Test Case for FEA409
| Test Case description | Protect application with Web Application Firewall |
| Test Case ID | TESTCASE409 |
| Author/Designer | Rasmus Vasara |
| Date of creation | 8.3.2024 |
| Class | Security |
Test description / objective
This test case should verify that the application is effectively protected by a Web Application Firewall
Links to requirements or other sources
Test pre-state
Web Application Firewall configured and activated.
Web application itself is running.
Test steps
Ensure that the Web Application Firewall (WAF) is active and intercepting incoming traffic.
Attempt to simulate common web application attacks on the application.
Verify that the WAF successfully detects and blocks these simulated attacks.
Inspect WAF logs or monitoring dashboard to confirm the detection and blocking of the simulated attacks.
Check application functionality to ensure legitimate traffic is not affected by the WAF.
Test end-state
The Web Application Firewall (WAF) successfully detects and blocks simulated attacks.
Legitimate traffic is not impacted by the WAF.
To be taken into account during test
- Notion 1
- Notion 2
Test result (Pass/Fail Criteria)
PASS condition: The Web Application Firewall (WAF) effectively detects and blocks simulated attacks without impacting legitimate traffic.
FAIL condition: The WAF fails to detect or block simulated attacks, or legitimate traffic is negatively impacted by the WAF.