Security testing and smoke testing

What is security testing and smoke testing

Questions by m123singh

Showing Answers 1 - 5 of 5 Answers

Security testing is the testing the application for unauthorized access. Means application should not be accessible without proper authentication and authorization. And Smoke Testing is the testing an application for testability. In Smoke testing we check whether the application is capable enough to test further or not.

Security testing is perhaps the most conclusive determinant of whether a system is configured and continues to be configured to the correct security controls and policy. If the following testing activities are followed they can be highly cost-effective in preventing incidents and uncovering unknown vulnerabilities.

Smoke testing is done when ever we received the build whether the application is eligible for further level of testing, if application is having critical bugs then we can reject the application.

  Was this answer useful?  Yes

Security Testing: The Process to determine that an IS (Information System) protects data and maintains functionality as intended.

The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorization, availability and non-repudiation.


smoke testing is a preliminary to further testing, which should reveal simple failures severe enough to reject a prospective software release.

smoke test is a collection of written tests that are performed on a system prior to being accepted for further testing. This is also known as a Build Verification Test.

Security Testing: It is used to know whether the application is used by only with the authorised users.

Smoke Testing: It is actually came from the hardware components that is while we are testing the hardware it should not catch fire easily until is said to be smoke testing passes if it catches easily then it is smoke testing failed same we are applying in the software by testing to the maximum limit and finding the best.


  • Oct 13th, 2011

I second Saravanan (pardon me I do not know your last name to address you as Mr. :)) that the term originated in industrial hardware QA.

Smoke test:
It is the first test you do to check if the build is stable enough to conduct further testing. Smoke test suite will contain comprise of test cases that are labeled as most important yet common transactions. For example sake, lets say you were tasked with testing new yahoo build. Smoke test suite may comprise of logging into yahoo account; running a keyword search; clicking on the slideshow articles etc to name a few. When all these test cases (positive/negative) run successfully, then the build is stable enough to run other test cases. These other test cases could be your functional/performance etc. Do not confuse this with sanity testing. Sanity test is similar to smoke test in that sanity testing with minor difference. Just as you run smoke test on regular build before you get into full-fledged testing, similarly, sanity testing is performed on regression builds to make sure that build is stable enough to handle further regression testing.
Relate to this analogy: Suppose you were asked to smoke test a kitchen juicer. what would you do? You'd first plug it in and turn the speed knob to see if the juicer actually works. Then you'd proceed to run on different speeds. If you notice you are not getting into specific while conducting smoke testing. Similarly, for software apps, you'd check if you can navigate to different pages, click on icons etc.

Security testing:
It great we have so many definitions in previous answers, but the definitions are vague enough to limit you imagination. Security testing is just not limited to user group authorizations. It is much more than that! :) Goal of security tests is the same - users need to see only information they should be seeing. For instance, in eCommerce applications (online shopping sites), security testing ranks behind Functionality and performance. During security checking you need to make sure hackers do not run SQL queries in the browser to access sensitive credit card information (aka SQL injections) ; no data leakages from database (oh yes! hackers are smart enough to get database information just by running SQL queries in the browser address bar); etc. This is just one facet of security testing!

If you are asked in an interview to elaborate security and smoke testing, smartest way is to explain by examples. This way employers know that you have a higher level of knowledge.

Give your answer:

If you think the above answer is not correct, Please select a reason and add your answer below.


Related Answered Questions


Related Open Questions