1. What is the difference between Functional Requirement and Non-Functional Requirement?

The Functional Requirement specifies how the system or application SHOULD DO where inNon Functional Requirement it specifies how the system or application SHOULD BE.

Some functional Requirements are

Authentication Business rules Historical Data Legal and Regulatory Requirements External Interfaces

Some Non-Functional Requirements are

Performance Reliability Security Recovery Data Integrity Usability

2. How Severity and Priority are related to each other?

Severity- tells the seriousness/depth of the bug where as Priority- tells which bug should rectify first. Severity- Application point of view Priority- User point of view

3. Explain the different types of Severity?

1. User Interface Defect-Low2. Boundary Related Defects-Medium3. Error Handling Defects-Medium4. Calculation Defects-High5. Interpreting Data Defects-High6. Hardware Failures& Problems-High7. Compatibility and Intersystem defects-High8. Control Flow defects-High9. Load conditions (Memory leakages under load testing)-High

4. What is the difference between Priority and Severity?

The terms Priority and Severity are used in Bug Tracking to share the importance of a bug among the team and to fix it.Severity: Is found in the Application point of view

Priority- Is found in the User point of viewSeverity- (tells the seriousness/depth of the bug)

1. The Severity status is used to explain how badly the deviation is affecting the build.

2. The severity type is defined by the tester based on the written test cases and functionality.

Example

If an application or a web page crashes when a remote link is clicked, in this case clicking the remote link by an user is rare but the impact of application crashing is severe, so the severity is high and priority is low.

PRIORITY- (tells which bug should rectify first)

1. The Priority status is set by the tester to the developer mentioning the time frame to fix a defect. If High priority is mentioned then the developer has to fix it at the earliest.

2. The priority status is set based on the customer requirements.

Example

If the company name is misspelled in the home page of a website, then the priority is high and the severity is low to fix it.

Severity: Describes the bug in terms of functionality.Priority: Describes the bug in terms of customer.

Few examples:

High Severity and Low Priority -> Application doesn't allow customer expected configuration.High Severity and High Priority -> Application doesn't allow multiple user's.Low Severity and High Priority -> No error message to prevent wrong operation. Low Severity and low Priority -> Error message is having complex meaning.

Or

Few examples:

High Severity -Low priority

Supposing, you try the wildest or the weirdest of operations in a software (say, to be released the next day) which a normal user would not do and supposing this renders a run -time error in the application,the severity would be high. The priority would be low as the operations or the steps which rendered this error by most chances will not be done by a user.

Low Severity -High priority

An example would be- you find a spelling mistake in the name of the website which you are testing.Say, the name is supposed to be Google and its spelled there as 'Gaogle'. Though, it doesn't affect the basic functionality of the software, it needs to be corrected before the release. Hence, the priority is high.

High severity- High Priority

A bug which is a show stopper. i.e., a bug due to which we are unable to proceed our testing.An example would be a run time error during the normal operation of the software,which would cause the application to quit abruptly.

Low severity - low priority

Cosmetic bugs

What is Defect Severity?

A defect is a product anomaly or flaw, which is variance from desired product specification. The classification of defect based on its impact on operation of product is called Defect Severity.

5. What is Bucket Testing?

Bucket testing (also known as A/B Testing) is mostly used to study the impact of various product designs in website metrics, two simultaneous versions were run in a single or set of web pages to measure the difference in click rates, interface and traffic.

6. What is Entry and Exit Criteria in Software Testing?

Entry Criteria is the process that must be present when a system begins, like,

 SRS (Software Requirement Specification)  FRS (Functional Requirement Specification)  Usecase  Test Case  Test plan

Exit Criteria ensures whether testing is completed and the application is ready for release, like,

Test Summary Report Metrics Defect Analysis report

7. What is Concurrency Testing?

Concurrency Testing (also commonly known as Multi User Testing) is used to know the effects of accessing the Application, Code Module or Database by different users at the same time.It helps in identifying and measuring the problems in Response time, levels of locking and deadlocking in the application.

Example

Load runner is widely used for this type of testing, Vugen (Virtual User Generator) is used to add the number of concurrent users and how the users need to be added like Gradual Ramp up or Spike Stepped.

8. Explain Statement coverage/Code coverage/Line Coverage?

Statement Coverage or Code Coverage or Line Coverage is a metric used in White Box

Testing where we can identify the statements executed and where the code is not executed cause of blockage. In this process each and every line of the code needs to be checked and executed.

Some advantages of Statement Coverage / Code Coverage / Line Coverage are

It verifies what the written code is expected to do and not to do. It measures the quality of code written. It checks the flow of different paths in the program also ensure whether those paths

are tested or not.

To Calculate Statement Coverage,

Statement Coverage = Statements Tested / Total No. of Statements.

9. Explain Branch Coverage/Decision Coverage?

Branch Coverage or Decision Coverage metric is used to check the volume of testing done in all components. This process is used to ensure whether all the code is executed by verifying every branch or decision outcome (if and while statements) by executing atleast one time, so that no branches lead to the failure of the application.

To Calculate Branch Coverage,

Branch Coverage = Tested Decision Outcomes / Total Decision Outcomes.

10. What is the difference between High level and Low Level test case?

High level Test cases are those which cover major functionality in the application (i.e. retrieve, update display, cancel (functionality related test cases), database test cases).Low level test cases are those related to User Interface (UI) in the application.

11. Explain Localization testing with example?

Localization is the process of changing or modifying an application to a particular culture or locale. This includes change in user interface, graphical designs or even the initial settings according to their culture and requirements.

In terms of Localization Testing it verifies how correctly the application is changed or modified into that target culture and language.

In case of translation required of the application on that local language, testing should be done on each field to check the correct translation. Other formats like date conversion, hardware and software usage like operating system should also be considered in localization testing.

Examples for Localization Testing are

In Islamic Banking all the transactions and product features are based on Shariah Law, some important points to be noted in Islamic Banking are

1. In Islamic Banking, the bank shares the profit and loss with the customer.2. In Islamic Banking, the bank cannot charge interest on the customer; instead they

charge a nominal fee which is termed as "Profit

3. In Islamic Banking, the bank will not deal or invest in business like Gambling, Alcohol, Pork, etc.

In this case, we need to test whether these Islamic banking conditions were modified and applied in the application or product.

In Islamic Lending, they follow both the Gregorian calendar and Hijiri Calendar for calculating the loan repayment schedule. The Hijiri Calendar is commonly called as Islamic Calendar followed in all the Muslim countries according to the lunar cycle. The Hijiri Calendar has 12 months and 354 days which is 11 days shorter than Gregorian calendar. In this case, we need to test the repayment schedule by comparing both the Gregorian calendar and Hijiri Calendar.

12. Explain Risk Analysis in Software Testing?

In Software Testing, Risk Analysis is the process of identifying risks in applications and prioritizing them to test.

In Software testing some unavoidable risk might takes place like

Change in requirements or Incomplete requirements Time allocation for testing. Developers delaying to deliver the build for testing. Urgency from client for delivery. Defect Leakage due to application size or complexity.

To overcome these risks, the following activities can be done

Conducting Risk Assessment review meeting with the development team. Profile for Risk coverage is created by mentioning the importance of each area. Using maximum resources to work on High Risk areas like allocating more testers for

High risk areas and minimum resources for Medium and Low risk areas. Creation of Risk assessment database for future maintenance and management review.

13. What is the difference between Two Tier Architecture and Three Tier Architecture?

In Two Tier Architecture or Client/Server Architecture two layers like Client and Server is involved. The Client sends request to Server and the Server responds to the request by fetching the data from it. The problem with the Two Tier Architecture is the server cannot respond to multiple requests at the same time which causes data integrity issues.The Client/Server Testing involves testing the Two Tier Architecture of user interface in the front end and database as backend with dependencies on Client, Hardware and Servers.

In Three Tier Architecture or Multi Tier Architecture three layers like Client, Server and Database are involved. In this the Client sends a request to Server, where the Server sends the request to Database for data, based on that request the Database sends back the data to Server and from Server the data is forwarded to Client.

The Web Application Testing involves testing the Three Tier Architecture including the User interface, Functionality, Performance, Compatibility, Security and Database testing.

14. What is the difference between Static testing and dynamic testing?

Static Testing (done in Verification stage)

Static Testing is a White Box testing technique where the developers verify or test their code with the help of checklist to find errors in it, this type of testing is done without running the actually developed application or program. Code Reviews, Inspections, Walkthroughs are mostly done in this stage of testing.

Dynamic Testing (done in Validation stage)

Dynamic Testing is done by executing the actual application with valid inputs to check the expected output. Examples of Dynamic Testing methodologies are Unit Testing, Integration Testing, System Testing and Acceptance Testing.

Some differences between Static Testing and Dynamic Testing are,

Static Testing is more cost effective than Dynamic Testing because Static Testing is done in the initial stage.

In terms of Statement Coverage, the Static Testing covers more areas than Dynamic Testing in shorter time.

Static Testing is done before the code deployment where the Dynamic Testing is done after the code deployment.

Static Testing is done in the Verification stage where the Dynamic Testing is done in the Validation stage.

15. Explain Use case diagram. What are the attributes of use cases?

Use Case Diagrams is an overview graphical representation of the functionality in a system. It is used in the analysis phase of a project to specify the system to be developed.In Use Case Diagrams the whole system is defined as ACTORS, USE CASES and ASSOCIATIONS, the ACTORS are the external part of the system like users, computer software & hardware, USECASES is the behavior or functionality of the system when these ACTORS perform an action, the ASSOCIATIONS are the line drawn to show the connection between ACTORS and USECASES. One ACTOR can link too many USECASES and one USECASE can link too many ACTORS.

16. What is Web Application testing? Explain the different phases in Web Application testing?

Web Application testing is done on a website to check its load, performance, Security, Functionality, Interface, compatibility and other usability related issues. In Web application testing, three phases of testing is done, they are,

Web Tier Testing

In Web tier testing, the browser compatibility of the application will be tested for IE, Fire Fox and other web browsers.

Middle Tier Testing

In Middle tier testing, the functionality and security issues were tested.

Database Tier Testing

In Database tier testing, the database integrity and the contents of the database were tested and verified.

17. Explain Unit testing, Interface Testing and Integration testing. Also explain the types of integration testing in brief?

Unit testing

Unit Testing is done to check whether the individual modules of the source code are working properly. i.e. testing each and every unit of the application separately by the developer in developer's environment.

Interface Testing

Interface Testing is done to check whether the individual modules are communicating properly one among other as per the specifications.Interface testing is mostly used in testing the user interface of GUI application.

Integration testing

Integration Testing is done to check the connectivity by combining all the individual modules together and test the functionality.

The types of Integration Testing are

1. Big Bang Integration Testing

In Big Bang Integration Testing, the individual modules are not integrated until all the modules are ready. Then they will run to check whether it is performing well.

In this type of testing, some disadvantages might occur like,

Defects can be found at the later stage.It would be difficult to find out whether the defect arouse in Interface or in module.

    2.  Top Down Integration Testing

In Top Down Integration Testing, the high level modules are integrated and tested first. i.e Testing from main module to sub module. In this type of testing, Stubs are used as temporary module if a module is not ready for integration testing.

   3.  Bottom Up Integration Testing

In Bottom Up Integration Testing, the low level modules are integrated and tested first i.e Testing from sub module to main module. Same like Stubs, here drivers are used as a temporary module for integration testing.

18. Explain Alpha, Beta, Gamma Testing?

Alpha Testing:

Alpha Testing is mostly like performing usability testing which is done by the in-house developers who developed the software or testers. Sometimes this Alpha Testing is done by the client or an outsider with the presence of developer and tester. The version release after alpha testing is called Alpha Release.

Beta Testing:

Beta Testing is done by limited number of end users before delivery, the change request would be fixed if the user gives feedback or reports defect. The version release after beta testing is called beta Release.

Gamma Testing:

Gamma Testing is done when the software is ready for release with specified requirements, this testing is done directly by skipping all the in-house testing activities.

19. Explain the methods and techniques used for Security Testing?

Security testing can be performed in many ways like,

1. Black Box Testing2. White Box Testing3. Database Testing

1. Black Box Testing

a. Session Hijacking

Session Hijacking commonly called as "IP Spoofing" where a user session will be attacked on a protected network.

b. Session Prediction

Session prediction is a method of obtaining data or a session ID of an authorized user and gets access to the application. In a web application the session ID can be retrieved from cookies or URL.The session prediction happening can be predicted when a website is not responding normally or stops responding for an unknown reason.

c. Email Spoofing

Email Spoofing is duplicating the email header ("From" address) to look like originated from actual source and if the email is replied it will land in the spammers inbox. By inserting commands in the header the message information can be altered. It is possible to send a spoofed email with information you didn't write.

d. Content Spoofing

Content spoofing is a technique to develop a fake website and make the user believe that the information and website is genuine. When the user enters his Credit Card Number, Password, SSN and other important details the hacker can get the data and use if for fraud purposes.

e. Phishing

Phishing is similar to Email Spoofing where the hacker sends a genuine look like mail attempting to get the personal and financial information of the user. The emails will appear to have come from well known websites.

f. Password Cracking

Password Cracking is used to identify an unknown password or to identify a forgotten password

Password cracking can be done through two ways,

1. Brute Force – The hacker tries with a combination of characters within a length and tries until it is getting accepted.

2. Password Dictionary – The hacker uses the Password dictionary where it is available on various topics.

2. White Box level

a. Malicious Code Injection

SQL Injection is most popular in Code Injection Attack, the hacker attach the malicious code into the good code by inserting the field in the application. The motive behind the injection is to steal the secured information which was intended to be used by a set of users.

Apart from SQL Injection, the other types of malicious code injection are XPath Injection, LDAP Injection, and Command Execution Injection. Similar to SQL Injection the XPath Injection deals with XML document.

b. Penetration Testing:

Penetration Testing is used to check the security of a computer or a network. The test process explores all the security aspects of the system and tries to penetrate the system.

c. Input validation:

Input validation is used to defend the applications from hackers. If the input is not validated mostly in web applications it could lead to system crashes, database manipulation and corruption.

d. Variable Manipulation

Variable manipulation is used as a method for specifying or editing the variables in a program. It is mostly used to alter the data sent to web server.

3. Database Level

a. SQL Injection

SQL Injection is used to hack the websites by changing the backend SQL statements, using this technique the hacker can steal the data from database and also delete and modify it.

20. Explain IEEE 829 standards and other Software Testing standards?

An IEEE 829 standard is used for Software Test Documentation, where it specifies format for the set of documents to be used in the different stages software testing. The documents are,

Test Plan- Test Plan is a planning document which has information about the scope, resources, duration, test coverage and other details.Test Design- Test Design document has information of test pass criteria with test conditions and expected results.Test Case- Test case document has information about the test data to be used.Test Procedure- Test Procedure has information about the test steps to be followed and how to execute it.Test Log- Test log has details about the run test cases, test plans & fail status, order, and the resource information who tested it.Test Incident Report- Test Incident Report has information about the failed test comparing the actual result with expected result.Test Summary Report- Test Summary Report has information about the testing done and quality of the software, it also analyses whether the software has met the requirements given by customer.

The other standards related to software testing are,

IEEE 1008 is for Unit TestingIEEE 1012 is for Software verification and validationIEEE 1028 is for Software InspectionsIEEE 1061 is for Software metrics and methodologyIEEE 1233 is for guiding the SRS developmentIEEE 12207 is for SLC process

21. What is Test Harness?

Test Harness is configuring a set of tools and test data to test an application in various conditions, which involves monitoring the output with expected output for correctness.

The benefits of Test Harness are,

Productivity increase due to process automation. Quality in the application.

 

22. What is the difference between bug log and defect tracking?

Bug Log: Bug Log document showing the number of defect such as open, closed, reopen or deferred of a particular module

Defect Tracking- The process of tracking a defect such as symptom, whether reproducible /not, priority, severity and status.

23. What are Integration Testing and Regression Testing?

Integration Testing:

Combining the modules together & construct software architecture. To test the communication & data flow White & Black box testing techniques are used It is done by developer & tester

Regression Testing

It is re-execution of our testing after the bug is fixed to ensure that the build is free from bugs.

Done after bug is fixed It is done by Tester

24. Explain Peer Review in Software Testing?

It is an alternative form of Testing, where some colleagues were invited to examine your work products for defects and improvement opportunities.Some Peer review approaches are,

Inspection

It is a more systematic and rigorous type of peer review. Inspections are more effective at finding defects than are informal reviews.Ex: In Motorola's Iridium project nearly 80% of the defects were detected through inspections where only 60% of the defects were detected through formal reviews.

Team Reviews: It is a planned and structured approach but less formal and less rigorous comparing to Inspections.Walkthrough: It is an informal review because the work product's author describes it to some colleagues and asks for suggestions. Walkthroughs are informal because they typically do not follow a defined procedure, do not specify exit criteria, require no management reporting, and generate no metrics.

Or

A 'walkthrough' is an informal meeting for evaluation or informational purposes. Little or no preparation is usually required.Pair Programming: In Pair Programming, two developers work together on the same program at a single workstation and continuously reviewing their work.

Peer Desk check

In Peer Desk check only one person besides the author examines the work product. It is an informal review, where the reviewer can use defect checklists and some analysis methods to increase the effectiveness.Passaround: It is a multiple, concurrent peer desk check where several people are invited to provide comments on the product.

25. Explain Compatibility testing with an example?

Compatibility testing is to evaluate the application compatibility with the computing environment like Operating System, Database, Browser compatibility, backwards

compatibility, computing capacity of the Hardware Platform and compatibility of the Peripherals.

Example

If Compatibility testing is done on a Game application, before installing a game on a computer, its compatibility is checked with the computer specification that whether it is compatible with the computer having that much of specification or not.

26. What is Traceability Matrix?

Traceability Matrix is a document used for tracking the requirement, Test cases and the defect. This document is prepared to make the clients satisfy that the coverage done is complete as end to end, this document consists of Requirement/Base line doc Ref No., Test case/Condition, Defects / Bug id. Using this document the person can track the Requirement based on the Defect id.

27. Explain Boundary value testing and Equivalence testing with some examples?

Boundary value testing is a technique to find whether the application is accepting the expected range of values and rejecting the values which falls out of range.

Exmple

A user ID text box has to accept alphabet characters ( a-z ) with length of 4 to 10 characters.BVA is done like this, max value: 10 pass; max-1: 9 pass;max+1=11 fail ;min=4 pass;min+1=5 pass;min-1=3 fail;Like wise we check the corner values and come out with a conclusion whether the application is accepting correct range of values.

Equivalence testing is normally used to check the type of the object.

Example

A user ID text box has to accept alphabet characters (a - z) with length of 4 to 10 characters.In +ve condition we have test the object by giving alphabets. i.e. a-z char only, after that we need to check whether the object accepts the value, it will pass.In -ve condition we have to test by giving other than alphabets (a-z) i.e. A-Z, 0-9, blank etc, it will fail.

28. What is Security testing?

Security testing is the process that determines that confidential data stays confidentialOrTesting how well the system protects against unauthorized internal or external access, willful damage, etc?This process involves functional testing, penetration testing and verification.

29. What is Installation testing?

Installation testing is done to verify whether the hardware and software are installed and configured properly. This will ensure that all the system components were used during the testing process. This Installation testing will look out the testing for a high volume data, error messages as well as security testing.

30. What is AUT?

AUT is nothing but "Application Under Test". After the designing and coding phase in Software development life cycle, the application comes for testing then at that time the application is stated as Application Under Test.

31. What is Defect Leakage?

Defect leakage occurs at the Customer or the End user side after the application delivery. After the release of the application to the client, if the end user gets any type of defects by using that application then it is called as Defect leakage. This Defect Leakage is also called as Bug Leakage.

32. What are the contents in an effective Bug report?

1. Project2. Subject3. Description4. Summary5. Detected By (Name of the Tester)6. Assigned To (Name of the Developer who is supposed to the Bug)7. Test Lead (Name)8. Detected in Version9. Closed in Version10. Date Detected11. Expected Date of Closure12. Actual Date of Closure13. Priority (Medium, Low, High, Urgent)14. Severity (Ranges from 1 to 5)15. Status16. Bug ID17. Attachment18. Test Case Failed (Test case that is failed for the Bug)

33. What is Error guessing and Error seeding?

Error Guessing is a test case design technique where the tester has to guess what faults might occur and to design the tests to represent them. Error Seeding is the process of adding known faults intentionally in a program for the reason of monitoring the rate of detection & removal and also to estimate the number of faults remaining in the program.

34. What is Ad-hoc testing?

Ad hoc testing is concern with the Application Testing without following any rules or test cases.For Ad hoc testing one should have strong knowledge about the Application.

35. What are the basic solutions for the software development problems?

1.  Basic requirements- A clear, detailed, complete, achievable, testable requirement has to be developed. Use some prototypes to help pin down requirements. In nimble

environments, continuous and close coordination with customers/end-users is needed.

2. Schedules should be realistic- enough time to plan, design, test, bug fix, re-test, change, and document in the given schedule. Adequate

3. testing- testing should be started early, it should be re-tested after the bug fixed or changed, enough time should be spend for testing and bug-fixing.

4. Proper study on initial requirements- be ready to look after more changes after the development has begun and be ready to explain the changes done to others. Work closely with the customers and end-users to manage expectations. This avoids excessive changes in the later stages.

5. Communication- conduct frequent inspections and walkthroughs in appropriate time period; ensure that the information and the documentation is available on up-to-date if possible electronic. More emphasize on promoting teamwork and cooperation inside the team; use prototypes and proper communication with the end-users to clarify their doubts and expectations.

36. What are the common problems in the software development process?

Inadequate requirements from the Client: if the requirements given by the client is not clear, unfinished and not testable, then problems may come.Unrealistic schedules: Sometimes too much of work is being given to the developer and ask him to complete in a Short duration, then the problems are unavoidable.Insufficient testing: The problems can arise when the developed software is not tested properly.Given another work under the existing process: request from the higher management to work on another project or task will bring some problems when the project is being tested as a team.Miscommunication: in some cases, the developer was not informed about the Clients requirement and expectations, so there can be deviations.

37. What is the difference between Software Testing and Quality Assurance (QA)?

Software Testing involves operation of a system or application under controlled conditions and evaluating the result. It is oriented to 'detection'.

Quality Assurance (QA) involves the entire software development PROCESS- monitoring and improving the process, making sure that any agreed-upon standards and procedures are followed, and ensuring that problems are found and dealt with. It is oriented to 'prevention'.

38. How to Test the water bottle?

Note: Before going to generate some test idea on how to test a water bottle, I would like to ask few questions like:

1. Is it a bottle made up off glass, plastic, rubber, some metal, some kind of disposable materials or any thing else?

2. Is it meant only to hot water or we can use it with other fluids like tea, coffee, soft drinks, hot chocolate, soups, wine, cooking oil, vinegar, gasoline, acids, molten lava (!) etc.?

3. Who is going to use this bottle? A school going kid, a housewife, some beverage manufacturing company, an office-goer, a sports man, a mob protesting in a rally (going to use as missiles), an Eskimo living in an igloo or an astronaut in a space ship?

These kinds of questions may allow a tester to know a product (that he is going to test) in a better way. In our case, I am assuming that the water bottle is in form of a pet bottle and actually made up off either plastic or glass (there are 2 versions of the product) and is intended to be used mainly with water. About the targeted user, even the manufacturing company is not sure about them! (Sounds familiar! When a software company develops a product without clear idea about the users who are going to use the software!)

Test Ideas

1. Check the dimension of the bottle. See if it actually looks like a water bottle or a cylinder, a bowl, a cup, a flower vase, a pen stand or a dustbin! [Build Verification Testing!]

2. See if the cap fits well with the bottle.[Installability Testing!]3. Test if the mouth of the bottle is not too small to pour water. [Usability Testing!]4. Fill the bottle with water and keep it on a smooth dry surface. See if it leaks.

[Usability Testing!]5. Fill the bottle with water, seal it with the cap and see if water leaks when the bottle is

tilted, inverted, squeezed (in case of plastic made bottle)! [Usability Testing!]6. Take water in the bottle and keep it in the refrigerator for cooling. See what happens.

[Usability Testing!]7. Keep a water-filled bottle in the refrigerator for a very long time (say a week). See

what happens to the water and/or bottle. [Stress Testing!]8. Keep a water-filled bottle under freezing condition. See if the bottle expands (if

plastic made) or breaks (if glass made). [Stress Testing!]9. Try to heat (boil!) water by keeping the bottle in a microwave oven! [Stress Testing!]10. Pour some hot (boiling!) water into the bottle and see the effect. [Stress Testing!]11. Keep a dry bottle for a very long time. See what happens. See if any physical or

chemical deformation occurs to the bottle.12. Test the water after keeping it in the bottle and see if there is any chemical change.

See if it is safe to be consumed as drinking water.13. Keep water in the bottle for sometime. And see if the smell of water changes.14. Try using the bottle with different types of water (like hard and soft water).

[Compatibility Testing!]15. Try to drink water directly from the bottle and see if it is comfortable to use. Or water

gets spilled while doing so. [Usability Testing!]16. Test if the bottle is ergonomically designed and if it is comfortable to hold. Also see if

the center of gravityof the bottle stays low (both when empty and when filled with water) and it does not topple down easily.

17. Drop the bottle from a reasonable height (may be height of a dining table) and see if it breaks (both with plastic and glass model). If it is a glass bottle then in most cases it may break. See if it breaks into tiny little pieces (which are often difficult to clean) or breaks into nice large pieces (which could be cleaned without much difficulty). [Stress Testing!] [Usability Testing!]

18. Test the above test idea with empty bottles and bottles filled with water. [Stress Testing!]

19. Test if the bottle is made up of material, which is recyclable. In case of plastic made bottle test if it is easily crushable.

20. Test if the bottle can also be used to hold other common household things like honey, fruit juice, fuel, paint, turpentine, liquid wax etc. [Capability Testing!]

39. What is Portlet Testing ?

Following are the features that should be concentrated while testing a portlet

i. Test alignment/size display with multiple style sheets and portal configurations. When you

configure a portlet object in the portal, you must choose from the following alignments:

a. Narrow portlets are displayed in a narrow side column on the portal page. Narrow portlets must fit in a column that is fewer than 255 pixels wide.b. Wide portlets are displayed in the middle or widest side column on the portal page. Wide portlets fit in a column fewer than 500 pixels wide.

ii. Test all links and buttons within the portlet display. (if there are errors, check that all forms and functions are uniquely named, and that the preference and gateway settings are configured correctly in the portlet web service editor.)

iii. Test setting and changing preferences. (if there are errors, check that the preferences are uniquely named and that the preference and gateway settings are configured correctly in the portlet web service editor.)

iv. Test communication with the backend application. Confirm that actions executed through the portlet are completed correctly. (if there are errors, check the gateway configuration in the portlet web service editor.)

v. Test localized portlets in all supported languages. (if there are errors, make sure that the language files are installed correctly and are accessible to the portlet.)

vi. If the portlet displays secure information or uses a password, use a tunnel tool to confirm that any secure information is not sent or stored in clear text.

Vii. If backwards compatibility is supported, test portlets in multiple versions of the portal.

40. What is Equivalence Partitioning?

Concepts: Equivalence partitioning is a method for deriving test cases. In this method, classes of input conditions called equivalence classes areidentified such that each member of the class causes the same kind ofprocessing and output to occur. In this method, the tester identifies various equivalence classes for partitioning. A class is a set of input conditions that are is likely to be handled the same way by the system. If the system were to handle one case in the class erroneously, it would handle all cases erroneously.

41. Why Learn Equivalence Partitioning?

Equivalence partitioning drastically cuts down the number of test cases required to test a system reasonably. It is an attempt to get a good 'hit rate', to find the most errors with the smallest number of test cases.

DESIGNING TEST CASES USING EQUIVALENCE PARTITIONING

To use equivalence partitioning, you will need to perform two steps.

1. Identify the equivalence classes2. Design test cases

STEP 1:

IDENTIFY EQUIVALENCE CLASSES Take each input condition described in the specification and derive at least two equivalence classes for it. One class represents the set of cases which satisfy the condition (the valid class) and one represents cases which do not (the

invalid class) Following are some general guidelines for identifying equivalence classes: a) If the requirements state that a numeric value is input to the system and must be within a range of values, identify one valid class inputs which are within the valid range and two invalid equivalence classes inputs which are too low and inputs which are too high. For example, if an item in inventory can have a quantity of - 9999 to + 9999, identify the following classes:

1. One valid class: (QTY is greater than or equal to -9999 and is less than or equal to 9999). This is written as (- 9999 < = QTY < = 9999)

2. The invalid class (QTY is less than -9999), also written as (QTY < -9999) 3. The invalid class (QTY is greater than 9999) , also written as (QTY >9999) b) If the

requirements state that the number of items input by the system at some point must lie within a certain range, specify one valid class where the number of inputs is within the valid range, one invalid class where there are too few inputs and one invalid class where there are, too many inputs.

42. What are two types of Metrics?

1. Process metrics: Primary metrics are also called as Process metrics. This is the metric the Six Sigma practitioners care about and can influence. Primary metrics are almost the direct output characteristic of a process. It is a measure of a process and not a measure of a high-level business objective. Primary Process metrics are usually Process Defects, Process cycle time and Process consumption.

2. Product metrics: Product metrics quantitatively characterize some aspect of the structure of a software product, such as a requirements specification, a design, or source code.

43. What is the Outcome of Testing?

A stable application, performing its task as expected.

44. Why do you go for White box testing, when Black box testing is available?

A benchmark that certifies Commercial (Business) aspects and also functional (technical) aspects is objectives of black box testing. Here loops, structures, arrays, conditions, files, etc are very micro level but they arc Basement for any application, So White box takes these things in Macro level and test these things

45. What is Baseline document, Can you say any two?

A baseline document, which starts the understanding of the application before the tester, starts actual testing. Functional Specification and Business Requirement Document

46. Tell names of some testing type which you learnt or experienced?

Any 5 or 6 types which are related to companies profile is good to say in the interview,

1. Ad - Hoc testing 2. Cookie Testing3. CET (Customer Experience Test)4. Depth Test5. Event-Driven 6. Performance Testing 7. Recovery testing

8. Sanity Test 9. Security Testing 10. Smoke testing 11. Web Testing

47. What exactly is Heuristic checklist approach for unit testing?

It is method of achieving the most appropriate solution of several found by alternative methods is selected at successive stages testing. The checklist Prepared to Proceed is called Heuristic checklist

48. What is a Data Guideline?

Data Guidelines are used to specify the data required to populate the test bed and prepare test scripts. It includes all data parameters that are required to test the conditions derived from the requirement / specification The Document, which supports in preparing test data are called Data guidelines

49. Why do you go for Test Bed?

When Test Condition is executed its result should be compared to Test result (expected result), as Test data is needed for this here comes the role of test Bed where Test data is made ready.

50. Why do we prepare test condition, test cases, test script (Before Starting Testing)?

These are test design document which are used to execute the actual testing Without which execution of testing is impossible, finally this execution is going to find the bugs to be fixed so we have prepare this documents.

51. Is it not waste of time in preparing the test condition, test case & Test Script?

No document prepared in any process is waste of rime, That too test design documents which plays vital role in test execution can never be said waste of time as without which proper testing cannot be done.

52. How do you go about testing of Web Application?

To approach a web application testing, the first attack on the application should be on its performance behavior as that is very important for a web application and then transfer of data between web server and .front end server, security server and back end server.

53. What kind of Document you need for going for a Functional testing?

Functional specification is the ultimate document, which expresses all the functionalities of the application and other documents like user manual and BRS are also need for functional testing. Gap analysis document will add value to understand expected and existing system.

54. Can the System testing be done at any stage?

No, .The system as a whole can be tested only if all modules arc integrated and all modules work correctly System testing should be done before UAT (User Acceptance testing) and Before Unit Testing.

55. What is Mutation testing & when can it be done?

Mutation testing is a powerful fault-based testing technique for unit level testing. Since it is a fault-based testing technique, it is aimed at testing and uncovering some specific kinds of faults, namely simple syntactic changes to a program. Mutation testing is based on two assumptions: the competent programmer hypothesis and the coupling effect. The competent programmer hypothesis assumes that competent programmers turn to write nearly "correct" programs. The coupling effect stated that a set of test data that can uncover all simple faults in a program is also capable of detecting more complex faults. Mutation testing injects faults into code to determine optimal test inputs.

56. Why it is impossible to test a program completely?

With any software other than the smallest and simplest program, there are too many inputs, too many outputs, and too many path combinations to fully test. Also, software specifications can be subjective and be interpreted in different ways.

57. How will you review the test case and how many types are there?

There are 2 types of review:

Informal Review: technical lead reviewing.Peer Review: by a peer at the same organization (walkthrough? technical - inspection).

OrReviews:

1. Management Review2. Technical Review3. Code Review4. Formal Review (Inspections and Audits)5. Informal Review (Peer Review and Code Review)

 

and coming to walk through....

objectives of Reviews:

1. To find defects in requirements.2. To find defects in Design.3. To identify deviations in any process and also provide valued suggestions to improve

the process.

58. What do you mean by Pilot Testing?

Pilot testing involves having a group of end users try the system prior to its full deployment in order to give feedback on IIS 5.0 features and functions.OrPilot Testing is a Testing Activity which resembles the Production Environment.

It is Done Exactly between UAT and Production Drop. Few Users who simulate the Production environment to continue the Business

Activity with the System. They Will Check the Major Functionality of the System before going into production.

This is basically done to avoid the high-level Disasters.

Priority of the Pilot Testing Is High and Issues Raised in Pilot Testing has to be Fixed As Soon As Possible.

59. What is SRS and BRS in manual testing?

BRS is Business Requirement Specification which means the client who want to make the application gives the specification to software development organization and then the organization convert it to SRS (Software requirement Specification) as per the need of the software.

60. What is Smoke Test and Sanity Testing? When will use the Above Tests?

Smoke Testing: It is done to make sure if the build we got is testable or not, i.e to check for the testability of the build also called as "day 0" check. Done at the 'build level'Sanity Testing: It is done during the release phase to check for the main functionalities without going deeper. Sometimes also called as subset of regression testing. When no rigorous regression testing is done to the build, sanity does that part by checking major functionalities. Done at the 'release level'

61. What is debugging?

Debugging is finding and removing "bugs" which cause the program to respond in a way that is not intended.

62. What is determination?

Determination has different meanings in different situations. Determination means a strong intention or a fixed intention to achieve a specific purpose. Determination, as a core value, means to have strong will power in order to achieve a task in life. Determination means a strong sense of self-devotion and self-commitment in order to achieve or perform a given task. The people who are determined to achieve various objectives in life are known to succeed highly in various walks of life.

Another way, it could also mean calculating, ascertaining or even realizing a specific amount, limit, character, etc. It also refers to a certain result of such ascertaining or even defining a certain concept.

It can also mean to reach at a particular decision and firmly achieve its purpose.

63. What is exact difference between Debugging & Testing?

Testing is nothing but finding an error/problem and its done by testers where as debugging is nothing but finding the root cause for the error/problem and that is taken care by developers.OrDebugging- is removing the bug and is done by developer.

Testing - is identifying the bug and is done by tester.

64. What is fish model can you explain?

Fish model explains the mapping between different stages of development and testing.

Phase 1

Information gathering takes place and here the BRS document is prepared.

Phase 2

Analysis takes place

During this phase, development people prepare SRS document which is a combination of functional requirement specification and system requirement specification. During this phase, testing people are going for reviews.

Phase-3

Design phase

Here HLD and LLD high level design document and low level design documents are prepared by development team. Here, the testing people are going for prototype reviews.

Phase-4

coding phase

White box testers start coding and white box testing is being conducted by testing team.

Phase-5

testing phase

White box testing takes place by the black box test engineers.

Phase-6

release and maintenance.

65. What is Conformance Testing?

The process of testing that an implementation conforms to the specification on which it is based. Usually applied to testing conformance to a formal standard.

66. What is Context Driven Testing?

The context-driven school of software testing is flavor of Agile Testing that advocates continuous and creative evaluation of testing opportunities in light of the potential information revealed and the value of that information to the organization right now.

67. What is End-to-End testing?

Similar to system testing, the 'macro' end of the test scale involves testing of a complete application environment in a situation that mimics real-world use, such as interacting with a database, using network communications, or interacting with other hardware, applications, or systems if appropriate.

68. When the testing should be ended?

Testing is a never ending process, because of some factors testing May terminates.The factors may be most of the tests are executed, project deadline, test budget depletion, bug rate falls down below the criteria.

69. What is Parallel/Audit Testing?

Testing where the user reconciles the output of the new system to the output of the current system to verify the new system performs the operations correctly.

70. What are the roles of glass-box and black-box testing tools?

Black-box testing

It is not based on knowledge of internal design or code. Tests are based on requirements and functionality. Black box testing is used to find the errors in the following.

1. Interface errors2. Performance errors3. Initialization errors4. Incorrect or missing functionality5. Errors while accessing external database

Glass-box testing

It is based on internal design of an application code. Tests are based on path coverage, branch coverage, and statement coverage. It is also known as White Box testing.

1. White box test cases can check for;2. All independent paths with in a module are executed atleast once3. Execute all loops4. Exercises all logical decisions5. Exercise internal data structure to ensure their validity

71. What is your experience with change control? Our development team has only 10 members. Do you think managing change is such a big deal for us?

Whenever the modifications happening to the actual project all the corresponding documents are adapted on the information. So as to keep the documents always in sync with the product at any point of time

72. What is GAP ANALYSIS?

The gap analysis can be done by traceability matrix that means tracking down each individual requirement in SRS to various work products.

73. How do you know when your code has met specifications?

With the help of traceability matrix. All the requirements are tracked to the test cases. When all the test cases are executed and passed is an indication that the code has met the requirements.

74. At what stage of the life cycle does testing begin in your opinion?

Testing is a continuous process and it starts as and when the requirement for the project

/product begins to be framed. Requirements phase: testing is done to check whether the project/product details are reflecting clients ideas or giving an idea of complete project from the clients perspective (as he wished to be) or not.

75. What are the properties of a good requirement?

Requirement specifications are important and one of the most reliable methods of insuring problems in a complex software project. Requirements are the details describing an application's externally perceived functionality and properties. Requirements should be clear, complete, reasonably detailed, cohesive, attainable and testable.

76. How do you scope, organize, and execute a test project?

The Scope can be defined from the BRS, SRS, FRS or from functional points. It may be anything that is provided by the client. And regarding organizing we need to analyze the functionality to be covered and who will testing the modules and pros and cons of the application. Identify the number if test cases, resource allocation, what are the risks that we need mitigate all these come into picture.Once this is done it is very easy to execute based on the plan what we have chalked out.

77. How would you ensure 100% coverage of testing?

We can not perform 100% testing on any application. but the criteria to ensure test completion on a project are:

1. All the test cases are executed with the certain percentage of pass. 2. Bug falls below a certain level 3. Test budget depleted 4. Dead lines reached (project or test)5. When all the functionalities are covered in a test cases 6. All critical & high bugs must have a status of CLOSED

78. Do you go about testing a web application?

Ideally to test a web application, the components and functionality on both the client and server side should be tested. But it is practically impossible

The best approach to examine the project's requirements, set priorities based on risk analysis, and then determine where to focus testing efforts within budget and schedule constraints. To test a web application we need to perform testing for both GUI and client-server architecture.

Based on many factors like project requirements, risk analysis, budget and schedule, we can determine that what kind of testing will be appropriate for your project. We can perform unit n integration testing, functionality testing, GUI testing, usability testing, compatibility testing, security testing, performance testing, recovery testing and regression testing.

79. What are your strengths?

I'm well motivated, well-organized, good team player, dedicative to work and I've got a strong desire to succeed, and I'm always ready and willing to learn new information and skills.

80. When should you begin testing?

For any Project, testing activity will be there from starting onwards, After the Requirements gathering, Design Document (High and Low) will be prepared, that will be tested, whether they are confirming to requirements or not, Design then Coding- White box will be done, after the Build or System is ready, Integration followed by functional testing will be done, Till the product or Project was stable. After the product or project is stable, then testing will be stopped.

81. When should you begin test planning?

Test planning is done by test lead. As a test lead test planning begins when TRM is finalized by project manager and handover to the test lead. Here test lead have some responsibilities those are,

1. Testing team formation 2. identifying tactical risks 3. preparing test plan 4. Reviews on test plans

82. Would you like to work in a team or alone, why?

I would like to work in a team. Because the process of software developmentis like a relay race where many runners have to contribute in their respective laps. It is important because the complexity of work and degree of efforts required is beyond level of an individual.

83. When should testing Start in a project? Why?

Testing in a continuous activity carried out at every stage of the project. You first test everything that you get from the client. As tester (technical tester), my work will start as soon as the project starts.

84. Have you ever created a test plan?

This is just a sample answer - "I have never created any test plan. I developed and executed testcase. But I was involved/ participated actively with my Team Leader while creating Test Plans."

85. Define quality for me as you understand it

It is software that is reasonably bug-free and delivered on time and within the budget, meets the requirements and expectations and is maintainable.

86. What is the role of QA in a development project?

Quality AssuranceGroup assures the Quality it must monitor the whole development process. they are most concentration on prevention of bugs.

It must set standards, introduce review procedures, and educate people into better ways to design and develop products.

87. How involved where you with your Team Lead in writing the Test Plan?

As per my knowledge Test Member are always out of scope while preparing the Test Plan, Test Plan is a higher level document for Testing Team. Test Plan includes Purpose, scope, Customer/Client scope, schedule, Hardware, Deliverables and Test Cases etc. Test plan derived from PMP (Project Management Plan). Team member scope is just go through TEST PLAN then they come to know what all are their responsibilities, Deliverable of modules.

Test Plan is just for input documents for every testing Team as well as Test Lead.

88. What processes/methodologies are you familiar with?

Methodology

1. Spiral methodology2. Waterfall methodology. these two are old methods.3. Rational unified processing. this is from I B M and4. Rapid application development. this is from Microsoft office.

89. What is globalization testing?

The goal of globalization testing is to detect potential problems in application design that could inhibit globalization. It makes sure that the code can handle all international support without breaking functionality that would cause either data loss or display problems.

90. What is base lining?

Base lining: Process by which the quality and cost effectiveness of a service is assessed, usually in advance of a change to the service. Base lining usually includes comparison of the service before and after the Change or analysis of trend information. The term Benchmarking is normally used if the comparison is made against other enterprises.

For example:

If the company has different projects. For each project there will be separate test plans. This test plans should be accepted by peers in the organization after modifications. That modified test plans are the baseline for the testers to use in different projects. Any further modifications are done in the test plan. Present modified becomes the baseline. Because this test plan becomes the basis for running the testing project.

91. Define each of the following and explain how each relates to the other: Unit, System and Integration testing.

Unit testing

it is a testing on each unit (program)

System testin

This is a bottleneck stage of our project. This testing done after integration of all modules to check whether our build meets all the requirements of customer or not. Unit and integration testing is a white box testing which can be done by programmers. System testing is a black box testing which can be done by people who do not know programming. The hierarchy of this testing is unit testing integration testing system testing

Integration testing: integration of some units called modules. the test on these modules is

called integration testing (module testing).

92. Who should you hire in a testing group and why?

Testing is an interesting part of software cycle. and it is responsible for providing an quality product to a customer. It involves finding bugs which is more difficult and challenging. I wanna be part of testing group because of this.

93. What do you think the role of test-group manager should be? Relative to senior management? Relative to other technical groups in the company? Relative to your staff?

ROLES OF test-group manager INCLUDE

Defect find and close rates by week, normalized against level of effort (are we finding defects, and can developers keep up with the number found and the ones necessary to fix?)

Number of tests planned, run, passed by week (do we know what we have to test, and are we able to do so?)

Defects found per activity vs. total defects found (which activities find the most defects?)

Schedule estimates vs. actual (will we make the dates, and how well do we estimate?)

People on the project, planned vs. actual by week or month (do we have the people we need when we need them?)

Major and minor requirements changes (do we know what we have to do, and does it change?)

94. What criteria do you use when determining when to automate a test or leave it manual?

The Time and Budget both are the key factors in determining whether the test goes on Manual or it can be automated. Apart from that the automation is required for areas such as Functional, Regression, Load and User Interface for accurate results.

95. How do you analyze your test results? What metrics do you try to provide?

Test results are analyzed to identify the major causes of defect and which is the phase that has introduced most of the defects. This can be achieved through cause/effect analysis or Pareto analysis. Analysis of test results can provide several test matrics. Where matrices are measure to quantify s/w, s/w development resources and s/w development process. Few matrices which we can provide are:

Defect density: total no of defects reported during testing/size of project

Test effectiveness'/(t+uat) where t: total no of defect recorded during testing

and UAT: total no of defect recorded during use acceptance testing

Defect removal efficiency(DRE): (total no of defect removed / total no of defect injected)*100

96. How do you perform regression testing?

Regression Testing is carried out both manually and automation. The automatic tools are mainly used for the Regression Testing as this is mainly focused repeatedly testing the same application for the changes the application gone through for the new functionality, after fixing the previous bugs, any new changes in the design etc. The regression testing involves executing the test cases, which we ran for finding the defects. Whenever any change takes place in the Application we should make sure, the previous functionality is still available without any break. For this reason one should do the regression testing on the application by running/executing the previously written test cases.

97. Describe to me when you would consider employing a failure mode and effect analysis

FMEA (Failure Mode and Effects Analysis) is a proactive tool, technique and quality method that enables the identification and prevention of process or product errors before they occur. Failure modes and effects analysis (FMEA) is a disciplined approach used to identify possible failures of a product or service and then determine the frequency and impact of the failure.

98. What is UML and how to use it for testing?

The Unified Modeling Language is a third-generation method for specifying, visualizing, and documenting the artifacts of an object-oriented system under development From the inside, the Unified Modeling Language consists of three things:

1. A formal metamodel 2. A graphical notation 3. A set of idioms of usage

99. What you will do during the first day of job?

In my present company HR introduced me to my colleagues. and i known the following things.

1. What is the organization structure? 2. What is the current project developing, on what domain etc., 3. I will know to whom i have to report and what r my other responsibilities.

100. What is IEEE? Why is it important?

Organization of engineers Scientists and students involved in electrical, electronics, and related fields. It is important because it functions as a publishing house and standards-making body.

101. Define Verification and Validation. Explain the differences between the two.

Verification - Evaluation done at the end of a phase to determine that requirements are established during the previous phase have been met. Generally Verification refers to the overall s/w evaluation activity, including reviewing, inspecting, checking and auditing.

Validation: - The process of evaluating s/w at the end of the development process to ensure compliance with requirements. Validation typically involves actual testing and takes place after verification is complete.

Or

Verification: Whether we are building the product right?

Validation: Whether we are building the right product/System?

102. Describe a past experience with implementing a test harness in the development Of software

Harness: an arrangement of straps for attaching a horse to a cart. Test Harness: This class of tool supports the processing of tests by working it almost painless to

1. Install a candidate program in a test environment 2. Feed it input data 3. Simulate by stubs the behavior of subsidiary modules.

103. What criteria do you use when determining when to automate a test or leave it manual?

The Time and Budget both are the key factors in determining whether the test goes on Manual or it can be automated. Apart from that the automation is required for areas such as Functional, Regression, Load and User Interface for accurate results.

104. What would you like to do five years from now?

I would like to be in a managerial role, ideally working closely with external clients. I have worked in client-facing roles for more than two years and I enjoy the challenge of keeping the customer satisfied. I think it's something I'm good at. I would also like to take on additional responsibility within this area, and possibly other areas such as  Finally, I'd like to be on the right career path towards eventually becoming a Senior Manager within the company. I'm very aware that these are ambitious goals, however I feel through hard workand dedication they are quite attainable.

105. Define each of the following and explain how each relates to the other: Unit, System, and Integration testing

Unit system comes first. Performed by a developer. Integration testing comes next. Performed by a tester System testing comes last-Performed by a tester.

106. What is IEEE? Why is it important?

"Institute of Electrical & Electronic Engineers" Organization of engineers, scientists and students involved in electrical, electronics, and related fields. It also functions as a publishing house and standards-making body.

107. What is the role of QA in a company that produces software?

The role of the QA in the company is to produce a quality software and to ensure that it meets all the requirements of its customers before delivering the product.

108. How would you build a test team?

Building a test team needs a number of factors to judge. Firstly, you have to consider the complexity of the application or project that is going to be tested. Next testing, time allotted levels of testing to be performed. With all these parameters in mind you need to decide the skills and experience level of your testers and how many testers.

109. In an application currently in production, one module of code is being modified. Is it necessary to re- test the whole application or is it enough to just test functionality associated with that module?

It depends on the functionality related with that module. We need to check whether that module is inter-related with other modules. If it is related with other modules, we need to test related modules too. Otherwise, if it is an independent module, no need to test other modules.

110. What are ISO standards? Why are they important?

ISO 9000 specifies requirements for a Quality Management System overseeing the production of a product or service. It is not a standard for ensuring a product or service is of quality; rather, it attests to the process of production, and how it will be managed and reviewed.

For ex a few:

ISO 9000:2000 Quality management systems. Fundamentals and vocabulary

ISO 9000-1:1994 Quality management and quality assurance standards. Guidelines for selection and use

ISO 9000-2:1997 Quality management and quality assurance standards. Generic guidelines for the application of ISO 9001, ISO 9002 and ISO 9003

ISO 9000-3:1997 Quality management and quality assurance standards. Guidelines for the application of ISO 9001:1994 to the development, supply, installation and maintenance of computer software

ISO 9001:1994 Quality systems. Model for quality assurance in design, development, production, installation and servicing

ISO 9001:2000

Quality management systems. Requirements

111. What is the Waterfall Development Method and do you agree with all the steps?

Waterfall approach is a traditional approach to the s/w development. This will work out of it project is a small one (Not complex).Real time projects need spiral methodology as SDLC. Some product based development can follow Waterfall, if it is not complex. Production cost is less if we follow waterfall method.

112. What is migration testing?

Changing of an application or changing of their versions and conducting testing is migration testing. Testing of programs or procedures used to convert data from existing systems for use in replacement systems.

113. What is terminology? Why testing Necessary fundamental test process psychology of testing Testing Terminologies

Error: a human action that produces an incorrect result.

Fault: a manifestation of an error in software.

Failure: a deviation of the software from its expected delivery or service.

Reliability: the probability that the software will not cause the failure of the system for a specified time under specified conditions.

Why Testing is Necessary

Testing is necessary because software is likely to have faults in it and it is better (cheaper, quicker and more expedient) to find and remove these faults before it is put into live operation. Failures that occur during live operation are much more expensive to deal with than failures than occur during testing prior to the release of the software. Of course other consequences of a system failing during live operation include the possibility of the software supplier being sued by the customers!

Testing is also necessary so we can learn about the reliability of the software (that is, how likely it is to fail within a specified time under specified conditions).

114. What is UAT testing? When it is to be done?

UAT stands for 'User acceptance Testing' This testing is carried out with the user perspective and it is usually done before a releaseUAT stands for User Acceptance Testing. It is done by the end users along with testers to validate the functionality of the application. It is also called as Pre-Production testing.

115. How to find that tools work well with your existing system?

I think we need to do a market research on various tools depending on the type of application we are testing. Say we are testing an application made in VB with an Oracle Database, and then Win runner is going to give good results. But in some cases it may not, say your application uses a lots of 3rd party Grids and modules which have been integrated into the application. So it depends on the type of application u r testing.

Also we need to know what sort of testing will be performed. If u need to test the performance, u cannot use a record and playback tool, u need a performance testing tool such as Load runner.

116. What is the difference between a test strategy and a test plan?

TEST PLAN: IT IS PLAN FOR TESTING.IT DEFINES SCOPE, APPROACH, AND ENVIRONEMENT.

TEST STRATEGY: A TEST STRATEGY IS NOT A DOCUMENT.IT IS A FRAMEWORK FOR MAKING DECISIONS ABOUT VALUE.

117. What is Scenarios in term of testing?

Scenario means development. We define scenario by the following definition: Set of test cases that ensure the business process flows are tested from end to end. It may be independent tests or a series of tests that follow each other, each dependant on the output of the previous one. The term test scenario and test case are often used synonymously.

118. Explain the differences between White-box, Gray-box, and Black-box testing?

Black box testing Tests are based on requirements and functionality. Not based on any knowledge of internal design or code.

White box testing Tests are based on coverage of code statements, branches, paths, conditions. Based on knowledge of the internal logic of an application's code.

Gray Box Testing A Combination of Black and White Box testing methodologies, testing a piece of software against its specification but using some knowledge of its internal workings.

119. What is structural and behavioral Testing?

Structural Testing

It is basically the testing of code which is called white box testing.

Behavioral Testing

It is also called functional testing where the functionality of software is being tested. This kind of testing is called black box testing.

Structural Testing

It's a White Box Testing Technique. Since the testing is based on the internal structure of the program/code & hence it is called as Structural Testing.

Behavioral Testing:

It's a Black Box Testing Technique. Since the testing is based on the external behavior/functionality of the system /application & hence it is called as Behavioral Testing.

120. How does unit testing play a role in the development / Software lifecycle?

We can catch simple bugs like GUI, small functional Bugs during unit testing. This reduces testing time. Overall this saves project time. If developer doesn't catch this type of bugs, this will come to integration testing part and if it catches by a tester, this need to go through a Bug life cycle and consumes a lot of time.

121. What made you pick testing over another career?

Testing is one aspect which is very important in the Software Development Life Cycle (SDLC). I like to be part of the team which is responsible for the quality of the application being delivered. Also, QA has broad opportunities and large scope for learning various technologies. And of course it has lot more opportunities than the Development.

Sample Test Case:

Test Case ID

Test Case Description

Input Data

Expected Result

Actual Result

Pass/Fail Remarks

Sample Bug Case:  

S. no LinksBug ID

DescriptionInitial Bug Status

Retesting Bug Status

Conf Bug Status

===========================BASICS OF MANUAL TESTING=================================

"Automation is a part, but Manual is Heart of testing"

What is software testing?

Software Testing is the process of executing a program or system with the intent of finding errors.

Software testing is the process used to help identify the Correctness, Completeness, Security and Quality of the developed Computer Software

(OR)

The process of evaluating the software application or program to find the difference between the actual results to the expected result.

Software testing has three main purposes:

1. Verification 2. Validation and 3. Defect finding.

The verification process confirms that the software meets its technical specifications and user requirements. It's a Process based application.

The Defect is a variance between the expected and actual result. The defect's ultimate source may be traced to a fault introduced in the specification, design, or development (coding) phases.

Describe the difference between validation and verification

Verification is done by frequent evaluation and meetings to appraise the documents, policy, code, requirements, and specifications. This is done with the checklists, walkthroughs, and inspection meetings.

Validation is done during actual testing and it takes place after all the verifications are being done.

Difference between Test case and Use case?

Use cases are prepared by business analysts from the functional requirement analysis (FRS) according to the user requirements.

Test case are prepared by Test Engineer based on the use case. The test case is a set procedure that guides a tester to execute a test.

Testing Methodology?

Means what kind of approach is following while testing (e.g.) functional testing, Regression testing, Retesting, Confirmation testing.

Exploratory Testing:

With out the knowledge of requirements, testing is done by giving random inputs.

Ad-Hoc testing:

Testing without a formal test plan or outside of a test plan.

Bug life cycle:

It has the following life cycle such as:

New: When the bug is posted for the first time is called new. Open: After the tester sends the bug, the lead checks if it genuine then it is called as

open. Assign: After the lead checks, he assigns to the developer and that state is called

assign. Test: Before the developer releases the software with bug fixed, he changes the

state of bug to "TEST". Fixed: When the developer resolved the bug the status is fixed. Reopen: If the bug still exists even after the bug is fixed by the developer, the tester

changes the status to reopen. Closed: If the bug is no more the status is closed.

V-Model:

V-model is a model in which verification and validation parallely .As soon as we get the requirement from the customer, the left side is verification done and right side is validation done.

Short duration project like 6 months Water fall model is followed, longer duration project V Model is followed. Water fall model is much easier than V Model.

Test plan:

Test plan specifies process and scheduling of an application. Test lead Prepares test plan document based on what to test, how to test, when to test, whom to test. It covers the entire testing activity.

SRS:

Software requirement specification (SRS). It describes what the software will do and how it will be expected to perform.

Requirement Traceability Matrix (RTM):

It is the mapping between customer requirements and prepared test cases. This is used to find whether all the requirements are covered or not.

Different Levels of testing?

Unit Testing Integrated Testing System Testing Acceptance Testing

Unit Testing = (Testing the individual modules)

The testing done to a unit or to a smallest piece of software. Done to verify if it satisfies its functional specification or its intended design structure.

The Tools used in Unit Testing are debuggers, tracers and is done by Programmers.

Integration Testing

Testing the related modules together for its combined functionality.

System Testing

System testing of software or hardware is testing conducted on a complete, integrated system to evaluate the system's compliance with its specified requirements. System testing falls within the scope of black box testing, and as such, should require no knowledge of the inner design of the code or logic.

Testing the software for the required specifications.

System integration testing

System integration testing is the process of verifying the synchronization between two or more software systems and which can be performed after software system collaboration is completed.

User Acceptance Testing = (It the testing done with the intent of conforming readiness of the product and Customer acceptance.)

Testing conducted to determine whether or not a system satisfies its acceptance criteria and to enable the customer to determine whether or not to accept the system. It is done against requirements and is done by actual users.

Acceptance Testing:

Formal testing conducted to determine whether or not a system satisfies its acceptance criteria, which enables a customer to determine whether to accept the system or not.

Compatibility testing

Compatibility testing, part of software non-functional tests, is testing conducted on the application to evaluate the application's compatibility with the computing environment. Computing environment may contain some or all of the below mentioned elements:

Computing capacity of Hardware Platform (IBM 360, HP 9000, etc.) Bandwidth handling capacity of networking hardware Compatibility of peripherals (Printer, DVD drive, etc.) Operating systems (MVS, UNIX, Windows, etc.) Database (Oracle, Sybase, DB2, etc.) Other System Software (Web server, networking/ messaging tool, etc.) Browser compatibility (Firefox, Netscape, Internet Explorer, Safari, etc.)

Installation Testing

System testing conducted once again according to hardware configuration requirements. Installation procedures may also be verified

Functional Testing

It checks that the functional specifications are correctly implemented. Can also check if Non

Functional behavior is as per expectations.

Stress testing

To evaluate a system beyond the limits of the specified requirements or system resources (such as disk space, memory, processor utilization) to ensure the system do not break unexpectedly

Load Testing

Load Testing, a subset of stress testing, verifies that a web site can handle a particular number of concurrent users while maintaining acceptable response times.

Scalability Testing is used to check whether the functionality and performance of a system are capable to meet the volume and size change as per the requirements.

Scalability testing can be done using load test with various software and hardware configurations changed, where the testing environment settings unchanged.

Regression Testing = (Testing the application to find whether the change in code affects anywhere in the application)

Regression Testing is "selective retesting of a system or component to verify that modifications have not caused unintended effects". It is repetition of tests intended to show that the software's behavior is unchanged. It can be done at each test level.

Performance Testing

To evaluate the time taken or response time of the system to perform it's required functions in comparison

ALPHA TESTING: Testing is done near the completion of project.

Testing of a software product or system conducted at the developer's site by the customer

BETA TESTING: Testing is done after the completion of project.

Testing conducted at one or more customer sites by the end user of a delivered software product system.

Usability Testing = (Testing the ease with which users can learn and use a product.)Usability testing is a technique used to evaluate a product by testing it on users. This can be seen as an irreplaceable usability practice, since it gives direct input on how real users use the system. This is in contrast with usability inspection methods where experts use different methods to evaluate a user interface without involving users.

OR

It evaluates the Human Computer Interface. Verifies for ease of use by end-users. Verifies ease of learning the software, including user documentation. Checks how effectively the software functions in supporting user tasks. Checks the ability to recover from user errors.

Data Flow Testing

Selects test paths according to the location of definitions and use of variables.

1.2.3 Loop Testing

Loops fundamental to many algorithms. Can define loops as simple, concatenated, nested, and unstructured.

Examples:

Note that unstructured loops are not to be tested. Rather, they are redesigned.

Configuration Testing

It is used when software meant for different types of users. It also checks that whether the software performs for all users.

Recovery Testing

It is used in verifying software restart capabilities after a "disaster"

OR

Recovery testing is the activity of testing how well an application is able to recover from crashes, hardware failures and other similar problems.

Examples of recovery testing:

1. While an application is running, suddenly restart the computer, and afterwards check the validness of the application's data integrity.

2. While an application is receiving data from a network, unplug the connecting cable. After some time, plug the cable back in and analyze the application's ability to continue receiving data from the point at which the network connection disappeared.

3. Restart the system while a browser has a definite number of sessions. Afterwards, check that the browser is able to recover all of them.

Security Testing

Security testing is a process to determine that an information system protects data and maintains functionality as intended.

OR

Security testing is the process that determines that confidential data stays confidential

OR

Testing how well the system protects against unauthorized internal or external access, willful damage, etc?

This process involves functional testing, penetration testing and verification.

Test Plan: Test Plan is a document with information on Scope of the project, Approach, Schedule of testing activities, Resources or Manpower required, Risk Issues, Features to be tested and not to be tested, Test Tools and Environment Requirements. 

Test Strategy: Test Strategy is a document prepared by the Quality Assurance Department with the details of testing approach to reach the Quality standards. 

Test Scenario: Test Scenario is prepared based on the test cases and test scripts with the sequence of execution. 

Test Case: Test case is a document normally prepared by the tester with the sequence of steps to test the behavior of feature/functionality/non-functionality of the application. Test Case document consists of Test case ID, Test Case Name, Conditions (Pre and PostConditions) or Actions, Environment, Expected Results, Actual Results, Pass/Fail. The Test cases can be broadly classified as User Interface Test cases, Positive Test cases and Negative Test cases. 

Test Script: Test Script is a program written to test the functionality of the application. It is a set of system readable instructions to automate the testing with the advantage of doing repeatable and regression testing easily.

Test Environment: It is the Hardware and Software Environment where the testing is going to be done. It also explains whether the software under test interacts with Stubs and Drivers. 

Test Procedure: Test Procedure is a document with the detailed instruction for step by step execution of one or more test cases. Test procedure is used in Test Scenario and Test Scripts. 

Test Log: Test Log contains the details of test case execution and the output information.

What is Fuzz Testing?

Fuzz testing is a Black box testing technique which uses random bad data to attack a program and see what breaks in the application.Fuzz testing is mostly used to,

Set up a correct file to enter your program Restore some part of the file by using random data Unlock the file with the program Observe what breaks

Fuzz testing can be automated for maximum effects on large applications. This testing improves the confidence that the application is safe and secure.

Testing strategy:

1. Black box testing2. White box testing3. Gray box testing

Black box testing:

Testing of application without the knowledge of coding. Black box testing (BBT) is also called as Functional testing.

White box testing:

Testing of application with the knowledge of coding to examine outputs.

White box testing (WBT) is also called Structural or Glass box testing.

White box testing involves looking at the structure of the code. When you know the internal structure of a product, tests can be conducted to ensure that the internal operations performed according to the specification. And all internal components have been adequately exercised.

Gray box testing:

It is like monkey testing.

Static: Verifying the documents alone.Dynamic: Testing the functionality.

Software testing lifecycle:

Requirements gathering: Collecting the project related information.

Analyzing: Discussing the collected information whether the requirements can meet.

Test plan preparation: It specifies the entire testing activity Test case preparation: It is a document which contains input and corresponding

results. Test case execution: Execution of test case results to find bugs Bug Tracking: Monitoring of the bug till closed. Regression testing: Testing the application to find whether the change in code

affect anywhere in the application.

WHAT IS MEAN BY DESIGNING THE APPLICATION AND TESTING THE APPLICATION?

Designing and Testing are two different phases in a software development process (SDLC).

1. Information Gathering2. Analysis3. Designing4. Coding5. Testing6. Implementation and Maintenance

If u want answer in Testing terms means STLC, designing test includes preparing Test Strategy, Test Plan and Test Case documents, and testing means executing the test cases and generating Test Reports.

Designing the application as per the requirements Designing the application is nothing but deriving the functional flow, alternative flow, How many modules that we are handling, data flow etc.

Two types of designs are there:

LLD - Low Level Design Documentation : This level deals with lower level modules. The flow of diagram handled here is data Flow Diagram. Developers handle this Level.

In this designing team will divide the total application into modules and they will derive logic for each module.

HLD - High Level Design Documentation: This level deals with higher level modules. The flow of diagram handled here is ER - Entity Relationship. Both Developers and Testers handle this Level.

In this designing team will prepare functional architecture i.e. Functional flow.

Coding: writing the source code as per the LLD to meet customer requirements.

DIFFERENCE B/W SMOKE & SANITY TESTING:

SMOKE TESTING:

Set of the test cases which we getting a new build when we execute the application. Smoke testing is verified whether the build is testable or not. Testers can reject the application.

SANITY TESTING:

It is also a set of test cases which is testing major and critical functionality of the application.

It is one time testing process.

What is Smoke Testing?

A quick-and-dirty test that the major functions of a piece of software work. Originated in the hardware testing practice of turning on a new piece of hardware for the first time and considering it a success if it does not catch on fire.

Skim Testing:

Skim Testing A testing technique used to determine the fitness of a new build or release.

Mutation testing: (or Mutation analysis or Program mutation) is a method of software testing, which involves modifying programs' source code or byte code in small ways.[1] A test suite that does not detect and reject the mutated code is considered defective. These so-called mutations, are based on well-defined mutation operators that either mimic typical programming errors (such as using the wrong operator or variable name) or force the creation of valuable tests (such as driving each expression to zero). The purpose is to help the tester develop effective tests or locate weaknesses in the test data used for the program or in sections of the code that are seldom or never accessed during execution.

What is Branch Testing?

Testing in which all branches in the program source code are tested at least once.

What is security testing

testing how well the system protects against unauthorized internal or external access, willful damage, etc?

OR

Security testing is the process that determines that confidential data stays confidential

How do you debug an ASP.NET Web application?

Attach the aspnet_wp.exe process to the DbgClr debugger.

What is Backus-Naur Form?

A Meta language used to formally describe the syntax of a language.

Difference between Test Efficiency Vs Test Effectiveness

I've seen that many test engineers are confused with the understanding of Software Test Efficiency and Software Test Effectiveness. Below is the summary of what I understand from Efficiency and Effectiveness.

Software Test Efficiency:

a. It is internal in the organization how much resources were consumed how much of these resources were utilized.

b. Software Test Efficiency is number of test cases executed divided by unit of time (generally per hour).

c. Test Efficiency test the amount of code and testing resources required by a program to perform a particular function.

Here are some formulas to calculate Software Test Efficiency (for different factors):

Test efficiency = (total number of defects found in unit+integration+system) / (total number of defects found in unit+integration+system+User acceptance testing).

Testing Efficiency = (No. of defects Resolved / Total No. of Defects Submitted)* 100

Software Test Effectiveness:

Software Test Effectiveness covers three aspects:

How much the customer's requirements are satisfied by the system. How well the customer specifications are achieved by the system. How much effort is put in developing the system.

Software Test Effectiveness judge the Effect of the test environment on the application.

Here are some formulas to calculate Software Test Effectiveness (for different factors):

Test effectiveness = Number of defects found divided by number of test cases executed.

Test effectiveness = (total number of defects injected +total number of defect found) / (total number of defect escaped)* 100

Test Effectiveness = Loss due to problems / Total resources processed by the system

What is quality assurance?

Software QA involves the entire software development PROCESS - monitoring and improving the process, making sure that any agreed-upon standards and procedures are followed, and ensuring that problems are found and dealt with. It is oriented to 'prevention'.

What is the difference between QA and testing?

Testing involves operation of a system or application under controlled conditions and evaluating the results. It is oriented to 'detection'.

Software QA involves the entire software development PROCESS - monitoring and improving the process, making sure that any agreed-upon standards and procedures are followed, and ensuring that problems are found and dealt with. It is oriented to 'prevention'.

FRONT END & BACKEND TESTING

Front end testing is testing GUI and functionality.

Back-end focuses on data stored in the database.

WHAT IS SOAK TESTING

Running a system at high load for a prolonged period of time. For example, running several times more transactions in an entire day (or night) than would be expected in a busy day, to identify and performance problems that appear after a large number of transactions have been executed.

Describe the Software Development Life Cycle

It includes aspects such as initial concept, requirements analysis, functional design, internal design, documentation planning, test planning, coding, document preparation, integration, testing, maintenance, updates, retesting, phase-out, and other aspects.

What are SDLC and STLC and the different phases of both?

SDLC

Requirement phase Design phase (HLD, DLD (Program spec)) Coding Testing Release Maintenance

STLC

System Study Test planning Writing Test case or scripts Review the test case Executing test case Bug tracking Report the defect

STLC

Every testing project has to follow the waterfall model of the testing process.

The waterfall model is as given below:

Test Strategy & Planning Test Design Test Environment setup Test Execution Defect Analysis & Tracking Final Reporting

According to the respective projects, the scope of testing can be tailored, but the process mentioned above is common to any testing activity.

Software Testing has been accepted as a separate discipline to the extent that there is a separate life cycle for the testing activity. Involving software testing in all phases of the software development life cycle has become a necessity as part of the software quality assurance process. Right from the Requirements study till the implementation, there needs to be testing done on every phase. The V-Model of the Software Testing Life Cycle along with the Software Development Life cycle given below indicates the various phases or levels of

testing.

DIFFERENCE BETWEEN STLC AND SDLC?

STLC is software test life cycle it starts with:

Preparing the test strategy. Preparing the test plan. Creating the test environment. Writing the test cases. Creating test scripts. Executing the test scripts. Analyzing the results and reporting the bugs. Doing regression testing. Test exiting.

SDLC is software or system development life cycle, phases are:

Project initiation Requirement gathering and documenting Designing Coding and unit testing Integration testing System testing Installation and acceptance testing Support or maintenance

SCM and SQA will follow throughout the cycle.

Waterfall Model

Requirement Analysis -> Design -> Coding and Unit testing -> Functional testing -> Maintenance

What is a Test bed?

Test Bed is an execution environment configured for software testing. It consists of specific hardware, network topology, Operating System, configuration of the product to be under test, system software and other applications. The Test Plan for a project should be developed from the test beds to be used.

What is a Test data?

Test Data is that run through a computer program to test the software. Test data can be used to test the compliance with effective controls in the software.

Why does software have bugs?

Miscommunication or no communication about the details of what an application should or shouldn't do

Programming errors in some cases the programmers can make mistakes.

Changing requirements there are chances of the end-user not understanding the effects of changes, or may understand and request them anyway to redesign, rescheduling of engineers, effects of other projects, work already completed may have to be redone or thrown out.

Time force - preparation of software projects is difficult at best, often requiring a lot of guesswork. When deadlines are given and the crisis comes, mistakes will be made.

What is the Difference between Bug, Error and Defect?

Bug: It is found in the development environment before the product is shipped to the respective customer.

Defect: It is found in the product itself after it is shipped to the respective customer's

Error: It is the Deviation from actual and the expected value.

Difference between defect, error, bug, failure and fault

Error: A discrepancy between a computed, observed, or measured value or condition and the true, specified, or theoretically correct value or condition. See: anomaly, bug, defect, exception, and fault.

Failure: The inability of a system or component to perform its required functions within specified performance requirements. See: bug, crash, exception, fault.

Bug: A fault in a program which causes the program to perform in an unintended or unanticipated manner. See: anomaly, defect, error, exception, fault.

Fault: An incorrect step, process, or data definition in a computer program which causes the program to perform in an unintended or unanticipated manner. See: bug, defect, error, exception.

Defect: Mismatch between the requirements.

What is the difference between structural and functional testing?

Structural testing is a "white box" testing and it is based on the algorithm or code.

Functional testing is a "black box" (behavioral) testing where the tester verifies the functional specification.

Describe bottom-up and top-down approaches

Bottom-up approach: In this approach testing is conducted from sub module to main module, if the main module is not developed a temporary program called DRIVERS is used to simulate the main module.

Top-down approach: In this approach testing is conducted from main module to sub module. If the sub module is not developed a temporary program called STUB is used for simulate the sub module.

What is Re- test? What is Regression Testing?

Re-test - Retesting means we testing only the certain part of an application again and not considering how it will effect in the other part or in the whole application.

Regression Testing - Testing the application after a change in a module or part of the application for testing that is the code change will affect rest of the application.

Explain Load, Performance and Stress Testing with an Example.

Load Testing and Performance Testing are commonly said as positive testing where as Stress Testing is said to be as negative testing.

Say for example there is an application which can handle 25 simultaneous user logins at a time. In load testing we will test the application for 25 users and check how application is working in this stage, in performance testing we will concentrate on the time taken to perform the operation. Where as in stress testing, we will test with more users than 25 and the test will continue to any number and we will check where the application is cracking.

What is UAT testing? When it is to be done?

UAT stands for 'User acceptance Testing. This testing is carried out with the user perspective and it is usually done before the release.

1. Every System Menu should have Exit/close option.2. OK and Cancel Buttons should exist.3. All labels should start with capital alphabets.4. Alignment of all controls must be same.5. All controls must be visible.6. All labels must not overlap

The above six are called as Microsoft six rules standard for user Interface testing. These are very important in GUI testing.

What is Vulnerability Testing?

In computer security, the term "vulnerability is a weakness which allows an attacker to reduce a system's Information Assurance". Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To be vulnerable, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface.

A security risk may be classified as vulnerability. Vulnerability with one or more known

instances of working and fully-implemented attacks is classified as an exploit. The window of vulnerability is the time from when the security hole was introduced or manifested in deployed software, to when access was removed, a security fix was available/deployed, or the attacker was disabled.

DIFFERENCE BETWEEN FUNCTIONAL TESTING AND GUI FUNCTIONAL TESTING?

Functional Testing: Testing the functionality of the Application i.e., (suppose click on login button in login screen it goes to next page or not)

GUI Functional Testing: Testing the GUI objects along with Functionality.

GUI testing or UI testing is user interface testing. That is, testing how the application and the user interact. This includes how the application handles keyboard and mouse input and how it displays screen text, images, buttons, menus, dialog boxes, icons, toolbars and more.

Functional Testing is done with the intent to identify errors related to the functionality of the Application under test.

WHAT IS GUI TESTING?

To check whether all the functionalities are working properly or not. It is simply we can say Look And Feel.

In Security testing, what does u mean by:

1. Encryption 2. Authentication 3. Authorization

Encryption: Encryption is the conversion of data into a form, called a cipher text that cannot be easily understood by unauthorized people.

Authentication: It is the process of establishing the claimed identity of an individual, a device, an object, a system, a component or a process; that claims to be.

Authorization: It is a process of granting access rights to an individual, a device, an object, a system, a component or a process over finite resources for a specific period of time.

Localization testing and internationalization testing are comes into black box testing or white box testing

Black box testing

PENETRATION TESTING

A penetration test is a method of evaluating the security of a computer system or network by simulating an attack by a malicious user, known as a cracker (though often incorrectly referred to as a hacker). The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of a

penetration test is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered.

Vulnerabilities and risks in your web applications Known and unknown vulnerabilities (0-day) to combat against the threat until your

security vendor provide the appropriate solution. Technical vulnerabilities: URL manipulation, SQL injection, cross site scripting, back-

end authentication, password in memory, session hijacking (cookies should not be stored in browser or it should be in encrypted format), buffer overflow, web server configuration, credential management etc)

Business Risks: Day-to-Day threat analysis, unauthorized logins, Personal information modification, pricelist modification, unauthorized funds transfer, breach of customer trust etc.

Baseline Testing

SRS is the baseline of testing.Validating documents and specifications on which test cases would be designed is baseline testing. Requirement specification validation is baseline testing.

OR

The point at which some deliverable produced during the software engineering process is put under formal change control.

Volume Testing

Volume Testing belongs to the group of non-functional tests, which are often misunderstood and/or used interchangeably. Volume testing refers to testing a software application for a certain data volume. This volume can in generic terms be the database size or it could also be the size of an interface file that is the subject of volume testing. For example, if you want to volume test your application with a specific database size, you will explode your database to that size and then test the application's performance on it.

Another example could be when there is a requirement for your application to interact with an interface file (could be any file such as .dat, .xml); this interaction could be reading and/or writing on to/from the file. You will create a sample file of the size you want and then test the application's functionality with that file to check performance.

WEB TESTING

Web Applications are more popular because they support more clients, no client side installation & are accessible from any where.

Types of Web Applications

1. Web Sites2. Web Portals3. Web Applications

Browser

It is a Software Application, which retrieves, and Presents information in text, image and voice like different file formats. The browser is the viewer of a Web Site.

Popular Browsers:

1. Internet Explorer = 2.0,3.0,4.0,5.0,6.0,7.0,8.0,9.0,10.02. Mozilla Firefox = 0.8, 0.9, 0.9.1, 0.9.2, 0.9.3, 1.0, 1.0.1 to 1.0.8, 1.5, 1.5.0.1 to

1.5.0.12, 2.0, 2.0.0.2 to 2.0.0.20, 3, 3.0.1 to 3.0.18, 3.6, 3.6.2 to 3.6.16, 4.0 (Beta1) to 4.0 (Beta 12), 4.0 (RC1), 4.0 (RC2), 4.0

3. Chrome =2, 3, 4,5,6,8,9,10.0 4. Safari For MAC Machine = 1.0,1.2,1.3.1,1.3.2,2.0.1,3.1.1,3.2.3,4.0,4.0.5(Leopard),

Safari 4.0.5 (Snow Leopard), Safari 4.0.5 (Tiger), Safari 4.1 (Tiger), Safari 4.1.2 (Tiger), Safari 4.1.3 (Tiger), Safari 5.0.2 (Leopard), Safari 5.0.2 (Snow Leopard), Safari 5.0.3 (Leopard), Safari 5.0.3 (Snow Leopard)

5. Opera = 8.02, 8.51, 8.54, 9.0,9.21, 9.27, 9.52, 9.64, 10.0,10.01, 10.10, 10.50, 10.51,10.52,

6. Maxthon = 7. Netscape Navigator =

Web Technologies

HTML (Hyper Text Markup Language). For displaying web pages XML (Extensible Markup Language). For transporting the Data Java Script. for Client Side Validations VB Script. for Server side Validations IIS, Apache, Tomcat. as Web servers JBoss, WebLogic, WebSphere - as Application Servers Java, C#.NET, VB.NET, VC++.NET for Components development SQL Server, Oracle, MySQL as Database Servers HTTP, SOAP . as Protocols / Web Services

Web Testing Checklist

1. Functionality Testing2. Usability testing3. Interface testing4. Compatibility testing5. Performance testing6. Cookie Testing7. Security Testing

Cookie Testing

What is Cookie?

Cookie is small piece of information stored in text file by web server. This information is later used by web browser.

Generally cookie contains personalized user data or information that is used to communicate between different web pages.

Why Cookies are used?

Cookies save the user.s identity and used to track where the user navigated throughout the web site pages. The communication between web browser and web server is stateless.

Whenever user visits the site or page small code inside that HTML page writes a text file on users machine called cookie.

Example:

Set-Cookie: NAME=VALUE; expires=DATE;path=PATH: domain=DOMAIN_NAME;

Types of Cookies

There are 2 types of cookies

1. Session cookies: This cookie is active till the browser that invoked the cookie is open. When we close the browser this session cookie gets deleted. Some time session of say 20 minutes can be set to expire the cookie.

2. Persistent cookies: The cookies that are written permanently on user machine and lasts for months or years.

Where cookies are stored?

The path where the cookies get stored depends on the browser.

Different browsers store cookie in different paths.

E.g. Internet explorer store cookies on path .C:\Documents and

Where are Cookies Used?

1. To implement shopping cart2. Personalized sites3. User tracking4. Marketing5. User sessions

Test Cases for Cookie Testing

The first obvious test case is to test if your application is writing cookies properly on disk.

1. As Cookie privacy policies make sure that no personal or sensitive data is stored in the cookie. 

2. If you have no option than saving sensitive data in cookie make sure data stored in cookie is stored in encrypted format. 

3. Make sure that there is no overuse of cookies on your site under test. Overuse of cookies will annoy users if browser is prompting for cookies more often and this could result in loss of site traffic and eventually loss of business. 

4. Disable the cookies from your browser settings: If you are using cookies on your site, your sites major functionality will not work by disabling the cookies. Then try to access the web site under test. Navigate through the site. See if appropriate messages are displayed to user like .For smooth functioning of this site make sure that cookies are enabled on your browser. There should not be any page crash due to

disabling the cookies. 

5. Accepts/Reject some cookies: The best way to check web site functionality is, not to accept all cookies. If you are writing 10 cookies in your web application then randomly accept some cookies say accept 5 and reject 5 cookies. For executing this test case you can set browser options to prompt whenever cookie is being written to disk. On this prompt window you can either accept or reject cookie. Try to access major functionality of web site. See if pages are getting crashed or data is getting corrupted. 

6. Delete cookie: Allow site to write the cookies and then close all browsers and manually delete all cookies for web site under test. Access the web pages and check the behavior of the pages. 

7. Corrupt the cookies: Corrupting cookie is easy. You know where cookies are stored. Manually edit the cookie in notepad and change the parameters to some vague values. Like alter the cookie content, Name of the cookie or expiry date of the cookie and see the site functionality. In some cases corrupted cookies allow to read the data inside it for any other domain. This should not happen in case of your web site cookies. Note that the cookies written by one domain say rediff.com can't be accessed by other domain say yahoo.com unless and until the cookies are corrupted and someone trying to hack the cookie data. 

8. Checking the deletion of cookies from your web application page:

Some times cookie written by domain say rediff.com may be deleted by same domain but by different page under that domain. This is the general case if you are testing some .action tracking. web portal. Action tracking or purchase tracking pixel is placed on the action web page and when any action or purchase occurs by user the cookie written on disk get deleted to avoid multiple action logging from same cookie. Check if reachingto your action or purchase page deletes the cookie properly and no more invalid actions or purchase get logged from same user. 

9. Cookie Testing on Multiple browsers: This is the important case to check if your web application page is writing the cookies properly on different browsers as intended and site works properly using these cookies. You can test your web application on Major used browsers like Internet explorer (Various versions), Mozilla Firefox, Netscape, Opera etc.  

10. If your web application is using cookies to maintain the logging state of any user then log in to your web application using some username and password. In many cases you can see the logged in user ID parameter directly in browser address bar. Change this parameter to different value say if previous user ID is 100 then make it 101 and press enter. The proper access message should be displayed to user and user should not be able to see other users account.

Security Testing

Security testing is the process that determines that confidential data stays confidential

What is .Vulnerability?

This is a weakness in the web application. The cause of such a .weakness. Can be bugs in the application, an injection (SQL/ script code) or the presence of viruses.

What is .URL manipulation?

Some web applications communicate additional information between the client (browser) and the server in the URL. Changing some information in the URL may sometimes lead to unintended behavior by the server.

What is .SQL injection?

This is the process of inserting SQL statements through the web application user interface into some query that is then executed by the server.What is .XSS (Cross Site Scripting)?

When a user inserts HTML/ client-side script in the user interface of a web application and this insertion is visible to other users, it is called XSS.

What is .Spoofing?

The creation of hoax look-alike websites or emails is called spoofing.

What is Change and configuration management repository?

In general every company maintains a common server to maintain all the deliverables from development and testing for future references, is called configuration repository

Change and configuration management can be accessed to the development people to save their development deliverables and Visual SourceSafe (VSS) like tool they used for version Control Test case database (TCDB) can be accessed to the testing people to store the deliverables like test plan, test cases document, test metrics and other summary reports

Defect repository can be accessed to both testers and developers, for required negotiation between testers and developers .Ex: Bugzilla, Ms Excel sheet, Problem reporting tool etc,

WHAT IS TESTLOG?

Either in manual or automation testing, the test engineer is running test cases batch by batch and in every batch tests by test. In this level-1 test execution, every test engineer is preparing "test log" document with results. Test log is nothing but a document which is maintaining 3 types of test results such as passed, failed and blocked.

S no, Test case id, Test case description, Status (passed, failed)

Test case document:

S no, Test case id, Test case description, input data, actual result, expected result and Status (passed, failed)

How can u do the performance testing?

To do performance testing there are tools like Load runner, Jmetre

What is the parameters u applies for doing functional testing?

In functional testing:

We validate each and every functionality in terms of changes in objects properties, Calculation domain, Correctness of output, Input domain coverage, Order of functionalities.

We test above domains with BVA and negative scenario.

What is non-functional testing?

After completion of successful functional testing on software build, the test engineers are concentrating on extra characteristics of that software testing. Such as user Interface testing, reliability testing and configuration testing...

Reliability testing

The purpose of reliability testing is to discover potential problems with the design as early as possible and, ultimately, provide confidence that the system meets its reliability requirements.

If there is more number of test cases, how can u pick up a selective test case?

If there are more no of test cases then we have to pick the test cases in terms of functionality i.e. priority (p0, p1, p2) p0 (high) for functional test case, p1 (medium) for non Functional except usability and p2 (low) for usability test cases. This according to test case format (IEEE 829).

What are the difference bug, error, and defect?

Bug: Discrepancy in the application functionality Error: Mistakes in coding Defect: Deviations from the requirements

Have u involved in reviews? What type reviews u done?

Yes I have involved in peer reviews which is conduct after implementing the test cases for the given module in these reviews we will discus the written test cases are Sufficient to validate the functionality of the module.

How Severity and Priority are related to each other?

Severity tells the seriousness/depth of the bug where as Priority tells which bug should rectify first.

Severity->Application point of view Priority->User point of view

What are the exact testing types you involved when testing the web application testing and client server application testing? Have u find difference in terms of testing?

Name three types of tests that should be automated.

1. Performance (Must)2. Functionality3. Data Driven. 4. Stress testing.5. Load testing.

6. Performance testing.7. Regression testing.

Tell me the test cases for a search and replace functionality in a Microsoft document (.doc)?

Open a already existing document with some content in it.

Case is replacing the word "testcase" with "TC"

1. Click on Edit menu tab and then click on Find.2. A editable window pops up with various tabs on it find, replace and go to (default

Find tab will be selected)3. Corresponding to "Find what?" there exists an edit box enter "testcase" in that and

click "find next" button.4. A pop-up message appears with message "Window finished searching the

document". Click OK button on this.5. Click Replace tab on this and in replace with edit box type "TC" and click "replace or

replace all" buttons based on your case.6. A pop-up message appears with appropriate message.

Combination of 2 or more points should be considered as test cases and tested Use Ctl+H for that.

It will give the feature of find n replace.

Can automation testing replace manual testing? it so, how?

Automation Testing cannot test the entire application. Only a part of the application can be automated but not full. and also automation is very costly to do and maintenance.

Need skilled persons to carry out automation.

What is bug life cycle?

1. Open stage: A defect originated by a tester 2. Assign: Raised defect assigned to Developer 3. Resolved stage: Developer provides the code fix for the bug and make it resolved 4. Closed stage: Tester re-tests the bug and closes it, if it's working. Otherwise he will

re-open the defect and it will go back to stage 1.

Types and Phases of Testing

SDLC Document QA DocumentSoftware Requirement Specification Requirement ChecklistDesign Document Design ChecklistFunctional Specification Functional ChecklistDesign Document & Functional Specs Unit Test Case DocumentsDesign Document & Functional Specs Integration Test Case DocumentsDesign Document & Functional Specs System Test Case DocumentsUnit / System / Integration Test Case Documents Regression Test Case DocumentsFunctional Specs, Performance Criteria Performance Test Case DocumentsSoftware Requirement Specification, Unit / System / Integration / Regression / Performance Test Case Documents

User Acceptance Test Case Documents.

Test Driver

Bottom-up approach: In this approach testing is conducted from sub module to main module, if the main module is not developed a temporary program called DRIVERS is used to simulate the main module.

Top-down approach: In this approach testing is conducted from main module to sub

module. If the sub module is not developed a temporary program called STUB is used for simulate the sub module.

In database testing, which are the things u used?

Database connectivity Domain Constraints Key constraints Using (JOINS)

What is way of writing test cases for database testing. For writing test cases in Database first one should define the project name, then module, Bug number, objective, steps/action undertaken, expected result, actual result, then status, priority and severity.

What are the types of test strategy?

A test strategy is an outline that describes the testing portion of the software development cycle. It is created to inform project managers, testers, and developers about some key issues of the testing process. This includes the testing objective, methods of testing new functions, total time and resources required for the project, and the testing environment.

The test strategy describes the test level to be performed. There are primarily three levels of testing: unit testing, integration testing, and system testing. In most software development organizations, the developers are responsible for unit testing. Individual testers or test teams are responsible for integration and system testing.

What kinds of testing have you done?

Comprehensive Testing: Testing happens in various levels.

Level 0: sanity testing/Build verification testing/Tester

Acceptance Testing Level 1: is comprehensive testing Level 2: is regression testing Level 3: is Acceptance testing

In level 0: all p0 testcases are executedLevel 1: All p0, p1 and p2 testcases as batchesLevel 2: selected p0, p1 and p2 testcases w.r.to modificationLevel 3: selected 0, p1, and p2 testcases w.r.to bug density

Comprehensive testing. After level 0 testing and selection of possible testcases for automation, test engineers concentrate on test suite and test set. Every test batch consists of a set of dependent testcases.during these test batch execution test engineers create test log document with these types of entries like no. of pass, failed and blocked. {During comprehensive test execution, test engineers are reporting mismatches to developers as defects. After resolution of the bug, developers release modified build to testers. Testers reexecute their test to ensure bug fix work and occurrences of side effects}. Is according to mind material.

IS V Model a Process model or a Technique?

Can V process/Technique if answer for above be implemented in Waterfall Model.

V model is one of the software development model where testing is done parallely with the application development.i.e When the development of application is in process test engg will test each and every out come document

For example: Consider a bank application consisting of three modules admin, banker and the customer. The development team has completed the admin module and working with banker module. At this stage the testing team will test the admin module while the developers are in process with the banker module i.e. before completing the whole application. This is the process of v-model. There can be changes in the application with v-model.

Waterfall model is used when requirement are clear and complete and for the small projects. Here we can't incorporate new changes in the application Test Strategy: This is high level document which defines the approach for testing the overall product.

Test planning: Test plan defines the specific information about how to drive, track and record the test efforts along entrance exit criteria, resource planning, risk and contingency plans, etc. Test planning also define the milestone and schedules to effectively manage the efforts and performance.

Different testing methodologies

There are three types of testing methodologies;

WHITE BOX TESTING-Testing structural part of an application. BLACK BOX TESTING-testing functionality of an application GREY BOX TESTING-mixture of WBT & BBT

TEST SUITE

Test suite (more formally known as a validation suite) is a collection of test cases that are intended to be used as input to a software program to show that it has some specified set of behaviors (i.e., the behaviors listed in its specification).

A test suite often also contains detailed instructions or goals for each collection of test cases and information on the system configuration to be used during testing. A group of test cases may also contain prerequisite states or steps, and descriptions of the following tests.

Collections of test cases are sometimes incorrectly termed a test plan. They may also be called a test script, or even a test scenario.

An executable test suite is a test suite that is ready to be executed. This usually means that there exists a test harness that is integrated with the suite and such that the test suite and the test harness together can work on a sufficiently detailed level to correctly communicate with the system under test (SUT).

What is Bidirectional Traceability and how it is achieved?

When requirements are traced to test cases and vice versa it is called bidirectional traceability.

What is bidirectional traceability?

In the Requirements Management (REQM) process area, specific practice 1.4 states,

"Maintain bidirectional traceability among the requirements and work products." Bidirectional traceability is the ability to trace both forward and backward (i.e., from requirements to end products and from end product back to requirements).

Typically, traceability identifies the origin of items (e.g., customer needs) and follows these same items as they travel through the hierarchy of the Work Breakdown Structure to the project teams and eventually to the customer. When the requirements are managed well, bidirectional traceability is achieved from the source requirements to lower-level requirements and selected work products and verifications and then back to their source. Such bidirectional traceability helps determine that all source requirements have been completely addressed and that all lower level requirements and selected work products can be traced to a valid source.

Where is system testing covered in CMMI for Development?

Examples of system testing are provided in SP 1.1 of the Verification process area and SP 1.1 of the Validation process area. However, system testing is not a term used in CMMI, since the terms "system" and "testing" can be interpreted in many ways.

The term "system" was not used in CMMI because of its multiple interpretations across disciplines. Instead of "system," the term "product" and "product component" were used for consistency and clarity. The terms "verification" or "validation" were used instead of "testing" since (1) testing can be either part of verification or validation, and (2) testing is only one method used for verification or validation.

What is Automation Test Framework?

A test automation framework is a set of assumptions, concepts, and practices that provide support for automated software testing. This article describes and demonstrates five basic frameworks.

1. The Test Script Modularity Framework

The test script modularity framework requires the creation of small, independent scripts that represent modules, sections, and functions of the application-under-test. These small scripts are then used in a hierarchical fashion to construct larger tests, realizing a particular test case. 

2. The Test Library Architecture Framework

The test library architecture framework is very similar to the test script modularity framework and offers the same advantages, but it divides the application-under-test into procedures and functions instead of scripts. This framework requires the creation of library files (SQABasic libraries, APIs, DLLs, and such) that represent modules, sections, and functions of the application-under-test. These library files are then called directly from the test case script. 

3. The Keyword-Driven or Table-Driven Testing Framework

Keyword-driven testing and table-driven testing are interchangeable terms that refer to an application-independent automation framework. This framework requires the development of data tables and keywords, independent of the test automation tool used to execute them and the test script code that "drives" the application-under-test and the data. Keyword-driven tests look very similar to manual test cases. In a keyword-driven test, the functionality of the application-under-test is documented in

a table as well as in step-by-step instructions for each test.

If we were to map out the actions we perform with the mouse when we test our Windows Calculator functions by hand, we could create the following table. The "Window" column contains the name of the application window where we're performing the mouse action (in this case, they all happen to be in the Calculator window). The "Control" column names the type of control the mouse is clicking. The "Action" column lists the action taken with the mouse (or by the tester) and the "Arguments" column names a specific control (1, 2, 3, 5, +, -, and so on). 

Window Control Action Arguments

Calculator Menu View, Standard

Calculator Pushbutton Click 1

Calculator Pushbutton Click +

Calculator Pushbutton Click 3

Calculator Pushbutton Click =

Calculator Verify Result 4

Calculator Clear

Calculator Pushbutton Click 6

Calculator Pushbutton Click -

Calculator Pushbutton Click 3

Calculator Pushbutton Click =

Calculator Verify Result 3

4. This table represents one complete test; more can be made as needed in order to represent a series of tests. Once you've created your data table(s), you simply write a program or a set of scripts that reads in each step, executes the step based on the keyword contained the Action field, performs error checking, and logs any relevant information. 

5. The Data-Driven Testing Framework

Data-driven testing is a framework where test input and output values are read from data files (datapools, ODBC sources, cvs files, Excel files, DAO objects, ADO objects, and such) and are loaded into variables in captured or manually coded scripts. In this framework, variables are used for both input values and output verification values. Navigation through the program, reading of the data files, and logging of test status and information are all coded in the test script.

This is similar to table-driven testing in that the test case is contained in the data file and not in the script; the script is just a "driver," or delivery mechanism, for the data. Unlike in table-driven testing, though, the navigation data isn't contained in the table structure. In data-driven testing, only test data is contained in the data files. 

6. The Hybrid Test Automation Framework

What Is a Test Strategy?

Why do a test strategy? The test strategy is the plan on how to approach testing. The purpose of a test strategy includes:

To obtain consensus of goals and objectives from stakeholders (e.g., management, developers, testers, customers, users)

To manage expectations from the beginning To be sure we're "headed in the right direction" To identify the types of tests to be conducted at all test levels A test strategy provides an overall perspective of testing, and identifies or

references: Project plans, risks, and requirements Relevant regulations, policies, or directives Required processes, standards, and templates Supporting guidelines Stakeholders and their test objectives Test resources and estimates Test levels and phases Test environment Completion criteria for each phase Required test documentation and review methods

What is a test strategy?

Answer:

A test strategy must address the risks and present a process that can reduce those risks.

The two components of Test strategy are:

a. Test Factor: The risk of issue that needs to be addressed as a part of the test strategy. Factors that are to be addressed in testing a specific application system will form the test factor.

b. Test phase: The phase of the systems development life cycle in which testing will occur.

WHAT IF THERE ISN'T ENOUGH TIME FOR THOROUGH TESTING

Here are some points to be considered when you are in such a situation:

1. Find out Important functionality is your project?2. Find out High-risk module of the project?3. Which functionality is most visible to the user?4. Which functionality has the largest safety impact?5. Which functionality has the largest financial impact on users?6. Which aspects of the application are most important to the customer?7. Which parts of the code are most complex, and thus most subject to errors?8. Which parts of the application were developed in rush or panic mode?9. What do the developers think are the highest-risk aspects of the application?10. What kinds of problems would cause the worst publicity?11. What kinds of problems would cause the most customer service complaints?12. What kinds of tests could easily cover multiple functionalities?

When to stop testing?

Answer:

a. When all the requirements are adequately executed successfully through test casesb. Bug reporting rate reaches a particular limitc. The test environment no more exists for conducting testingd. The scheduled time for testing is overe. The budget allocation for testing is over

Your company is about to roll out an E-Commerce application. It is not possible to test the application on all types of browsers on all platforms and operating systems. What steps would you take in the testing environment to reduce the business risks and commercial risks?

Answer:

Compatibility testing should be done on all browsers (IE, Netscape, Mozilla etc.) across all the operating systems (win 98/2K/NT/XP/ME/Unix etc.)

What's the difference between priority and severity?

Answer:

"Priority" is associated with scheduling, and "severity" is associated with standards.

"Priority" means something is afforded or deserves prior attention; precedence established by order of importance (or urgency). "Severity" is the state or quality of being severe;

severe implies adherence to rigorous standards or high principles and often suggests harshness; severe is marked by or requires strict adherence to rigorous standards or high principles, e.g. a severe code of behavior. The words priority and severity do come up in bug tracking. A variety of commercial, problem tracking management software tools are available. These tools, with the detailed input of software test engineers, give the team complete information so developers can understand the bug, get an idea of its 'severity', reproduce it and fix it. The fixes are based on project 'priorities' and 'severity' of bugs. The 'severity' of a problem is defined in accordance to the customer's risk assessment and recorded in theirselected tracking tool. Buggy software can 'severely' affect schedules, which, in turn can lead to a reassessment and renegotiation of 'priorities'.

Your manager has taken you onboard as a test lead for testing a web-based application. He wants to know what risks you would include in the Test plan. Explain each risk factor that would be a part of your test plan.

Answer:

Web-Based Application primary risk factors:-

a. Security :- anything related to the security of the application.b. Performance :- The amount of computing resources and code required by the

system to perform its stated functions.c. Correctness :- Data entered, processed, and outputted in the system is accurate

and completed. Access Control :- Assurance that the application system resources will be protectede. Continuity of processing :- The ability to sustain processing in the event problem

occursf. Audit Trail :- The capability to substantiate the processing that has occurred.g. Authorization :- Assurance that the data is processed in accordance with the

intents of the management.

General risk or secondary risk's:-

a. Complex :- anything disproportionately large, intricate or convoluted.b. New :- anything that has no history in the product.c. Changed :- anything that has been tampered with or "improved".d. Upstream Dependency :- anything whose failure will cause cascading failure in the

rest of the system.e. Downstream Dependency :- anything that is especially sensitive to failures in the

rest of the system.f. Critical :- anything whose failure could cause substantial damage.g. Precise :- anything that must meet its requirements exactly.h. Popular :- anything that will be used a lot.i. Strategic :- anything that has special importance to your business, such as a feature

that sets you apart from the competition.j. Third-party :- anything used in the product, but developed outside the project.k. Distributed :- anything spread out in time or space, yet whose elements must work

together.l. Buggy :- anything known to have a lot of problems.m. Recent Failure :- anything with a recent history of failure.

What is parallel testing and when do we use parallel testing? Explain with example?

Answer:

Testing a new or an altered data processing system with the same source data that is used in another system. The other system is considered as the standard of comparison. OR we can say that parallel testing requires the same input data be run through two versions of the same application.

Parallel testing should be used when there is uncertainty regarding the correctness of processing of the new application. And old and new versions of the applications are same.

E.g.-

1. Operate the old and new version of the payroll system to determine that the paychecks from both systems are reconcilable.

2. Run the old version of the application system to ensure that the operational status of the old system has been maintained in the event that problems are encountered in the new application.

What is the difference between testing Techniques and tools? Give examples.

Answer:

Testing technique :- Is a process for ensuring that some aspects of the application system or unit functions properly there may be few techniques but many tools.

Tools :- Is a vehicle for performing a test process. The tool is a resource to the tester, but itself is insufficient to conduct testing.

E.g. :- The swinging of hammer to drive the nail. The hammer is a tool, and swinging the hammer is a technique. The concept of tools and technique is important in the testing process. It is a combination of the two that enables the test process to be performed. The tester should first understand the testing techniques and then understand the tools that can be used with each of the technique.

Differentiate between Transaction flow modeling, Finite state modeling, Data flow modeling and Timing modeling?

Answer:

Transaction Flow modeling :-The nodes represent the steps in transactions. The links represent the logical connection between steps.

Finite state modeling :-The nodes represent the different user observable states of the software. The links represent the transitions that occur to move from state to state.

Data flow modeling :-The nodes represent the data objects. The links represent the transformations that occur to translate one data object to another.

Timing Modeling :-The nodes are Program Objects. The links are sequential connections between the program objects. The link weights are used to specify the required execution times as program executes.

What is SEI? CMM? ISO? IEEE? ANSI?

SEI = 'Software Engineering Institute' at Carnegie-Mellon University; initiated by the U.S. Defense Department to help improve software development processes.

CMM = 'Capability Maturity Model', developed by the SEI. It's a model of 5 levels of organizational 'maturity' that determine effectiveness in delivering quality software. It is geared to large organizations such as large U.S. Defense Department contractors. However, many of the QA processes involved are appropriate to any organization, and if reasonably applied can be helpful. Organizations can receive CMM ratings by undergoing assessments by qualified auditors.

Level 1 - characterized by chaos, periodic panics, and heroic efforts required by individuals to successfully complete projects. Few if any processes in place; successes may not be repeatable.

Level 2 - software project tracking, requirements management, realistic planning, and configuration management processes are in place; successful practices can be repeated.

Level 3 - standard software development and maintenance processes are integrated throughout an organization; a Software Engineering Process Group is in place to oversee software processes, and training programs are used to ensure understanding and compliance.

Level 4 - metrics are used to track productivity, processes, and products. Project performance is predictable, and quality is consistently high.

Level 5 - the focus is on continuous process improvement. The impact of new processes and technologies can be predicted and effectively implemented when required.

ISO = 'International Organization for Standards' - The ISO 9001, 9002, and 9003 standards concern quality systems that are assessed by outside auditors, and they apply to many kinds of production and manufacturing organizations, not just software. The most comprehensive is 9001, and this is the one most often used by software development organizations. It covers documentation, design, development, production, testing, installation, servicing, and other processes. ISO 9000-3 (not the same as 9003) is a guideline for applying ISO 9001 to software development organizations. The U.S. version of the ISO 9000 series standards is exactly the same as the international version, and is called the ANSI/ASQ Q9000 series. The U.S. version can be purchased directly from the ASQ (American Society for Quality) or the ANSI organizations. To be ISO 9001 certified, a third-party auditor assesses an organization, and certification is typically good for about 3 years, after which a complete reassessment is required. Note that ISO 9000 certification does not necessarily indicate quality products - it indicates only that documented processes are followed.

IEEE = 'Institute of Electrical and Electronics Engineers' - among other things, creates standards such as 'IEEE Standard for Software Test Documentation' (IEEE/ANSI Standard 829), 'IEEE Standard of Software Unit Testing (IEEE/ANSI Standard 1008), 'IEEE Standard for Software Quality Assurance Plans' (IEEE/ANSI Standard 730), and others.

ANSI = 'American National Standards Institute', the primary industrial standards body in the U.S.; publishes some software-related standards in conjunction with the IEEE and ASQ (American Society for Quality).

SOME MAJOR NEGATIVE TEST CASES TO BREAK THE SIGN UP PAGE:

1. See the limit of username field. I mean the data type of this field in DB and the field size. Try adding more characters to this field than the field size limit. See how application responds to this.

2. Repeat above case for number fields. Insert number beyond the field storage capacity. This is typically a boundary test.

3. For username field try adding numbers and special characters in various combinations. (Characters like!@#$ %^&*()_+}{":?><,./;'[]). If not allowed specific message should be displayed to the user.

4. Try above special character combination for all the input fields on your sign up page having some validations. Like Email address field, URL field validations etc.

5. Many applications crash for the input field containing ' (single quote) and " (double quote) examples field like: "Vijay's web". Try it in all the input fields one by one.

6. Try adding only numbers to input fields having validation to enter only characters and vice versa.

7. If URL validation is there then see different rules for url validation and add urls not fitting to the rules to observe the system behavior.

Example urls like: vijay.com/?q=vijay's!@#$ %^&*()_+}{":?><,./;'[]web_page. Also add urls containing http:// and https:// while inserting into url input box. 

8. If your sign up page is of some steps like step 1 step 2 etc. then try changing parameter values directly into browser address bar. Many times urls are formatted with some parameters to maintain proper user steps. Try altering all those parameters directly without doing anything actually on the sign up page.

9. Do some monkey testing manually or automating (i.e. Insert whatever comes in mind or random typing over keyboard) you will come up with some observations.

10. See if any page is showing JavaScript error either at the browser left bottom corner or enable the browser settings to display popup message to any JavaScript error.

White Box Testing is coverage of the specification in the code.

Code coverage:

An analysis method that determines which parts of the software have been executed (covered) by the test case suite and which parts have not been executed and therefore may require additional attention.

Code Coverage Analysis

1.1 Basis Path Testing

A testing mechanism proposed by McCabe whose aim is to derive a logical complexity measure of a procedural design and use this as a guide for defining a basic set of execution paths. These are test cases that exercise basic set will execute every statement at least once.

1.1.1 Flow Graph Notation

A notation for representing control flow similar to flow charts and UML activity diagrams.

1.1.2 Cyclomatic Complexity

The cyclomatic complexity gives a quantitative measure of 4the logical complexity. This value gives the number of independent paths in the basis set, and an upper bound for the number of tests to ensure that each statement is executed at least once. An independent path is any path through a program that introduces at least one new set of processing statements or a new condition (i.e., a new edge). Cyclomatic complexity provides upper bound for number of tests required to guarantee coverage of all program statements.

1.2 Control Structure testing

1.2.1 Conditions Testing

Condition testing aims to exercise all logical conditions in a program module. They may define:

Relational expression: (E1 op E2), where E1 and E2 are arithmetic expressions. Simple condition: Boolean variable or relational expression, possibly proceeded by

a NOT operator. Compound condition: composed of two or more simple conditions, Boolean

operators and parentheses. Boolean expression : Condition without Relational expressions.

1.2.2 Data Flow Testing

Selects test paths according to the location of definitions and use of variables.

1.2.3 Loop Testing

Loops fundamental to many algorithms. Can define loops as simple, concatenated, nested, and unstructured. Examples:

Note that unstructured loops are not to be tested . rather, they are redesigned.

Segment coverage: Ensure that each code statement is executed once. Branch Coverage or Node Testing: Coverage of each code branch in from all

possible was. Compound Condition Coverage: For multiple condition test each condition with

multiple paths and combination of different path to reach that condition. Basis Path Testing: Each independent path in the code is taken for testing. Data Flow Testing (DFT): In this approach you track the specific variables through

each possible calculation, thus defining the set of intermediate paths through the code.DFT tends to reflect dependencies but it is mainly through sequences of data manipulation. In short each data variable is tracked and its use is verified.

This approach tends to uncover bugs like variables used but not initialize, or declared but not used, and so on.

Path Testing: Path testing is where all possible paths through the code are defined and covered. It's a time consuming task.

Loop Testing: These strategies relate to testing single loops, concatenated loops, and nested loops. Independent and dependent code loops and values are tested by this approach.

Why we do White Box Testing?

To ensure:

That all independent paths within a module have been exercised at least once. All logical decisions verified on their true and false values. All loops executed at their boundaries and within their operational bounds internal

data structures validity.

Need of White Box Testing? To discover the following types of bugs: 

Logical error tend to creep into our work when we design and implement functions, conditions or controls that are out of the program

The design errors due to difference between logical flow of the program and the actual implementation

Typographical errors and syntax checking skills Required:

We need to write test cases that ensure the complete coverage of the program logic.

For this we need to know the program well i.e. we should know the specification and the code to be tested. Knowledge of programming languages and logic.

Limitations of WBT:

Not possible for testing each and every path of the loops in program. This means exhaustive testing is impossible for large systems.

This does not mean that WBT is not effective. By selecting important logical paths and data structure for testing is practically possible and effective.

BLACK BOX TESTING

Black box testing treats the system as a "black-box", so it doesn't explicitly use Knowledge of the internal structure or code. Or in other words the Test engineer need not know the internal working of the "Black box" or application.

Main focus in black box testing is on functionality of the system as a whole. The term 'behavioral testing' is also used for black box testing and white box testing is also sometimes called 'structural testing'. Behavioral test design is slightly different from black-box test design because the use of internal knowledge isn't strictly forbidden, but it's still discouraged.

Each testing method has its own advantages and disadvantages. There are some bugs that cannot be found using only black box or only white box. Majority of the application are tested by black box testing method. We need to cover majority of test cases so that most of the bugs will get discovered by black box testing.

Black box testing occurs throughout the software development and Testing life cycle i.e. in Unit, Integration, System, Acceptance and regression testing stages.

Tools used for Black Box testing:

Black box testing tools are mainly record and playback tools. These tools are used for regression testing that to check whether new build has created any bug in previous working application functionality. These record and playback tools records test cases in the form of some scripts like TSL, VB script, Java script, Perl.

Advantages of Black Box Testing

Tester can be non-technical. Used to verify contradictions in actual system and the specifications. Test cases can be designed as soon as the functional specifications are complete

Disadvantages of Black Box Testing

The test inputs needs to be from large sample space. It is difficult to identify all possible inputs in limited testing time. So writing test cases

is slow and difficult Chances of having unidentified paths during this testing

Methods of Black box Testing:

Graph Based Testing Methods:

Each and every application is build up of some objects. All such objects are identified and graph is prepared. From this object graph each object relationship is identified and test cases written accordingly to discover the errors.

Error Guessing:

This is purely based on previous experience and judgment of tester. Error Guessing is the art of guessing where errors can be hidden. For this technique there are no specific tools, writing the test cases that cover all the application paths.

Boundary Value Analysis:

Many systems have tendency to fail on boundary. So testing boundary values of application is important. Boundary Value Analysis (BVA) is a test Functional Testing technique where the extreme boundary values are chosen. Boundary values include maximum, minimum, just inside/outside boundaries, typical values, and error values.

Extends equivalence partitioning Test both sides of each boundary Look at output boundaries for test cases too Test min, min-1, max, max+1, typical values

BVA techniques:

1. Number of variablesFor n variables: BVA yields 4n + 1 test case.

2. Kinds of ranges

Generalizing ranges depends on the nature or type of variables.

Advantages of Boundary Value Analysis

Robustness Testing - Boundary Value Analysis plus values that go beyond the limits Min - 1, Min, Min +1, Nom, Max -1, Max, Max +1 Forces attention to exception handling

Limitations of Boundary Value Analysis

Boundary value testing is efficient only for variables of fixed values i.e. boundary.

Equivalence Partitioning:

Equivalence partitioning is a black box testing method that divides the input domain of a program into classes of data from which test cases can be derived.

How this partitioning is performed while testing:

1. If an input condition specifies a range, one valid and one two invalid classes are defined.

2. If an input condition requires a specific value, one valid and two invalid equivalence classes are defined.

3. If an input condition specifies a member of a set, one valid and one invalid equivalence class is defined.

4. If an input condition is Boolean, one valid and one invalid class is defined.

Comparison Testing:

Different independent versions of same software are used to compare to each other for testing in this method.

What is Impact analysis? How to do impact analysis in your project?

Impact analysis means when we r doing regressing testing at that time we are checking that the bug fixes r working properly, and by fixing these bug other components are working as

per their requirements are they got disturbed.

Which comes first test strategy or test plan?

Test strategy comes first and this is the high level document. And approach for the testing starts from test strategy and then based on this the test lead prepares the test plan.

What is the difference between web based application and client server application as a tester's point of view?

According to Tester's Point of view

1. Web Base Application (WBA) is a 3 tier application; Browser, Back end and Server. Client server Application (CSA) is a 2 tier Application; Front End, Back end.

2. In the WBA tester test for the Script error like java script error VB script error etc, that shown at the page. In the CSA tester does not test for any script error.

3. Because in the WBA once changes perform reflect at every machine so tester has less work for test. Whereas in the CSA every time application need to be install hence ,it maybe possible that some machine has some problem for that Hardware testing as well as software testing is needed.

What is the significance of doing Regression testing?

To check for the bug fixes. And this fix should not disturb other functionality. To ensure the newly added functionality or existing modified functionality or developer fixed bug arises any new bug or affecting any other side effect. This is called regression test and ensure already PASSED TEST CASES would not arise any new bug.

What are the diff ways to check a date field in a website?

There are different ways like:–

1. you can check the field width for minimum and maximum.2. If that field only take the Numeric Value then check it'll only take Numeric no other

type.3. If it takes the date or time then check for other.4. Same way like Numeric you can check it for the Character, Alpha Numeric and all.5. And the most Important if you click and hit the enter key then some time page may

give the error of JavaScript, that is the big fault on the page.6. Check the field for the Null value.

The date field we can check in different ways Positive testing: first we enter the date in given format.

What is Positive Testing ?

Testing aimed at showing software works. Also known as "test to pass".

What is Negative Testing?

Testing aimed at showing software does not work. Also known as "test to fail".

In negative testing, we check whether the application or system handles the exception properly or not. It is nothing but "Test to Break" testing.

What is the difference between QC and QA?

Quality assurance is the process where the documents for the product to be tested are verified with actual requirements of the customers. It includes inspection, auditing, code review, meeting etc. Quality control is the process where the product is actually executed and the expected behavior is verified by comparing with the actual behavior of the software under test. All the testing types like black box testing, white box testing comes under quality control. Quality assurance is done before quality control.

What is Gray Box Testing?

A combination of Black Box and White Box testing methodologies, testing a piece of software against its specification but using some knowledge of its internal workings.

Difference between smoke testing and sanity testing

Smoke Testing is non-exhaustive software testing, ascertaining that the most crucial functions of a program work, but not bothering with finer details. Sanity Testing is a cursory testing, it is performed whenever a cursory testing is sufficient to prove the application is functioning according to specifications. This level of testing is a subset of regression testing. It normally includes a set of core tests of basic GUI functionality to demonstrate connectivity to the database, application servers, printers, etc.

The difference between smoke and sanity testing is in smoke testing tester concentrate on the core functionality of the application whether it is working or not for further functionality.eg.build crash, environmental effect, networking etc.

Sanity testing basic functionalities are tested, eg.check boxes, radio buttons, text boxes, list boxes.

What is Ramp Testing?

Continuously raising an input signal until the system breaks down.

What is beta testing

testing when development and testing are essentially completed and final bugs and problems need to be found before final release. Typically done by end-users or others, not by programmers or testers.

What is alpha testing

testing of an application when development is nearing completion; minor design changes may still be made as a result of such testing. Typically done by end-users or others, not by programmers or testers.

What is Test Bed?

An execution environment configured for testing. May consist of specific hardware, OS, network topology, configuration of the product under test, other application or system software, etc. The Test Plan for a project should enumerate the test beds(s) to be used. What is a scenario?

A scenario defines the events that occur during each testing session. For example, a

scenario defines and controls the number of users to emulate, the actions to be performed, and the machines on which the virtual users run their emulations.

What is Gorilla Testing?

Testing one particular module, functionality heavily.

what is the difference between system testing and end to end testing. System testing is done with respect to the Application functionality by considering that system as a individual(internal functionality flow).

Where as in End to end testing we will verify the application end to end functional flow by considering all other integrated applications functionality (includes upstream and downstream systems connected to that particular application for which System Testing is completed as mentioned above).

What is Code Coverage?

An analysis method that determines which parts of the software have been executed (covered) by the test case suite and which parts have not been executed and therefore may require additional attention.

GLOBALIZATION TESTING

The goal of globalization testing is to detect potential problems in application design that could inhibit globalization. It makes sure that the code can handle all international support without breaking functionality that would cause either data loss or display problems. Globalization testing checks proper functionality of the product with any of the culture/locale settings using every type of international input possible.

Select a test platform

So, which operating system (OS) should you use for your international testing platform? The first choice should be your local build of Windows 2000 with a language group installed. For example, if you use the U.S. build of Windows 2000, install the East Asian language group.

MUI (Multilanguage User Interface) Windows 2000 - especially useful if your code implements multilingual UI and it must adjust to the UI settings of the OS. This approach is an easier implemented alternative to installing multiple localized versions of the OS. To further enhance multilingual support, Microsoft offers a separate Windows 2000 Multilanguage Version, which provides up to 24 localized language versions of the Windows user interface. 

Localized build of the target OS - German or Japanese are good choices. Remember it might be harder to work with them if you do not know the operating system's UI language. This approach does not have significant advantages over the solutions above.Execute tests

After the environment has been set for globalization testing, you must pay special attention to potential globalization problems when you run your regular test cases:  

Put greater importance on test cases that deal with the input/output of strings, directly or indirectly. 

Test data must contain mixed characters from East Asian languages, German, Complex Script characters (Arabic, Hebrew, Thai), and optionally, English. In some cases, there are limitations, such as the acceptance of characters that only match the culture/locale. It might be difficult to manually enter all of these test inputs if you do not know the languages in which you are preparing your test data. A simple Unicode text generator may be very helpful at this step.

Recognize the problems

The most serious globalization problem is functionality loss, either immediately (when a culture/locale is changed) or later when accessing input data (non-U.S. character input).

Some functionality problems are detectable as display problems:

Question marks (?) appearing instead of displayed text indicate problems in Unicode-to-ANSI conversion.

Random High ANSI characters (e.g., ¼, †, ‰, ‡, ¶) appearing instead of readable text indicate problems in ANSI code using the wrong code page.

The appearance of boxes, vertical bars, or tildes (default glyphs) [â–¡, |, ~] indicates that the selected font cannot display some of the characters.

It might be difficult to find problems in display or print results that require shaping, layout, or script knowledge. This test is language-specific and often cannot be executed without language expertise. On the other hand, your test may be limited to code inspection. If standard text-handling mechanisms are used to form and display output text, you may consider this area safe.

Another area of potential problems is code that fails to follow local conventions as defined by the current culture/locale. Make sure your application displays culture/locale-sensitive data (e.g., numbers, dates, time, currency, and calendars) according to the current regional settings of your computer.

LOCALIZATION TESTING

Localization translates the product UI and occasionally changes some initial settings to make it suitable for another region. Localization testing checks the quality of a product's localization for a particular target culture/locale. This test is based on the results of globalization testing, which verifies the functional support for that particular culture/locale. Localization testing can be executed only on the localized version of a product. Localizability testing does not test for localization quality.

The test effort during localization testing focuses on:

Areas affected by localization, such as UI and content Culture/locale-specific, language-specific, and region-specific areas

In addition, localization testing should include: 

Basic functionality tests Setup and upgrade tests run in the localized environment Plan application and hardware compatibility tests according to the product's target

region.

You can select any language version of Windows 2000 as a platform for the test.

However, you must install the target language support.The localization testing of the user interface and linguistics should cover items such as:  

Validation of all application resources Verification of linguistic accuracy and resource attributes Typographical errors Consistency checking of printed documentation, online help, messages, interface

resources, command-key sequences, etc. Confirmation of adherence to system, input, and display environment standards User interface usability Assessment of cultural appropriateness Checking for politically sensitive content

DATABASE TESTING

In DB testing we need to check for:

1. The field size validation 2. Check constraints. 3. Indexes are done or not (for performance related issues). 4. Stored procedures.5. The field size defined in the application is matching with that in the db.6. We can check whether all the data from the application is being inserted into the

database properly, or not imposes constraints on the data i.e. database integrity.7. Database testing is the test various things of data like its functioning, performance,

loading. It also checks and removes the data redundancy.8. Database testing can be done in two ways that is testing the backend end database

by inserting the values in the frontend application and seeing whether these had been inserted correctly r not and at the same time inserting the values in the backend database directly and seeing them in the frontend application.

9. we can retrieve the data by giving some select statements and at the same time insert them by insert statements in the database and check. Whether they are been effected or not.

10. In manual database testing we will type the query and see that the table is giving the same result or not.

HOW DO YOU DIFFERENTIATE BETWEEN TRUNCATE AND DELETE?

Truncate removes all the rows from the table and cannot be rollbacked, while delete removes all/specific rows from table and can be rollbacked. Also truncate resets the high water mark.

A common misconception is that they do the same thing. Not so. In fact, there are many differences between the two. DELETE is a logged operation on a per row basis. This means that the deletion of each row gets logged and physically deleted. You can DELETE any row that will not violate a constraint, while leaving the foreign key or any other constraints in place. TRUNCATE is also a logged operation, but in a different way. TRUNCATE logs the deallocation of the data pages in which the data exists. The deallocation of data pages means that your data rows still actually exist in the data pages, but the extents have been marked as empty for reuse. This is what makes TRUNCATE a faster operation to perform over DELETE. You cannot TRUNCATE a table that has any foreign key constraints. You will have to remove the constraints, TRUNCATE the table, and reapply the constraints.

The difference between the two is that the truncate command is a DDL operation and just moves the high water mark and produces a now rollback. The delete command, on the other hand, is a DML operation, which will produce a rollback and thus take longer to complete.

DESKTOP TESTING, CLIENT/SERVER TESTING, WEB TESTING

Desktop application runs on personal computers and work stations, so when you test the desktop application you are focusing on a specific environment. You will test complete application broadly in categories like GUI, functionality, Load, and backend i.e. DB.

In client server application you have two different components to test. Application is loaded on server machine while the application exe on every client machine. You will test broadly in categories like, GUI on both sides, functionality, Load, client-server interaction, backend. This environment is mostly used in Intranet networks. You are aware of number of clients and servers and their locations in the test scenario.

Web application is a bit different and complex to test as tester don't have that much control over the application. Application is loaded on the server whose location may or may not be known and no exe is installed on the client machine, you have to test it on different web browsers. Web applications are supposed to be tested on different browsers and OS platforms so broadly Web application is tested mainly for browser compatibility and operating system compatibility, error handling, static pages, backend testing and load testing.

Standards for Software Test Plans

Several standards suggest what a test plan should contain, including the IEEE.

The standards are:

IEEE standards:

829-1983 IEEE Standard for Software Test Documentation 1008-1987 IEEE Standard for Software Unit Testing 1012-1986 IEEE Standard for Software Verification & Validation Plans 1059-1993 IEEE Guide for Software Verification & Validation Plans

What is good code?

A code which is:

1. bug free 2. reusable3. independent 4. less complexity 5. well documented 6. easy to chage is called good code

What type of metrics would you use?

1. QAM: Quality AssuranceMatrix 2. TMM: Test ManagementMatrix 3. PCM: Process Compatibility Matrix

How involved where you with your Team Lead in writing the Test Plan?

As per my knowledge Test Member are always out of scope while preparing the Test Plan, Test Plan is a higher level document for Testing Team. Test Plan includes Purpose, scope, Customer/Client scope, schedule, Hardware, Deliverables and Test Cases etc.

Test plan derived from PMP (Project Management Plan). Team member scope is just go through TEST PLAN then they come to know what all are their responsibilities, Deliverable of modules.

Test Plan is just for input documents for every testing Team as well as Test Lead.

What processes/methodologies are you familiar with?

Methodology

1. Spiral methodology2. Waterfall methodology. these two are old methods.3. Rational unified processing. this is from I B M and4. Rapid application development. this is from Microsoft office.

What is globalization testing?

The goal of globalization testing is to detect potential problems in application design that could inhibit globalization. It makes sure that the code can handle all international support without breaking functionality that would cause either data loss or display problems.

What is migration testing?

Changing of an application or changing of their versions and conducting testing is migration testing.

Testing of programs or procedures used to convert data from existing systems for use in replacement systems.

What is UAT testing. When it is to be done?

UAT stands for 'User acceptance Testing' This testing is carried out with the user perspective and it is usually done before a release UAT stands for User Acceptance Testing. It is done by the end users along with testers to validate the functionality of the application. It is also called as Pre-Production testing.

==============DEFECT REPORTING AND BUG REPORTING===============

Defect Tracking: Find the defect either Manual or Automation tool.

Defect Reporting: Report Defect list, after finding a defect within module/project. It may report on Reporting tool or Excel and assign to Developer or Project managers. 

Defect Report Format on Excel:

1. Defect #: A Sequence number of defect. 2. Reported Date: Enter defect Submission date. 3. Status: New / Open/Reopen/ Close 4. Severity: High / Medium / Low 5. Priority: High / Medium / Low 6. References/URL:  Enter URL/ References where this defect found. 7. Defect Description: Enter Detail description of bug. 8. Method of Operation: Enter the steps simulating the bug. 9. Defect Category: Enter Type of defect. 10. Resolved by: Enter the name of the person who has been responsible for bug-fixing. 11. Reported by: Enter the name of the person who Track the bug. 12. Assign to: Name of PM 13. Resolved on: Date of solving 14. Remarks: Enter the comment

 

Defect Report Format on Reporting Tool (Team Web Access):

1. Title: Enter Defect Summary. 2. Status:

1. Assigned To: Name of PM 2. State: Active/Resolved/Reopen/ Close 3. Reason: Verified/Not fixed/Test failed (According to State)

3. Severity: Critical/ High / Medium / Low 4. Priority: 1,2,3,4 5. Detail: Enter Detail description of bug. 6. Test Case: detail description with expected/actual result. 7. Links: Add new linked work item which is related to other bug 8. Attachment:  Add screen shots & related documents.

Defect Submission Cycle: