Professional Documents
Culture Documents
abilities to develop software. In November 1986, the American Software Engineering Institute (SEI) in cooperation with Mitre Corporation created the Capability Maturity Model for Software. Development of this model was necessary so that the U.S. federal government could objectively evaluate software providers and their abilities to manage large projects. Many companies had been completing their projects with significant overruns in schedule and budget. The development and Application of CMM helps to solve this problem. The key concept of the standard is organizational maturity. A mature organization has clearly defined procedures for software development and project management. These procedures are adjusted and perfected as required. In any software development company there are standards for processes of development, testing, and software application; and rules for appearance of final program code, components, interfaces, etc.
The CMM model defines five levels of organizational maturity: 1. Initial level is a basis for comparison with the next levels. In an organization at the initial level, conditions are not stable for the development of quality software. The Results of any project depend totally on the managers personal approach and the programmers experience, meaning the success of a particular project can be repeated only if the same managers and programmers are assigned to the next project. In addition, if managers or programmers leave the company, the quality of produced software will sharply decrease. In many cases, the development process comes down to writing code with minimal testing. 2. Repeatable level. At this level, project management technologies have been introduced in a company. That project planning and management is based on accumulated experience and there are standards for produced software (these standards are documented) and there is a special quality management group. At critical times, the process tends to roll back to the initial level.
3. Defined level. Here, standards for the processes of software development and maintenance are introduced and documented (including project management). During the introduction of standards, a transition to more effective technologies occurs. There is a special quality management department for building and maintaining these standards. A program of constant, advanced training of staff is required for achievement of this level. Starting with this level, the degree of organizational dependence on the qualities of particular developers decreases and the process does not tend to roll back to the previous level in critical situations. 4. Managed level. There are quantitative indices (for both software and process as a whole) established in the organization. Better project management is achieved due to the decrease of digression in different project indices. However, sensible variations in process efficiency may be different from random variations (noise), especially in mastered areas. 5. Optimizing level. Improvement procedures are carried out not only for existing processes, but also for evaluation of the efficiency of newly introduced innovative technologies. The main goal of an organization on this level is permanent improvement of existing processes. This should anticipate possible errors and defects and decrease the costs of software development, by creating reusable components for example. The Software Engineering Institute (SEI) constantly analyzes the results of CMM usage by different companies and perfects the model taking into account accumulated experience. What is System Testing? After completion of software Integration and integration testing, the development team is releasing a software build to Test engineer team. The testing team is conducting system testing on that software in two sub levels such as 1. Functional Testing 2. Non-Functional Testing Functional testing is concentrating on customer requirements and the Non-Functional testing is concentrating on customer expectations. Functional Testing: Its a mandatory testing level, during this test the testing team is validating a software build functionality in terms of below factors with respect to customer requirements. 1. Behavioral / GUI: The changes in properties of Objects OR controls in a software is called behavioral or GUI. 2. Input Domain: Whether the objects are taking correct type and size of inputs or not? 3. Error Handling: Whether our software is preventing wrong operations or not? 4. Manipulations: Whether our software is generating correct output or not? 5. Database Validity: Whether our software front end screens operations are correctly impacting on database of the software or not? 6. Sanitation: Finding extra operations in a software with respect to customer requirements. The above factors checking on a software is called as functional testing. During this checking the testers are using black box testing techniques or closed box testing techniques. Non-Functional Testing: After completion of functional testing successfully, the testing team is concentrating on non-functional testing. During non-functional testing, the testing team is concentrating on customer expectations or software characteristics. This non-functional testing is classified into below sub testing topics.
1. Usability Testing (UI Check) 2. Manual Check (Help documents testing) 3. Compatibility Testing OR Portability Testing 4. Configuration Testing 5. Inter system Testing 6. Multi languity Testing 7. Data volume Testing 8. Installation Testing 9. Performance Testing 10. Load testing 11. Stress testing 12. Endurance Testing 13. Security Testing 14. Parallel Testing 15. User Acceptance Testing (UAT) 16. Software Release and Release Testing 17. Solutions to Crazy Questions at Google Job Interview 1. How many golf balls can fit in a school bus? Solution: The point of the question isn't to see how golf balls you think are in the bus, but to see what your deduction skills are like. Do you just make a random guess or try to cop out by saying a lot, or do you actually try to come up with a legitimate answer by going through a logical series of steps. 2. You are shrunk to the height of a nickel and your mass is proportionally reduced so as to maintain your original density. You are then thrown into an empty glass blender. The blades will start moving in 60 seconds. What do you do? Solution:You simply jump out. As you are scaled down, the ratio of muscle mass to total mass remains the same. Potential energy is given by E = mgh. So, if E/m is unchanged (where E is the energy expended in expanding your leg muscles, and m is your mass), then h is unchanged. Mini-me jumps as high as me. This is the reason why grass-hoppers can jump about as high as people. 3. How much should you charge to wash all the windows in Seattle? Solution:As crazy as it might sound, questions like these demonstrate your ability to think through a complex problem with little or no information. They expect you to take an educated guess. Most of the time you can ask them questions like - how many buildings are there in Seattle. 4. How would you find out if a machines stack grows up or down in memory? Solution:Instantiate a local variable. Call another function with a local. Look at the address of that function and then compare. If the function's local is higher, the stack grows away from address location 0; if the function's local is lower, the stack grows towards address location 0. 5. Explain a database in three sentences to your eight-year-old nephew. Solution:A database is like a file cabinet. The files, or data, is stored in it and can be arranged in categories. But unlike an actual file cabinet, you can do a lot more cool stuff with a database like being able to make it accessible through the internet. 6. How many times a day does a clocks hands overlap? Solution:The Hour hand and Minute hand would be meeting exactly 11 times in 12 hours (Hour hand
would have taken 1 clockwise round and Minute hand would have taken 12 clockwise rounds, so 12 1 = 11 rounds). 18. result: First time hour and minute hands overlap will be 12 Hours / 11 = 01:05:27.27. So at this time only hour and minute hands would be overlapping and second hand will not be any near to them. Similarly for 2nd, 3rd, 4th, 5th, 6th, 7th, 8th, 9th and 10th overlap of hour and minute hand the Second hand wont be any nearby. So all 3 hands (hour, minute and Second) overlap only 2 times i.e. (0:0:0 and 12:0:0). 19. Also we all know when we get our watches repaired, normally the repairman overlaps all the three hands to 12. If we are considering that the second hand is not present, then the rest two overlaps 22 times in 24 hours. There again is a catch, if we check the angles by which the hour hand and minute hand moves. The second hand moves 6 degree in a second. In that time the minute hand will move 6/60 degrees. and the hour hand will move 6/(60*12) degrees. now taking these things in the considerations. if we check the positions of the hour and minute hand in terms of angle from the marker 12, for our first rendezvous time, i.e. 01:05:27.27 sec. first thing that comes to my mind is that, there is fraction in the seconds. So that time cant be measured. there will be no exact overlap. now lets calculate the angles: 1 hour 5 mins and 27 seconds = 3600 + 5*60 + 27 = 3927 seconds. angle of hour hand = 3927 * 6/(60*12) = 32.725 degree. angle of minute hand = 3927 * 6/60 = 392.7 degree subtracting 360 degree from it we get - 32.7 degree. So at 01:05:27 both hands dont overlap. Now for 01:05:28 : Angles : hour hand - 32.73333 minute hand - 32.8 so obviously they dont meet at 01:05:28 either. So they overlap at 12:00 and 24:00 only. So the answer is 2 only. 7. You have to get from point A to point B. You dont know if you can get there. What would you do? Solution:Utilizing a learn as you go approach and applying collected knowledge and data along the way is the best way to proceed. Lets break this down farther. Determine the amount of time you have to go from point A to point B. Spend the initial 20% of that time making a 360 search with the largest circumference possible with the in the time you have allowed. During that time, ask people, look for maps, clues, collect data, and knowledge. At the end of the initial 360 search take an objective look at all the information you have obtained and you calculate the risk of failure you are willing to live with. Create a plan and a strategy based on your assessment of where you believe point B to be. Then you proceed on implementing your plan with predetermined intervals of reassessment and strategy improvements. This is the best chance you have reaching point B if you dont know if you can get there. 8. Imagine you have a closet full of shirts. Its very hard to find a shirt. So what can you do to
organize your shirts for easy retrieval? Solution:Lets suppose there are a set of attributes of each shirt you are interested in: e.g. sleeve length, color, buttons (no buttons, fully button, partially buttoned from collar to chest level). Lets say the closet is a simple wall closet with a single closet rod running the entire length of closet. On the left you put all the short sleeve shirts, and on the right the long sleeve shorts. You separate then long and short sleeve sides with a specially marked coat hanger. Then you separate each group into no buttonoed, partially buttoned, and fully button, using more specially marked hangers. Then each sub group is separated into colored and monochrome sub-sub-groups (specially marked hangers arent needed for separators unless you are color blind) Then each colored group is sorted left to right according to the color spectrum: ROYGBIV: red, orange, yellow, green, blue, indigo, violet. Each monochrome ggroup is sorted left to right: white on the left, black on the right, and shades of grey in the middle, the darker greys on the right, the lighter on the left. 9. Every man in a village of 100 married couples has cheated on his wife. Every wife in the village instantly knows when a man other than her husband has cheated, but does not know when her own husband has. The village has a law that does not allow for adultery. Any wife who can prove that her husband is unfaithful must kill him that very day. The women of the village would never disobey this law. One day, the queen of the village visits and announces that at least one husband has been unfaithful. What happens? Solution:1. There is only one cheat husband - If it is so then 99 wives knew it before. So the cheated wife got the idea from queen that her husband is cheating. So she will kill him. Next morning every wife will know there is no cheat husbands anymore. 2. There are more than one cheat husbands - In this case, all of the wives already had the idea prior to queen's information. Its just that the cheated wives knew the count which is one less than what the non-cheated wives' knew - thats all. i.e. if there were 2 cheat husbands then their wives knew the count is 1 and others knew its 2. So the queen just repeated the info saying "at least 1". Same goes to 2,3,4...100 cheat husbands. So in this case no wife kills her husband. 10. In a country in which people only want boys, every family continues to have children until they have a boy. if they have a girl, they have another child. if they have a boy, they stop. what is the proportion of boys to girls in the country? Solution:From pure probability,we get the expected number of girls born to be 1/2 with that of boys being 1.So the ratio is 2:1 11. If the probability of observing a car in 30 minutes on a highway is 0.95, what is the probability of observing a car in 10 minutes (assuming constant default probability)? Solution:If the chance to see the car is 10 percent per minute, the first minute you have 10% chance, the second minute you have 10% of 90% = 9% (so total 19%), the third minute 10% of 81% (= 8,1%, total 27,1 %) ...... As the chance for 30 minutes is 95 percent, the chance for 1 minute is 9.5% and for 10 minute 63.1 %. 12. If you look at a clock and the time is 3:15, what is the angle between the hour and the minute hands? (The answer to this is not zero!)
Solution:7.5 degrees (the hour hand is 1/4th of the way between 3 and 4, the angle measure of that is 360/12 = 30 degrees between hours / 4 = 7.5 degrees). 13. Four people need to cross a rickety rope bridge to get back to their camp at night. Unfortunately, they only have one flashlight and it only has enough light left for seventeen minutes. The bridge is too dangerous to cross without a flashlight, and it s only strong enough to support two people at any given time. Each of the campers walks at a different speed. One can cross the bridge in 1 minute, another in 2 minutes, the third in 5 minutes, and the slow poke takes 10 minutes to cross. How do the campers make it across in 17 minutes? Solution:1 and 2 cross, taking 2 minutes, 1 goes back carrying the flashlight total=3 minutes. 5 and 10 cross, taking 10 minutes totaltime now= 13 minutes, 2 goes back,total time now = 15 minutes. 1 and 2 cross again, taking 2 minutes making it 17 minutes. 14. You are at a party with a friend and 10 people are present including you and the friend. your friend makes you a wager that for every person you find that has the same birthday as you, you get $1; for every person he finds that does not have the same birthday as you, he gets $2. would you accept the wager? Solution:No. 15. How many piano tuners are there in the entire world? Solution: 1) At first list out all the piano manufacturing companies in the world. 2) Then look into their purchase records and find out the piano purchasers information. 3) i) If the purchase is made by an individual or a house hold then the piano is played at best case by all the people of the house. ii) Else if the piano is purchased for school then list out the students that opted the piano course in their music curriculum. iii) If the piano is purchased by a Church then count the no of major or minor events of the church and count the piano users. sum up all the numbers to get more or less accurate piano users count. 16.You have eight balls all of the same size. 7 of them weigh the same, and one of them weighs slightly more. How can you find the ball that is heavier by using a balance and only two weighings? Solution:choose 6 balls and weigh 3 against 3 - if they weigh the same, you have another weighing for the remaining 2 balls and you can find the heavier one - if they dont weigh the same, from the group of 3 which was heavier, choose any 2 balls and weigh them: - if they weigh the same, the remaining ball is the heavier one; otherwise you just found the heavier one by weighing the 2 chosen balls. 17. You have five pirates, ranked from 5 to 1 in descending order. The top pirate has the right to propose how 100 gold coins should be divided among them. But the others get to vote on his plan, and if fewer than half agree with him, he gets killed. How should he allocate the gold in order to maximize his share but live to enjoy it? (Hint: One pirate ends up with 98 percent of the gold.) Solution:The highest ranked pirate gets 98 gold coins
---Two pirates get 1 gold coin each ---The other 2 pirates get nothing.
When the requirement is given for you to test how will you proceed next?
Once you get the requirement: you will do the analysis of the doc..(here I assume that the Requirement document has been Base lined ) and you will prepare a Test condition document ( what needs to be tested ). then You would proceed to Set the priority that which test condition needs to be tested early ( on behalf of the risk ) In between Test procedure will also be created. And Test Specification ( Test Condition + Test Procedure + Test Design ) document will be maintained ... Entry /Exit Criteria will be set ( but don't forget here I have assumed that You are a TE so its not your Job) , If possible RTM will be maintained... 1. Now you will derive the Test Scenario from Test Spec . 2. Test cases will be derived from Test Scenario. ( test cases will be designed --> Priority will be set. ) 3. Test cases will travel through life cycle (Draft ---> Review ---> Rework ---> Baseline ). 4. Test cases will be executed (On behalf of the test Priority ) 5. Results Analysis (Maintain the Test execution log ).
6. Defect Reporting. 7. Confirmation and Regression testing will be done. (Cyclic process) 8. Exit criteria will be analyzed. (If necessary confidence has been met then Test level will be completed and Your TM or TL will be responsible for Preparing Test Summary Report) +. If Necessary Confidence has not been met (Re Designing the test cases as well as Re-Prioritization is also possible) +. If you redesign the test cases then It would once again travel the whole cycle... (Go to Step 1 ) +. If You Re-prioritize then once again Test cases will be executed on behalf of new priority .( go to Step 4 ). Priority means "Importance of the defect w.r.t customer requirement" Severity means "Seriousness of the defect w.r.t functionality"
What is Spoofing? The creation of hoax look-alike websites or emails is called spoofing. Security testing approach: In order to perform a useful security test of a web application, the security tester should have good knowledge of the HTTP protocol. It is important to have an understanding of how the client (browser) and the server communicate using HTTP. Additionally, the tester should at least know the basics of SQL injection and XSS. Hopefully, the number of security defects present in the web application will not be high. However, being able to accurately describe the security defects with all the required details to all concerned will definitely help. 1. Password cracking: The security testing on a web application can be kicked off by password cracking. In order to log in to the private areas of the application, one can either guess a username/ password or use some password cracker tool for the same. Lists of common usernames and passwords are available along with open source password crackers. If the web application does not enforce a complex password (e.g. with alphabets, number and special characters, with at least a required number of characters), it may not take very long to crack the username and password. If username or password is stored in cookies without encrypting, attacker can use different methods to steal the cookies and then information stored in the cookies like username and password. For more details see article on Website cookie testing. 2. URL manipulation through HTTP GET methods: The tester should check if the application passes important information in the query string. This happens when the application uses the HTTP GET method to pass information between the client and the server. The information is passed in parameters in the query string. The tester can modify a parameter value in the query string to check if the server accepts it. Via HTTP GET request user information is passed to server for authentication or fetching data. Attacker can manipulate every input variable passed from this GET request to server in order to get the required information or to corrupt the data. In such conditions any unusual behavior by application or web server is the doorway for the attacker to get into the application. 3. SQL Injection: The next thing that should be checked is SQL injection. Entering a single quote () in any textbox should be rejected by the application. Instead, if the tester encounters a database error, it means that the user input is inserted in some query which is then executed by the application. In such a case, the application is vulnerable to SQL injection. SQL injection attacks are very critical as attacker can get vital information from server database. To check SQL injection entry points into your web application, find out code from your code base where direct MySQL queries are executed on database by accepting some user inputs. If user input data is crafted in SQL queries to query the database, attacker can inject SQL statements or part of SQL statements as user inputs to extract vital information from database. Even if attacker is successful to crash the application, from the SQL query error shown on browser, attacker can get the information they are looking for. Special characters from user inputs should be handled/escaped properly in such cases.
4. Cross Site Scripting (XSS): The tester should additionally check the web application for XSS (Cross site scripting). Any HTML e.g. <HTML> or any script e.g. <SCRIPT> should not be accepted by the application. If it is, the application can be prone to an attack by Cross Site Scripting. Attacker can use this method to execute malicious script or URL on victims browser. Using cross-site scripting, attacker can use scripts like JavaScript to steal user cookies and information stored in the cookies. Many web applications get some user information and pass this information in some variables from different pages. E.g.: http://www.examplesite.com/index.php?userid=123&query=xyz Attacker can easily pass some malicious input or <script> as a &query parameter which can explore important user/server data on browser. Important: During security testing, the tester should be very careful not to modify any of the following:
y y y
Configuration of the application or the server Services running on the server Existing user or customer data hosted by the application
Additionally, a security test should be avoided on a production system. The purpose of the security test is to discover the vulnerabilities of the web application so that the developers can then remove these vulnerabilities from the application and make the web application and data safe from unauthorized actions.
It does not matter at all, which DB is used and how the operation is preformed. End user has no concern if any join or sub-query, trigger or stored-procedure, query or function was used to do what he wanted. But, the interesting thing is that all DB operations performed by user, from UI of any application, is one of the above four, acronym as CRUD. As a database tester one should be focusing on following DB testing activities:
What to test in database testing: 1) Ensure data mapping:
Make sure that the mapping between different forms or screens of AUT and the Relations of its DB is not only accurate but is also according to design documents. For all CRUD operations, verify that respective tables and records are updated when user clicks Save, Update, Search or Delete from GUI of the application.
2) Ensure ACID Properties of Transactions:
ACID properties of DB Transactions refer to the Atomicity, Consistency, Isolation and Durability. Proper testing of these four properties must be done during the DB testing activity. This area demands more rigorous, thorough and keen testing when the database is distributed.
3) Ensure Data Integrity:
Consider that different modules (i.e. screens or forms) of application use the same data in different ways and perform all the CRUD operations on the data. In that case, make it sure that the latest state of data is reflected everywhere. System must show the updated and most recent values or the status of such shared data on all the forms and screens. This is called the Data Integrity.
4) Ensure Accuracy of implemented Business Rules:
Today, databases are not meant only to store the records. In fact, DBs have been evolved into extremely powerful tools that provide ample support to the developers in order to implement the business logic at DB level. Some simple examples of powerful features of DBs are Referential Integrity, relational constrains, triggers and stored procedures. So, using these and many other features offered by DBs, developers implement the business logic on DB level. Tester must ensure that the implemented business logic is correct and works accurately. Above points describe the four most important What Tos of database testing. Now, I will put some light on How Tos of DB Testing. But, first of all I feel it better to explicitly mention an important point. DB Testing is a business critical task, and it should never be assigned to a fresh or inexperienced resource without proper training.
How To Test Database: 1. Create your own Queries
In order to test the DB properly and accurately, first of all a tester should have very good knowledge of SQL and specially DML (Data Manipulation Language) statements. Secondly, the tester should acquire good understanding of internal DB structure of AUT. If these two pre-requisites are fulfilled, then the tester is ready to test DB with complete confidence. (S)He will perform any CRUD operation from the UI of application, and will verify the result using SQL query.
This is the best and robust way of DB testing especially for applications with small to medium level of complexity. Yet, the two pre-requisites described are necessary. Otherwise, this way of DB testing cannot be adopted by the tester. Moreover, if the application is very complex then it may be hard or impossible for the tester to write all of the needed SQL queries himself or herself. However, for some complex queries, tester may get help from the developer too. I always recommend this method for the testers because it does not only give them the confidence on the testing they have performed but, also enhance their SQL skill.
2. Observe data table by table
If the tester is not good in SQL, then he or she may verify the result of CRUD operation, performed using GUI of the application, by viewing the tables (relations) of DB. Yet, this way may be a bit tedious and cumbersome especially when the DB and tables have large amount of data. Similarly, this way of DB testing may be extremely difficult for tester if the data to be verified belongs to multiple tables. This way of DB testing also requires at least good knowledge of Table structure of AUT.
3. Get query from developer
This is the simplest way for the tester to test the DB. Perform any CRUD operation from GUI and verify its impacts by executing the respective SQL query obtained from the developer. It requires neither good knowledge of SQL nor good knowledge of applications DB structure. So, this method seems easy and good choice for testing DB. But, its drawback is havoc. What if the query given by the developer is semantically wrong or does not fulfill the users requirement correctly? In this situation, the client will report the issue and will demand its fix as the best case. While, the worst case is that client may refuse to accept the application. Conclusion: Database is the core and critical part of almost every software application. So DB testing of an application demands keen attention, good SQL skills, proper knowledge of DB structure of AUT and proper training. In order to have the confident test report of this activity, this task should be assigned to a resource with all the four qualities stated above. Otherwise, shipment time surprises, bugs identification by the client, improper or unintended applications behavior or even wrong outputs of business critical tasks are more likely to be observed. Get this task done by most suitable resources and pay it the well-deserved attention.
Desktop application testing, Client server application testing and Web application testing.
Each one differs in the environment in which they are tested and you will lose control over the environment in which application you are testing, while you move from desktop to web applications. Desktop application runs on personal computers and work stations, so when you test the desktop application you are focusing on a specific environment. You will test complete application broadly in categories like GUI, functionality, Load, and backend i.e DB. In client server application you have two different components to test. Application is loaded on server machine while the application exe on every client machine. You will test broadly in categories like, GUI on
both sides, functionality, Load, client-server interaction, backend. This environment is mostly used in Intranet networks. You are aware of number of clients and servers and their locations in the test scenario. Web application is a bit different and complex to test as tester dont have that much control over the application. Application is loaded on the server whose location may or may not be known and no exe is installed on the client machine, you have to test it on different web browsers. Web applications are supposed to be tested on different browsers and OS platforms so broadly Web application is tested mainly for browser compatibility and operating system compatibility, error handling, static pages, backend testing and load testing. I think this will have an idea of all three testing environment. Keep in mind that even the difference exist in these three environments, the basic quality assurance and testing principles remains same and applies to all.
What processes will be required to manage updates to the web sites content, and what are the requirements for maintaining, tracking, and controlling page content, graphics, links, etc.? Which HTML specification will be adhered to? How strictly? What variations will be allowed for targeted browsers? Will there be any standards or requirements for page appearance and/or graphics throughout a site or parts of a site?? How will internal and external links be validated and updated? how often? Can testing be done on the production system, or will a separate test system be required? How are browser caching, variations in browser option settings, dial-up connection variabilities, and real-world internet traffic congestion problems to be accounted for in testing? How extensive or customized are the server logging and reporting requirements; are they considered an integral part of the system and do they require testing? How are cgi programs, applets, javascripts, ActiveX components, etc. to be maintained, tracked, controlled, and tested? Pages should be 3-5 screens max unless content is tightly focused on a single topic. If larger, provide internal links within the page. The page layouts and design elements should be consistent throughout a site, so that its clear to the user that theyre still within a site. Pages should be as browser-independent as possible, or pages should be provided or generated based on the browser-type. All pages should have links external to the page; there should be no dead-end pages. The page owner, revision date, and a link to a contact person or organization should be included on each page.
Multi tier functionality to support thousands of concurrent user sessions Large scale Integration , typically a banking application integrates with numerous other applications such as Bill Pay utility and Trading accounts Complex Business workflows Real Time and Batch processing High rate of Transactions per seconds Secure Transactions Robust Reporting section to keep track of day to day transactions Strong Auditing to troubleshoot customer issues Massive storage system
Disaster Management.
The above listed ten points are the most important characteristics of a Banking application. Banking applications have multiple tiers involved in performing an operation. For Example, a banking application may have: 1. 2. 3. 4. Web Server to interact with end users via Browser Middle Tier to validate the input and output for web server Data Base to store data and procedures Transaction Processor which could be a large capacity Mainframe or any other Legacy system to carry out Trillions of transactions per second.
If we talk about testing banking applications it requires an end to end testing methodology involving multiple software testing techniques to ensure:
y y y y y y
Total coverage of all banking workflows and Business Requirements Functional aspect of the application Security aspect of the application Data Integrity Concurrency User Experience
Typical stages involved in testing Banking Applications are shown in below workflow which we will be discussing individually.
1) Requirement Gathering: Requirement gathering phase involves documentation of requirements either as Functional Specifications or Use Cases. Requirements are gathered as per customer needs and documented by Banking Experts or Business Analyst. To write requirements on more than one subject experts are involved as banking itself has multiple sub domains and one full fledge banking application will be the integration of all. For Example: A banking application may have separate modules for Transfers, Credit Cards, Reports, Loan Accounts, Bill Payments, Trading Etc.
2) Requirement Review:
The deliverable of Requirement Gathering is reviewed by all the stakeholders such as QA Engineers, Development leads and Peer Business Analysts. They cross check that neither existing business workflows nor new workflows are violated.
3) Business Scenario Preparations:
In this stage QA Engineers derive Business Scenarios from the requirement documents (Functions Specs or Use Cases); Business Scenarios are derived in such a way that all Business Requirements are covered. Business Scenarios are high level scenarios without any detailed steps, further these Business Scenarios are reviewed by Business Analyst to ensure all of Business Requirements are met and its easier for BAs to review high level scenarios than reviewing low level detailed Test Cases.
4) Functional Testing:
In this stage functional testing is performed and the usual software testing activities are performed such as: Test Case Preparation: In this stage Test Cases are derived from Business Scenarios, one Business Scenario leads to several positive test cases and negative test cases. Generally tools used during this stage are Microsoft Excel, Test Director or Quality Center. Test Case Review: Reviews by peer QA Engineers Test Case Execution: Test Case Execution could be either manual or automatic involving tools like QC, QTP or any other.
5) Database Testing:
Banking Application involves complex transaction which are performed both at UI level and Database level, Therefore Database testing is as important as functional testing. Database in itself is an entirely separate layer hence it is carried out by database specialists and it uses techniques like
y y y y y y y
Data loading Database Migration Testing DB Schema and Data types Rules Testing Testing Stored Procedures and Functions Testing Triggers Data Integrity
6) Security Testing:
Security Testing is usually the last stage in the testing cycle as completing functional and non functional are entry criteria to commence Security testing. Security testing is one of the major stages in the entire Application testing cycle as this stage ensures that application complies with Federal and Industry standards. Security testing cycle makes sure the application does not have any web vulnerability which may expose sensitive data to an intruder or an attacker and complies with standards like OWASP. In this stage the major task involves in the whole application scan which is carried out using tools like IBM Appscan or HP WebInspect (2 Most popular tools). Once the Scan is complete the Scan Report is published out of which False Positives are filtered out and rest of the vulnerability are reported to Development team for fixing depending on the Severity. Other Manual tools for Security Testing used are: Paros Proxy, Http Watch, Burp Suite, Fortify tools Etc. Apart from the above stages there might be different stages involved like Integration Testing and Performance Testing. In todays scenario majority of Banking Projects are using: Agile/Scrum, RUP and Continuous Integration methodologies, and Tools packages like Microsofts VSTS and Rational Tools. As we mentioned RUP above, RUP stands for Rational Unified Process, which is an iterative software development methodology introduced by IBM which comprises of four phases in which development and testing activities are carried out. Four phases are: i) Inception ii) Collaboration iii) Construction and iv) Transition RUP widely involves IBM Rational tools. In this article we discussed how complex a Banking application could be and what are the typical phases involved in testing the application. Apart from that we also discussed current trends followed by IT industries including software development methodologies and tools.
For passed modules manual testing is carried out from the written test cases. If any bug is found that get assigned to module developer and get logged in bug tracking tool. On bug fix tester do bug verification and regression testing of all related modules. If bug passes the verification it is marked as verified and marked as closed. Otherwise above mentioned bug cycle gets repeated.(I will cover bug life cycle in other post) Different tests are performed on individual modules and integration testing on module integration. These tests includes Compatibility testing i.e testing application on different hardware, OS versions, software platform, different browsers etc. Load and stress testing is also carried out according to SRS. Finally system testing is performed by creating virtual client environment. On passing all the test cases test report is prepared and decision is taken to release the product! So this was a brief outline of process of project life cycle. Here is detail of each step what testing exactly carried out in each software quality and testing life cycle specified by IEEE and ISO standards: Review of the software requirement specifications Objectives is set for the Major releases Target Date planned for the Releases Detailed Project Plan is build. This includes the decision on Design Specifications Develop Test Plan based on Design Specifications Test Plan : This includes Objectives, Methodology adopted while testing, Features to be tested and not to be tested, risk criteria, testing schedule, multiplatform support and the resource allocation for testing. Test Specifications this document includes technical details (Software requirements) required prior to the testing. Writing of Test Cases Smoke (BVT) test cases Sanity Test cases Regression Test Cases Negative Test Cases Extended Test Cases Development Modules developed one by one Installers Binding: Installers are building around the individual product. Build procedure: A build includes Installers of the available products multiple platforms. Testing Smoke Test (BVT) Basic application test to take decision on further testing
Testing of new features Cross-platform testing Stress testing and memory leakage testing. Bug Reporting Bug report is created Development Code freezing No more new features are added at this point. Testing Builds and regression testing. Decision to release the product Post-release Scenario for further objectives.
2)Data Integritity testing: - For data integrity testing you should know about referintial integrity and different constraint. 3)Performance related to data base: - For performance related things you should have idea about the table structure and design. 4)Testing of Procedure,triggers and functions: - For testing Procedure triggers and functions you should be able to understand the same.
Waterfall Model: When the customer requirements are clear and complete Requirements Gathering>Analysis & Planning> Design> Coding> Testing> Release & Maintenance
Prototype Model: When the customer requirements are unclear and confusing Incremental Model: When the customer requirements are clear but not complete, because client is giving requirements in installment basis. Spiral Model: When the customer requirements are clear and complete but enhancing in future Note: In above 4 SDLC models the testing is available as one stage and the stage was also conducted by same developers.Due to this the organizations are concentrating on multiple stages of testing and separate testing teams for quality software development. V-Model: V- stands for Verification and Validation
y y
It is a recognized model by organizations This model defines the mapping in between multiple stages of development and multiple stages of testing
To decrease project cost, the organizations are maintaining the separate testing team only for system testing. Because the system testing stage is working as bottle neck stage in software development.
Answers: 1. A log sheet is generally a defect Report.Server logs are also attached to the defect,for the developers to check ,what is the behavior of the Application, request and response of the remote server when the defect has occurred.By reading that log sheet,a programmer or developer can understand,why that defect has occurred.This log sheet consists of lines of code according to the series of events that made the defect to occur. 2. Priority: How fast the bug should be resolved. Severity: How badly it effected the application. P1 > Fatal - S1 > Critical P2 > Major - S2 > High P3 > Minor - S3 > Medium P4 > Suggestion S4 > Low 3. If suppose the title of the particular concern is not spelled correctly, it would give a negative impact.eg ICICC is spelled as a title for the project of the concern ICICI.then it is a high severity, low priority defect. 4. These questions are called dynamic questions and you need to be spontaneous to answer this type of questions. Just draw the form immediately on a paper and tell the approximate time of 5 - 7 min and 8 - 10 test cases. 5. Positive Testing - testing the system by giving the valid data. Negative Testing - testing the system by giving the Invalid data. For Exam application contains a textbox and as per the users Requirements the textbox should accept only Strings. By providing only String as input data to the textbox & to check whether its working properly or not means it is Positive Testing. If giving the input other than String means it is negative Testing. 6. An objects logical name is determined by its class. In most cases, the logical name is the label that appears on an object.
Investopedia explains Capital Dividend A capital dividend is typically not taxable for shareholders, as it is viewed as a return of the capital paid in by investors. Capital dividends are not a preferred form of dividend payment for firms or investors, as they are often seen as a sign of a company struggling to generate earnings and free cash flow. Additionally, by paying out dividends from retained earnings, a company's struggles may worsen as its capital base shrinks, limiting investment and business opportunities in the future.
Can anyone tell what testing is most important to be done on insurance project? And how it is done?
Typically, insurance carriers have a common policy lifecycle that can consist of: -clearance of applicant -submission of applicant -quote(s) (including output of quote document) *this is where rating comes into play* -acceptance/rejection of quote -if acceptance - binding (including output of a binder document) -policy creation/issuance (including output of Declaraions page and associated wordings/forms/endorsements) -endorsement of policy (including output of policy change notice and associated wordings/forms/endorsements) -cancellation of policy (including output of cancellation notice, etc) -reinstatement of policy (including output of reinstatement notice, etc) and then there is the potential claims lifecycle which potentially consists of the following: -first notice of loss
-reservation of rights -capture of associated parties (claimant, attorneys, adjusters both internal and external, etc) -adjustment of claim (creating expense and/or indemnity reserves, making payments against reservers, creating recoveries, recovering money via subro, salvage, etc) -litigation management -closing claim -reopening claim Obviously, this can change for any given insurer based on the coverages they write and the busienss processes they have defined and these may or may not be covered by the application you are testing. Without further detail it is difficult to determine what scenarios would be appropriate. I would suggest getting a copy of the specification and potentially discuss with a SME what the application you are working on is intended to cover.
Q. What is difference between Performance Testing, Load Testing and Stress Testing?
1) Performance Testing:
Performance testing is the testing, which is performed, to ascertain how the components of a system are performing, given a particular situation. Resource usage, scalability and reliability of the product are also validated under this testing. This testing is the subset of performance engineering, which is focused on addressing performance issues in the design and architecture of software product. Performance Testing Goal: The primary goal of performance testing includes establishing the benchmark behaviour of the system. There are a number of industry-defined benchmarks, which should be met during performance testing. Performance testing does not aim to find defects in the application, it address a little more critical task of testing the benchmark and standard set for the application. Accuracy and close monitoring of the performance and results of the test is the primary characteristic of performance testing. Example: For instance, you can test the application network performance on Connection Speed vs. Latency chart. Latency is the time difference between the data to reach from source to destination. Thus, a 70kb page would take not more than 15 seconds to load for a worst connection of 28.8kbps modem (latency=1000 milliseconds), while the page of same size would appear within 5 seconds, for the average connection of 256kbps DSL (latency=100 milliseconds). 1.5mbps T1 connection (latency=50 milliseconds) would have the performance benchmark set within 1 second to achieve this target. For example, the time difference between the generation of request and acknowledgement of response should be in the range of x ms (milliseconds) and y ms, where x and y are standard digits. A successful performance testing should project most of the performance issues, which could be related to database, network, software, hardware etc
2) Load Testing:
Load testing is meant to test the system by constantly and steadily increasing the load on the system till the time it reaches the threshold limit. It is the simplest form of testing which employs the use of automation
tools such as LoadRunner or any other good tools, which are available. Load testing is also famous by the names like volume testing and endurance testing. The sole purpose of load testing is to assign the system the largest job it could possible handle to test the endurance and monitoring the results. An interesting fact is that sometimes the system is fed with empty task to determine the behaviour of system in zero-load situation. Load Testing Goal: The goals of load testing are to expose the defects in application related to buffer overflow, memory leaks and mismanagement of memory. Another target of load testing is to determine the upper limit of all the components of application like database, hardware and network etc so that it could manage the anticipated load in future. The issues that would eventually come out as the result of load testing may include load balancing problems, bandwidth issues, capacity of the existing system etc Example: For example, to check the email functionality of an application, it could be flooded with 1000 users at a time. Now, 1000 users can fire the email transactions (read, send, delete, forward, reply) in many different ways. If we take one transaction per user per hour, then it would be 1000 transactions per hour. By simulating 10 transactions/user, we could load test the email server by occupying it with 10000 transactions/hour.
3) Stress testing
Under stress testing, various activities to overload the existing resources with excess jobs are carried out in an attempt to break the system down. Negative testing, which includes removal of the components from the system is also done as a part of stress testing. Also known as fatigue testing, this testing should capture the stability of the application by testing it beyond its bandwidth capacity. The purpose behind stress testing is to ascertain the failure of system and to monitor how the system recovers back gracefully. The challenge here is to set up a controlled environment before launching the test so that you could precisely capture the behaviour of system repeatedly, under the most unpredictable scenarios. Stress Testing Goal: The goal of the stress testing is to analyse post-crash reports to define the behaviour of application after failure. The biggest issue is to ensure that the system does not compromise with the security of sensitive data after the failure. In a successful stress testing, the system will come back to normality along with all its components, after even the most terrible break down. Example: As an example, a word processor like Writer1.1.0 by OpenOffice.org is utilized in development of letters, presentations, spread sheets etc Purpose of our stress testing is to load it with the excess of characters. To do this, we will repeatedly paste a line of data, till it reaches its threshold limit of handling large volume of text. As soon as the character size reaches 65,535 characters, it would simply refuse to accept more data. The result of stress testing on Writer 1.1.0 produces the result that, it does not crash under the stress and that it handle the situation gracefully, which make sure that application is working correctly even under rigorous stress conditions.
1.differentiate between QA and QC? QA:It is process oriented it envolve in entire process of software developement. Preventin oriented. QC: It is product oriented. work to examin the quality of product. Dedection orientd. 2.what is a bug? A computer bug is an error, flaw, mistake, failure, or fault in a computer program that prevents it from working correctly or produces an incorrect result. 3.what is a test case? Testcase is set of input values, execution preconditions,expected results and execution postconditions, developed for a particular objective or test conditons, such as to exercise a paticular program path or to verify compliance with a specific requiremnt. 4.What is the purpose of test plan in your project? test plan document is prepared by the test lead,it contains the contents like introduction,objectives,test stratergy,scope,test items,program modules user procedures,features to be tested features not to tested approach,pass or fail criteria,testing process,test deliverables,testing,tasks,responsibilities,resources,schedu le,environmental requirements,risks & contingencies,change management procedures,plan approvals,etc all these things help a test manager undersatnd the testing he should do & what he should follow for testing that particular project. 5.When the relationship occur between tester and developer? developer is the one who sends the application to the tester by doing all the necessary code in the application and sends the marshal id to the tester.The tester is the one who gives all the input/output and checks whether he is getting reqd output or not.A developer is the one who works on inside interfacing where as the tester is the one who works on outside interfacing 6.when testing will starts in a project? the testing is not getting started after the coding.after release the build the testers perform the smoke test.smoke test is the first test which is done by the testing team.this is according to the testing team.but, before the releasing of a build the developers will perform the unit testing. 7.If a bug has high severity then usually that is treated as high priority,then why do priority given by testengineers/project managers and severity given by testers? High severity bugs affects the end users ....testers tests an application with the users point of view, hence it is given as high severity.High priority is given to the bugs which affects the production.Project managers assign a high priority based on production point of view. 8.what is the difference between functional testing and regresion testing functional testing is a testing process where we test the functionality/behaviour of each functional component of the application...i.e.minimize button,transfer button,links etc.i.e we check what is each component doing in that application... regression testing is the testing the behaviour of the application of the unchanged areas when there is a change in the build.i.e we chk whether the changed requirement has altered the behaviour of the unchanged areas.the impacted area may be the whole of the application or some part of the application...
10.do u know abt integration testing,how do u intregate diff modules? integration testing means testing an application to verify the data flows between the module.for example, when you are testing a bank application ,in account balence it shows the 100$as the available balence.but in database it shows the 120$. main thing is "integration done by the developers and integration testing done by the testers" 11.do u know abt configuration management tool,what is the purpose of maintaining all the documents in configuration manage ment tool? It is focused primarily on maintaining the file changes in the history. Documents are subjected to change For ex: consider the Test case document . Initially you draft the Test cases document and place it in Version control tool(Visual Source Safe for ex).Then you send it for Peer Review .They will provide some comments and that document will be saved in VSS again.Similary the document undergoes changes and all the changes history will be maintained in Version control. It helps in referring to the previous version of a document. Also one person can work on a document (by checking out) at a time. Also it keeps track who has done the changes ,time and date. Generally all the Test Plan, Test cases,Automation desgin docs are placed in VSS. Proper access rights needs to be given so that the documents dont get deleted or modified. 12.How you test database and explain the procedure? Database Testing is purely done based on the requirements. You may generalize a few features but they won't be complete. In general we look at 1. Data Correctness (Defaults) 2. Data Storage/Retreival 3. Database Connectivity (across multiple platforms) 4. Database Indexing 5. Data Integrity 6. Data Security 13.suppose if you press a link in yahooshopping site in leads to some other company website?how to test if any problem in linking from one site to another site? 1)first i will check whether the mouse cusor is turning into hand icon or not? 2)i will check the link is highlingting when i place the curosr on the link or not? 3)the site is opening or not? 4)if the site is opening then i will check is it opening in another window or the same window that the link itself exitst(to check userfriendly ness of the link) 5)how fast that website is opening? 6)is the correct site is opening according to the link? 7)all the items in the site are opeing or not? 8)all other sublinks are opening or not? 14.what are the contents of FRS? F → Function Behaviours R → Requirements (Outputs) of the System that is defined. S → Specification ( How, What, When, Where, and Way it behavior's. FRS → Function Requirement Specification. This is a Document which contains the Functional behavior of the system or a feature. This document is also know as EBS External Behaviour Specification Document. Or EFS External Function Specification. 15.what is meant by Priority nad severity? Priority means "Importance of the defect w.r.t cutomer requirement" Severity means "Seriousness of the defect w.r.t functionality"
16.what is meant by Priority nad severity? Severity: 1. This is assigned by the Test Engineer 2. This is to say how badly the devation that is occuring is affecting the other modules of the build or release. Priority: 1. This is assigned by the Developer. 2. This is to say how soon the bug as to be fixed in the main code, so that it pass the basic requirement. Eg., The code is to generate some values with some vaild input conditions. The priority will be assigned so based on the following conditions: a> It is not accepting any value b> It is accepting value but output is in non-defined format (say Unicode Characters). A good example i used some unicode characters to generate a left defined arrow, it displayed correctly but after saving changes it gave some address value from the stack of this server. For more information mail me i will let you know. 17.give me some example for high severity and low priority defect? if suppose the title of the particular concern is not spelled corectly,it would give a negative impact.eg ICICC is spelled as a tittle for the project of the concern ICICI.then it is a high severity,low priority defect. 18.what is basis for testcase review? the main basis for the test case review is 1.testing techniques oriented review 2.requirements oriented review 3.defects oriented review. 19.what are the contents of SRS documents? Software requirements specifications and Functional requirements specifications. 20.What is difference between the Web application testing and Client Server testing? Testing the application in intranet(withoutbrowser) is an example for client -server.(The company firewalls for the server are not open to outside world. Outside people cannot access the application.)So there will be limited number of people using that application. Testing an application in internet(using browser) is called webtesting. The application which is accessable by numerous numbers around the world(World wide web.) So testing web application, apart from the above said two testings there are many other testings to be done depending on the type of web application we are testing. If it is a secured application (like banking site- we go for security testing etc.) If it is a ecommerce testing application we go for Usability etc.. testings. 21.Explain your web application archtechture? web application is tested in 3 phases 1. web tier testing --> browser compatibility 2. middle tier testing --> functionality, security 3. data base tier testing --> database integrity, contents 22.suppose the product/appication has to deliver to client at 5.00PM,At that time you or your team member caught a high severity defect at 3PM.(Remember defect is high severity)But the the client is cannot wait for long time.You should deliver the product at 5.00Pm exactly.then what is the procedure you follow? the bug is high severity only so we send the application to the client and find out the severity is preyority or not. if its preyority then we ask him to wait. Here we found defects/bugs in the last minute of the deliveryor realese date
Then we have two options 1.explain the situation to client and ask some more time to fix the bug. 2.If the client is not ready to give some some time then analyse the impact of defect/bug and try to find workarounds for the defect and mention these issues in the release notes as known issues or known limitations or known bugs. Here the workaround means remeady process to be followed to overcome the defect effect. 3.Normally this known issues or known limitations(defects) will be fixed in next version or next release of the software 23.Give me examples for high priority and low severity defects? Suppose in one banking application there is one module ATM Facility. in that ATM facility when ever we are dipositing/withdrawing money it is not showing any conformation message but actually at the back end it is happening properly with out any mistake means only missing of message . in this case as it is happenig properly so there is nothing wrong with the application but as end user is not getting any conformation message so he/she will be confuse for this.So we can consider this issue as HIGH Priority but LOW Severity defects.. 24.Explain about Bug life cycle? 1)tester-> 2) open defect-> 3)send to developer 4)->if accepted moves to step5 else sends the bug to tester gain 5)fixed by developer -> 6)regression testing-> 7)no problem inbuilt and signoff 8)->if problem in built reopen the issue send to step3 25.How can you report the defect using excel sheet? To report the defect using excel sheet Mention : The Feture that been effected. mention : Test Case ID (Which fail you can even mention any other which are dependency on this bug) Mention : Actual Behavior Mention : Expected Behavior as mentioned in Test Case or EFS or EBS or SRS document with section Mention : Your Test Setup used during Testing Mention : Steps to Re-Produce the bug Mention : Additional Info Mention : Attach a Screen Shot if it is a GUI bug Mention : Which other features it is blocking because of this bug that you are unable to execute the test cases. Mention : How much time you took to execute that test case or follow that specific TC which leaded to bug 26.If you have executed 100 test cases ,every test case passed but apart from these testcase you found some defect for which testcase is not prepared,thwn how you can report the bug? While reporting this bug into bugtracking tool you will generate the testcase imean put the steps to reproduce the bug. 27.what is the diffn betn web based application and client server application The basic difference between web based application & client server application is that the web application are 3 trier & client based are 2 trier.In web based changes are made at one place & it is refelected on other layers also whereas client based separate changes need be installed on client machine also.
28.what is testplan? and can you tell the testplan contents? Test plan is a high level document which explains the test strategy,time lines and available resources in detail.Typically a test plan contains: -Objective -Test strategy -Resources -Entry criteria -Exit criteria -Use cases/Test cases -Tasks -Features to be tested and not tested -Risks/Assumptions. 29.How many testcases can you write per a day, an average figure? Complex test cases 4-7 per day Medium test cases 10-15 per day Normal test cases 20-30 per day 30.Who will prepare FRS(functional requirement documents)? What is the importent of FRS? The Business Analyst will pre pare the FRS. Based on this we are going to prepare test cases. It contains 1. Over view of the project 2. Page elements of the Application(Filed Names) 3. Proto type of the of the application 4. Business rules and Error States 5. Data Flow diagrams 6. Use cases contains Actor and Actions and System Responces 31.How you can decide the number of testcases are enough for testing the given module? The developed test cases are coverd all the functionality of the application we can say testcases are enough.If u know the functionality covered or not u can use RTM. 32.What is the difference between Retesting and Data Driven Testing? Retesting:it is manual process in which apllication will be tested with entire new set of data. DataDriven Testing(DDT)-It is a Automated testing process inwhich application is tested with multiple test data.DDT is very easy procedure than retesting because the tester should sit and need to give different new inputsmanually from front end and it is very tedious and boring prodedure. 33.what is regression testing? After the Bug fixed ,testing the application whether the fixed bug is affecting remaining functionality of the application or not.Majorly in regression testing Bug fixed module and it's connected modules are checked for thier integrity after bug fixation. 34.how do u test web application? Web applicatio testing web application shold have the following features like 1.Attractive User Interface(logos,fonts,alignment) 2.High Usability options 3.Securiry features(if it has login feature)
4.Database(back end). 5.Perfromance(appearing speed of the application on client system) 6.Able to work on different Browers(Browser compatibility) ,O.S compatibility(technicalled called as portability) 7.Broken link testing.........etc so we need to follow out the following test strategy. 1.Functionality Testing 2.Performance Testing(Load,volume,Stress,Scalability) 3.Usability Testing 4.User Interface Testing(colors,fonts,alignments...) 5.Security Testing 6.Browser compatibility Testing(differnt versions and different browser) 7.Brokenlink and Navigation Testing 8.Database(backend)Testing(data integrity) 9.Portability testing(Multi O.s Support)....etc
35.how do u perform regression testing,means what test cases u select for regression Regression testing will be conducted after any bug fixedor any functionality changed. During defect fixing procedure some part of coding may be changed or functionality may be manipulated.In this case the old testcases will be updated or completely re written according to new features of the application where bug fixed area.Here possible areas are old test cases will be executed as usual or some new testcases will be added to existing testcases or some testcases may be deleted. 36.what r the client side scripting languages and server side scripting languages client side scripting langages are javascript,VbScript,PHP...etc Server side Scripting languages are Perl,JSP,ASP,PHP..etc Clent side scipting languages are useful to validate the inputs or user actions from userside or client side. Server side Scripting languages are to validate the inputs at server side. This scripting languages provide security for the application. and also provides dynamic nature to web or client server application cleint side scripting is good because it won't send the unwanted input's to server for validation.from frontend it self it validated the user inputs and restricts the user activities and guides him 37.if a very low defect (user interface )is detected by u and the developer not compramising with that defect what will u do? user interface defect is a high visibility defect and easy to reproduce. Follow the below procedure 1.Reproduce the defect 2.Capture the defect screen shots 3.Document the proper inputs that you are used to get the defect in the derfect report 3.send the defect report with screen shots,i/ps and procedure for defect reproduction. before going to this you must check your computer hard ware configuration that is same as developper system configuration.and anlso check the system graphic drivers are properly installed or not.if the problem in graphic drivers the User interface error will come. so first check your side if it is correct from your sidethen report the defect by following the above method.
38.if u r only person in the office and client asked u for some changes and u didn,t get what the client asked for what will u do? Onething here is very important.Nobody will ask test engineer to change software that is not your duty,even if it is related to testing and anybody is not there try to listen care fully if you are not understand ask him again and inform to the corresponding people immediately. Here the cleint need speedy service,we(our company) should not get any blame from customer side. 39.how to get top two salaries from employee tables Select * from emp e where 2>=(select count(*) from emp e where sal>e.sal) order by desc sal. 40.How many Test-Cases can be written for the calculator having 0-9 buttons, Add,Equalto buttons.The testcases should be focussed only on add-functionality but mot GUI.What are those testcases? Test-Cases for the calculator so here we have 12 buttons totalie 0,1,2,3,4,5,6,7,8,9,ADD,Equalto -12 buttons here u can press atleat 4 buttons at a time minimum for example 0+1= for zero u should press 'zero' labled buttonfor plus u should press '+' labled buttonfor one u should press 'one' labled buttonfor equalto u should press 'equalto' labled button 0+1=here + and = positions will not varyso first number position can be varied from 0 to 9 i.e from permutation and combinations u can fill that space in 10 waysin the same waysecond number position can be varied from 0 to 9 i.e from permutation and combinations u can fill that space in 10 ways Total number of possibilities are =10x10=100 This is exhaustive testing methodology and this is not possible in all cases. In mathematics we have one policy that the the function satisfies the starting and ending values of a range then it can satisfy for entire range of values from starting to ending. then we check the starting conditions i.e one test case for '0+0=' (expected values you know thatis '0')then another testcase for '9+9='(expected values you know thatis '18')only two testcases are enough to test the calculator functionality. 41.what is positive and negative testing explian with example? Positive Testing - testing the system by giving the valid data. Negative Testing - testing the system by giving the Invalid data. For Ex,an application contains a textbox and as per the user's Requirements the textbox should accept only Strings.By providing only String as input data to the textbox & to check whether its working properly or not means it is Positive Testing.If giving the input other than String means it is negative Testing.. 42.How will you prepare Test plan. What are the techniques involved in preparing the Test plan. Test plan means planning for the release. This includes Project background Test Objectives: Brief overview and description of the document Test Scope: setting the boundaries Features being tested (Functionalities) Hardware requirements Software requirements Entrance Criteria (When to start testing): Test environment established, Builder received from developer, Test case prepared and reviewed. Exit criteria (when to stop testing): All bug status cycle are closed, all functionalities are tested, and all high and medium bugs are resolved. Project milestones: dead lines 43.What are the Defect Life Cycle? Defect life cycle is also called as bug life cycle. It has 6stages namely 1.new: found new bug 2.assigned: bud assigned to developer 3.open : developer is fixing the bug
4.fixed : developer has fixed the bug 5.retest: tester retests the application 6.closed/reopened: if it is ok tester gives closed stauselse he reopens and sends back to developer. 44.Expalin about metrics Management? Metrics: is nothing but a measurement analysis.Measurment analysis and Improvement is one of the process area in CMM I L2. 45.What is performance Testing and Regression Testing? Performance Testing:-testing the present wroking condition of the product Regression Testing:-Regression Testing is checking for the newly added functionality causing any erros interms of functionality and the common functionality should be stable in the latest and the previous versions 46.How do you review testcase?? Type of Review... types of reviewing testcases depends upon company standards,viz.., peer review,team lead review,roject manager review. Some times client may also review the test cases reg what is approach following for project 47.In which way tester get Build A, BUild B, ....Build Z of an application, just explain the process.. After preparation of testcases project manager will release software release note in that Document there will be URL path of the website link from from that we will receive the build In case of web server projects, you will be provided with an URL or a 92.168.***.*** (Web address) which will help you access the project using a browser from your system. In case of Client server, the build is placed in the VSS (Configuration tool) which will help you get the .exe downloaded to your computer. 48.apart from bug reporting wat is ur involvement in projectlife cycle As a Test engineer We design test cases,prepare testcases Execute Testcases, track the bugs, analyse the results report the bugs. invovled in regression testing, performance of system testing system intergration testing At last preparation of Test summary Report 49.contents of test report There are two documents,which should be prepared at particual phase. 1.Test Results document. 2.Test Report document. Test Results doc will be preapred at the phase of each type of Testing like FULL FUNCTIONAL TEST PASS,REGRESSION TEST PASS,SANITY TEST PASS etc...Test case execution againest the application.Once you prepared this doc,we will send the doc to our TL and PM.By seeing the Test Results doc ,TL will come to know the coverage part of the testcase.Here I am giving you the contents used in the Test Results doc. 1.Build No 2.Version Name 3.Client OS 4.Feature set 5.Main Feature 6.Defined Testcases on each feature. 7.QA engineer Name 8.Test ecases executed.(Includes pass and fail) 9.Testcases on HOLD(Includes blocking testcases and deferred Testcases)
10.Covereage Report(Which includes the coverage ratings in % ,like % of testcases covered,% of testcases failed) Coming to Test report,generally we will prepare Test report ,once we rolled out the product to our client.This document will be prepared by TL and delivered to the client.Mainly,this document describes the what we have done in the project,chievements we have reached,our learnings in throughout the project etc...The other name for Test report is Project Closure Report and we will summerize the all the activities,which have taken place in through out the project.Here I am giving your the contents covered in the Test Report. 1.Test Environment(Should be covered the OS,Application or webservers,Mahchine names,Database,etc...) 2.Test Methods(Types of Tests,we have done in the project like Functional Testing,Platform Testing,regression Testing,etc.. 3.Major areas Covered. 4.Bug Tracking Details.(Includes inflow and outflow of the bus in our delivered project) 5.Work schedule(When we start the testing and we finished) 6.Defect Analasys 6.1 Defects logged in different types of tests like Funcational Test,regressiion Test as per area wised. 6.2 State of the Defects at end of the Test cycle. 6.3 Root cause analysys for the bugs marked as NOT A BUG. 7.QA observations or learnings throught the life cycle. 50.write high level test cases Write all the testcases under high level TC,which can be covered the main functionalities like creation,edition,deletion,etc....as per prescribed in the screen. Wrtie all the testcases under low level TC,which can be covered the screen,like input fields are displayed as per the requirements,buttons are enabled or disabled,and testcase for low priority functionalities. Example a screen contains two edit boxes login and password and a pust buttons OK and Reset and check box for the label "Remember my password".Now let us write high level TC and low level test cases. HIGH LEVEL TC 1.Verify that User is able to login with valid login and valid password. 2.Verify that User is not able to login with invalid login and valid password. etc... .. 3.Verify that Reset button clears the filled screen. 4.Verify that a pop up message is displayed for blank login. etc... etc.. LOW LEVEL TC 1.Verify that after launching the URL of the application below fields are displayes in the screen. 1.Login Name 2.Password.3.OK BUTTON 4.RESET button etc.. 5.check box,provided for the label "remember my pwd" is unchecked. 2.Verify that OK button should be disabled before selecting login and passwrod fields. 3.Verify that OK button should ne enabled after selecting login and password. 4.Verify that User is able to check the check box,providedfor the label "remember my pwd". etc.. In this way,we can categorise all the testcases under HIGH LEVEL and LOW LEVEL. 51.wat is test scenario
Test scenario will be framed on basis of the requrement,which need to be checked.For that,we will frame set of testcases,in other terms,we can say all the conditions,which can be determined the testing coverage againest business requirement. Please see the below example,which is exactly matched to my explanation. As we know all most all the application are having login screen,which contains login name and password.Here is the test scenario for login screen. Scenario: USER'S LOGIN Condtions to be checked to test the above scenario: ---------------------------------------------------1.Test login field and Password fields indicisually. 2.Try to login with valid login and valid password. 3.Try to login with invaling login and valid pwd. etcc........................................ 52.wat is build duration it is a tine gap between old version build and new version build in new version build some new extra features are added 53.wat is test deliverables Test deliverables are nothing but documents preparing after testing like test plan document testcase template bugreport templateTest deliverables will be delivered to the client not only for the completed activities ,but also for the activites,which we are implementing for the better productivity.(As per the company's standards).Here I am giving you some of the Test deliverables in my project. 1.QA TestPlan 2.Testcase Docs 3.QA Testplan,if we are using Automation. 4.Automation scripts 5.QA Coverage Matrix and defect matrix. 6.Traceability Matrix 7.Test Results doc 8.QA Schesule doc(describes the deadlines) 9.Test Report or Project Closure Report.(Prepared once we rolled out the project to client) 10.Weekly status report(sent by PM to the client) 11.Release Notes. 54.wat is ur involvement in test plan Test lead is involved in preparing test plan test entgineers are no way related in preparing test plan role TE is testcase design ,and execution and bugtraking and reporting them Genarally TL is involed in preparation of the TestPlan.But it is not mandatory only TL will take main part in the preparaion of the TP.Test engineer can suggest to TL,if he(or) she has good understanding on project and resources,if he or she has more exp with the project,if TL is wrongly given deadlines.If your suggestions are valid,TL will incorporate all of them to the TestPlan.But in most of the companies Test engineers are just audians. 55.which test cases are not to be automated All the test cases which are related to a feature of the product, that keeps on changing (there are always some or the other enhancements in it). Frequent enhancements may change the UI, add/remove few controls. Hence such cases, if automated, would involve lot of a intenance 56.if a project is long term project , requirements are also changes then test plan will change or not?why Yes..definitely. If requirement changes, the design documents, specifications (for that particualr module which implements the requiremnts) will also change. Hence the test plan would also need to be updated. This is because "REsource Allocation" is one section in the test plan. We would need to write new test cases,review, and execute it. Hence resource allocation would have to be done accordingly. As a result the Test plan would change
57.explain VSS Virtual Sourse Safe... After complition of all phages From devolopment side devoloper store the code in devolopment folder of VSS,Testing team copying code from that folder to testing folder, after compliting above phages from testing, testers put the build in base line folder.It is version contrrole Tool Mainly useful to devoloper, to storing code and maintains version Copying a code from VSS By devoloper is called CHECK-IN Upload the code in to VSS is called CHECK-OUT. 58.who will assign severity & priority the tester/dev should give the priority based on severity of the bug Severity means: is the impact of the bug on the app.i.e seriousness of the bug interms of the functionality. Priority means: is how soon it should get fixed i.e importance of the bug interms of customer 59.What is the Difference between Stub Testing and Driver Testing? stub testing: In top down approach,a core module is developed.to test that core module, small dummy modules r used.so stubs r small dummy modules that test the core module. Driver testing: in bottom up approach, small modules r developed.to test them a dummy core module called driver is developed. 60.What is a "Good Tester"? Is one who tries to break the developers software and in a position to venture the bugs. so that atleast 80% bugs free software can deliver. What is Database testing? Data bas testing basically include the following. 1)Data validity testing. 2)Data Integrity testing 3)Performance related to data base. 4)Testing of Procedure, triggers and functions. for doing data validity testing you should be good in SQL queries For data integrity testing you should know about referential integrity and different constraint. For performance related things you should have idea about the table structure and design. for testing Procedure triggers and functions you should be able to understand the same. What we normally check for in the Database Testing? In DB testing we need to check for, 1. The field size validation 2. Check constraints. 3. Indexes are done or not (for performance related issues) 4. Stored procedures 5. The field size defined in the application is matching with that in the db. How to Test database in manually? Explain with an example Observing that operations, which are operated on front-end is effected on back-end or not. The approach is as follows: While adding a record thru' front-end check back-end that addition of record is effected or not. So same for delete, update,...... Ex:Enter employee record in database thru' front-end and check if the record is added or not to the back-end(manually).