Testing is a crucial phase in the SDLC. The testing phase also comprises of a divert set of tools and techniques. Modules 6, 7, and 8 are dedicated to software testing and analysis. In this homework, you will compare software security analysis tools and techniques.
In the last module, you read Chapter 14 of Conklin & Shoemaker. In this module, you have been reading Chapters 15 and 16. These chapters contain a variety of different software security analysis tools and methods. These include, but are not limited to:
· Static Code Analysis
· Dynamic Code Analysis
· Peer Review
· Quality Assurance Testing
· Penetration Testing
· Fuzzing
Question 1
Briefly describe each method.
Question 2
Compare static and dynamic code analysis methods.
Question 3
What is the main difference between static & dynamic code analysis and penetration testing & fuzzing? Describe.
Question 4
How does the peer review process differ from other processes in the list? Describe.
Question 5
How does Quality Assurance Testing differ from the other processes in the list?