Certified Information Systems Security Professional (CISSP) — Question 228

An application team is running tests to ensure that user entry fields will not accept invalid input of any length. What type of negative testing is this an example of?

Answer options

• A. Allowed number of characters
• B. Population of required fields
• C. Reasonable data
• D. Session testing

Correct answer: C

Explanation

The correct answer is C, as it pertains to testing the application’s ability to handle unreasonable or invalid data inputs. Options A and B focus on valid input conditions, while D relates to maintaining user sessions, which does not pertain to input validation.