Which of the following test makes sure the modified or new system includes appropriate access controls and does not introduce any security holes that might compromise other systems?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
Security testing makes sure the modified or new system includes appropriate access controls and does not introduce any security holes that might compromise other systems.
Recovery testing checks the system's ability to recover after a software or hardware failure.
Stress/volume testing involves testing an application with large quantities of data in order to evaluate performance during peak hours.
Interface testing evaluates the connection of two or more components that pass information from one area to another.
Source: Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 6: Business Application System Development, Acquisition, Implementation and Maintenance (page 300).
The test that makes sure the modified or new system includes appropriate access controls and does not introduce any security holes that might compromise other systems is Security testing, option B.
Security testing is a type of software testing that focuses on identifying vulnerabilities and weaknesses in an application or system with respect to security. The objective of security testing is to uncover vulnerabilities, evaluate the effectiveness of the security controls, and ensure that the system is resilient to attack.
When new or modified systems are implemented, it is critical to ensure that they include appropriate access controls and do not introduce any security holes that may compromise other systems. Security testing can help detect potential vulnerabilities and ensure that the system meets the required security standards and specifications.
Recovery testing, option A, is a type of testing that evaluates the system's ability to recover from various failures, such as hardware or software failures, power outages, and other disruptions. Recovery testing helps to ensure that the system can recover gracefully from unexpected events and that the data is not lost or corrupted.
Stress/volume testing, option C, is a type of testing that evaluates the system's ability to perform under high loads or stress conditions. The objective of this type of testing is to determine the system's scalability and to identify any performance bottlenecks that may arise under high loads.
Interface testing, option D, is a type of testing that focuses on ensuring that the interfaces between different components of the system work correctly. The objective of interface testing is to ensure that the components can communicate effectively and that data is transferred correctly between them.
In summary, Security testing, option B, is the test that makes sure the modified or new system includes appropriate access controls and does not introduce any security holes that might compromise other systems.