To perform the security testing tester try to attack the system. This is the best way to determine the lope hole in the security area of the application. Most of the systems use encryption technique to store passwords. In this we have to try to get access to the system by using different combinations of passwords. Another COMMON example of security testing is to find if the system is VULNERABLE to SQL injection attacks. While performing the security testing, tester cannot do any changes in any of the following:

• Configuration of the application or the server
• Services running on the server
• EXISTING user or customer DATA hosted by the application

To perform the security testing tester try to attack the system. This is the best way to determine the lope hole in the security area of the application. Most of the systems use encryption technique to store passwords. In this we have to try to get access to the system by using different combinations of passwords. Another common example of security testing is to find if the system is vulnerable to SQL injection attacks. While performing the security testing, tester cannot do any changes in any of the following: