Exam CISSP topic 1 question 93 discussion

Positive testing determines that your application works as expected. If an error is encountered during positive testing, the test fails. Negative testing ensures that your application can gracefully handle invalid input or unexpected user behavior. For example, if a user tries to type a letter in a numeric field, the correct behavior in this case would be to display the “Incorrect data type, please enter a number” message. The purpose of negative testing is to detect such situations and prevent applications from crashing. Also, negative testing helps you improve the quality of your application and find its weak points. The core difference between positive testing and negative testing is that throwing an exception is not an unexpected event in the latter. When you perform negative testing, exceptions are expected – they indicate that the application handles improper user behavior correctly.

Answer is D) Negative Testing Reason: Negative testing ensures that your application can gracefully handle invalid input or unexpected user behavior. In this case, it fails the negative testing. For example, if a user tries to type a letter in a numeric field, the correct behavior in this case would be to display the “Incorrect data type, please enter a number” message. The purpose of negative testing is to detect such situations and prevent applications from crashing. This has nothing to do with Non-functioning testing because Non-functional testing is a type of software testing that verifies non functional aspects of the product, such as performance, stability, and usability....so in essence, both Answer "A" and "C" are the same.

The example provided, where unexpected data causes the customer service portal to crash, is an example of negative testing. Negative testing is a testing approach that focuses on validating the system's behavior when exposed to unexpected or invalid inputs or conditions. It aims to identify potential vulnerabilities, weaknesses, and failures by intentionally providing inputs that the system is not designed to handle properly. The objective of negative testing is to uncover potential security vulnerabilities, error handling issues, and system crashes. In this case, the security team's automated tools were able to enter unexpected data into the customer service portal, causing it to crash. By intentionally providing unexpected data, the security team was able to identify a vulnerability or weakness in the system's ability to handle such inputs.

Negative Testing is a software testing type used to check the software application for unexpected input data and conditions. Unexpected data or conditions can be anything from wrong data type to strong hacking attack.

Answer is D. Negative Testing is when a user enters invalid input to see how the system reacts. Does it crash or it simply pops up a notification informing you that you entered invalid input.

it is D according to the link below https://www.guru99.com/positive-and-negative-testing.html

Negative test – how the system behaves with unexpected data (should reject the data). The testing app successfully got the testee to accept data it should not have.

Am I the only one going with "B" on this one. I don't understand why it would be "D" sense the site was able to crash.

Anwer id D "Negative Testing is a software testing type used to check the software application for unexpected input data and conditions. Unexpected data or conditions can be anything from wrong data type to strong hacking attack. The purpose of negative testing is to prevent the software application from crashing due to negative inputs and improve the quality and stability." https://www.guru99.com/negative-testing.html