testing question

8/3/2019 Testing Question

1/43

Q. What is White Box Testing?

White box testing is a method to test the functionality of the code by passing

parameters within the code itself. White box testing involves looking at the structureof the code. When you know the internal structure of a product, tests can be

conducted to ensure that the internal operations performed according to the

specification. And all internal components have been adequately exercised.White box testing is also called Structural testing or Glass box testing.

Q. Why is White Box Testing needed?

White box testing is needed because of the following reasons:

Logical error tend to creep into our work when we design and implementfunctions, conditions or controls that are out of the program

The design errors due to difference between logical flow of the program and

the actual implementation

Typographical errors and syntax checking

Q. What are the different techniques used in white box testing?

Code coverage: Ensure that each code statement is executed once.

Branch Coverage or Node Testing:Coverage of each code branch in from all possible was.

Compound Condition Coverage:For multiple condition test each condition with multiple paths and combination of

different path to reach that condition.

Basis Path Testing:Each independent path in the code is taken for testing.

Data Flow Testing:In this approach you track the specific variables through each possible calculation,

thus defining the set of intermediate paths through the code. Data Flow Testingtends to reflect dependencies but it is mainly through sequences of data

manipulation. In short each data variable is tracked and its use is verified. Thisapproach tends to uncover bugs like variables used but not initialize, or declared but

not used, and so on.

Path Testing:Path testing is where all possible paths through the code are defined and covered. Its

a time consuming task.

Loop Testing:These strategies relate to testing single loops, concatenated loops, and nested loops.

Independent and dependent code loops and values are tested by this approach.


2/43

Q. What are the limitations of white box testing?

It is not possible for testing each and every path of the loops in program. This means

exhaustive testing is impossible for large systems. This does not mean that white

box testing is not effective. By selecting important logical paths and data structure

for testing is practically possible and effective.

Q. What are the levels of testing in which white box testing can be present?

There are three levels in which white box testing can be present:

1.UnitTesting2.Integretion Testing

3.Regression testing

Q. What are Dirty Test Cases?

Dirty test cases are those that check the functionalities for the negative scenarios. Indirty test cases we provide negative / invalid inputs and verify if the application is

behaving correctly. Here the application is tested for maximum amount of invalidinputs.

Example: For a banking application which allows fund transfer of maximum $10000US per day. A dirty test case would be to try to transfer more than that value, i.e.

say $10001 US. Here the application should sanely give an error that maximumallowed amount for transfer is $10000 US. It should not perform any transaction.

Q. What are the impacts caused by failure in white box testing?

A failure of a white box testing may result in a change that requires all black boxtesting to be repeated and white box testing paths to be reviewed and possibly

changed.

Q. Why is white box testing called as glass box testing?

Everything is visible inside a glass box. When you perform white box testing, you can

see the code and test it. But in black box testing the tester does not know what ishappening inside the code when he is giving a particular input. He only sees the

output, but does not get to know how that output has come. In white box testing thetester can know what exactly is happening inside the code and why a particular out

put is coming for a particular input. That's why it is called Glass box testing.

Q. Explain relation between white box testing and equivalence partitioning?

White box testing is a type of testing used basically for checking the code of an

application, where as equivalence partitioning is a strategy used for both white box

and black box testing to decide the input values for the testing. In equivalencepartitioning we will have to come up with multiple inputs in which each one

represents a set of inputs of similar behavior.


3/43

Q. What is meant by API Testing? Explain the API Testing process.

API testing is done to make sure that the basic units of the software application

function properly as desired. Reason why we perform API testing right from theinitial stages of the product cycle to the final phase, ensuring that the product

release in the market is error-free and worth every penny you invested. API testing

process involves testing the methods of NET, JAVA, J2EE APIs for valid and invalidinputs, plus testing the APIs on Application servers.

API-testing targets the code-level, and can be done even by testers as well asdevelopers.

Q. Give one example where you did not find the bug in black box testing butyou found the bug in white box testing?

Let's say you have an entity that is stored across multiple tables and the test case isto delete the entity. In black-box testing, once the entity disappears from the GUI

after deletion, your black-box test case is considered passed. But with white-box

testing, you'd check if all related rows are deleted from the tables. If the deletionhappens to delete only the parent record and leave behind orphan rows, the testcase is considered failed.

Q. Given specification:if (a>4)then b= a-1;

else b= a+1,

where a and b are integer variables. List all possible test cases that can

detect the bug in the following implementation

if (a >=8) b = a-1;else b=a+1;

Test with following Data

1. a=0 Then Result Should Be b=12. a=-1 Then Result Should Be b=0

3. a=2 Then Result Should Be b=34. a=4 Then Result Should Be b=5

5. a=5 Then Result Should Be b=4

Test Case Number 5 will fail while testing

if (a >=8) b = a-1;else b=a+1;

Here 5 >=8 is false and Result Displayed will be b=6, which is wrong.


4/43

Q. What knowledge is essential to be able to perform white box testing?

The following are the knowledge essential for white box testing:

1. Good understanding of the code/programming language.2. Good analytical/logical ability to able to give the necessary inputs and to cover the

required paths/branches.3. Good understanding of testing concepts and methodologies.

Q. What are stubs and drivers used for in white-box testing?

Stubs and Drivers are the small programs used in the integration testing such thatthese programs are placed where the output of undeveloped modules. that is in

some cases, some of the non priority module's output is needed in the project. then

to get out of that situation, we write a small program such that it generates exactlysimilar output of the un-generated module. these programs are called stubs and

drivers.

Here stub is used when we are testing the application in top-down approach.

and driver is used when we are testing the application in bottom-top approach.

Q. What is path coverage? How path coverage testing done in white boxtesting?

Path coverage measures whether each of the possible paths in each function havebeen covered for testing. A path is a unique sequence of branches from the function

entry to the exit. A very through testing is possible by Path Coverage.

Path coverage is measures by an entity called cyclomatic complexity. The cyclomatic

complexity of a software program is calculated from a connected graph of themodule (that shows the topology of control flow within the program):

Cyclomatic complexity (CC) = E - N + Pwhere E = the number of edges of the graph

N = the number of nodes of the graphP = the number of connected components

Q. What is cyclomatic complexity in a software program?

Cyclomatic complexity is the number of linearly independent paths through aprogram's source code. Cyclomatic complexity is computed using the control flow

graph of the program: the nodes of the graph correspond to the commands of a

program, and a directed edge connects two nodes if the second command might beexecuted immediately after the first command.

CC = E N + PWhere


5/43

CC= cyclomatic complexityE = the number of edges of the graph

N = the number of nodes of the graphP = the number of connected components.

Q. Who performs white box testing? The developer or the tester?

White box testing can be performed by anybody who has a good understanding of

the code and the program logic. Generally developers perform white box testing

during unit testing for their own components. API tester also perform white boxtesting.

Automation Testing

Q. Do automated testing tools make testing easier?

The answer is: it depends. For small projects, the time needed to learn and

implement them may not be worth it. For larger projects, or on-going long-termprojects automation tools can be valuable.

A common type of automated tool is the 'record/playback' type. For example, atester could click through all combinations of menu choices, dialog box choices,

buttons, etc. in an application GUI and have them 'recorded' and the results loggedby a tool. The 'recording' is typically in the form of text based on a scripting

language that is interpretable by the testing tool. If new buttons are added, or someunderlying code in the application is changed, etc. the application might then be

retested by just 'playing back' the 'recorded' actions, and comparing the loggingresults to check effects of the changes. The problem with such tools is that if there

are continual changes to the system being tested, the 'recordings' may have to bechanged so much that it becomes very time-consuming to continuously update the

scripts. Additionally, interpretation and analysis of results (screens, data, logs, etc.)

can be a difficult task. Note that there are record/playback tools for text-basedinterfaces also, and for all types of platforms.

Other automated tools can include:code analyzers - monitor code complexity, adherence to standards, etc.

coverage analyzers - these tools check which parts of the code have been exercised

by a test, and may be oriented to code statement coverage, condition coverage, pathcoverage, etc.

memory analyzers - such as bounds-checkers and leak detectors.load/performance test tools - for testing client/server and web applications under

various loadlevels.

web test tools - to check that links are valid, HTML code usage is correct, client-sideand server-side programs work, a web site's interactions are secure.

other tools - for test case management, documentation management, bug reporting,and configuration management

Q. What is meant by framework? When we use framework in our project?


6/43

A test automation framework is a set of assumptions, concepts, and practices thatprovide support for automated software testing.

There is no hard and fast rule to use a specific Automation frame work. It alldepends on your project needs, here are some info on the same.

Data Driven approach is suitable for applications that have limited functionality butlarge number of variations in terms of test data.

Functional Framework is suitable for applications that have variety of functionalitybut limited variations in terms of test data.

Hybrid Test Automation Framework is suitable for applications that have variety offunctionality and larger number of variations in terms of test data.

Record, enhance and play back methodology is suitable to convert small to mediumsize manual scripts into equivalent automation scripts - one to one basis.

Q. What is the difference between Test script and Test case?

Test Script:

It is the command language that we write to perform testing. For e.g. if we use Rational Robot weshall write all commands in sqa Basic commands. Scripting is a program which automaticallychecks "n" number of inputs for a particular requirement or a check point. Further more, if we areperforming the database check point for say, 1000 data, we can write a program (script) whichshall automatically input and check for all 1000 entries in the database.

Test Case:

It is the actual step by step representation for all valid and invalid inputs. Its a detailed descriptionfor all inputs (valid and invalid) and covers all requirements.

Q. Does Jmeter generate any scripts? How to use the Jmeter tool and also the How to

analyze the results?

When you create a test in Jmeter, save the file. The file saves with the extension .jmx.Open the .jmx file in an editor. There you can see script.

Q. How to read data from a CSV file using Test Complete functional tool?

Test Complete is having Drivers to work with any database such as CSV files, EXCEL files. This

is done in Test Complete using DDT project item.

DDT.CSVDriver("Application Path");

//then wotk with ur CSV file


7/43

Q. How can we reverse the string without using the reverse of String function in QTP?

Str = "Reverse"Cnt = Len(Str)RStr = ""For i = 1 to Cnt

RStr = Mid(Str,i,1) & RStrNextMsgbox RStr

Q. What are the different automation tools available in the market?

The popular automation testing tools available in the market are:Win RunnerLoad RunnerQuick Test professionalSilk TestRational Robot

Q. What is the default time for executing 1000 lines of script in winrunner and also inQTP?

In WinRunner the default time for executing 1000 lines or n number of lines is 10 seconds.If the test script is not executed in that time limit we have to synchronize the test script.In QTP, am not sure about teh default time limit for executing the lines

Q. Which tool we should use to retrieve test data?

To retrieve test data we should use global/local data sheet in QTP. Also we can use data drivenwizard in Win Runner.

Q. In real time what is the Testing Process with respect to automation?

Select the Test cases to automate Create a Test plan for Test automation. Follow thedevelopment life cycle like below:

Design your test automation based on your selected test caseFind the common functionality through out the testing applicationCreate common Global functions or follow OOP conceptDo not forget to include error verification in the script.Create a test scriptUnit test your scriptCreate the Test automation Suite

Execute the suite.Analyze the ResultsLog the defect if the script fails

Q. How we start automation testing in company? Is there any document forit? What are the different fields contains in Automation plan?


8/43

When repeated action need to be done on an application where it cannot be donemanually we start AUTOMATION testing. Automation plan is nothing but the area or

fields where we need to conduct automation testing in the companies.

Q. What is End-To-End Testing? Explain in detail?

End to end testing is nothing but system testing, that is testing all the functionalitiesfrom starting point to ending point against the requirements.

Q. Which tools is the best in Automation?

There r so many open source tools available in the market, if u client is happy to pay

large amount of money then HP products are better (QTP/LoadRunner/WinRunneretc) else there are open source tools which do the same functionality as QC for

Management and QTP for functional testing.

Q. What are the factors to consider when selecting a test tool?

Capability: Does the tool have all the critical features we need, especially in the areaof test result validation and test suite management?

Reliability: Does the tool work for long periods without failure, or is it full of bugs?Many test tools are developed by small companies that do a poor job of testing the

software.

Capacity: Can it handle large scale test suites that run for hours or days and involve

thousands of scripts?

Learnability: Can the tool be mastered in a short time? Are there training classes or

books available to aid that process?

Operability: Are the features of the tool cumbersome to use, or prone to user error?

Performance: Is the tool quick enough to allow a substantial savings in test

development and execution time versus hand testing.

Compatibility: Does the tool work with the particular technology that we need totest?

Non-Intrusiveness: How well does the tool simulate an actual user? Is the behaviorof the software under test the same with automation as without?

Q. I have recorded a script for some window application (login screen) and Ihave used browser as IE and I have executed that script successfully. Now I

want to execute the same script in different browsers. Will the same scriptexecute successfully on all other browsers?

The browsers are different , so to execute the same script it needs the GUI map forthe particular explorer. After the explorer is taken to the MAP editor then only the

script will run.


9/43

Q. What are the applications does WinRunner support? What are theapplications does QTP support? Can winrunner, QTP be used in Linux OS?

WinRunner supports VB, .NET, JAVA, D2K, DELPHI, SEIBEL, HTML, VC++, POWERBUILDER etc. QTP supports VB, .NET, JAVA, D2K, DELPHI, SEIBEL, HTML, VC++,

POWER BUILDER, SAP, PEOPLE SOFT, ORACLE, MULTIMEDIA AND XML etc.

WinRunner and QTP both work in WINDOWS os only but for UNIX and LINUXWinRunner is used as "XRunner" tool for QTP no such tool is present.

Q. Why companies are moving to QTP instead of using WinRunner? DoesQTP support any other applications which WinRunner cannot support?

QTP supports many technologies other than WinRunner like Sap, Siebel, oracle,Mainframes, People soft etc.

Q. What is automation framework? Which automation framework u r using?Why?

Framework: Framework is the collection of predefined classes and variables whichcan be reused. It is developed only when the application under test is a continuous

development process i.e., there must be subsequent releases of the AUT.

We declare all the objects at one location in multiple files and the business logic (ie,

classes and functions are placed at one place). Whoever wants to use, will go anduse these class and methods and the only thing they need to do is to write the new

test cases.

There is no hard and fast rule to use a specific Automation frame work. It alldepends on your project needs, here are some info on the same.

Data Driven approach is suitable for applications that have limited functionality butlarge number of variations in terms of test data.

Functional Framework is suitable for applications that have variety of functionality

but limited variations in terms of test data.

Hybrid Test Automation Framework is suitable for applications that have variety of

functionality and larger number of variations in terms of test data.

Record, enhance and play back methodology is suitable to convert small to medium

size manual scripts into equivalent automation scripts - one to one basis.

Q. On what basis we select test cases to automate?

Usually, we automate the test cases if the test is:1.Reusable

2.Repeatable3.Data driven test (for multiple set of data)

4.regression


10/43

Q. Are reusable test cases a big plus of automated testing and explain why?

Yes. Because test cases are reusable and before automate the test cases justprepare the test data and call that test data in to your script So as per test cases the

tester can prepare the data is very easy as per test cases, that is the particularreason the test cases are most useful at the time of automation.

Q. What are the types of testing we cannot do, by using automation tools?

Testing that cannot be sensibly carried out via automation are those tests relating to

subjective measures of quality. As an example when is an image clear enough, doessomething look good, is the workflow ergonomic.

Q. How to open an application through scripting in QTP? Give syntax andexample.

1) invokeapplication "path of the application

example(c:\program files\iexplore.exe)"

2) SystemUtil.Run "application path("C:\Program Files\Internet

Explorer\iexplore.exe")"

Q. What testing activities you may want to automate in a project?

Below is the list of tests/activities you may want to automate

1) Tests that need to be run for every build of the application or website(sanitytesting)

2) Tests that use multiple data for the same set of actions (data driven testing)3) Identical tests that needs to be executed using different browser

4) Mission critical pages5) Transaction with pages which do not change in short term

6) The tests which are of repetitive natureBelow is the list of activities which are poor candidates for automation1) Usability testing

2) One time testing3) Ad-hoc/Random testing based on the knowledge of the application or website

Q. How to find that tools work well with your existing system?

1. If the Tool supports our tools and Technologies.2. Tool compatibility with third party tools used by our application

3. Tool cost VS project Cost4. Platform Support


11/43

Q. What are test metrics?

Below are certain examples of test metrics.Number of remarksNumber of defectsDefect severity

Time to find a defectTest coverage

Test case effectiveness

Q. What are the scripting languages used in WinRunner, LoadRunner, QTP,

Test director, Clear Quest, Rational Robot?

WinRunner - TSL(Test script language)

QTP- VB Script

Test Director- TSL scriptClear Quest- is a defect tracking tool. English like language will be used.Load Runner- Vugen scripts

Rational Robot- QABASIC language

Q. What criteria do you use when determining when to automate a test orleave it manual?

When all the initials bugs r fixed and the application has it maturity level then we willgor automation for regression testing once we complete it with manual testing.

Q. What automated tools are you familiar with?

I am familiar with WinRunner, LoadRunner, QTP, Rational robot.

Q. What types of scripting techniques for test automation do you know?

VB-Script, which is very powerful language and it has lots of resources availablewhen compared to TSL.

Q. What testing activities you may want to automate?

Automation is a costly activity. once the application is stable we can automate thosetest cases/functionalities which are very critical and needs to be regressed in the

future releases.

Among the test cases written for AUT, we should automate only P1 and P2 test cases

which will cover end to end functionality.

Q. What are main benefits of test automation?

1. Manual Intervention for repeated tasks can reduced


12/43

2. Effort required to run tests manually can be reduced.3. Access of the test artifacts can be made easy

Q. What are the main attributes of test automation?

1. Functional testing

2. GUI testing3. Back-end testing

Black Box Testing Questions

Q. What is Black box testing?

Black box testing is also known as functional testing. This is a software testing

technique whereby the internal workings of the item being tested are not known bythe tester. For example, in a black box test on a software design the tester only

knows the inputs and what the expected outcomes should be and not how theprogram arrives at those outputs. The tester does not ever examine the

programming code and does not need any further knowledge of the program otherthan its specifications.

Q. What are the advantages of Black box testing?

The test is unbiased because the designer and the tester are independent of

each other.

The tester does not need knowledge of any specific programming languages.

The test is done from the point of view of the user, not the designer.

Test cases can be designed as soon as the specifications are complete.

Q. What are the disadvantages of Black box testing?

The test can be redundant if the software designer has already run a testcase.

The test cases are difficult to design.

Testing every possible input stream is unrealistic because it would take a

inordinate amount of time; therefore, many program paths will go untested.

Q. Give real time examples of Black box testing.


13/43

In this technique, we do not use the code to determine a test suite; rather, knowingthe problem that we're trying to solve, we come up with four types of test data:

1. Easy-to-compute data

2. Typical data

3. Boundary / extreme data

4. Bogus data

For example, suppose we are testing a function that uses the quadratic formula todetermine the two roots of a second-degree polynomial ax2+bx+c. For simplicity,

assume that we are going to work only with real numbers, and print an errormessage if it turns out that the two roots are complex numbers (numbers involving

the square root of a negative number).

We can come up with test data for each of the four cases, based on values of the

polynomial's discriminant (b2-4ac):

Easy data (discriminant is a perfect square):

a b c Roots

1 2 1 -1, -1

1 3 2 -1, -2

Typical data (discriminate is positive):

a b c Roots

1 4 1 -3.73205, -0.267949

2 4 1 -1.70711, -0.292893

Boundary / extreme data (discriminate is zero):

a b c Roots

2 -4 2 1, 1

2 -8 8 2, 2

Bogus data (discriminate is negative, or a is zero):

a b c Roots

1 1 1 square root of negative number


14/43

0 1 1 division by zero

As with glass-box testing, you should test your code with each set of test data. If theanswers match, then your code passes the black-box test.

Q. Describe the Black box testing techniques.

Equivalence partitioning

Boundary value analysis

State transition tables

Decision table testing

Pairwise testing

Error Guessing.

Details of each types of testing are given below: (Note: Some of the definitions and

examples have been borrowed from Wikipedia)

Equivalence partitioning:

Equivalence partitioning is a black box testing technique with the goal:

1. To reduce the number of test cases to a necessary minimum.2. To select the right test cases to cover all possible scenarios.

Although in rare cases equivalence partitioning is also applied to outputs of asoftware component, typically it is applied to the inputs of a tested component. The

equivalence partitions are usually derived from the specification of the component's

behavior. An input has certain ranges which are valid and other ranges which areinvalid. This may be best explained at the following example of a function which hasthe pass parameter "month" of a date. The valid range for the month is 1 to 12,

standing for January to December. This valid range is called a partition. In thisexample there are two further partitions of invalid ranges. The first invalid partition

would be = 13.

... -2 -1 0 1 .............. 12 13 14 15 .....

--------------|-------------------|---------------------invalid partition 1 valid partition invalid partition 2

The testing theory related to equivalence partitioning says that only one test case of

each partition is needed to evaluate the behavior of the program for the relatedpartition. In other words it is sufficient to select one test case out of each partition tocheck the behaviors of the program. To use more or even all test cases of a partition

will not find new faults in the program. The values within one partition areconsidered to be "equivalent". Thus the number of test cases can be reduced

considerably.

An additional effect by applying this technique is that you also find the so called

"dirty" test cases. An inexperienced tester may be tempted to use as test cases the


15/43

input data 1 to 12 for the month and forget to select some out of the invalidpartitions. This would lead to a huge number of unnecessary test cases on the one

hand, and a lack of test cases for the dirty ranges on the other hand.

The tendency is to relate equivalence partitioning to so called black box testing which

is strictly checking a software component at its interface, without consideration of

internal structures of the software. But having a closer look at the subject there arecases where it applies to grey box testing as well. Imagine an interface to acomponent which has a valid range between 1 and 12 like in the example above.

However internally the function may have a differentiation of values between 1 and 6and the values between 7 and 12. Depending on the input value the software

internally will run through different paths to perform slightly different actions.

Regarding the input and output interfaces to the component this difference will notbe noticed, however in your grey-box testing you would like to make sure that both

paths are examined. To achieve this it is necessary to introduce additionalequivalence partitions which would not be needed for black-box testing. For this

example this would be:

... -2 -1 0 1 ..... 6 7 ..... 12 13 14 15 .....--------------|---------|----------|---------------------

invalid partition 1 P1 P2 invalid partition 2valid partitions

To check for the expected results you would need to evaluate some internal

intermediate values rather than the output interface.

Equivalence partitioning is no stand alone method to determine test cases. It has to

be supplemented by boundary value analysis. Having determined the partitions of

possible inputs the method of boundary value analysis has to be applied to select themost effective test cases out of these partitions

Boundary value analysis:

Boundary value analysis is a black box testing technique to determine test casescovering off-by-one errors. The boundaries of software component input ranges are

areas of frequent problems

Testing experience has shown that especially the boundaries of input ranges to a

software component are liable to defects. A programmer implement e.g. the range 1to 12 at an input, which e.g. stands for the month January to December in a date,

has in his code a line checking for this range. This may look like:

if (month > 0 && month < 13)

But a common programming error may check a wrong range e.g. starting the rangeat 0 by writing:

if (month >= 0 && month < 13)


16/43

For more complex range checks in a program this may be a problem which is not soeasily spotted as in the above simple example.

Applying boundary value analysis:

To set up boundary value analysis test cases the tester first has to determine which

boundaries are at the interface of a software component. This has to be done byapplying the equivalence partitioning technique. Boundary value analysis and

equivalence partitioning are inevitably linked together. For the example of the montha date would have the following partitions:

... -2 -1 0 1 .............. 12 13 14 15 .....

--------------|-------------------|---------------------

invalid partition 1 valid partition invalid partition 2

Applying boundary value analysis a test case at each side of the boundary between

two partitions has to be selected. In the above example this would be 0 and 1 for thelower boundary as well as 12 and 13 for the upper boundary. Each of these pairs

consists of a "clean" and a "negative" test case. A "clean" test case should give avalid operation result of the program. A "negative" test case should lead to a correct

and specified input error treatment such as the limiting of values, the usage of asubstitute value, or in case of a program with a user interface, it has to lead to

warning and request to enter correct data. The boundary value analysis can have 6test cases: n, n-1, and n+1 for the upper limit; and n, n-1, and n+1 for the lower

limit.

A further set of boundaries has to be considered when test cases are set up. A solid

testing strategy also has to consider the natural boundaries of the data types used in

the program. If working with signed values, for example, this may be the rangearound zero (-1, 0, +1). Similar to the typical range check faults, there tend to be

weaknesses in programs in this range. e.g. this could be a division by zero problemwhere a zero value may occur although the programmer always thought the range

started at 1. It could be a sign problem when a value turns out to be negative in

some rare cases, although the programmer always expected it to be positive. Even ifthis critical natural boundary is clearly within an equivalence partition it should lead

to additional test cases checking the range around zero. A further natural boundaryis the natural lower and upper limit of the data type itself. E.g. an unsigned 8-bit

value has the range of 0 to 255. A good test strategy would also check how theprogram reacts at an input of -1 and 0 as well as 255 and 256.

The tendency is to relate boundary value analysis more to so called black boxtesting, which is strictly checking a software component at its interfaces, without

consideration of internal structures of the software. But looking closer at the subject,there are cases where it applies also to white box testing.

After determining the necessary test cases with equivalence partitioning andsubsequent boundary value analysis, it is necessary to define the combinations of

the test cases when there are multiple inputs to a software component


17/43

State Transition table:

In automata theory and sequential logic, a state transition table is a table showing

what state (or states in the case of a nondeterministic finite automaton) a finite semi

automaton or finite state machine will move to, based on the current state and otherinputs. A state table is essentially a truth table in which some of the inputs are thecurrent state, and the outputs include the next state, along with other outputs.

A state table is one of many ways to specify a state machine, other ways being astate diagram, and a characteristic equation.

One-dimensional state tables

Also called characteristic tables, single-dimension state tables are much more like

truth tables than the two-dimensional versions. Inputs are usually placed on the left,and separated from the outputs, which are on the right. The outputs will represent

the next state of the machine. Here's a simple example of a state machine with twostates, and two combinatorial inputs:

A B Current State Next State Output

0 0 S1 S2 1

0 0 S2 S1 0

0 1 S1 S2 0

0 1 S2 S2 1

1 0 S1 S1 1

1 0 S2 S1 1

1 1 S1 S1 1

1 1 S2 S2 0

S1 and S2 would most likely represent the single bits 0 and 1, since a single bit can

only have two states.

Two-dimensional state tables

State transition tables are typically two-dimensional tables. There are two common

forms for arranging them.

The vertical (or horizontal) dimension indicates current states, the horizontal

(or vertical) dimension indicates events, and the cells (row/column

intersections) in the table contain the next state if an event happens (andpossibly the action linked to this state transition).

State Transition Table


18/43

Events

State

E1 E2 ... En

S1 - Ay/Sj ... -

S2 - - ... Ax/Si

... ... ... ... ...

Sm Az/Sk - ... -

(S: state, E: event, A: action, -: illegal transition)

The vertical (or horizontal) dimension indicates current states, the horizontal(or vertical) dimension indicates next states, and the row/column

intersections contain the event which will lead to a particular next state.

State Transition Table

next

current

S1 S2 ... Sm

S1 Ay/Ej - ... -

S2 - - ... Ax/Ei

... ... ... ... ...

Sm - Az/Ek ... -

(S: state, E: event, A: action, -: impossible transition)

Decision tables:

Decision tables are a precise yet compact way to model complicated logic. Decisiontables, like if-then-else and switch-case statements, associate conditions with actions

to perform. But, unlike the control structures found in traditional programminglanguages, decision tables can associate many independent conditions with several

actions in an elegant way

Decision tables are typically divided into four quadrants, as shown below.

The four quadrants

Conditions Condition alternatives

Actions Action entries


19/43

Each decision corresponds to a variable, relation or predicate whose possible valuesare listed among the condition alternatives. Each action is a procedure or operation

to perform, and the entries specify whether (or in what order) the action is to beperformed for the set of condition alternatives the entry corresponds to. Many

decision tables include in their condition alternatives the don't care symbol, ahyphen. Using don't cares can simplify decision tables, especially when a given

condition has little influence on the actions to be performed. In some cases, entireconditions thought to be important initially are found to be irrelevant when none of

the conditions influence which actions are performed.

Aside from the basic four quadrant structure, decision tables vary widely in the way

the condition alternatives and action entries are represented. Some decision tables

use simple true/false values to represent the alternatives to a condition (akin to if-then-else), other tables may use numbered alternatives (akin to switch-case), and

some tables even use fuzzy logic or probabilistic representations for conditionalternatives. In a similar way, action entries can simply represent whether an action

is to be performed (check the actions to perform), or in more advanced decision

tables, the sequencing of actions to perform (number the actions to perform).

Pair wise testing:

All-pairs testing or pairwise testing is a combinatorial software testing method that,

for each pair of input parameters to a system (typically, a software algorithm), testsall possible discrete combinations of those parameters. Using carefully chosen test

vectors, this can be done much faster than an exhaustive search of all combinationsof all parameters, by "parallelizing" the tests of parameter pairs. The number of tests

is typically O (nm), where n and m are the number of possibilities for each of the twoparameters with the most choices.

The reasoning behind all-pairs testing is this: the simplest bugs in a program aregenerally triggered by a single input parameter. The next simplest category of bugs

consists of those dependent on interactions between pairs of parameters, which canbe caught with all-pairs testing. Bugs involving interactions between three or more

parameters are progressively less common, whilst at the same time beingprogressively more expensive to find by exhaustive testing, which has as its limit the

exhaustive testing of all possible inputs.

Many testing methods regard all-pairs testing of a system or subsystem as a

reasonable cost-benefit compromise between often computationally infeasiblehigher-order combinatorial testing methods, and less exhaustive methods which fail

to exercise all possible pairs of parameters. Because no testing technique can find allbugs, all-pairs testing is typically used together with other quality assurance

techniques such as unit testing, symbolic execution, fuzz testing, and code review.

Error Guessing:

Error guessing is a test case design technique where the experience of the tester is

used to postulate what faults might occur, and to design tests specifically to exposethem. This is a Test data selection technique. The selection criterion is to pick values

that seem likely to cause errors.


20/43

Q. What is the difference between client server testing and web servertesting?

Web systems are one type of client/server. The client is the browser, the server iswhatever is on the back end (database, proxy, mirror, etc). This differs from so-

called traditional client/server in a few ways but both systems are a type of

client/server. There is a certain client that connects via some protocol with a server(or set of servers).

Also understand that in a strict difference based on how the question is worded,testing a Web server specifically is simply testing the functionality and performance

of the Web server itself. (For example, I might test if HTTP Keep-Alives are enabled

and if that works. Or I might test if the logging feature is working. Or I might testcertain filters, like ISAPI. Or I might test some general characteristics such as the

load the server can take.) In the case of client server testing, as you have wordedit, you might be doing the same general things to some other type of server, such as

a database server. Also note that you can be testing the server directly, in somecases, and other times you can be testing it via the interaction of a client.

You can also test connectivity in both. (Anytime you have a client and a server therehas to be connectivity between them or the system would be less than useful so far

as I can see.) In the Web you are looking at HTTP protocols and perhaps FTPdepending upon your site and if your server is configured for FTP connections as well

as general TCP/IP concerns. In a traditional client/server you may be looking atsockets, Telnet, NNTP, etc.

Q. What is Impact analysis? How to do impact analysis in yr project?

Impact analysis means when we r doing regressing testing at that time we rchecking that the bug fixes r working properly, and by fixing these bug other

components are working as per their requirements r they got disturbed.

Q. How to test a website using manual testing technique?

Web Testing

During testing the websites the following scenarios should be considered.

FunctionalityPerformance

UsabilityServer side interface

Client side compatibility

Security

Functionality:

In testing the functionality of the web sites the following should be tested.Links

Internal linksExternal links

Mail linksBroken links

Forms


21/43

Field validationFunctional chart

Error message for wrong inputOptional and mandatory fields

DatabaseTesting will be done on the database integrity.

CookiesTesting will be done on the client system side, on the temporary internet files.

Connection speed:Tested over various Networks like Dial up, ISDN etc

LoadWhat is the no. of users per time?

Check for peak loads & how system behaves.Large amount of data accessed by user.

Stress

Continuous loadPerformance of memory, cpu, file handling etc.

Usability :Usability testing is the process by which the human-computer interactioncharacteristics of a system are measured, and weaknesses are identified for

correction. Usability can be defined as the degree to which a given piece of softwareassists the person sitting at the keyboard to accomplish a task, as opposed to

becoming an additional impediment to such accomplishment. The broad goal ofusable systems is often assessed using several

Criteria:Ease of learning

NavigationSubjective user satisfaction

General appearance

Server side interface:

In web testing the server side interface should be tested.This is done by Verify that communication is done properly.

Compatibility of server with software, hardware, network and database should betested.

The client side compatibility is also tested in various platforms, using variousbrowsers etc.

Security:The primary reason for testing the security of an web is to identify potential

vulnerabilities and subsequently repair them.

The following types of testing are described in this section:Network Scanning

Vulnerability Scanning

Password CrackingLog Review


22/43

Integrity CheckersVirus Detection

Performance TestingPerformance testing is a rigorous usability evaluation of a working system under

realistic conditions to identify usability problems and to compare measures such as

successrate, task time and user satisfaction with requirements. The goal of performancetesting is not to find bugs, but to eliminate bottlenecks and establish a baseline for

future regression testing.

To conduct performance testing is to engage in a carefully controlled process of

measurement and analysis. Ideally, the software under test is already stable enoughso that this process can proceed smoothly. A clearly defined set of expectations is

essential for meaningful performance testing.For example, for a Web application, you need to know at least two things:

expected load in terms of concurrent users or HTTP connectionsacceptable response time

Load testing:Load testing is usually defined as the process of exercising the system under test by

feeding it the largest tasks it can operate with. Load testing is sometimes calledvolume testing, or longevity/endurance testing

Examples of volume testing:testing a word processor by editing a very large document

testing a printer by sending it a very large jobtesting a mail server with thousands of users mailboxes

Examples of longevity/endurance testing:testing a client-server application by running the client in a loop against the server

over an extended period of time

Stress testing:

Stress testing is a form of testing that is used to determine the stability of a givensystem or entity. This is designed to test the software with abnormal situations.

Stress testing attempts to find the limits at which the system will fail throughabnormal quantity or frequency of inputs.

Stress testing tries to break the system under test by overwhelming its resources orby taking resources away from it (in which case it is sometimes called negative

testing).The main purpose behind this madness is to make sure that the system fails and

recovers gracefully this quality is known as recoverability.Stress testing does not break the system but instead it allows observing how the

system reacts to failure. Stress testing observes for the following.

Does it save its state or does it crash suddenly?Does it just hang and freeze or does it fail gracefully?Is it able to recover from the last good state on restart?

Compatibility TestingA Testing to ensure compatibility of an application or Web site with different

browsers, OS and hardware platforms. Different versions, configurations, displayresolutions, and Internet connect speeds all can impact the behavior of the product

and introduce costly and embarrassing bugs. We test for compatibility using real test


23/43

environments. That is testing how will the system performs in the particularsoftware, hardware or network environment. Compatibility testing can be performed

manually or can be driven by an automated functional or regression test cases. Thepurpose of compatibility testing is to reveal issues related to the product& interaction

session test suite with other software as well as hardware. The product compatibilityis evaluated by first identifying the hardware/software/browser components that the

product is designed to support. Then a hardware/software/browser matrix isdesigned that indicates the configurations on which the product will be tested. Then,

with input from the client, a testing script is designed that will be sufficient toevaluate compatibility between the product and the hardware/software/browser

matrix. Finally, the script is executed against the matrix, and any anomalies areinvestigated to determine exactly where the incompatibility lies.

Some typical compatibility tests include testing your application:

On various client hardware configurationsUsing different memory sizes and hard drive space

On various Operating Systems

In different network environmentsWith different printers and peripherals (i.e. zip drives, USBs, etc.)

Q. What is the difference between Test Strategy and Test Plan. Whichcomes first?

Test strategy is the high level document and the overall approach for the testing.

Test plan is the document which is prepared by the test lead based on the teststrategy. Hence Test strategy comes first and Test plan is prepared from Test

Strategy..

Q. What is the significance of doing Regression testing?

Regression testing is done to check that the bug fixes are not affecting/disturbing theother existing functionalities. To Ensure the newly added functionality or existingmodified functionality or developer fixed bug arises any new bug or affecting any

other side effect. this is called regression test and ensure already PASSED TESTCASES would not arise any new bug.

Q. What are the diff ways to check a date field in a website?

There are different ways. Some are mentioned below :1) you can check the field width for minimum and maximum.

2) If that field only take the Numeric Value then check itll only take Numeric noother type.

3) If it takes the date or time then check for other.4) Same way like Numeric you can check it for the Character, Alpha Numeric and all.

5) And the most Important if you click and hit the enter key then some time page

may give the error of java script, that is the big fault on the page .6) Check the field for the Null value.

The date field we can check in different ways

Positive testing: first we enter the date in given format


24/43

Negative Testing: We enter the date in invalid format suppose if we enter date like25/01/2007 it should display some error message and also we use to check the

numeric or text

Q. Give an example of a high severity, low priority bug?

A page is rarely accessed, or some activity is performed rarely but that thing outputssome important Data incorrectly, or corrupts the data, this will be a bug of Highseverity and Low priority

Q. If project needs to be released in a very short time, how to carry outtesting of teh application?

Use risk analysis to determine where testing should be focused. Since its rarely

possible to test every possible aspect of an application, every possible combination of

events, every dependency, or everything that could go wrong, risk analysis isappropriate to most software development projects. This requires judgment skills,

common sense, and experience. (If warranted, formal methods are also available.)

Considerations can include:

Which functionality is most important to the projects intended purpose? Which functionality is most visible to the user?

Which functionality has the largest safety impact? Which functionality has the largest financial impact on users?

Which aspects of the application are most important to the customer? Which aspects of the application can be tested early in the development cycle?

Which parts of the code are most complex, and thus most subject to errors? Which parts of the application were developed in rush or panic mode?

Which aspects of similar/related previous projects caused problems? Which aspects of similar/related previous projects had large maintenance

expenses? Which parts of the requirements and design are unclear or poorly thought out?

What do the developers think are the highest-risk aspects of the application? What kinds of problems would cause the worst publicity?

What kinds of problems would cause the most customer service complaints?

What kinds of tests could easily cover multiple functionalities? Which tests will have the best high-risk-coverage to time-required ratio

Q. Where were you involved in testing life cycle? What type of test youperform ?

Generally test engineers involved from entire test life cycle i.e, test plan, test casepreparation, execution, reporting. Generally system testing, regression testing, ad-

hoc testing etc.

Q. What is the testing process flow in your organization?

Testing process is going as follows:Quality assurance unit

Quality assurance manager


25/43

Test leadTest engineer

Q. Who prepares the use cases?

In most companies except the small ones, business analysts prepare the use cases.

But in small company Business analyst prepares along with team lead.

Q. What testing methodologies have you used to develop test cases?

I have used the below types of testing methodologies:1. Boundary value analysis

2.Equivalence partition3.Error guessing

4.cause effect graphing

Q. What is the difference between regression testing and re-testing.

Re-testing is done to verify if the previous issues/defects have been fixed and thosefunctionalities are working fine. Regression testing is done on the neighboring areas

of the features where changes/fixes have been made to make sure that these fixeshave not introduced any bugs in the neighboring areas which were working

previously.

Q. Is automated testing better than manual testing. If so, why?

A: Automated testing and manual testing have advantages as well as disadvantages

Advantages: It increase the efficiency of testing process.Reliable

FlexibleMinimizes human error

Disadvantages:

Tools should have compatibility with our development or deployment tools needs lotof time initially If the requirements are changing continuously Automation is not

suitable.

Manual testing: If the requirements are changing continuously Manual is suitableOnce the build is stable with manual testing then only we go for automation

Disadvantages:It needs lot of time

We can not do some type of testing manually, E.g. Performance testing

Q. What is the exact difference between a product and a project. Explainwith example ?


26/43

Project Product

1- A Project is developed for particularclient requirements are defined by client.

2- Example: The shirt which we are

interested stitching with tailor as per our

specifications is project

1- Product developed for market

requirements are defined by companyitself by conducting market survey.

2- Example is Ready made Shirt where

the particular company will imagine

particular measurements they made theproduct

Q. Define Brain Storming and Cause Effect Graphing with example.

Brain Storming:

A learning technique involving open group discussion intended to expand the rangeof available ideas

ORA meeting to generate creative ideas. At PEPSI Advertising, daily, weekly and bi-

monthly brainstorming sessions are held by various work groups within the firm. Ourmonthly I-

Power brainstorming meeting is attended by the entire agency staff.OR

Brainstorming is a highly structured process to help generate ideas. It is based onthe principle that you cannot generate and evaluate ideas at the same time. To use

brainstorming, you must first gain agreement from the group to try brainstorming for

a fixed interval (eg six minutes).

Cause Effect Graphing:A testing technique that aids in selecting, in a systematic way, a high-yield set of

test cases that logically relates causes to effects to produce test cases. It has abeneficial side effect in pointing out incompleteness and ambiguities in specifications.

Q. What is the need of priority of a bug? How is it different from severity ofa bug?

Severity reflects the seriousness of the bug from the application or technical point of

view, where as priority refers to which bug should rectify first. Of course if theseverity is high usually the priority is also high, but this is not the case always.

Severity decided by the tester where as priority decided by developers. which oneneeds to be resolved/fixed first knows through priority not with severity.

severity is nothing impact of that bug on the application. Priority is nothing but

importance to resolve the bug. By looking at severity we can judge but sometimeshigh severity bug doesnt have high priority and High priority bug doesnt have high

severity.

So we need both severity and priority


27/43

Q. What will you do if the bug that you found is not accepted by thedeveloper and he is saying that it is not reproducible. Note: The developer isin the on site location ?

Once again we will check that condition with all reasons. Then we will attach screenshots and the log files which will give ample information about what exactly is

happening when that particular defect is being reproduced.

Sometimes bug is not reproducible it is because of different environment suppose

development team using other environment and you are using different environmentat this situation there is chance of bug not reproducing. At this situation please check

the environment in the base line documents that is functional documents if theenvironment which we are using is correct we will raise it as defect again and this

time give the exact access details of the setup where we are able to reproduce theissue to the developer so that he can try to reproduce it on our setup.

Q. What is the difference between two-tier and three-tier application?

Client server applications are 2-tier applications. In this, front end or client isconnected to

Data base server through Data Source Name, front end is the monitoring level.

Web based architecture is a 3-tier application. In this, browser is connected to web

server through TCP/IP and web server is connected to Data base server, browser isthe monitoring level. In general, Black box testers are concentrating on monitoring

level of any type of application.

All the client server applications are 2 tier architectures.

Here in these architecture, all the Business Logic is stored in clients and Data isstored in Servers. So if user request anything, business logic will be performed at

client, and the data is retrieved from Server (DB Server). Here the problem is, if anybusiness logic changes, then we need to change the logic at each any every client.

The best example is a super market, it has branches in the city. At each branch ithas clients, so business logic is stored in clients, but the actual data is store in

servers. If assume it wants to give some discount on some items, so it needs tochange the business logic. For this it needs to go to each branch and need to change

the business logic at each client. This the disadvantage of Client/Server architecture.

So 3-tier architecture came into picture:

Here Business Logic is stored in one Server, and all the clients are dumb terminals. Ifuser requests anything the request first sent to server, the server will bring the data

from DB Sever and send it to clients. This is the flow for 3-tier architecture.

Assume for the above example. if it wants to give some discount, all the business

logic is there in Server. So it needs to be changed at one place, not at each client.This is the main advantage of 3-tier architecture.

Q. What is the difference between bug log and defect tracking?


28/43

Bug log is a document which maintains the information of the bug where as bugtracking is the process.

Q. Who will change the Bug Status as Deferred?

Bug will be in open status while developer is working on it Fixed after developer

completes his work if it is not fixed properly the tester puts it in reopen After fixingthe bug properly it is in closed state. If for some reason the bug is not be fixed in the

current release and the management team decides to fix in the next release then the

Developer/Development manager changes the state to Deferred.

Q. What is bug, defect, issue, error?

Bug: A fault or defect in a system or machine, it is usually identified by the tester.

Defect: An imperfection in a device or machine. Whenever the project is received for

the analysis phase, may be some requirement miss to get or understand most of thetime Defect itself come with the project (when it comes).

Issue: An issue is a major problem that will impede the progress of the project andcannot be resolved by the project manager and project team without outside help

Error: When anything is happened wrong in the project from the development sidei.e. called as the error, most of the time this knows by the developer.

Q. What is the difference between functional testing and integrationtesting?

Functional testing is testing the whole functionality of the system or the application

whether it is meeting the functional specifications

Integration testing means testing the functionality of integrated module when two

individual modules are integrated for this we use top-down approach and bottom upapproach

Q. What types of testing you perform in organization while you do SystemTesting?

Functional testing

User interface testingUsability testing

Compatibility testingModel based testing

Error exit testingUser help testing

Security testingCapacity testing

Performance testingSanity testing

Regression testingReliability testing


29/43

Recovery testingInstallation testing

Maintenance testingAccessibility testing, including compliance with:

Americans with Disabilities Act of 1990Section 508 Amendment to the Rehabilitation Act of 1973

Web Accessibility Initiative (WAI) of the World Wide WebConsortium (W3C)

Q. What is the main use of preparing Traceability matrix and explain thereal time usage?

A traceability matrix is created by associating requirements with the work products

that satisfy them. Tests are associated with the requirements on which they arebased and the product tested to meet the requirement.

A traceability matrix is a report from the requirements database or repository.

Q. How can u do the following?

1) Usability testing 2) scalability testing

Usability Testing:Testing the ease with which users can learn and use a product.

Scalability Testing:Its a Web Testing which helps in capability improvement of the website.

Q. What do you mean by Positive and Negative testing & what is thedifference between them? Explain with an example.

Positive Testing: Testing the application functionality with valid inputs and verifying

that output is correctNegative testing: Testing the application functionality with invalid inputs and

verifying the output.

Difference is nothing but how the application behaves when we enter some invalidinputs suppose if it accepts invalid input the application

Functionality is wrong

Positive test: testing aimed to show that s/w work i.e. with valid inputs. This is alsocalled as test to pass

Negative testing: testing aimed at showing s/w doesnt work. Which is also know astest to fail Boundary Value Analysis is the best example of negative testing.

Q. What is change request, how do you use it?

Change Request is a part of the overall Software Development Life Cycle where arequest is made to the board for approving any particular change in any particular

area of the application.


30/43

This change could be a new development or an enhancement or a fix to a defect.Change request controlled by Change Control Board (CCB). If any changes required

by client after we start the project, it has to come through CCB and they have toapprove it. CCB has the full rights to accept or reject based on the project schedule

and cost.

Q. What is risk analysis, what type of risk analysis you did in your project?

Risk Analysis: A systematic use of available information to determine how often

specified events and unspecified events may occur and the magnitude of their likelyconsequences. This is the procedure to identify threats & vulnerabilities, analyze

them to ascertain the exposures, and highlight how the impact can be eliminated or

reduced

Types :

1.Quantitative risk analysis2.Qualitative risk analysis.

Q. What is bug life cycle?

Below are the different states of a bug in the bug life cycle:

New: when tester reports a new defectOpen: when developer accepts that it is a bug or if the developer rejects the defect, then thestatus is turned into RejectedFixed: when developer make changes to the code to rectify the bug.Closed/Reopen: when tester tests it again. If the expected result shown up, it is turned intoClosed and if the problem resists again, it is Reopen"

Q. What is deferred status in defect life cycle?

Deferred status means the developer accepted the bus, but it is scheduled to rectify in the nextrelease.

Q. Do you use any automation tool for smoke testing?

Yes we use automation tool for smoke testing.

Q. What is Verification and validation?

Verification is static. No code is executed. Say, analysis of requirements etc. Validation isdynamic. Code is executed with scenarios present in test cases.

23. What is Ad-hoc testing?

Ad-hoc testing is a testing process where any area of the application is randomly pciked up andtested. There is no planning done for this type of testing.


31/43

Q. What is mean by release notes?

Its a document released along with the product which explains about the product. It also containsabout the bugs that are in deferred status and the known issues with the current release.

Q. Scalability testing comes under in which tool?

Scalability testing comes under performance testing. Load testing, scalability testing both aresame in terms of the testing performed but different in terms of the results focus area.

Q. What is hot fix?

A hot fix is a single, cumulative package that includes one or more files that are used to addressa problem in a software product. Typically, hot fixes are made to address a specific customersituation and may not be distributed outside the customer organization. Generally hot fix bugshave high priority as they have been found at the customer place.

Q. What is Acid Testing?

ACID Means: ACID testing is related to testing a transaction.A-AtomicityC-ConsistentI-IsolationD-Durable

Mostly this is done in database testing.

Q. What is the main use of preparing a traceability matrix?

To Cross verify the prepared test cases and test scripts with user requirements. To monitor the

changes, enhance occurred during the development of the project.

Traceability matrix is prepared in order to cross check the test cases designed against eachrequirement, hence giving an opportunity to verify that all the requirements are covered in testingthe application.

Functional Testing Questions

Q. What are the different possibilities for testing a text field?

The different possibilities for testing a text field can be derived with the help of

boundary value analysis (BVA).Assumption: The max length is 10

1. Leave the field blank.(0)-If the requirement says the field is mandatory then this

test should fail. If not should allow to leave it blank.2. Enter any text with length max-1(9)

3. Enter any text with maximum length(10)

4. Enter any text with length max+1(11)

If there is a requirement for the text field to contain only A-Z, a-z and 0-9 values


32/43

then the below scenarios should be considered.1.It should give an error when a special character is entered.

2. Should give error when space is entered. etc

Q. A page has four mandatory fields to be filled in before clicking Submit.What is the minimum number of test cases required to verify this? Explain

each test case.

The below test cases can be considered:

1. Enter the data in all the mandatory fields and submit. Should not throw any error

message.

2. Enter data in any two mandatory fields and submit. Should throw error message.3. Do not enter in any of the fields and submit. Should throw an error message

4. If the fields accept only number, enter numbers in the fields and submit. Shouldnot throw error message,

5. Enter alphabets in two fields and number in other two fields. Should throw anerror message.

6. If the fields do not accept special characters, then enter the characters and submitit

Q. What should be done if there is a new build and there is not much time

left to test?

The best approach is by prioritizing the tasks and areas/modules to test.

For example, login window of an application has a very high priority because it

authenticates the user and allows the users to access the application.

Another example is if it is a database application, the user rights need to be checkedin the login screen. Also data storing needs to be verified on priority by checking

data addition, deletion and edition etc.

Q. There are three text fields, one should accept a string as input, second

text box should accept a float as input and the third text box is for output.

The output should be an integer. what are the possible test cases we canwrite for the above text fields?

1. Verify that the first field is accepting string.2. Verify that the first field is not accepting any thing other than a text (such as pure

numbers with out any string data type) null characters, special characters etc.

3. Verify that the second field is accepting float values.4. Verify that the second field is not accepting any thing other than float.

5. Verify the output when all the above conditions are met.6. Verify the output when some/all the above conditions are not met.


33/43

Q. What is the difference between functional testing and and functionalitytesting?

Functional Testing:This is also called black box testing because no knowledge of the internal logic of the

system is used to develop test cases. For example, if a certain function key should

produce a specific result when pressed, a functional test validates this expectation bypressing the function key and observing the result. When performing functionaltests, you will use validation techniques almost exclusively.

Functionality Testing:

Its part of Functional testing. Giving the input and checking the output. Testing the

application against specifications.

General Testing Questions

Q. What is the first test in software testing process?

A) Monkey testingB) Unit Testing

C) Static analysis

D) None of the above

Answer: B. Unit testing is the first test in testing process, though it is done bydevelopers after the completion of coding.

Q. When does testing start?

Testing starts once the requirements are complete. This is Static testing. Here, youare supposed to read the documents (requirements) and it is quite a common issue

in software industry that many requirements contradict with other requirements.These are also can be reported as bugs. However, they will be reviewed before

reporting them as bugs (defects).

Q. What is the part of QA and QC in V model?

V model is a kind of SDLC. QC (Quality Control) team tests the developed product for

quality. It deals only with product, both in static and dynamic testing. QA (QualityAssurance) team works on the process and manages for better quality in the

process. It deals with (reviews) everything right from collecting requirements todelivery.

Q. What are the bugs we cannot find in black box?

If there are any bugs in security settings of the pages or any other internal mistake

made in coding cannot be found in black box testing.


34/43

Q. What are Microsoft 6 rules?

Microsoft 6 rules are used to test the user interface.

These are also called Microsoft windows standards. They are as below:

GUI objects are aligned in windows

All defined text is visible on a GUI object Labels on GUI objects are capitalized

Each label includes an underlined letter (mnemonics)

Each window includes an OK button, a Cancel button, and a System menu

Q. What are the steps to test any software using an automation tool?

First, you need to segregate the test cases that can be automated. Then, prepare

test data as per the requirements of those test cases. Write reusable functions whichare used frequently in those test cases. Now, prepare the test scripts using those

reusable functions and by applying loops and conditions where ever necessary.However, Automation framework that is followed in the organization should be

strictly followed through out the process.

Q. What is Defect removable efficiency (DRE)?

The DRE is the percentage of defects that have been removed during testing activity.

DRE Indicates the efficiency of defect removal methods, as well as indirectmeasurement of the quality of the product. This is calculated by dividing the effort

required for defect detection, defect resolution time and retesting time by thenumber of remarks. This is calculated per test type, during and across test phases.

The DRE can also be computed for each software development activity and plottedon a bar graph to show the relative defect removal efficiencies for each activity. Or,

the DRE may be computed for a specific task or technique (e.g. design inspection,

code walkthrough, unit test, 6 month operation, etc.) Number Defects Removed

DRE =A/(A+B) * 100Number Defects at Start of Process

A = Number of defects found by testing teamB = Number of defects found by customer

If DRE


35/43

Q. What is the difference between test plan and test strategy?

Test plan: After completion of SRS learning and business requirement gathering testmanagement concentrate on test planning, this is done by Test lead, or Project lead.

Test Strategy: Depends on corresponding testing policy quality analyst finalizes test

Responsibility Matrix. This is done by QA.

Q. What is V-n-V Model? Why is it called as V& why not U? What

stage of this model testing should be best to started?

It is called V because there are two prongs of this model (Verification and Validation)

which look like the two prongs of alphabet V. The detailed V model is shown below.

SRS Acceptance testing

\ /

\ /High Level Design System testing

\ /\ /

Low level Design Integration testing

\ /\ /

\ Unit Testing\ /

\ /Coding

Testing starts at the requirement (SRS) phase, i.e. from the top of the left prong ofthe V.

You can raise defects that are present in the document. Its called verification.

Q. What are 5 common problems in the software development process?

Poor requirements - if requirements are unclear, incomplete, too general, or not

testable, there will be problems.

Unrealistic schedule - if too much work is crammed in too little time, problems areinevitable.

Inadequate testing - no one will know whether or not the program is any good untilthe customer complains or systems crash.

Features - requests to pile on new features after development is underway;extremely common.

Miscommunication - if developers dont know whats needed or customers haveerroneous expectations, problems are guaranteed.


36/43

Q. What are 5 common solutions to software development problems?

Solid requirements - clear, complete, detailed, cohesive, attainable, testable

requirements that are agreed to by all players. Use prototypes to help nail downrequirements.

Realistic schedules - allow adequate time for planning, design, testing, bug fixing,

re-testing, changes, and documentation; personnel should be able to complete theproject without burning out. Adequate testing - start testing early on, re-test after fixes or changes, plan for

adequate time for testing and bug-fixing. Stick to initial requirements as much as possible - be prepared to defend against

changes and additions once development has begun, and be prepared to explain

consequences. If changes are necessary, they should be adequately reflected inrelated schedule changes. If possible, use rapid prototyping during the design phase

so that customers can see what to expect. This will provide them a higher comfortlevel with their requirements decisions and minimize changes later on.

Communication - require walkthroughs and inspections when appropriate; make

extensive use of group communication tools - e-mail, groupware, networked bug-tracking tools and change management tools, intranet capabilities, etc.; insure that

documentation is available and up-to-date - preferably electronic, not paper;promote teamwork and cooperation; use prototypes early on so that customers

expectations are clarified.

Q. What is configuration management?

Configuration management covers the processes used to control, coordinate, andtrack: code, requirements, documentation, problems, change requests, designs,

tools/compilers/libraries/patches, changes made to them, and who makes thechanges. (See the Tools section for web resources with listings of configuration

management tools. Also see the Bookstore sections Configuration Managementcategory for useful books with more information.)

Q. What if the software is so buggy it cant really be tested at all?

The best bet in this situation is for the testers to go through the process of reporting

whatever bugs or blocking-type problems initially show up, with the focus being oncritical bugs. Since this type of problem can severely affect schedules, and indicates

deeper problems in the software development process (such as insufficient unit

testing or insufficient integration testing, poor design, improper build or releaseprocedures, etc.) managers should be notified, and provided with some

documentation as evidence of the problem.

Q. How can it be known when to stop testing?

This can be difficult to determine. Many modern software applications are so

complex, and run in such an interdependent environment, that complete testing cannever be done. Common factors in deciding when to stop are:

Deadlines (release deadlines, testing deadlines, etc.) Test cases completed with certain percentage passed

Test budget depleted Coverage of code/functionality/requirements reaches a specified point


37/43

Bug rate falls below a certain level Beta or alpha testing period ends

QA Processes Questions

Q. What is the QA process?

Quality Assurance (QA) Process consists of planning, coordinating and other strategic

activities associated with measuring product quality against external requirementsand specifications (process-related activities). Quality Assurance helps establish

processes. It sets up measurement programs to evaluate processes, identifiesweaknesses in processes and improves them. QA is a management responsibility,

frequently performed by a staff function. It is concerned with all of the products thatwill ever be produced by a process. QA personnel should not perform Quality Control

unless it is to validate Quality Control. QA is preventive process. QA applies to theentire life cycle.

Web Testing Questions

What are the important scenarios for testing emails? how do you testemails? which tool is best for testing email?

We can categorize the different part on which tester may perform the testing:

1. For incoming mail with attachment2. For outgoing mail with attachment

3. Mail failure4. Other operations like Delete, Edit etc.

1. For incoming mail with attachment:

Check the proper incoming address or id.Check Not only the One address (To) but also for the cc and Bcc Addresses.

Check the maximum and minimum limit for number of addresses.

Check if address has some error like @ or dot(.) is missing.Check if address has more than 1 @ sign.

Check if dot(.) placing and the number of times it is present in the email addressCheck the address should only have @, ., _ and - special symbols that are standard

signs.Check that mail does not have unnecessary content with it self.

Check if there is/are any attachments then they should open properly.

Check the attachment size not exceeds the standard size.Check if there are more than 1 attachments then the calculated size must be underthe Standard size.

Check if theemail content have some images or some different Flash picture mustshow properly.

Check the different extensions files attached with the mails shows properly.Check if the user read the mail ,then it should be marked as 'read'.

2. For outgoing mail with attachment:


38/43

All the scenarios that we mentioned above for incoming mails are valid for outgoing

mails also. Hence all of them have to be verified.

3) Mail failure: Check mail failure if mail is send to incorrect address and also thefailure notice should indicate the reason for failure.

4) Other properties like Delete, Edit etcshould be verified.

Q. What is Web Services Testing. Have you done this?

Web Services testing is nothing, but testing the application. In this testing we justsee whether the concept (functionality) of web services is working or not.

Q. What things should be considered in usability testing of web application

Usability testing is done for "user friendliness". In this we check how comfortable the

customer is in using the application. Suppose for an example while logging in heforgot his password, in usability testing u have to check whether there is an "forgotpassword option" and if we click this it is asking for secret question or not and many

things u can test like there should be minimize and maximize button for awindow....and so on.

Q. How will you calculate the response time at server end?

This can be done by using Microsoft Visual Studio 2005 and 2008. In which you canfind new ways to test a particular webpage such as load testing, website testing and

so on. There is one software called Fidller which is used to calculate the traffic ratefor a website which is currently used by a number of users.

Q. What test cases you will execute for compatibility testing with differentbrowsers?

There are lot of issues which may arise while Testing in different browsers.

Following are some points while comparing IE with Firefox, in IE following issues mayoccur which need compatibility testing but does not occur in Firefox

1. Java Script errors.

2. DIV Tag issue.3. GetElementBy Issue.

4. Parent and Client Window size, pixel related issues may come.5. After JS in IE sometimes it may not take us to further navigations.

Q. What are the main components of Performance Test Report?

The main components of performance test report are, Processor Time, User load persecond, Memory use, Threshold States, Server Response and so on. When you carry


39/43

out performance testing you will get the result in the form of graph, then you cansee the response when user load increased and decreased per second. You can also

check the processor performance and can also check threshold value when load getincreased suddenly. These are some of the main components of performance test

report.

Q. What errors can occur when the page loads?

The page may take too long to load...or the page may fail to load

By performing performance testing we can verify how the system behaves whensubjected to or beyond specification and requirements load limits.

Perform configuration testing to determine how the system deals with hardware,software, operating systems, network conditions etc.

Q. Give some test cases for testing a search engine website say google.

The test cases for a search engine would be very vast. It totally depends upon the

scope of testing. Some of the test cases are as mentioned below:

1) Check for simple strings like "European Premier League" or "Grammy Awards2005".

2) Test the functionality of multiple page display by clicking on page number.3) Verify whether a combination string works like "European Premier

League_Christiano Ronaldo"4) Perform test for opening the links in new windows.

Q. What can be the the security checks on the web site, other than

login/password screens?

Other than login/password....you can do other security testing checks like SQL

injection methods, Cookie encryption testing, testing of authorization &authentication etc.

Q. What type of testing is carried out to find memory-leakages? Give a

sample example.

Through Volume testing it is possible. i.e., An application tries to retrieve large

amount of data that require large temporary buffer area. If the data exceed thebuffer area the situation of memory leakage will occur and query will fail without

returning any result as sorting did not finish as buffer exceeds the limit.

We need to know the memory size before the test execution and after test executionby using memory related API functions or MFC functions.


40/43

Q. How to Test the Cookies and Memory leakages?

For cookie testing follow the below urlhttp://www.stickyminds.com/sitewide.asp?

Function=edetail&ObjectType=ART&ObjectId=2935

For memor

testing question

Documents