting an application, therefore Exploratory Testing is also very common in this domain.

The following video shows some basic stress testing points in our application:

Another point which wasn't mentioned in the video was limitation on the file size of the image which a user can upload as a profile picture.

1. Why is Stress Testing often considered a part of Security Testing?
2. Which of the following are common test cases for Security and Stress Testing? (Select all that apply)
Why is Stress Testing often considered a part of Security Testing?

Why is Stress Testing often considered a part of Security Testing?

Виберіть правильну відповідь

Which of the following are common test cases for Security and Stress Testing? (Select all that apply)

Which of the following are common test cases for Security and Stress Testing? (Select all that apply)

Виберіть кілька правильних відповідей

Все було зрозуміло?

Як ми можемо покращити це?

Дякуємо за ваш відгук!

Секція 4. Розділ 3
We're sorry to hear that something went wrong. What happened?
some-alt