TU Wien:Software Security VU (Weippl)/Final Exam 2017-06-09
< TU Wien:Software Security VU (Weippl)Jump to navigation Jump to search
Revision as of 16:40, 9 June 2017 by Mli (Die Seite wurde neu angelegt: „Some questions I can remember: * What is a proof-of-work? Also explain what difficulty has to do with it. * Give the definition of a test oracle and provide on…“)
Some questions I can remember:
- What is a proof-of-work? Also explain what difficulty has to do with it.
- Give the definition of a test oracle and provide one for testing the authentication functionality of a website. The oracle has the form of a requirement.
- Explain Security Testing and Penetration Testing, what is the difference?
- Assume you are given a combinatorial attack grammar for XSS having k types and g derivation rules per type to form an attack vector. Which of the following is more cost effective in terms of combinatorial testing. Adding more types or more derivation rules per type in the grammar? Justify your answer.
- Explain the process of creation/verification when creating a new block in Ethereum.