CâuhỏiôntậpmônSoftwareTesting What is static code analysis? Static Code Analysis (also known as Source Code Analysis) is usually performed as part of a Code Review (also known as white-box testing) and is carried out at the Implementation phase of a Security Development Lifecycle (SDL) Static Code Analysis commonly refers to the running of Static Code Analysis tools that attempt to highlight possible vulnerabilities within 'static' (non-running) source code by using techniques such as Taint Analysis and Data Flow Analysis What is the difference between Testing Techniques and Testing Tools? - Testing technique: – Is a process for ensuring that some aspects of the application system or unit functions properly there may be few techniques but many tools - Testing Tools: – Is a vehicle for performing a test process The tool is a resource to the tester, but itself is insufficient to conduct testing What is component / Unit testing? - Component: Component testing is a method where testing of each component in an application is done separately Suppose, in an application there are components Testing of each components separately and efficiently is called as component testing - Unit testing: Unit testing is a software development process in which the smallest testable parts of an application, called units, are individually and independently scrutinized for proper operation Unit testing can be done manually but is often automated What are the different Methodologies in Agile Development Model? Consider the following techniques Which are static and which are dynamic techniques? What are the phases of a formal review? 1) Planning Selecting the personal, allocating roles, defining entry and exit criteria for more formal reviews etc 2) Kick-off Distributing documents, explaining the objectives, checking entry criteria etc 3) Individual preparation Work done by each of the participants on their own work before the review meeting, questions and comments 4) Review meeting Discussion or logging, make recommendations for handling the defects, or make decisions about the defects 5) Rework Fixing defects found, typically done by the author Fixing defects found, typically done by the author 6) Follow-up Checking the defects have been addressed, gathering metrics and checking on exit criteria 7 What are the Structure-based (white-box) testing techniques? When should testing be stopped? Deadlines (release deadlines, testing deadlines, etc.) Test cases completed with certain percentage passed Test budget depleted Coverage of code/functionality/requirements reaches a specified point Bug rate falls below a certain level Beta or alpha testing period ends What is black box testing? What are the different black box testing techniques? - Black Box Testing, also known as Behavioral Testing, is a softwaretesting method in which the internal structure/ design/ implementation of the item being tested is not known to the tester These tests can be functional or nonfunctional, though usually functional - Black box testing techniques: Equivalence partitioning Boundary value analysis Decision tables Other combinational techniques State transition testing Use case testing Limitations and assumptions 10 Why we use decision tables? The techniques of equivalence partitioning and boundary value analysis are often applied to specific situations or inputs However, if different combinations of inputs result in different actions being taken, this can be more difficult to show using equivalence partitioning and boundary value analysis, which tend to be more focused on the user interface The other two specification-based tech-niques, decision tables and state transition testing are more focused on business logic or business rules A decision table is a good way to deal with combinations of things (e.g inputs) This technique is sometimes also referred to as a 'cause-effect' table The reason for this is that there is an associated logic diagramming technique called 'cause-effect graphing' which was sometimes used to help derive the decision table 11 What is test coverage? Test coverage measures the amount of testing performed by a set of test Wherever we can count things and can tell whether or not each of those things has been tested by some test, then we can measure coverage and is known as test coverage 12 What is DRE? (Defect Removal Efficiency) Defect Removal Efficiency is a weighty metric used to estimate test efficacy DRE = Quantity of Bugs during SoftwareTesting / (Quantity of Bugs during SoftwareTesting + Quantity of Bugs found by User) 13 The later in the development life cycle a fault is discovered, the more expensive it is to fix Why? Because the fault has been built into more documentation, code, tests, etc 14 What is exploratory testing? 15 What is the difference between STLC (Software Testing Life Cycle) and SDLC (Software Development Life Cycle) ? 16 In white box testing what you verify? 17 What is the difference between static and dynamic testing? Static Testing Dynamic TestingTesting done without executing the program Testing done by executing the program This testing does verification process Dynamic testing does validation process Static testing is about prevention of defects Dynamic testing is about finding and fixing the defects Static testing gives assessment of code and documentation Dynamic testing gives bugs/bottlenecks in the software system Static testing involves checklist and process to be followed Dynamic testing involves test cases for execution This testing can be performed before compilation Dynamic testing is performed after compilation Static testing covers the structural and statement coverage testing Dynamic testing covers the executable file of the code Cost of finding defects and fixing is less Cost of finding and fixing defects is high Return on investment will be high as this process involved at early stage Return on investment will be low as this process involves after the development phase More reviews comments are highly recommended for good quality More defects are highly recommended for good quality Requires loads of meetings Comparatively requires lesser meetings 18 What is verification and validation? - Verification: Verification is a process of evaluating the intermediary work products of a software development lifecycle to check if we are in the right track of creating the final product - Validation: + Definition: the process of evaluating software during or at the end of the development process to determine whether it satisfies specified requirements Validation is the process of evaluating the final product to check whether the software meets the business needs In simple words the test execution which we in our day to day life are actually the validation activity which includes smoke testing, functional testing, regression testing, systems testing etc… 19 What are different test levels? What is Integration testing? 20 What are the tables in test plans (test plan document consists of)? 21 What is the difference between UAT (User Acceptance Testing) and System testing? 22 What is the difference between test scenarios, test cases and test script? 23 What does a typical test report contains? What are the benefits of test reports? 24 What does a typical bug report contains? What are the benefits of bug reports? 25 What makes a good Software Test engineer? A good test engineer has a 'test to break' attitude, an ability to take the point of view of the customer, a strong desire for quality, and an attention to detail Tact and diplomacy are useful in maintaining a cooperative relationship with developers, and an ability to communicate with both technical (developers) and non-technical (customers, management) people is useful Judgement skills are needed to assess high-risk or critical areas of an application on which to focus testing efforts when time is limited 26 What are the attributes of good test case? 27 What are the different between manual testing and automation testing? Manual Testing Automation Testing Manual testing is not accurate at Automated testing is more all times due to human error, hence it reliable, as it is performed by tools is less reliable and/or scripts Manual testing is time- Automated testing is executed consuming, taking up human by software tools, so it is resources significantly faster than a manual approach Investment is required for human resources Investment is required for testing tools Manual testing is only practical Automated testing is a practical when the test cases are run once or option when the test cases are run twice, and frequent repetition is not repeatedly over a long time period required Manual testing allows for Automated testing does not human entail human observation and cannot observation, which may be more guarantee user-friendliness or useful if the goal is user-friendliness positive customer experience or improved customer experience 28 List free-open source automation test tools - Selenium - Testing Whiz - Test Complete - Ranorex - Telerik Test Studio 29 What is defect management cycle? Defect life cycle, also known as Bug Life cycle is the journey of a defect cycle, which a defect goes through during its lifetime It varies from organization to organization and also from project to project as it is governed by the softwaretesting process and also depends upon the tools used 30 Practice: Give a source code of a program a Detect defects in the source code (static analysis) (ex: code conventions, out of memory, index…) b Fix the bug (defects) in the source code c Draw CFG and basic Paths? d Derive test cases to coverage the basic path 31 Write a unit test for specific method in class (java) ... Beta or alpha testing period ends What is black box testing? What are the different black box testing techniques? - Black Box Testing, also known as Behavioral Testing, is a software testing method... and dynamic testing? Static Testing Dynamic Testing Testing done without executing the program Testing done by executing the program This testing does verification process Dynamic testing does... focus testing efforts when time is limited 26 What are the attributes of good test case? 27 What are the different between manual testing and automation testing? Manual Testing Automation Testing