TC409-001
Test Case ID | TC409-001 |
Autohor/Designer | Markus Suonio |
Date of creation | 12.04.2024 |
Class | functional/non-functional/acceptance |
Test description / objective
This test case verifies that the firewall is up and it can block unwanted access.
Links to requirements or other sources
- Use case: Use Case
- Feature: Feature
- Test restult:Test restult
Test pre-state * Start
Test steps
- Implement and configure a Web Application Firewall (WAF)
- Test the effectiveness by doing web-based attacks to Tukko
- Check if the attacks are blocked
- Check if the pipeline is affected by WAF
- Make necessary adjustments if something is wrong with the configuration and try again
Test end-state
- What happens after running the test
To be taken into account during test
- WAF might not detect possible attacks if it's not configured correctly so you might have to configure it again if it's not working.
Test result (Pass/Fail Criteria)
- PASS condition? WAF works and protects the Tukko application from threats and attacks.
- FAIL condition? WAF fails at detecting and blocking threats and attacks.