Problem
In Module problem, you described and compared different kinds of software test and analysis tools. In this homework, you will evaluate the effectiveness of the same tools and methods.
a) Static Code Analysis
b) Dynamic Code Analysis
c) Peer Review
d) Quality Assurance Testing
e) Penetration Testing
f) Fuzzing
The following table shows phases of an SDLC very briefly. Note that the phases correspond to 4 business functions of the SAMM)
Design
|
Development
|
Testing
|
Operation
|
|
|
|
|
|
|
|
|
|
|
|
|
Task
• Place each software analysis technique to the corresponding cell(s).
• Which control is most proactive? Why?
• Select three analysis techniques from the list. How do you measure and improve the effectiveness of the analysis techniques you selected? Describe.