Software testing team big job

Others 2020-01-14 08:17:45 views: null

Software testing team big job

  1. 1.    After Graduation

I want to pursue post graduation is security testing software engineer or network security engineer. Network security is an emerging specialty, select the network security professionals who currently small, but the demand is great. 2020 market deficit of 273%. So the industry is less competitive pressure, but after I graduated initially intended to study section is still, after all, higher education, research and the ability to solve problems is higher. I want to work in the city of Beijing or Shanghai, Chengdu and other cities, after all, the opportunity to big cities, or more, prospects and development of space is also great.

  1. 2.    Understanding of security testing software
    1. 1.      Software Security: consists of two levels: ① is the security of the application itself. In general, the security of the application is mainly caused by software vulnerabilities, these vulnerabilities can be programmed defects or problems on the design, even the developers reserved for the back door. ② data security applications, including data storage and data transmission secure two security aspects.
    2. 2.      Safety Test: Safety Test (Security Testing) refers to the security level relating to authentication application and identify potential security flaws of the process. The main purpose of the application-level security testing is to find software security risks that exist in their own programming, and check the application of the ability to prevent trespassing, according to the different safety indicators are also different testing strategies. Note: Safety testing is not the final proof of the application is safe, but is used to verify the effectiveness of the policy established, these responses are selected based on assumptions made threat analysis phase. For example, the test application software operation when circumstances prevent unauthorized internal or external user access or vandalism, etc.
    3. 3.      Safety test methods:

① static code security testing: mainly through security scanning source code, according to program data flow, control flow, and other information to its unique semantic software security rule base to horses, to find out the code for potential security vulnerabilities. Static source code security testing is very useful way, it can find all the code there may be a security risk in the coding phase, so developers can address potential security issues at an early stage. And because of this, static code testing is more appropriate in the early stages of development of the code, rather than testing stage.

② dynamic penetration testing: Penetration testing is commonly used in security testing methods. Using automated tools or manual methods analog inputs hackers to attack applications testing, to find out the runtime security vulnerabilities that exist. This test is characterized by real and effective, to find out the general question is correct, and it is more serious. But a fatal flaw penetration test is a simulated test data can only reach a limited test points, coverage is very low.

③ scanning program data. There is a high security demand of software, data during operation can not be damaged, otherwise it will cause a buffer overflow type of attack. Data scanning means is usually carried out memory tests, such as memory tests can find many buffer overflow vulnerabilities and the like, and the test methods in addition to using these vulnerabilities are difficult to find. For example, run-time memory information software scan to see if there is some information about lead hazards, of course, this requires specialized tools to be verified, it is more difficult to do by hand.

  1. 3.    Opinions and difficulties of software testing team

Comments on the software testing team is to increase the security of software testing direction. The difficulties encountered is no immediate seniors, for the profession is quite confused. Moreover Knowledge Network security professionals need to learn there are many, there is no feeling more mature learning programs. After a semester, I already have a general understanding of computers and profession. Not like what they do just as when admission. So, I believe that after the study, with the continuous accumulation of knowledge, will be able to find the right direction to learn.

  1. 4.    2020 In the spring semester of study plan (greater than 400 hours of learning time, at least two master technology)

Extracurricular learning computer network knowledge and how it works.

Extracurricular learning the Linux operating system and how it works.

  1. The    winter learning objectives (greater than 80 hours, a master technology)

1.18 complete 500 lines of code before the exercise date.

1.20-1.26 Python basics and functions Start Basics exercises.

1.27-2.2 Python advanced features, functional programming, module. (In addition to the tutorial sample source code and then complete basic exercises no less than 20 questions. Complete 1500 line of code. Complete interim assessment.)

2.3-2.9 Python Advanced: object-oriented programming.

2.10-2.16 Python Course Design: business cards, and bank management system; Python instances of not less than 30 questions completed.

Guess you like

Origin www.cnblogs.com/zhuxiaotong/p/12190116.html
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com