Testing is a crucial phase in the SDLC. The testing phase also comprises of a divert set of tools and techniques. Modules 6, 7, and 8 are dedicated to software testing and analysis. In this homework, you will compare software security analysis tools and techniques.

In the last module, you read Chapter 14 of Conklin & Shoemaker. In this module, you have been reading Chapters 15 and 16. These chapters contain a variety of different software security analysis tools and methods. These include, but are not limited to:

· Static Code Analysis

· Dynamic Code Analysis

· Peer Review

· Quality Assurance Testing

· Penetration Testing

· Fuzzing

Question 1

Briefly describe each method.

Compare static and dynamic code analysis methods.

What is the main difference between static & dynamic code analysis and penetration testing & fuzzing? Describe.

How does the peer review process differ from other processes in the list? Describe.

How does Quality Assurance Testing differ from the other processes in the list? Describe.

pur-new-sol