Testing for an unknown is a virtually impossible task. Whatmakes it possible at all is the concept of testing for categoriesof previously determined errors. The different categories of errorsare:
- buffer overflows (most common);
- code injections;
- privilege errors; and
- cryptographic failures.
Please evaluate the software engineering, secure-codetechniques, and the most important rule that relates to defendingagainst a denial-of-service attack. Here are two types of errorcategories: the failure to include desired functionality and theinclusion of undesired behavior in the code. Testing for the firsttype of error is relatively easy.
Other items we should understand for error opportunities inapplications are related to design, coding, and testing. How do weassure that these items are addressed in our software-applicationdevelopment or acquisition?
Answer to Testing for an unknown is a virtually impossible task. What makes it possible at all is the concept of testing for categ…