1 Difference b/w System testing and Retesting
2 what is verification and validation in QC level
3 what is testing process of your company
4 What is mean by test scenario?
5 which document is send to the customer finally with product
6 what is retesting and regression testing
Low Priority and Low Severity: Any cosmetic or spell issues which is with in a paragraph or in the report (Not on cover page, heading, title).
Severity - Severity is how seriously the bug is impacting the application. its means here for every two weeks release will be there
1. What is the difference between Functional Requirement and Non-Functional Requirement?
The Functional Requirement specifies how the system or application SHOULD DO where in
Non Functional Requirement it specifies how the system or application SHOULD BE.
Some functional Requirements are
• Authentication
• Business rules
• Historical Data
• Legal and Regulatory Requirements
• External Interfaces
Some Non-Functional Requirements are
• Performance
• Reliability
• Security
• Recovery
• Data Integrity
• Usability
2. How Severity and Priority are related to each other?
• Severity- tells the seriousness/depth of the bug where as
• Priority- tells which bug should rectify first.
• Severity- Application point of view
• Priority- User point of view
3. Explain the different types of Severity?
1. User Interface Defect-Low
2. Boundary Related Defects-Medium
3. Error Handling Defects-Medium
4. Calculation Defects-High
5. Interpreting Data Defects-High
6. Hardware Failures& Problems-High
7. Compatibility and Intersystem defects-High
8. Control Flow defects-High
9. Load conditions (Memory leakages under load testing)-High
4. What is the difference between Priority and Severity?
The terms Priority and Severity are used in Bug Tracking to share the importance of a bug among the team and to fix it.
Severity: Is found in the Application point of view
Priority- Is found in the User point of view
Severity- (tells the seriousness/depth of the bug)
1. The Severity status is used to explain how badly the deviation is affecting the build.
2. The severity type is defined by the tester based on the written test cases and functionality.
Example
If an application or a web page crashes when a remote link is clicked, in this case clicking the remote link by an user is rare but the impact of application crashing is severe, so the severity is high and priority is low.
PRIORITY- (tells which bug should rectify first)
1. The Priority status is set by the tester to the developer mentioning the time frame to fix a defect. If High priority is mentioned then the developer has to fix it at the earliest.
2. The priority status is set based on the customer requirements.
Example
If the company name is misspelled in the home page of a website, then the priority is high and the severity is low to fix it.
Severity: Describes the bug in terms of functionality.
Priority: Describes the bug in terms of customer.
Few examples:
High Severity and Low Priority -> Application doesn't allow customer expected configuration.
High Severity and High Priority -> Application doesn't allow multiple user's.
Low Severity and High Priority -> No error message to prevent wrong operation.
Low Severity and low Priority -> Error message is having complex meaning.
Or
Few examples:
High Severity -Low priority
Supposing, you try the wildest or the weirdest of operations in a software (say, to be released the next day) which a normal user would not do and supposing this renders a run -time error in the application,the severity would be high. The priority would be low as the operations or the steps which rendered this error by most chances will not be done by a user.
Low Severity -High priority
An example would be- you find a spelling mistake in the name of the website which you are testing.Say, the name is supposed to be Google and its spelled there as 'Gaogle'. Though, it doesn't affect the basic functionality of the software, it needs to be corrected before the release. Hence, the priority is high.
High severity- High Priority
A bug which is a show stopper. i.e., a bug due to which we are unable to proceed our testing.An example would be a run time error during the normal operation of the software,which would cause the application to quit abruptly.
Low severity - low priority
Cosmetic bugs
What is Defect Severity?
A defect is a product anomaly or flaw, which is variance from desired product specification. The classification of defect based on its impact on operation of product is called Defect Severity.
5. What is Bucket Testing?
Bucket testing (also known as A/B Testing) is mostly used to study the impact of various product designs in website metrics, two simultaneous versions were run in a single or set of web pages to measure the difference in click rates, interface and traffic.
6. What is Entry and Exit Criteria in Software Testing?
Entry Criteria is the process that must be present when a system begins, like,
• SRS (Software Requirement Specification)
• FRS (Functional Requirement Specification)
• Usecase
• Test Case
• Test plan
Exit Criteria ensures whether testing is completed and the application is ready for release, like,
• Test Summary Report
• Metrics
• Defect Analysis report
7. What is Concurrency Testing?
Concurrency Testing (also commonly known as Multi User Testing) is used to know the effects of accessing the Application, Code Module or Database by different users at the same time.It helps in identifying and measuring the problems in Response time, levels of locking and deadlocking in the application.
Example
Load runner is widely used for this type of testing, Vugen (Virtual User Generator) is used to add the number of concurrent users and how the users need to be added like Gradual Ramp up or Spike Stepped.
8. Explain Statement coverage/Code coverage/Line Coverage?
Statement Coverage or Code Coverage or Line Coverage is a metric used in White Box Testing where we can identify the statements executed and where the code is not executed cause of blockage. In this process each and every line of the code needs to be checked and executed.
Some advantages of Statement Coverage / Code Coverage / Line Coverage are
• It verifies what the written code is expected to do and not to do.
• It measures the quality of code written.
• It checks the flow of different paths in the program also ensure whether those paths are tested or not.
To Calculate Statement Coverage,
Statement Coverage = Statements Tested / Total No. of Statements.
9. Explain Branch Coverage/Decision Coverage?
Branch Coverage or Decision Coverage metric is used to check the volume of testing done in all components. This process is used to ensure whether all the code is executed by verifying every branch or decision outcome (if and while statements) by executing atleast one time, so that no branches lead to the failure of the application.
To Calculate Branch Coverage,
Branch Coverage = Tested Decision Outcomes / Total Decision Outcomes.
10. What is the difference between High level and Low Level test case?
High level Test cases are those which cover major functionality in the application (i.e. retrieve, update display, cancel (functionality related test cases), database test cases).
Low level test cases are those related to User Interface (UI) in the application.
11. Explain Localization testing with example?
Localization is the process of changing or modifying an application to a particular culture or locale. This includes change in user interface, graphical designs or even the initial settings according to their culture and requirements.
In terms of Localization Testing it verifies how correctly the application is changed or modified into that target culture and language.
In case of translation required of the application on that local language, testing should be done on each field to check the correct translation. Other formats like date conversion, hardware and software usage like operating system should also be considered in localization testing.
Examples for Localization Testing are
In Islamic Banking all the transactions and product features are based on Shariah Law, some important points to be noted in Islamic Banking are
1. In Islamic Banking, the bank shares the profit and loss with the customer.
2. In Islamic Banking, the bank cannot charge interest on the customer; instead they charge a nominal fee which is termed as "Profit
3. In Islamic Banking, the bank will not deal or invest in business like Gambling, Alcohol, Pork, etc.
In this case, we need to test whether these Islamic banking conditions were modified and applied in the application or product.
In Islamic Lending, they follow both the Gregorian calendar and Hijiri Calendar for calculating the loan repayment schedule. The Hijiri Calendar is commonly called as Islamic Calendar followed in all the Muslim countries according to the lunar cycle. The Hijiri Calendar has 12 months and 354 days which is 11 days shorter than Gregorian calendar. In this case, we need to test the repayment schedule by comparing both the Gregorian calendar and Hijiri Calendar.
12. Explain Risk Analysis in Software Testing?
In Software Testing, Risk Analysis is the process of identifying risks in applications and prioritizing them to test.
In Software testing some unavoidable risk might takes place like
• Change in requirements or Incomplete requirements
• Time allocation for testing.
• Developers delaying to deliver the build for testing.
• Urgency from client for delivery.
• Defect Leakage due to application size or complexity.
To overcome these risks, the following activities can be done
• Conducting Risk Assessment review meeting with the development team.
• Profile for Risk coverage is created by mentioning the importance of each area.
• Using maximum resources to work on High Risk areas like allocating more testers for High risk areas and minimum resources for Medium and Low risk areas. Creation of Risk assessment database for future maintenance and management review.
13. What is the difference between Two Tier Architecture and Three Tier Architecture?
In Two Tier Architecture or Client/Server Architecture two layers like Client and Server is involved. The Client sends request to Server and the Server responds to the request by fetching the data from it. The problem with the Two Tier Architecture is the server cannot respond to multiple requests at the same time which causes data integrity issues.
The Client/Server Testing involves testing the Two Tier Architecture of user interface in the front end and database as backend with dependencies on Client, Hardware and Servers.
In Three Tier Architecture or Multi Tier Architecture three layers like Client, Server and Database are involved. In this the Client sends a request to Server, where the Server sends the request to Database for data, based on that request the Database sends back the data to Server and from Server the data is forwarded to Client.
The Web Application Testing involves testing the Three Tier Architecture including the User interface, Functionality, Performance, Compatibility, Security and Database testing.
14. What is the difference between Static testing and dynamic testing?
Static Testing (done in Verification stage)
Static Testing is a White Box testing technique where the developers verify or test their code with the help of checklist to find errors in it, this type of testing is done without running the actually developed application or program. Code Reviews, Inspections, Walkthroughs are mostly done in this stage of testing.
Dynamic Testing (done in Validation stage)
Dynamic Testing is done by executing the actual application with valid inputs to check the expected output. Examples of Dynamic Testing methodologies are Unit Testing, Integration Testing, System Testing and Acceptance Testing.
Some differences between Static Testing and Dynamic Testing are,
• Static Testing is more cost effective than Dynamic Testing because Static Testing is done in the initial stage.
• In terms of Statement Coverage, the Static Testing covers more areas than Dynamic Testing in shorter time.
• Static Testing is done before the code deployment where the Dynamic Testing is done after the code deployment.
• Static Testing is done in the Verification stage where the Dynamic Testing is done in the Validation stage.
15. Explain Use case diagram. What are the attributes of use cases?
Use Case Diagrams is an overview graphical representation of the functionality in a system. It is used in the analysis phase of a project to specify the system to be developed.
In Use Case Diagrams the whole system is defined as ACTORS, USE CASES and ASSOCIATIONS, the ACTORS are the external part of the system like users, computer software & hardware, USECASES is the behavior or functionality of the system when these ACTORS perform an action, the ASSOCIATIONS are the line drawn to show the connection between ACTORS and USECASES. One ACTOR can link too many USECASES and one USECASE can link too many ACTORS.
16. What is Web Application testing? Explain the different phases in Web Application testing?
Web Application testing is done on a website to check its load, performance, Security, Functionality, Interface, compatibility and other usability related issues. In Web application testing, three phases of testing is done, they are,
Web Tier Testing
In Web tier testing, the browser compatibility of the application will be tested for IE, Fire Fox and other web browsers.
Middle Tier Testing
In Middle tier testing, the functionality and security issues were tested.
Database Tier Testing
In Database tier testing, the database integrity and the contents of the database were tested and verified.
17. Explain Unit testing, Interface Testing and Integration testing. Also explain the types of integration testing in brief?
Unit testing
Unit Testing is done to check whether the individual modules of the source code are working properly. i.e. testing each and every unit of the application separately by the developer in developer's environment.
Interface Testing
Interface Testing is done to check whether the individual modules are communicating properly one among other as per the specifications.
Interface testing is mostly used in testing the user interface of GUI application.
Integration testing
Integration Testing is done to check the connectivity by combining all the individual modules together and test the functionality.
The types of Integration Testing are
1. Big Bang Integration Testing
In Big Bang Integration Testing, the individual modules are not integrated until all the modules are ready. Then they will run to check whether it is performing well.
In this type of testing, some disadvantages might occur like,
Defects can be found at the later stage.It would be difficult to find out whether the defect arouse in Interface or in module.
2. Top Down Integration Testing
In Top Down Integration Testing, the high level modules are integrated and tested first. i.e Testing from main module to sub module. In this type of testing, Stubs are used as temporary module if a module is not ready for integration testing.
3. Bottom Up Integration Testing
In Bottom Up Integration Testing, the low level modules are integrated and tested first i.e Testing from sub module to main module. Same like Stubs, here drivers are used as a temporary module for integration testing.
18. Explain Alpha, Beta, Gamma Testing?
Alpha Testing:
Alpha Testing is mostly like performing usability testing which is done by the in-house developers who developed the software or testers. Sometimes this Alpha Testing is done by the client or an outsider with the presence of developer and tester. The version release after alpha testing is called Alpha Release.
Beta Testing:
Beta Testing is done by limited number of end users before delivery, the change request would be fixed if the user gives feedback or reports defect. The version release after beta testing is called beta Release.
Gamma Testing:
Gamma Testing is done when the software is ready for release with specified requirements, this testing is done directly by skipping all the in-house testing activities.
19. Explain the methods and techniques used for Security Testing?
Security testing can be performed in many ways like,
1. Black Box Testing
2. White Box Testing
3. Database Testing
1. Black Box Testing
a. Session Hijacking
Session Hijacking commonly called as "IP Spoofing" where a user session will be attacked on a protected network.
b. Session Prediction
Session prediction is a method of obtaining data or a session ID of an authorized user and gets access to the application. In a web application the session ID can be retrieved from cookies or URL.
The session prediction happening can be predicted when a website is not responding normally or stops responding for an unknown reason.
c. Email Spoofing
Email Spoofing is duplicating the email header ("From" address) to look like originated from actual source and if the email is replied it will land in the spammers inbox. By inserting commands in the header the message information can be altered. It is possible to send a spoofed email with information you didn't write.
d. Content Spoofing
Content spoofing is a technique to develop a fake website and make the user believe that the information and website is genuine. When the user enters his Credit Card Number, Password, SSN and other important details the hacker can get the data and use if for fraud purposes.
e. Phishing
Phishing is similar to Email Spoofing where the hacker sends a genuine look like mail attempting to get the personal and financial information of the user. The emails will appear to have come from well known websites.
f. Password Cracking
Password Cracking is used to identify an unknown password or to identify a forgotten password
Password cracking can be done through two ways,
1. Brute Force – The hacker tries with a combination of characters within a length and tries until it is getting accepted.
2. Password Dictionary – The hacker uses the Password dictionary where it is available on various topics.
2. White Box level
a. Malicious Code Injection
SQL Injection is most popular in Code Injection Attack, the hacker attach the malicious code into the good code by inserting the field in the application. The motive behind the injection is to steal the secured information which was intended to be used by a set of users.
Apart from SQL Injection, the other types of malicious code injection are XPath Injection, LDAP Injection, and Command Execution Injection. Similar to SQL Injection the XPath Injection deals with XML document.
b. Penetration Testing:
Penetration Testing is used to check the security of a computer or a network. The test process explores all the security aspects of the system and tries to penetrate the system.
c. Input validation:
Input validation is used to defend the applications from hackers. If the input is not validated mostly in web applications it could lead to system crashes, database manipulation and corruption.
d. Variable Manipulation
Variable manipulation is used as a method for specifying or editing the variables in a program. It is mostly used to alter the data sent to web server.
3. Database Level
a. SQL Injection
SQL Injection is used to hack the websites by changing the backend SQL statements, using this technique the hacker can steal the data from database and also delete and modify it.
20. Explain IEEE 829 standards and other Software Testing standards?
An IEEE 829 standard is used for Software Test Documentation, where it specifies format for the set of documents to be used in the different stages software testing. The documents are,
Test Plan- Test Plan is a planning document which has information about the scope, resources, duration, test coverage and other details.
Test Design- Test Design document has information of test pass criteria with test conditions and expected results.
Test Case- Test case document has information about the test data to be used.
Test Procedure- Test Procedure has information about the test steps to be followed and how to execute it.
Test Log- Test log has details about the run test cases, test plans & fail status, order, and the resource information who tested it.
Test Incident Report- Test Incident Report has information about the failed test comparing the actual result with expected result.
Test Summary Report- Test Summary Report has information about the testing done and quality of the software, it also analyses whether the software has met the requirements given by customer.
The other standards related to software testing are,
IEEE 1008 is for Unit Testing
IEEE 1012 is for Software verification and validation
IEEE 1028 is for Software Inspections
IEEE 1061 is for Software metrics and methodology
IEEE 1233 is for guiding the SRS development
IEEE 12207 is for SLC process
21. What is Test Harness?
Test Harness is configuring a set of tools and test data to test an application in various conditions, which involves monitoring the output with expected output for correctness.
The benefits of Test Harness are,
• Productivity increase due to process automation.
• Quality in the application.
22. What is the difference between bug log and defect tracking?
Bug Log: Bug Log document showing the number of defect such as open, closed, reopen or deferred of a particular module
Defect Tracking- The process of tracking a defect such as symptom, whether reproducible /not, priority, severity and status.
23. What are Integration Testing and Regression Testing?
Integration Testing:
• Combining the modules together & construct software architecture.
• To test the communication & data flow
• White & Black box testing techniques are used
• It is done by developer & tester
Regression Testing
• It is re-execution of our testing after the bug is fixed to ensure that the build is free from bugs.
• Done after bug is fixed
• It is done by Tester
24. Explain Peer Review in Software Testing?
It is an alternative form of Testing, where some colleagues were invited to examine your work products for defects and improvement opportunities.
Some Peer review approaches are,
Inspection
It is a more systematic and rigorous type of peer review. Inspections are more effective at finding defects than are informal reviews.
Ex: In Motorola's Iridium project nearly 80% of the defects were detected through inspections where only 60% of the defects were detected through formal reviews.
Team Reviews: It is a planned and structured approach but less formal and less rigorous comparing to Inspections.
Walkthrough: It is an informal review because the work product's author describes it to some colleagues and asks for suggestions. Walkthroughs are informal because they typically do not follow a defined procedure, do not specify exit criteria, require no management reporting, and generate no metrics.
Or
A 'walkthrough' is an informal meeting for evaluation or informational purposes. Little or no preparation is usually required.
Pair Programming: In Pair Programming, two developers work together on the same program at a single workstation and continuously reviewing their work.
Peer Desk check
In Peer Desk check only one person besides the author examines the work product. It is an informal review, where the reviewer can use defect checklists and some analysis methods to increase the effectiveness.
Passaround: It is a multiple, concurrent peer desk check where several people are invited to provide comments on the product.
25. Explain Compatibility testing with an example?
Compatibility testing is to evaluate the application compatibility with the computing environment like Operating System, Database, Browser compatibility, backwards compatibility, computing capacity of the Hardware Platform and compatibility of the Peripherals.
Example
If Compatibility testing is done on a Game application, before installing a game on a computer, its compatibility is checked with the computer specification that whether it is compatible with the computer having that much of specification or not.
26. What is Traceability Matrix?
Traceability Matrix is a document used for tracking the requirement, Test cases and the defect. This document is prepared to make the clients satisfy that the coverage done is complete as end to end, this document consists of Requirement/Base line doc Ref No., Test case/Condition, Defects / Bug id. Using this document the person can track the Requirement based on the Defect id.
27. Explain Boundary value testing and Equivalence testing with some examples?
Boundary value testing is a technique to find whether the application is accepting the expected range of values and rejecting the values which falls out of range.
Exmple
A user ID text box has to accept alphabet characters ( a-z ) with length of 4 to 10 characters.
BVA is done like this, max value: 10 pass; max-1: 9 pass;
max+1=11 fail ;min=4 pass;min+1=5 pass;min-1=3 fail;
Like wise we check the corner values and come out with a conclusion whether the application is accepting correct range of values.
Equivalence testing is normally used to check the type of the object.
Example
A user ID text box has to accept alphabet characters (a - z) with length of 4 to 10 characters.
In +ve condition we have test the object by giving alphabets. i.e. a-z char only, after that we need to check whether the object accepts the value, it will pass.
In -ve condition we have to test by giving other than alphabets (a-z) i.e. A-Z, 0-9, blank etc, it will fail.
28. What is Security testing?
Security testing is the process that determines that confidential data stays confidential
Or
Testing how well the system protects against unauthorized internal or external access, willful damage, etc?
This process involves functional testing, penetration testing and verification.
29. What is Installation testing?
Installation testing is done to verify whether the hardware and software are installed and configured properly. This will ensure that all the system components were used during the testing process. This Installation testing will look out the testing for a high volume data, error messages as well as security testing.
30. What is AUT?
AUT is nothing but "Application Under Test". After the designing and coding phase in Software development life cycle, the application comes for testing then at that time the application is stated as Application Under Test.
31. What is Defect Leakage?
Defect leakage occurs at the Customer or the End user side after the application delivery. After the release of the application to the client, if the end user gets any type of defects by using that application then it is called as Defect leakage. This Defect Leakage is also called as Bug Leakage.
32. What are the contents in an effective Bug report?
1. Project
2. Subject
3. Description
4. Summary
5. Detected By (Name of the Tester)
6. Assigned To (Name of the Developer who is supposed to the Bug)
7. Test Lead (Name)
8. Detected in Version
9. Closed in Version
10. Date Detected
11. Expected Date of Closure
12. Actual Date of Closure
13. Priority (Medium, Low, High, Urgent)
14. Severity (Ranges from 1 to 5)
15. Status
16. Bug ID
17. Attachment
18. Test Case Failed (Test case that is failed for the Bug)
33. What is Error guessing and Error seeding?
Error Guessing is a test case design technique where the tester has to guess what faults might occur and to design the tests to represent them.
Error Seeding is the process of adding known faults intentionally in a program for the reason of monitoring the rate of detection & removal and also to estimate the number of faults remaining in the program.
34. What is Ad-hoc testing?
Ad hoc testing is concern with the Application Testing without following any rules or test cases.
For Ad hoc testing one should have strong knowledge about the Application.
35. What are the basic solutions for the software development problems?
1. Basic requirements- A clear, detailed, complete, achievable, testable requirement has to be developed. Use some prototypes to help pin down requirements. In nimble environments, continuous and close coordination with customers/end-users is needed.
2. Schedules should be realistic- enough time to plan, design, test, bug fix, re-test, change, and document in the given schedule. Adequate
3. testing- testing should be started early, it should be re-tested after the bug fixed or changed, enough time should be spend for testing and bug-fixing.
4. Proper study on initial requirements- be ready to look after more changes after the development has begun and be ready to explain the changes done to others. Work closely with the customers and end-users to manage expectations. This avoids excessive changes in the later stages.
5. Communication- conduct frequent inspections and walkthroughs in appropriate time period; ensure that the information and the documentation is available on up-to-date if possible electronic. More emphasize on promoting teamwork and cooperation inside the team; use prototypes and proper communication with the end-users to clarify their doubts and expectations.
36. What are the common problems in the software development process?
Inadequate requirements from the Client: if the requirements given by the client is not clear, unfinished and not testable, then problems may come.
Unrealistic schedules: Sometimes too much of work is being given to the developer and ask him to complete in a Short duration, then the problems are unavoidable.
Insufficient testing: The problems can arise when the developed software is not tested properly.
Given another work under the existing process: request from the higher management to work on another project or task will bring some problems when the project is being tested as a team.
Miscommunication: in some cases, the developer was not informed about the Clients requirement and expectations, so there can be deviations.
37. What is the difference between Software Testing and Quality Assurance (QA)?
Software Testing involves operation of a system or application under controlled conditions and evaluating the result. It is oriented to 'detection'.
Quality Assurance (QA) involves the entire software development PROCESS- monitoring and improving the process, making sure that any agreed-upon standards and procedures are followed, and ensuring that problems are found and dealt with. It is oriented to 'prevention'.
38. How to Test the water bottle?
Note: Before going to generate some test idea on how to test a water bottle, I would like to ask few questions like:
1. Is it a bottle made up off glass, plastic, rubber, some metal, some kind of disposable materials or any thing else?
2. Is it meant only to hot water or we can use it with other fluids like tea, coffee, soft drinks, hot chocolate, soups, wine, cooking oil, vinegar, gasoline, acids, molten lava (!) etc.?
3. Who is going to use this bottle? A school going kid, a housewife, some beverage manufacturing company, an office-goer, a sports man, a mob protesting in a rally (going to use as missiles), an Eskimo living in an igloo or an astronaut in a space ship?
These kinds of questions may allow a tester to know a product (that he is going to test) in a better way. In our case, I am assuming that the water bottle is in form of a pet bottle and actually made up off either plastic or glass (there are 2 versions of the product) and is intended to be used mainly with water. About the targeted user, even the manufacturing company is not sure about them! (Sounds familiar! When a software company develops a product without clear idea about the users who are going to use the software!)
Test Ideas
1. Check the dimension of the bottle. See if it actually looks like a water bottle or a cylinder, a bowl, a cup, a flower vase, a pen stand or a dustbin! [Build Verification Testing!]
2. See if the cap fits well with the bottle.[Installability Testing!]
3. Test if the mouth of the bottle is not too small to pour water. [Usability Testing!]
4. Fill the bottle with water and keep it on a smooth dry surface. See if it leaks. [Usability Testing!]
5. Fill the bottle with water, seal it with the cap and see if water leaks when the bottle is tilted, inverted, squeezed (in case of plastic made bottle)! [Usability Testing!]
6. Take water in the bottle and keep it in the refrigerator for cooling. See what happens. [Usability Testing!]
7. Keep a water-filled bottle in the refrigerator for a very long time (say a week). See what happens to the water and/or bottle. [Stress Testing!]
8. Keep a water-filled bottle under freezing condition. See if the bottle expands (if plastic made) or breaks (if glass made). [Stress Testing!]
9. Try to heat (boil!) water by keeping the bottle in a microwave oven! [Stress Testing!]
10. Pour some hot (boiling!) water into the bottle and see the effect. [Stress Testing!]
11. Keep a dry bottle for a very long time. See what happens. See if any physical or chemical deformation occurs to the bottle.
12. Test the water after keeping it in the bottle and see if there is any chemical change. See if it is safe to be consumed as drinking water.
13. Keep water in the bottle for sometime. And see if the smell of water changes.
14. Try using the bottle with different types of water (like hard and soft water). [Compatibility Testing!]
15. Try to drink water directly from the bottle and see if it is comfortable to use. Or water gets spilled while doing so. [Usability Testing!]
16. Test if the bottle is ergonomically designed and if it is comfortable to hold. Also see if the center of gravityof the bottle stays low (both when empty and when filled with water) and it does not topple down easily.
17. Drop the bottle from a reasonable height (may be height of a dining table) and see if it breaks (both with plastic and glass model). If it is a glass bottle then in most cases it may break. See if it breaks into tiny little pieces (which are often difficult to clean) or breaks into nice large pieces (which could be cleaned without much difficulty). [Stress Testing!] [Usability Testing!]
18. Test the above test idea with empty bottles and bottles filled with water. [Stress Testing!]
19. Test if the bottle is made up of material, which is recyclable. In case of plastic made bottle test if it is easily crushable.
20. Test if the bottle can also be used to hold other common household things like honey, fruit juice, fuel, paint, turpentine, liquid wax etc. [Capability Testing!]
39. What is Portlet Testing ?
Following are the features that should be concentrated while testing a portlet
i. Test alignment/size display with multiple style sheets and portal configurations. When you configure a portlet object in the portal, you must choose from the following alignments:
a. Narrow portlets are displayed in a narrow side column on the portal page. Narrow portlets must fit in a column that is fewer than 255 pixels wide.
b. Wide portlets are displayed in the middle or widest side column on the portal page. Wide portlets fit in a column fewer than 500 pixels wide.
ii. Test all links and buttons within the portlet display. (if there are errors, check that all forms and functions are uniquely named, and that the preference and gateway settings are configured correctly in the portlet web service editor.)
iii. Test setting and changing preferences. (if there are errors, check that the preferences are uniquely named and that the preference and gateway settings are configured correctly in the portlet web service editor.)
iv. Test communication with the backend application. Confirm that actions executed through the portlet are completed correctly. (if there are errors, check the gateway configuration in the portlet web service editor.)
v. Test localized portlets in all supported languages. (if there are errors, make sure that the language files are installed correctly and are accessible to the portlet.)
vi. If the portlet displays secure information or uses a password, use a tunnel tool to confirm that any secure information is not sent or stored in clear text.
Vii. If backwards compatibility is supported, test portlets in multiple versions of the portal.
40. What is Equivalence Partitioning?
Concepts: Equivalence partitioning is a method for deriving test cases. In this method, classes of input conditions called equivalence classes are
identified such that each member of the class causes the same kind of
processing and output to occur. In this method, the tester identifies various equivalence classes for partitioning. A class is a set of input conditions that are is likely to be handled the same way by the system. If the system were to handle one case in the class erroneously, it would handle all cases erroneously.
41. Why Learn Equivalence Partitioning?
Equivalence partitioning drastically cuts down the number of test cases required to test a system reasonably. It is an attempt to get a good 'hit rate', to find the most errors with the smallest number of test cases.
DESIGNING TEST CASES USING EQUIVALENCE PARTITIONING
To use equivalence partitioning, you will need to perform two steps.
1. Identify the equivalence classes
2. Design test cases
STEP 1:
IDENTIFY EQUIVALENCE CLASSES Take each input condition described in the specification and derive at least two equivalence classes for it. One class represents the set of cases which satisfy the condition (the valid class) and one represents cases which do not (the invalid class) Following are some general guidelines for identifying equivalence classes: a) If the requirements state that a numeric value is input to the system and must be within a range of values, identify one valid class inputs which are within the valid range and two invalid equivalence classes inputs which are too low and inputs which are too high. For example, if an item in inventory can have a quantity of - 9999 to + 9999, identify the following classes:
1. One valid class: (QTY is greater than or equal to -9999 and is less than or equal to 9999). This is written as (- 9999 < = QTY < = 9999)
2. The invalid class (QTY is less than -9999), also written as (QTY < -9999)
3. The invalid class (QTY is greater than 9999) , also written as (QTY >9999) b) If the requirements state that the number of items input by the system at some point must lie within a certain range, specify one valid class where the number of inputs is within the valid range, one invalid class where there are too few inputs and one invalid class where there are, too many inputs.
42. What are two types of Metrics?
1. Process metrics: Primary metrics are also called as Process metrics. This is the metric the Six Sigma practitioners care about and can influence. Primary metrics are almost the direct output characteristic of a process. It is a measure of a process and not a measure of a high-level business objective. Primary Process metrics are usually Process Defects, Process cycle time and Process consumption.
2. Product metrics: Product metrics quantitatively characterize some aspect of the structure of a software product, such as a requirements specification, a design, or source code.
43. What is the Outcome of Testing?
A stable application, performing its task as expected.
44. Why do you go for White box testing, when Black box testing is available?
A benchmark that certifies Commercial (Business) aspects and also functional (technical) aspects is objectives of black box testing. Here loops, structures, arrays, conditions, files, etc are very micro level but they arc Basement for any application, So White box takes these things in Macro level and test these things
45. What is Baseline document, Can you say any two?
A baseline document, which starts the understanding of the application before the tester, starts actual testing. Functional Specification and Business Requirement Document
46. Tell names of some testing type which you learnt or experienced?
Any 5 or 6 types which are related to companies profile is good to say in the interview,
1. Ad - Hoc testing
2. Cookie Testing
3. CET (Customer Experience Test)
4. Depth Test
5. Event-Driven
6. Performance Testing
7. Recovery testing
8. Sanity Test
9. Security Testing
10. Smoke testing
11. Web Testing
47. What exactly is Heuristic checklist approach for unit testing?
It is method of achieving the most appropriate solution of several found by alternative methods is selected at successive stages testing. The checklist Prepared to Proceed is called Heuristic checklist
48. What is a Data Guideline?
Data Guidelines are used to specify the data required to populate the test bed and prepare test scripts. It includes all data parameters that are required to test the conditions derived from the requirement / specification The Document, which supports in preparing test data are called Data guidelines
49. Why do you go for Test Bed?
When Test Condition is executed its result should be compared to Test result (expected result), as Test data is needed for this here comes the role of test Bed where Test data is made ready.
50. Why do we prepare test condition, test cases, test script (Before Starting Testing)?
These are test design document which are used to execute the actual testing Without which execution of testing is impossible, finally this execution is going to find the bugs to be fixed so we have prepare this documents.
1. What’s the difference b/w agile methodology and v-model?
1.agile approaches to achieve working product / application, at the end of each iteration, called sprint.
V-model does not contain any iteration approach.
2.Agile iteration - sprint, contains every phase of software development, i.e. requirement understanding, design, coding, testing
In agile, developer, tester and customer works together on piece of code for application.
V-model does not have this concept. In V-model, developer works on designing and coding and testers working on writing test cases and testing the product. There is no concept of "working together" for V-model.
Agile is more suitable for the projects where requirements change rapidly.
V-model is suitable where requirement changes are almost none.
V-model does not contain any iteration approach.
2.Agile iteration - sprint, contains every phase of software development, i.e. requirement understanding, design, coding, testing
In agile, developer, tester and customer works together on piece of code for application.
V-model does not have this concept. In V-model, developer works on designing and coding and testers working on writing test cases and testing the product. There is no concept of "working together" for V-model.
Agile is more suitable for the projects where requirements change rapidly.
V-model is suitable where requirement changes are almost none.
In Agile we will be having daily status meeting for one hour regarding the daily tasks.
In this meeting we will discuss about today tasks & 2mr tasks and progress on yesterday’s tasks and we will discuss about any issues if we have. This is called as scrum meeting
while telling about agile we should mention below 2 words
Scrum meeting
Scrum meeting
Sprint releases-
But in V model we don’t have every 2 weeks releases, here while doing the test plans based on requirements we will decide like monthly releases or 3 months release or 6 months releases.
2. What’s difference b/w severity and priority how u will give this?
Priority
High Priority & High Severity: A show stopper error which occurs on the basic functionality of the application . (Eg. A site maintain the student details, on saving record if it, doesn't allow to save the record then this is high priority and high severity bug.)
High Priority & Low Severity: The spell mistakes that happens on the cover page or headin or title of an application.
High Severity & Low Priority: The application generates a show stopper or system error, (for which there is no workaround) but on click of link which is rarely used by the end user.
Low Priority and Low Severity: Any cosmetic or spell issues which is with in a paragraph or in the report (Not on cover page, heading, title).
3. In yahoo mail the logo of the yahoo mail is 2 c.m but the logo size is displayed some 1.8 c.m how u will give the severity and priority?
Severity
Priority
Priority
4. If the severity is equal to priority or if the severity is high then what should be the priority?
If the severity is equal to priority –yes- we can have this type of defect like High severity & Priority
if the severity is high then what should be the priority?
Based on defect we will decide this. Normally we will have below cases
High Priority & High Severity
High Priority & Low Severity
High Severity & Low Priority
Low Priority and Low Severity
5. Apart from creating and executing the test cases what you have done?
5. Apart from creating and executing the test cases what you have done?
à Doing automation
à Participation in status meeting
à Participating & conducting some games
6. In these 4 years how u can grown up in the industry?
6. In these 4 years how u can grown up in the industry?
Initially I had started my carrier as junior software Engineer and then Software test engineer and currently working as senior software engineer
Gained domain knowledge by working on different projects
Learned the testing process and had the ability to work independently
7. What’s the day 2 day actives of Ur’s?
7. What’s the day 2 day actives of Ur’s?
Writing the test scenarios and by end of day need to send the status to lead
8. What’s the testing process u have followed from first to end?
?-High – as per functionality requirements this will be high. (Actual result & Expected result are not same na) –Low- here this will not impact any functionality because of that we are giving low - Priority is the order in which developer has to fix the bug.8. What’s the testing process u have followed from first to end?
Severity - Severity is how seriously the bug is impacting the application. its means here for every two weeks release will be there
1. What is the difference between Functional Requirement and Non-Functional Requirement?
The Functional Requirement specifies how the system or application SHOULD DO where in
Non Functional Requirement it specifies how the system or application SHOULD BE.
Some functional Requirements are
• Authentication
• Business rules
• Historical Data
• Legal and Regulatory Requirements
• External Interfaces
Some Non-Functional Requirements are
• Performance
• Reliability
• Security
• Recovery
• Data Integrity
• Usability
2. How Severity and Priority are related to each other?
• Severity- tells the seriousness/depth of the bug where as
• Priority- tells which bug should rectify first.
• Severity- Application point of view
• Priority- User point of view
3. Explain the different types of Severity?
1. User Interface Defect-Low
2. Boundary Related Defects-Medium
3. Error Handling Defects-Medium
4. Calculation Defects-High
5. Interpreting Data Defects-High
6. Hardware Failures& Problems-High
7. Compatibility and Intersystem defects-High
8. Control Flow defects-High
9. Load conditions (Memory leakages under load testing)-High
4. What is the difference between Priority and Severity?
The terms Priority and Severity are used in Bug Tracking to share the importance of a bug among the team and to fix it.
Severity: Is found in the Application point of view
Priority- Is found in the User point of view
Severity- (tells the seriousness/depth of the bug)
1. The Severity status is used to explain how badly the deviation is affecting the build.
2. The severity type is defined by the tester based on the written test cases and functionality.
Example
If an application or a web page crashes when a remote link is clicked, in this case clicking the remote link by an user is rare but the impact of application crashing is severe, so the severity is high and priority is low.
PRIORITY- (tells which bug should rectify first)
1. The Priority status is set by the tester to the developer mentioning the time frame to fix a defect. If High priority is mentioned then the developer has to fix it at the earliest.
2. The priority status is set based on the customer requirements.
Example
If the company name is misspelled in the home page of a website, then the priority is high and the severity is low to fix it.
Severity: Describes the bug in terms of functionality.
Priority: Describes the bug in terms of customer.
Few examples:
High Severity and Low Priority -> Application doesn't allow customer expected configuration.
High Severity and High Priority -> Application doesn't allow multiple user's.
Low Severity and High Priority -> No error message to prevent wrong operation.
Low Severity and low Priority -> Error message is having complex meaning.
Or
Few examples:
High Severity -Low priority
Supposing, you try the wildest or the weirdest of operations in a software (say, to be released the next day) which a normal user would not do and supposing this renders a run -time error in the application,the severity would be high. The priority would be low as the operations or the steps which rendered this error by most chances will not be done by a user.
Low Severity -High priority
An example would be- you find a spelling mistake in the name of the website which you are testing.Say, the name is supposed to be Google and its spelled there as 'Gaogle'. Though, it doesn't affect the basic functionality of the software, it needs to be corrected before the release. Hence, the priority is high.
High severity- High Priority
A bug which is a show stopper. i.e., a bug due to which we are unable to proceed our testing.An example would be a run time error during the normal operation of the software,which would cause the application to quit abruptly.
Low severity - low priority
Cosmetic bugs
What is Defect Severity?
A defect is a product anomaly or flaw, which is variance from desired product specification. The classification of defect based on its impact on operation of product is called Defect Severity.
5. What is Bucket Testing?
Bucket testing (also known as A/B Testing) is mostly used to study the impact of various product designs in website metrics, two simultaneous versions were run in a single or set of web pages to measure the difference in click rates, interface and traffic.
6. What is Entry and Exit Criteria in Software Testing?
Entry Criteria is the process that must be present when a system begins, like,
• SRS (Software Requirement Specification)
• FRS (Functional Requirement Specification)
• Usecase
• Test Case
• Test plan
Exit Criteria ensures whether testing is completed and the application is ready for release, like,
• Test Summary Report
• Metrics
• Defect Analysis report
7. What is Concurrency Testing?
Concurrency Testing (also commonly known as Multi User Testing) is used to know the effects of accessing the Application, Code Module or Database by different users at the same time.It helps in identifying and measuring the problems in Response time, levels of locking and deadlocking in the application.
Example
Load runner is widely used for this type of testing, Vugen (Virtual User Generator) is used to add the number of concurrent users and how the users need to be added like Gradual Ramp up or Spike Stepped.
8. Explain Statement coverage/Code coverage/Line Coverage?
Statement Coverage or Code Coverage or Line Coverage is a metric used in White Box Testing where we can identify the statements executed and where the code is not executed cause of blockage. In this process each and every line of the code needs to be checked and executed.
Some advantages of Statement Coverage / Code Coverage / Line Coverage are
• It verifies what the written code is expected to do and not to do.
• It measures the quality of code written.
• It checks the flow of different paths in the program also ensure whether those paths are tested or not.
To Calculate Statement Coverage,
Statement Coverage = Statements Tested / Total No. of Statements.
9. Explain Branch Coverage/Decision Coverage?
Branch Coverage or Decision Coverage metric is used to check the volume of testing done in all components. This process is used to ensure whether all the code is executed by verifying every branch or decision outcome (if and while statements) by executing atleast one time, so that no branches lead to the failure of the application.
To Calculate Branch Coverage,
Branch Coverage = Tested Decision Outcomes / Total Decision Outcomes.
10. What is the difference between High level and Low Level test case?
High level Test cases are those which cover major functionality in the application (i.e. retrieve, update display, cancel (functionality related test cases), database test cases).
Low level test cases are those related to User Interface (UI) in the application.
11. Explain Localization testing with example?
Localization is the process of changing or modifying an application to a particular culture or locale. This includes change in user interface, graphical designs or even the initial settings according to their culture and requirements.
In terms of Localization Testing it verifies how correctly the application is changed or modified into that target culture and language.
In case of translation required of the application on that local language, testing should be done on each field to check the correct translation. Other formats like date conversion, hardware and software usage like operating system should also be considered in localization testing.
Examples for Localization Testing are
In Islamic Banking all the transactions and product features are based on Shariah Law, some important points to be noted in Islamic Banking are
1. In Islamic Banking, the bank shares the profit and loss with the customer.
2. In Islamic Banking, the bank cannot charge interest on the customer; instead they charge a nominal fee which is termed as "Profit
3. In Islamic Banking, the bank will not deal or invest in business like Gambling, Alcohol, Pork, etc.
In this case, we need to test whether these Islamic banking conditions were modified and applied in the application or product.
In Islamic Lending, they follow both the Gregorian calendar and Hijiri Calendar for calculating the loan repayment schedule. The Hijiri Calendar is commonly called as Islamic Calendar followed in all the Muslim countries according to the lunar cycle. The Hijiri Calendar has 12 months and 354 days which is 11 days shorter than Gregorian calendar. In this case, we need to test the repayment schedule by comparing both the Gregorian calendar and Hijiri Calendar.
12. Explain Risk Analysis in Software Testing?
In Software Testing, Risk Analysis is the process of identifying risks in applications and prioritizing them to test.
In Software testing some unavoidable risk might takes place like
• Change in requirements or Incomplete requirements
• Time allocation for testing.
• Developers delaying to deliver the build for testing.
• Urgency from client for delivery.
• Defect Leakage due to application size or complexity.
To overcome these risks, the following activities can be done
• Conducting Risk Assessment review meeting with the development team.
• Profile for Risk coverage is created by mentioning the importance of each area.
• Using maximum resources to work on High Risk areas like allocating more testers for High risk areas and minimum resources for Medium and Low risk areas. Creation of Risk assessment database for future maintenance and management review.
13. What is the difference between Two Tier Architecture and Three Tier Architecture?
In Two Tier Architecture or Client/Server Architecture two layers like Client and Server is involved. The Client sends request to Server and the Server responds to the request by fetching the data from it. The problem with the Two Tier Architecture is the server cannot respond to multiple requests at the same time which causes data integrity issues.
The Client/Server Testing involves testing the Two Tier Architecture of user interface in the front end and database as backend with dependencies on Client, Hardware and Servers.
In Three Tier Architecture or Multi Tier Architecture three layers like Client, Server and Database are involved. In this the Client sends a request to Server, where the Server sends the request to Database for data, based on that request the Database sends back the data to Server and from Server the data is forwarded to Client.
The Web Application Testing involves testing the Three Tier Architecture including the User interface, Functionality, Performance, Compatibility, Security and Database testing.
14. What is the difference between Static testing and dynamic testing?
Static Testing (done in Verification stage)
Static Testing is a White Box testing technique where the developers verify or test their code with the help of checklist to find errors in it, this type of testing is done without running the actually developed application or program. Code Reviews, Inspections, Walkthroughs are mostly done in this stage of testing.
Dynamic Testing (done in Validation stage)
Dynamic Testing is done by executing the actual application with valid inputs to check the expected output. Examples of Dynamic Testing methodologies are Unit Testing, Integration Testing, System Testing and Acceptance Testing.
Some differences between Static Testing and Dynamic Testing are,
• Static Testing is more cost effective than Dynamic Testing because Static Testing is done in the initial stage.
• In terms of Statement Coverage, the Static Testing covers more areas than Dynamic Testing in shorter time.
• Static Testing is done before the code deployment where the Dynamic Testing is done after the code deployment.
• Static Testing is done in the Verification stage where the Dynamic Testing is done in the Validation stage.
15. Explain Use case diagram. What are the attributes of use cases?
Use Case Diagrams is an overview graphical representation of the functionality in a system. It is used in the analysis phase of a project to specify the system to be developed.
In Use Case Diagrams the whole system is defined as ACTORS, USE CASES and ASSOCIATIONS, the ACTORS are the external part of the system like users, computer software & hardware, USECASES is the behavior or functionality of the system when these ACTORS perform an action, the ASSOCIATIONS are the line drawn to show the connection between ACTORS and USECASES. One ACTOR can link too many USECASES and one USECASE can link too many ACTORS.
16. What is Web Application testing? Explain the different phases in Web Application testing?
Web Application testing is done on a website to check its load, performance, Security, Functionality, Interface, compatibility and other usability related issues. In Web application testing, three phases of testing is done, they are,
Web Tier Testing
In Web tier testing, the browser compatibility of the application will be tested for IE, Fire Fox and other web browsers.
Middle Tier Testing
In Middle tier testing, the functionality and security issues were tested.
Database Tier Testing
In Database tier testing, the database integrity and the contents of the database were tested and verified.
17. Explain Unit testing, Interface Testing and Integration testing. Also explain the types of integration testing in brief?
Unit testing
Unit Testing is done to check whether the individual modules of the source code are working properly. i.e. testing each and every unit of the application separately by the developer in developer's environment.
Interface Testing
Interface Testing is done to check whether the individual modules are communicating properly one among other as per the specifications.
Interface testing is mostly used in testing the user interface of GUI application.
Integration testing
Integration Testing is done to check the connectivity by combining all the individual modules together and test the functionality.
The types of Integration Testing are
1. Big Bang Integration Testing
In Big Bang Integration Testing, the individual modules are not integrated until all the modules are ready. Then they will run to check whether it is performing well.
In this type of testing, some disadvantages might occur like,
Defects can be found at the later stage.It would be difficult to find out whether the defect arouse in Interface or in module.
2. Top Down Integration Testing
In Top Down Integration Testing, the high level modules are integrated and tested first. i.e Testing from main module to sub module. In this type of testing, Stubs are used as temporary module if a module is not ready for integration testing.
3. Bottom Up Integration Testing
In Bottom Up Integration Testing, the low level modules are integrated and tested first i.e Testing from sub module to main module. Same like Stubs, here drivers are used as a temporary module for integration testing.
18. Explain Alpha, Beta, Gamma Testing?
Alpha Testing:
Alpha Testing is mostly like performing usability testing which is done by the in-house developers who developed the software or testers. Sometimes this Alpha Testing is done by the client or an outsider with the presence of developer and tester. The version release after alpha testing is called Alpha Release.
Beta Testing:
Beta Testing is done by limited number of end users before delivery, the change request would be fixed if the user gives feedback or reports defect. The version release after beta testing is called beta Release.
Gamma Testing:
Gamma Testing is done when the software is ready for release with specified requirements, this testing is done directly by skipping all the in-house testing activities.
19. Explain the methods and techniques used for Security Testing?
Security testing can be performed in many ways like,
1. Black Box Testing
2. White Box Testing
3. Database Testing
1. Black Box Testing
a. Session Hijacking
Session Hijacking commonly called as "IP Spoofing" where a user session will be attacked on a protected network.
b. Session Prediction
Session prediction is a method of obtaining data or a session ID of an authorized user and gets access to the application. In a web application the session ID can be retrieved from cookies or URL.
The session prediction happening can be predicted when a website is not responding normally or stops responding for an unknown reason.
c. Email Spoofing
Email Spoofing is duplicating the email header ("From" address) to look like originated from actual source and if the email is replied it will land in the spammers inbox. By inserting commands in the header the message information can be altered. It is possible to send a spoofed email with information you didn't write.
d. Content Spoofing
Content spoofing is a technique to develop a fake website and make the user believe that the information and website is genuine. When the user enters his Credit Card Number, Password, SSN and other important details the hacker can get the data and use if for fraud purposes.
e. Phishing
Phishing is similar to Email Spoofing where the hacker sends a genuine look like mail attempting to get the personal and financial information of the user. The emails will appear to have come from well known websites.
f. Password Cracking
Password Cracking is used to identify an unknown password or to identify a forgotten password
Password cracking can be done through two ways,
1. Brute Force – The hacker tries with a combination of characters within a length and tries until it is getting accepted.
2. Password Dictionary – The hacker uses the Password dictionary where it is available on various topics.
2. White Box level
a. Malicious Code Injection
SQL Injection is most popular in Code Injection Attack, the hacker attach the malicious code into the good code by inserting the field in the application. The motive behind the injection is to steal the secured information which was intended to be used by a set of users.
Apart from SQL Injection, the other types of malicious code injection are XPath Injection, LDAP Injection, and Command Execution Injection. Similar to SQL Injection the XPath Injection deals with XML document.
b. Penetration Testing:
Penetration Testing is used to check the security of a computer or a network. The test process explores all the security aspects of the system and tries to penetrate the system.
c. Input validation:
Input validation is used to defend the applications from hackers. If the input is not validated mostly in web applications it could lead to system crashes, database manipulation and corruption.
d. Variable Manipulation
Variable manipulation is used as a method for specifying or editing the variables in a program. It is mostly used to alter the data sent to web server.
3. Database Level
a. SQL Injection
SQL Injection is used to hack the websites by changing the backend SQL statements, using this technique the hacker can steal the data from database and also delete and modify it.
20. Explain IEEE 829 standards and other Software Testing standards?
An IEEE 829 standard is used for Software Test Documentation, where it specifies format for the set of documents to be used in the different stages software testing. The documents are,
Test Plan- Test Plan is a planning document which has information about the scope, resources, duration, test coverage and other details.
Test Design- Test Design document has information of test pass criteria with test conditions and expected results.
Test Case- Test case document has information about the test data to be used.
Test Procedure- Test Procedure has information about the test steps to be followed and how to execute it.
Test Log- Test log has details about the run test cases, test plans & fail status, order, and the resource information who tested it.
Test Incident Report- Test Incident Report has information about the failed test comparing the actual result with expected result.
Test Summary Report- Test Summary Report has information about the testing done and quality of the software, it also analyses whether the software has met the requirements given by customer.
The other standards related to software testing are,
IEEE 1008 is for Unit Testing
IEEE 1012 is for Software verification and validation
IEEE 1028 is for Software Inspections
IEEE 1061 is for Software metrics and methodology
IEEE 1233 is for guiding the SRS development
IEEE 12207 is for SLC process
21. What is Test Harness?
Test Harness is configuring a set of tools and test data to test an application in various conditions, which involves monitoring the output with expected output for correctness.
The benefits of Test Harness are,
• Productivity increase due to process automation.
• Quality in the application.
22. What is the difference between bug log and defect tracking?
Bug Log: Bug Log document showing the number of defect such as open, closed, reopen or deferred of a particular module
Defect Tracking- The process of tracking a defect such as symptom, whether reproducible /not, priority, severity and status.
23. What are Integration Testing and Regression Testing?
Integration Testing:
• Combining the modules together & construct software architecture.
• To test the communication & data flow
• White & Black box testing techniques are used
• It is done by developer & tester
Regression Testing
• It is re-execution of our testing after the bug is fixed to ensure that the build is free from bugs.
• Done after bug is fixed
• It is done by Tester
24. Explain Peer Review in Software Testing?
It is an alternative form of Testing, where some colleagues were invited to examine your work products for defects and improvement opportunities.
Some Peer review approaches are,
Inspection
It is a more systematic and rigorous type of peer review. Inspections are more effective at finding defects than are informal reviews.
Ex: In Motorola's Iridium project nearly 80% of the defects were detected through inspections where only 60% of the defects were detected through formal reviews.
Team Reviews: It is a planned and structured approach but less formal and less rigorous comparing to Inspections.
Walkthrough: It is an informal review because the work product's author describes it to some colleagues and asks for suggestions. Walkthroughs are informal because they typically do not follow a defined procedure, do not specify exit criteria, require no management reporting, and generate no metrics.
Or
A 'walkthrough' is an informal meeting for evaluation or informational purposes. Little or no preparation is usually required.
Pair Programming: In Pair Programming, two developers work together on the same program at a single workstation and continuously reviewing their work.
Peer Desk check
In Peer Desk check only one person besides the author examines the work product. It is an informal review, where the reviewer can use defect checklists and some analysis methods to increase the effectiveness.
Passaround: It is a multiple, concurrent peer desk check where several people are invited to provide comments on the product.
25. Explain Compatibility testing with an example?
Compatibility testing is to evaluate the application compatibility with the computing environment like Operating System, Database, Browser compatibility, backwards compatibility, computing capacity of the Hardware Platform and compatibility of the Peripherals.
Example
If Compatibility testing is done on a Game application, before installing a game on a computer, its compatibility is checked with the computer specification that whether it is compatible with the computer having that much of specification or not.
26. What is Traceability Matrix?
Traceability Matrix is a document used for tracking the requirement, Test cases and the defect. This document is prepared to make the clients satisfy that the coverage done is complete as end to end, this document consists of Requirement/Base line doc Ref No., Test case/Condition, Defects / Bug id. Using this document the person can track the Requirement based on the Defect id.
27. Explain Boundary value testing and Equivalence testing with some examples?
Boundary value testing is a technique to find whether the application is accepting the expected range of values and rejecting the values which falls out of range.
Exmple
A user ID text box has to accept alphabet characters ( a-z ) with length of 4 to 10 characters.
BVA is done like this, max value: 10 pass; max-1: 9 pass;
max+1=11 fail ;min=4 pass;min+1=5 pass;min-1=3 fail;
Like wise we check the corner values and come out with a conclusion whether the application is accepting correct range of values.
Equivalence testing is normally used to check the type of the object.
Example
A user ID text box has to accept alphabet characters (a - z) with length of 4 to 10 characters.
In +ve condition we have test the object by giving alphabets. i.e. a-z char only, after that we need to check whether the object accepts the value, it will pass.
In -ve condition we have to test by giving other than alphabets (a-z) i.e. A-Z, 0-9, blank etc, it will fail.
28. What is Security testing?
Security testing is the process that determines that confidential data stays confidential
Or
Testing how well the system protects against unauthorized internal or external access, willful damage, etc?
This process involves functional testing, penetration testing and verification.
29. What is Installation testing?
Installation testing is done to verify whether the hardware and software are installed and configured properly. This will ensure that all the system components were used during the testing process. This Installation testing will look out the testing for a high volume data, error messages as well as security testing.
30. What is AUT?
AUT is nothing but "Application Under Test". After the designing and coding phase in Software development life cycle, the application comes for testing then at that time the application is stated as Application Under Test.
31. What is Defect Leakage?
Defect leakage occurs at the Customer or the End user side after the application delivery. After the release of the application to the client, if the end user gets any type of defects by using that application then it is called as Defect leakage. This Defect Leakage is also called as Bug Leakage.
32. What are the contents in an effective Bug report?
1. Project
2. Subject
3. Description
4. Summary
5. Detected By (Name of the Tester)
6. Assigned To (Name of the Developer who is supposed to the Bug)
7. Test Lead (Name)
8. Detected in Version
9. Closed in Version
10. Date Detected
11. Expected Date of Closure
12. Actual Date of Closure
13. Priority (Medium, Low, High, Urgent)
14. Severity (Ranges from 1 to 5)
15. Status
16. Bug ID
17. Attachment
18. Test Case Failed (Test case that is failed for the Bug)
33. What is Error guessing and Error seeding?
Error Guessing is a test case design technique where the tester has to guess what faults might occur and to design the tests to represent them.
Error Seeding is the process of adding known faults intentionally in a program for the reason of monitoring the rate of detection & removal and also to estimate the number of faults remaining in the program.
34. What is Ad-hoc testing?
Ad hoc testing is concern with the Application Testing without following any rules or test cases.
For Ad hoc testing one should have strong knowledge about the Application.
35. What are the basic solutions for the software development problems?
1. Basic requirements- A clear, detailed, complete, achievable, testable requirement has to be developed. Use some prototypes to help pin down requirements. In nimble environments, continuous and close coordination with customers/end-users is needed.
2. Schedules should be realistic- enough time to plan, design, test, bug fix, re-test, change, and document in the given schedule. Adequate
3. testing- testing should be started early, it should be re-tested after the bug fixed or changed, enough time should be spend for testing and bug-fixing.
4. Proper study on initial requirements- be ready to look after more changes after the development has begun and be ready to explain the changes done to others. Work closely with the customers and end-users to manage expectations. This avoids excessive changes in the later stages.
5. Communication- conduct frequent inspections and walkthroughs in appropriate time period; ensure that the information and the documentation is available on up-to-date if possible electronic. More emphasize on promoting teamwork and cooperation inside the team; use prototypes and proper communication with the end-users to clarify their doubts and expectations.
36. What are the common problems in the software development process?
Inadequate requirements from the Client: if the requirements given by the client is not clear, unfinished and not testable, then problems may come.
Unrealistic schedules: Sometimes too much of work is being given to the developer and ask him to complete in a Short duration, then the problems are unavoidable.
Insufficient testing: The problems can arise when the developed software is not tested properly.
Given another work under the existing process: request from the higher management to work on another project or task will bring some problems when the project is being tested as a team.
Miscommunication: in some cases, the developer was not informed about the Clients requirement and expectations, so there can be deviations.
37. What is the difference between Software Testing and Quality Assurance (QA)?
Software Testing involves operation of a system or application under controlled conditions and evaluating the result. It is oriented to 'detection'.
Quality Assurance (QA) involves the entire software development PROCESS- monitoring and improving the process, making sure that any agreed-upon standards and procedures are followed, and ensuring that problems are found and dealt with. It is oriented to 'prevention'.
38. How to Test the water bottle?
Note: Before going to generate some test idea on how to test a water bottle, I would like to ask few questions like:
1. Is it a bottle made up off glass, plastic, rubber, some metal, some kind of disposable materials or any thing else?
2. Is it meant only to hot water or we can use it with other fluids like tea, coffee, soft drinks, hot chocolate, soups, wine, cooking oil, vinegar, gasoline, acids, molten lava (!) etc.?
3. Who is going to use this bottle? A school going kid, a housewife, some beverage manufacturing company, an office-goer, a sports man, a mob protesting in a rally (going to use as missiles), an Eskimo living in an igloo or an astronaut in a space ship?
These kinds of questions may allow a tester to know a product (that he is going to test) in a better way. In our case, I am assuming that the water bottle is in form of a pet bottle and actually made up off either plastic or glass (there are 2 versions of the product) and is intended to be used mainly with water. About the targeted user, even the manufacturing company is not sure about them! (Sounds familiar! When a software company develops a product without clear idea about the users who are going to use the software!)
Test Ideas
1. Check the dimension of the bottle. See if it actually looks like a water bottle or a cylinder, a bowl, a cup, a flower vase, a pen stand or a dustbin! [Build Verification Testing!]
2. See if the cap fits well with the bottle.[Installability Testing!]
3. Test if the mouth of the bottle is not too small to pour water. [Usability Testing!]
4. Fill the bottle with water and keep it on a smooth dry surface. See if it leaks. [Usability Testing!]
5. Fill the bottle with water, seal it with the cap and see if water leaks when the bottle is tilted, inverted, squeezed (in case of plastic made bottle)! [Usability Testing!]
6. Take water in the bottle and keep it in the refrigerator for cooling. See what happens. [Usability Testing!]
7. Keep a water-filled bottle in the refrigerator for a very long time (say a week). See what happens to the water and/or bottle. [Stress Testing!]
8. Keep a water-filled bottle under freezing condition. See if the bottle expands (if plastic made) or breaks (if glass made). [Stress Testing!]
9. Try to heat (boil!) water by keeping the bottle in a microwave oven! [Stress Testing!]
10. Pour some hot (boiling!) water into the bottle and see the effect. [Stress Testing!]
11. Keep a dry bottle for a very long time. See what happens. See if any physical or chemical deformation occurs to the bottle.
12. Test the water after keeping it in the bottle and see if there is any chemical change. See if it is safe to be consumed as drinking water.
13. Keep water in the bottle for sometime. And see if the smell of water changes.
14. Try using the bottle with different types of water (like hard and soft water). [Compatibility Testing!]
15. Try to drink water directly from the bottle and see if it is comfortable to use. Or water gets spilled while doing so. [Usability Testing!]
16. Test if the bottle is ergonomically designed and if it is comfortable to hold. Also see if the center of gravityof the bottle stays low (both when empty and when filled with water) and it does not topple down easily.
17. Drop the bottle from a reasonable height (may be height of a dining table) and see if it breaks (both with plastic and glass model). If it is a glass bottle then in most cases it may break. See if it breaks into tiny little pieces (which are often difficult to clean) or breaks into nice large pieces (which could be cleaned without much difficulty). [Stress Testing!] [Usability Testing!]
18. Test the above test idea with empty bottles and bottles filled with water. [Stress Testing!]
19. Test if the bottle is made up of material, which is recyclable. In case of plastic made bottle test if it is easily crushable.
20. Test if the bottle can also be used to hold other common household things like honey, fruit juice, fuel, paint, turpentine, liquid wax etc. [Capability Testing!]
39. What is Portlet Testing ?
Following are the features that should be concentrated while testing a portlet
i. Test alignment/size display with multiple style sheets and portal configurations. When you configure a portlet object in the portal, you must choose from the following alignments:
a. Narrow portlets are displayed in a narrow side column on the portal page. Narrow portlets must fit in a column that is fewer than 255 pixels wide.
b. Wide portlets are displayed in the middle or widest side column on the portal page. Wide portlets fit in a column fewer than 500 pixels wide.
ii. Test all links and buttons within the portlet display. (if there are errors, check that all forms and functions are uniquely named, and that the preference and gateway settings are configured correctly in the portlet web service editor.)
iii. Test setting and changing preferences. (if there are errors, check that the preferences are uniquely named and that the preference and gateway settings are configured correctly in the portlet web service editor.)
iv. Test communication with the backend application. Confirm that actions executed through the portlet are completed correctly. (if there are errors, check the gateway configuration in the portlet web service editor.)
v. Test localized portlets in all supported languages. (if there are errors, make sure that the language files are installed correctly and are accessible to the portlet.)
vi. If the portlet displays secure information or uses a password, use a tunnel tool to confirm that any secure information is not sent or stored in clear text.
Vii. If backwards compatibility is supported, test portlets in multiple versions of the portal.
40. What is Equivalence Partitioning?
Concepts: Equivalence partitioning is a method for deriving test cases. In this method, classes of input conditions called equivalence classes are
identified such that each member of the class causes the same kind of
processing and output to occur. In this method, the tester identifies various equivalence classes for partitioning. A class is a set of input conditions that are is likely to be handled the same way by the system. If the system were to handle one case in the class erroneously, it would handle all cases erroneously.
41. Why Learn Equivalence Partitioning?
Equivalence partitioning drastically cuts down the number of test cases required to test a system reasonably. It is an attempt to get a good 'hit rate', to find the most errors with the smallest number of test cases.
DESIGNING TEST CASES USING EQUIVALENCE PARTITIONING
To use equivalence partitioning, you will need to perform two steps.
1. Identify the equivalence classes
2. Design test cases
STEP 1:
IDENTIFY EQUIVALENCE CLASSES Take each input condition described in the specification and derive at least two equivalence classes for it. One class represents the set of cases which satisfy the condition (the valid class) and one represents cases which do not (the invalid class) Following are some general guidelines for identifying equivalence classes: a) If the requirements state that a numeric value is input to the system and must be within a range of values, identify one valid class inputs which are within the valid range and two invalid equivalence classes inputs which are too low and inputs which are too high. For example, if an item in inventory can have a quantity of - 9999 to + 9999, identify the following classes:
1. One valid class: (QTY is greater than or equal to -9999 and is less than or equal to 9999). This is written as (- 9999 < = QTY < = 9999)
2. The invalid class (QTY is less than -9999), also written as (QTY < -9999)
3. The invalid class (QTY is greater than 9999) , also written as (QTY >9999) b) If the requirements state that the number of items input by the system at some point must lie within a certain range, specify one valid class where the number of inputs is within the valid range, one invalid class where there are too few inputs and one invalid class where there are, too many inputs.
42. What are two types of Metrics?
1. Process metrics: Primary metrics are also called as Process metrics. This is the metric the Six Sigma practitioners care about and can influence. Primary metrics are almost the direct output characteristic of a process. It is a measure of a process and not a measure of a high-level business objective. Primary Process metrics are usually Process Defects, Process cycle time and Process consumption.
2. Product metrics: Product metrics quantitatively characterize some aspect of the structure of a software product, such as a requirements specification, a design, or source code.
43. What is the Outcome of Testing?
A stable application, performing its task as expected.
44. Why do you go for White box testing, when Black box testing is available?
A benchmark that certifies Commercial (Business) aspects and also functional (technical) aspects is objectives of black box testing. Here loops, structures, arrays, conditions, files, etc are very micro level but they arc Basement for any application, So White box takes these things in Macro level and test these things
45. What is Baseline document, Can you say any two?
A baseline document, which starts the understanding of the application before the tester, starts actual testing. Functional Specification and Business Requirement Document
46. Tell names of some testing type which you learnt or experienced?
Any 5 or 6 types which are related to companies profile is good to say in the interview,
1. Ad - Hoc testing
2. Cookie Testing
3. CET (Customer Experience Test)
4. Depth Test
5. Event-Driven
6. Performance Testing
7. Recovery testing
8. Sanity Test
9. Security Testing
10. Smoke testing
11. Web Testing
47. What exactly is Heuristic checklist approach for unit testing?
It is method of achieving the most appropriate solution of several found by alternative methods is selected at successive stages testing. The checklist Prepared to Proceed is called Heuristic checklist
48. What is a Data Guideline?
Data Guidelines are used to specify the data required to populate the test bed and prepare test scripts. It includes all data parameters that are required to test the conditions derived from the requirement / specification The Document, which supports in preparing test data are called Data guidelines
49. Why do you go for Test Bed?
When Test Condition is executed its result should be compared to Test result (expected result), as Test data is needed for this here comes the role of test Bed where Test data is made ready.
50. Why do we prepare test condition, test cases, test script (Before Starting Testing)?
These are test design document which are used to execute the actual testing Without which execution of testing is impossible, finally this execution is going to find the bugs to be fixed so we have prepare this documents.
