Manual Testing Course-Day-18
Manual Testing Interview Questions and Answers
What does COTS represent?
Commercial Off The Shelf.
Commercial Off-the-Shelf (COTS) software is becoming an ever-increasing part of organizations' total IT strategy for building and delivering systems. A common perception held by many people is that since a vendor developed the software, much of the testing responsibility is carried by the software vendor.
Why we split testing into distinct stages?
We split testing into distinct stages because of the following reasons,
- Each test stage has a different purpose
- It is easier to manage to test in stages
- We can run different test into different environments
- Performance and quality of the testing is improved using phased testing
136. What is DRE?
In order to measure test effectiveness, a powerful metric is used to measure test effectiveness known as DRE (Defect Removal Efficiency) From this metric we would know how many bugs we have found from the set of test cases. The formula for calculating DRE is
DRE=Number of bugs while a testing/number of bugs while testing + number of bugs found by a user
What is typically the MOST important reason to use risk to drive testing efforts?
Because testing everything is not feasible.
What is random/monkey testing? When is it used?
Random testing is often known as monkey testing. In such type of testing data is generated randomly often using a tool or automated mechanism. With this randomly generated input, the system is tested, and results are analyzed accordingly. These testing are less reliable; hence it is normally used by the beginners and to see whether the system will hold up under adverse effects.
What are the different Methodologies in Agile Development Model?
There are currently seven different agile methodologies that I am aware of:
- Extreme Programming (XP)
- Scrum
- Lean Software Development
- Feature-Driven Development
- Agile Unified Process
- Crystal
- Dynamic Systems Development Model (DSDM)
89. Which activity in the fundamental test process includes evaluation of the testability of the requirements and system?
A 'Test Analysis' and 'Design' includes evaluation of the testability of the requirements and system.
What is functional system testing?
Testing the end to end functionality of the system as a whole is defined as a functional system testing.
What are the benefits of Independent Testing?
Independent testers are unbiased and identify different defects at the same time.
What is component testing?
Component testing, also known as unit, module, and program testing, searches for defects in and verifies the functioning of software (e.g., modules, programs, objects, classes, etc.) that are separately testable. Component testing may be done in isolation from the rest of the system depending on the context of the development life cycle and the system. Most often stubs and drivers are used to replace the missing software and simulate the interface between the software components simply. A stub is called from the software component to be tested; a driver calls a component to be tested.
We use the output of the requirement analysis, the requirement specification as the input for writing …
User Acceptance Test Cases
Repeated Testing of an already tested program, after modification, to discover any defects introduced or uncovered as a result of the changes in the software being tested or in another related or unrelated software component:
Regression Testing
As part of which test process do you determine the exit criteria?
The exit criteria are determined on the bases of 'Test Planning'.
What is the difference between Testing Techniques and Testing Tools?
Testing technique: – Is a process for ensuring that some aspects of the application system or unit functions properly there may be few techniques but many tools.
Testing Tools: – Is a vehicle for performing a test process. The tool is a resource to the tester, but itself is insufficient to conduct testing
What is Alpha testing?
Pre-release testing by end user representatives at the developer's site.
What is beta testing?
Testing performed by potential customers at their own locations.
Mention what the difference between Pilot and Beta testing is?
The difference between a pilot and beta testing is that pilot testing is actually done using the product by the group of users before the final deployment, and in beta testing, we do not input real data, but it is installed at the end customer to validate if the product can be used in production.
What is the MAIN objective when reviewing a software deliverable?
To identify defects in any software work product.
Which of the following defines the expected results of a test? Test case specification or test design specification.
Test case specification defines the expected results of a test.
What is the benefit of test independence?
It avoids author bias in defining effective tests.
Why we use decision tables?
The techniques of equivalence partitioning and boundary value analysis are often applied to specific situations or inputs. However, if different combinations of inputs result in different actions being taken, this can be more difficult to show using equivalence partitioning and boundary value analysis, which tend to be more focused on the user interface. The other two specification-based techniques, decision tables, and state transition testing are more focused on business logic or business rules. A decision table is a good way to deal with combinations of things (e.g., inputs). This technique is sometimes also referred to as a 'cause-effect' table. The reason for this is that there is an associated logic diagramming technique called 'cause-effect graphing' which was sometimes used to help derive the decision table
What is the purpose of exit criteria?
The purpose of exit criteria is to define when a test level is completed.
What determines the level of risk?
The likelihood of an adverse event and the impact of the event determine the level of risk.
69. When is used Decision table testing?
Decision table testing is used for testing systems for which the specification takes the form of rules or cause-effect combinations. In a decision table, the inputs are listed in a column, with the outputs in the same column but below the inputs. The remainder of the table explores combinations of inputs to define the outputs produced.
What is the KEY difference between preventative and reactive approaches to testing?
Preventative tests are designed early; reactive tests are designed after the software has been produced.
What is the MAIN benefit of designing tests early in the life cycle?
It helps prevent defects from being introduced into the code.
Explain in a testing project what testing activities would you automate?
In testing project testing activities, you would automate are
- Tests that need to be run for every build of the application
- Tests that use multiple data for the same set of actions
- Identical tests that need to be executed using different browsers
- Mission critical pages
- A transaction with pages that do not change in a short time
What is TEST HARNESS? Tools & Examples
Test Harness in Software Testing
Test Harness in Software Testing is a collection of stubs, drivers and other supporting tools required to automate test execution. Test harness executes tests by using a test library and generates test reports. Test harness contains all the information needed to compile and run a test like test cases, target deployment port(TDP), source file under test, stubs, etc.
Why use Test Harness?
- Automate the testing process
- Execute test suites of test cases
- Generate associated test reports
- Support for debugging
- To record the test results for each one of the tests
- Helps the developers to measure code coverage at a code level
- Increase the productivity of the system through automation
- Enhance the quality of software components and application
- To handle the complex condition that testers are finding difficult to simulate
- Automation testing: It contains the test scripts, parameters necessary to run these scripts and gather results to analyze it
- Integration testing: It is used to put together two units of code or module that interact with each other to check whether or not the combined behavior is as expected or not
Test Harness Tools
- Junit: Tool used while using Java
- Nunit: Tool used for using .Net framework
Test Harness Vs Test Framework
|
|
|
|
|
|
|
|
Mention what the purpose behind doing end-to-end testing is?
End-to-end testing is done after functional testing. The purpose behind doing end-to-end testing is that
- To validate the Software requirements and integration with external interfaces
- Testing application in real-world environment scenario
- Testing of interaction between application and database
Mention what the meaning of breath testing is?
Breath testing is a test suite that exercises the full functionality of a product but does not test features in detail
Explain what the meaning of Code Walk Through is?
Code Walk Through is the informal analysis of the program source code to find defects and verify coding techniques
Mention what the basic components of defect report format are?
The essential components of defect report format include
- Project Name
- Module Name
- Defect detected on
- Defect detected by
- Defect ID and Name
- Snapshot of the defect
- Priority and Severity status
- Defect resolved by
- Defect resolved on
Mention what bottom-up testing is?
Bottom-up testing is an approach to integration testing, where the lowest level components are tested first, then used to facilitate the testing of higher level components. The process is repeated until the component at the top of the hierarchy is tested.
Mention what the different types of test coverage techniques are?
Different types of test coverage techniques include
- Statement Coverage: It verifies that each line of source code has been executed and tested
- Decision Coverage: It ensures that every decision in the source code is executed and tested
- Path Coverage: It ensures that every possible route through a given part of the code is executed and tested
Explain what the difference between latent and masked defects is?
- Latent defect: A latent defect is an existing defect that has not caused a failure because the sets of conditions were never met
- Masked defect: It is an existing defect that has not caused a failure because another defect has prevented that part of the code from being executed
Explain which test cases are written first black boxes or white boxes?
Black box test cases are written first as to write black box test cases; it requires project plan and requirement document all these documents are easily available at the beginning of the project. While writing white box test cases requires more architectural understanding and is not available at the start of the project.
Explain how to test documents in a project that span across the software development lifecycle?
The project span across the software development lifecycle in the following manner
- Central/Project test plan: It is the main test plan that outlines the complete test strategy of the project. This plan is used till the end of the software development lifecycle
- Acceptance test plan: This document begins during the requirement phase and is completed at the final delivery
- System test plan: This plan starts during the design plan and proceeds until the end of the project
- Integration and Unit test plan: Both these test plans start during the execution phase and last until the final delivery
Explain how does a test coverage tool work?
The code coverage testing tool runs parallel while performing testing on the actual product. The code coverage tool monitors the executed statements of the source code. When the final testing is done, we get a complete report of the pending statements and also get the coverage percentage.
Mention what the difference between a "defect" and a "failure" in software testing is?
In simple terms when a defect reaches the end customer, it is called a failure while the defect is identified internally and resolved; then it is referred to as a defect.
Mention what the main advantages of statement coverage metric of software testing are?
The benefit of statement coverage metric is that
a) It does not require processing source code and can be applied directly to object code
b) Bugs are distributed evenly through the code, due to which percentage of executable statements covered reflects the percentage of faults discovered
How to generate test cases for "replace a string" method?
a) If characters in new string > characters in the previous string. None of the characters should get truncated
b) If characters in new string< characters in the previous string. Junk characters should not be added
c) Spaces after and before the string should not be deleted
d) String should be replaced only for the first occurrence of the string
How will you handle a conflict amongst your team members?
- I will talk individually to each person and note their concerns
- I will find a solution to the common problems raised by team members
- I will hold a team meeting, reveal the solution and ask people to co-operate
Mention what are the categories of defects?
Mainly there are three defect categories
- Wrong: When a requirement is implemented incorrectly
- Missing: It is a variance from the specification, an indication that a specification was not implemented or a requirement of the customer is not met
- Extra: A requirement incorporated into the product that was not given by the end customer. It is considered as a defect because it is a variance from the existing requirements
Fuzz Testing(Fuzzing) Tutorial: What is, Types, Tools & Example
Fuzz Testing or Fuzzing is a software testing technique of putting invalid or random data called FUZZ into software system to discover coding errors and security loopholes. The purpose of fuzz testing is inserting data using automated or semi-automated techniques and testing the system for various exceptions like system crashing or failure of built-in code, etc.
Fuzz testing was originally developed by Barton Miller at the University of Wisconsin in 1989. Fuzz testing or fuzzing is a Software testing technique, and it is a type of Security Testing.
Why to do Fuzz Testing?
- Usually, Fuzzy testing finds the most serious security fault or defect.
- Fuzz testing gives more effective result when used with Black Box Testing, Beta Testing, and other debugging methods.
- Fuzz testing is used to check the Vulnerability of software. It is very cost effective testing techniques.
- Fuzz testing is one of the black box testing technique. Fuzzing is one of the most common method hackers used to find vulnerability of the system.
How to do Fuzz Testing
The steps for fuzzy testing include the basic testing steps-
Step 1) Identify the target system
Step 2) Identify inputs
Step 3) Generate Fuzzed data
Step 4) Execute the test using fuzzy data
Step 5) Monitor system behavior
Step 6) Log defects
Examples of Fuzzers
Mutation-Based Fuzzers alter existing data samples to create new test data. This is the very simple and straightforward approach, this starts with valid samples of protocol and keeps mangling every byte or file.
Generation-Based Fuzzers define new data based on the input of the model. It starts generating input from the scratch based on the specification.
PROTOCOL-BASED-fuzzer, the most successful fuzzer is to have detailed knowledge of protocol format being tested. The understanding depends on the specification. It involves writing an array of the specification into the tool then by using model-based test generation technique go through the specification and add irregularity in the data contents, sequence, etc. This is also known as syntax testing, grammar testing, robustness testing, etc. Fuzzer can generate test cases from an existing one, or they can use valid or invalid inputs.
There are two limitations of protocol-based fuzzing:
- Testing cannot proceed until the specification is mature.
- Many useful protocols are an extension of published protocols. If fuzz testing is based on published specifications, Test coverage for new protocols will be limited.
The simplest form of fuzzing technique is sending random input to the software either as protocol packets or as an event. This technique of passing random input is very powerful to find bugs in many applications and services. Other techniques are also available, and it is very easy to implement. To implement these techniques we just need to change the existing inputs. We can change input just by interchanging the bits of input.
Types of bugs detected by Fuzz Testing
Assertion failures and memory leaks this methodology is widely used for large applications where bugs are affecting the safety of memory, which is a severe vulnerability.
- Invalid input
In fuzz testing, fuzzers are used to generate an invalid input which is used for testing error-handling routines, and this is important for the software which does not control its input. Simple fuzzing can be known as a way to automate negative testing.
- Correctness bugs
Fuzzing can also be used to detect some types of "correctness" bugs. Such as a corrupted database, poor search results, etc.
Fuzz Testing Tools
Tools which are used in web security can widely be used in fuzz testing such as Burp Suite, Peach Fuzzer, etc.
- Peach Fuzzer
Peach Fuzzer provides more robust and security coverage than a scanner. Other testing tools can search only for known threads whereas Peach Fuzzer enable users to find known and unknown threads.
- Spike Proxy
It is a professional-grade tool looking for application-level vulnerabilities in web applications. SPIKE Proxy covers the basics, such as SQL Injection and cross-site-scripting, but it's completely open Python infrastructure. SPIKE Proxy is available for Linux and Windows.
- Webscarab
Webscarab is written in Java thus portable to many platforms. For analyzing application Webscarab framework is used that communicate using HTTP and HTTPS protocols.
Ex: Webscarab works as an intercepting proxy, it allows the operator to review and modify request created by the browser before they are received by the server. And allow to review and update response generated by the server before received by the browser. In this way, if web scarab finds any loophole, it will make the list of the reported issues.
- OWASP WSFuzzer
WSFuzzer is a GPL'd program that written in Python. GPL'd a program currently targets Web Services. In the current version of OWASPWSFuzzer HTTP based SOAP services are the main target.
Advantages of Fuzz Testing
- Fuzz testing improves software Security Testing.
- Bugs found in fuzzing are sometimes severe and most of the time used by hackers including crashes, memory leak, unhandled exception, etc.
- If any of the bugs fail to get noticed by the testers due to the limitation of time and resources those bugs are also found in Fuzz testing.
Disadvantages of Fuzz Testing
- Fuzz testing alone cannot provide a complete picture of an overall security threat or bugs.
- Fuzz testing is less effective for dealing with security threats that do not cause program crashes, such as some viruses, worms, Trojan, etc.
- Fuzz testing can detect only simple faults or threats.
- To perform effectively, it will require significant time.
- Setting a boundary value condition with random inputs is very problematic but now using deterministic algorithms based on users inputs most of the testers solve this problem.
Summary:
In Software Engineering, Fuzz testing shows the presence of bugs in an application. Fuzzing cannot guarantee detection of bugs completely in an application. But by using Fuzz technique, it ensures that the application is robust and secure, as this technique helps to expose most of the common vulnerabilities.
Explain what LCSAJ is?
LCSAJ stands for 'linear code sequence and jump.' It consists of the following three items
a) Start of the linear sequence of executable statements
b) End of the linear sequence
c) The target line to which control flow is transferred at the end of the linear sequence
Explain what N+1 testing is?
The variation of regression testing is represented as N+1. In this technique, the testing is performed in multiple cycles in which errors found in test cycle 'N' are resolved and re-tested in test cycle N+1. The cycle is repeated unless there are no errors found.
What is the DFD (Data Flow Diagram)?
When a "flow of data" through an information system is graphically represented, then it is known as Data Flow Diagram. It is also used for the visualization of data processing.
Explain what is "Test Plan Driven" or "Key Word Driven" method of testing?
This technique uses the actual test case document developed by testers using a spreadsheet containing special "key Words". The key words control the processing.
What is the step you would follow once you find the defect?
Once a defect is found you would follow the step
a) Recreate the defect
b) Attach the screenshot
c) Log the defect
In manual testing what are stubs and drivers?
Both stubs and drivers are part of incremental testing. In incremental testing, there are two approaches namely bottom-up and top-down approach. Drivers are used in bottom-up testing and stub is used for a top-down approach. In order to test the main module, the stub is used, which is a dummy code or program.
When is RTM (Requirement Traceability Matrix) prepared?
RTM is prepared before test case designing. Requirements should be traceable from review activities.
What is the difference between Test matrix and Traceability matrix?
Test Matrix: Test matrix is used to capture actual quality, effort, the plan, resources and time required to capture all phases of software testing
Traceability Matrix: Mapping between test cases and customer requirements is known as Traceability Matrix
What is test management review and why it is important?
Management review is also referred to as Software Quality Assurance or SQA. SQA focusses more on the software process rather than the software work products. It is a set of activities designed to make sure that the project manager follows the standard process. SQA helps test manager to benchmark the project against the set standards.
What are the best practices for software quality assurance?
The best practices for an effective SQA implementation is
- Continuous Improvement
- Documentation
- Tool Usage
- Metrics
- Responsibility by team members
- Experienced SQA auditors
Explain what is testing type and what are the commonly used testing type?
To get an expected test outcome, a standard procedure is followed which is referred to as Testing Type.
Commonly used testing types are
- Unit Testing: Test the smallest code of an application
- API Testing: Testing API created for the application
- Integration Testing: Individual software modules are combined and tested
- System Testing: Complete testing of the system
- Install/UnInstall Testing: Testing done from the point of client/customer view
- Agile Testing: Testing through Agile technique
While monitoring your project what all things you have to consider?
The things that have to be taken in considerations are
- Is your project on schedule
- Are you over budget
- Are you working towards the same career goal
- Have you got enough resources
- Are there any warning signs of impending problems
- Is there any pressure from management to complete the project sooner
What are the common mistakes which create issues?
- Matching resources to wrong projects
- Test manager lack of skills
- Not listening to others
- Poor Scheduling
- Underestimating
- Ignoring the small problems
- Not following the process
Test Summary Reports Tutorial: Learn with Example & Template
What does a typical test report contain? What are the benefits of test reports?
A test report contains the following things:
- Project Information
- Test Objective
- Test Summary
- Defect
The benefits of test reports are:
- Current status of project and quality of product are informed
- If required, stakeholder and customer can take corrective action
- A final document helps to decide whether the product is ready for release
Test Report
Test Report is a document which contains a summary of all test activities and final test results of a testing project. Test report is an assessment of how well the Testing is performed. Based on the test report, stakeholders can evaluate the quality of the tested product and make a decision on the software release.
For example, if the test report informs that there are many defects remaining in the product, stakeholders can delay the release until all the defects are fixed.
Test Report Example
Why Test Report?
The following scenario will show you why we do need the Test Report
| Earlier, when the boss asked you about whether the website Guru99 Bank can release, You answered him | The boss trusted you and decided to release this website to the customer at the end of the month. But 2 months post- release, you got the feedback from the client. |
|
|
Do you know the root cause of this problem? Why does the website still has defects even when your Team has already tested it?
The problem is you ignored the reporting & evaluation phase in Test Management. The boss has no information to evaluate the quality of this website. They just trusted what you said and released the website without knowing its testing performance.
The typical benefits of a test report include:
How to make a good Test Report?
To answer this, you must know -
What does a test report contain?
Project Information
All information of the project such as the project name, product name, and version should be described in the test report. For example, the information of Guru99Bank project will be as follows
Test Objective
As mentioned in Test Planning tutorial, Test Report should include the objective of each round of testing, such as Unit Test, Performance Test, System Test …Etc.
Test Summary
This section includes the summary of testing activity in general. Information detailed here includes
- The number of test cases executed
- The numbers of test cases pass
- The numbers of test cases fail
- Pass percentage
- Fail percentage
- Comments
This information should be displayed visually by using color indicator, graph, and highlighted table.
Take a look at Test Report of the website Guru99 Bank to know more detail about Test report
Defect
One of the most important information in Test Report is defect. The report should contain following information
- Total number of bugs
- Status of bugs (open, closed, responding)
- Number of bugs open, resolved, closed
- Breakdown by severity and priority
Like test summary, you can include some simple metrics like Defect density, % of fixed defects.
The project team sent you the Defect information as following
- Defect density is 20 defects/1000 lines of code average
- 90% defects fixed in total
You can represent the data as following graph
Tips to write a good test report
Test report is a communication tool between the Test Manager and the stakeholder. Through the test report, the stakeholder can understand the project situation, the quality of product and other things.
The following scenario shows you why we need a good Test Report
You co-operate with outsourcing company, its tester after having performed Performance Testing of the website Guru99 Bank, sends you a test report like this
The information of that report is too abstract. It does not have any detailed information. The stakeholder who will read it might be slightly puzzled when they get it. They might ask or have following sets of questions: -
- Why did they not execute 30 TCs that remains
- What are these failed Test Cases
- Doesn't have any bugs description
To solve that problem, a good Test Report should be:
- Detail: You should provide a detailed description of the testing activity, show which testing you have performed. Do not put the abstract information into the report, because the reader will not understand what you said.
- Clear: All information in the test report should be short and clearly understandable.
- Standard: The Test Report should follow the standard template. It is easy for stakeholder to review and ensure the consistency between test reports in many projects.
- Specific: Do not write an essay about the project activity. Describe and summarize the test result specification and focus on the main point.
For example, to correct the above Test Report, the tester should provide more information such as:
- Project information
- Test cycle: (System Test, Integration Test...etc.)
- Which functions have already tested (% TCs executed, % TCs passed or fail…)
- Defect report (Defect description, Priority or status...)
What is Exploratory Testing?
EXPLORATORY TESTING is a type of software testing where Test cases are not created in advance but testers check system on the fly. They may note down ideas about what to test before test execution. The focus of exploratory testing is more on testing as a "thinking" activity.
Exploratory Testing is widely used in Agile models and is all about discovery, investigation, and learning. It emphasizes personal freedom and responsibility of the individual tester.
Under scripted testing, you design test cases first and later proceed with test execution. On the contrary, exploratory testing is a simultaneous process of test design and test execution all done at the same time.
Scripted Test Execution is usually a non-thinking activity where testers execute the test steps and compare the actual results with expected results. Such test execution activity can be automated does not require many cognitive skills.
Though the current trend in software testing is to push for automation, exploratory testing is a new way of thinking. Automation has its limits
| Scripted Testing | Exploratory Testing |
|---|---|
| Directed from requirements | Directed from requirements and exploring during testing |
| Determination of test cases well in advance | Determination of test cases during testing |
| Confirmation of testing with the requirements | Investigation of system or application |
| Emphasizes prediction and decision making | Emphasizes adaptability and learning |
| Involves confirmed testing | Involves Investigation |
| Is about Controlling tests | Is about Improvement of test design |
| Like making a speech - you read from a draft | Like making a conversation - it's spontaneous |
| The script is in control | The tester's mind is in control |
Exploratory testing -
- Is not random testing but it is ad-hoc testing with a purpose of find bugs
- Is structured and rigorous
- Is cognitively (thinking) structured as compared to the procedural structure of scripted testing. This structure comes from Charter, time boxing etc.
- Is highly teachable and manageable
- It is not a technique but it is an approach. What actions you perform next is governed by what you are doing currently
How to do Exploratory Testing
Following is a step by step process on How to do Exploratory Testing which is also called session based test management (SBTM Cycle):
- Create a Bug Taxonomy (classification)
- Categorize common types of faults found in the past projects
- Analyze the root cause analysis of the problems or faults
- Find the risks and develop ideas to test the application.
- Test Charter
- Test Charter should suggest
- what to test
- how it can be tested
- What needs to be looked
- Test ideas are the starting point of exploration testing
- Test charter helps determine how the end user could use the system
- Test Charter should suggest
- Time Box
- This method includes a pair of testers working together not less than 90 minutes
- There should not be any interrupted time in those 90 minutes session
- Timebox can be extended or reduced by 45 minutes
- This session encourages testers to react on the response from the system and prepare for the correct outcome
- Review Results:
- Evaluation of the defects
- Learning from the testing
- Analysis of coverage areas
- Debriefing:
- Compilation of the output results
- Compare the results with the charter
- Check whether any additional testing is needed
For Example, during exploratory execution, the following needs to be done:
- The mission of testing should be very clear
- Keep notes on what needs to be tested, why it needs to be tested and the assessment of the product quality
- Tracking of questions and issues raised during exploratory testing
- Better to pair up the testers for effective testing
- The more we test, more likely to execute right test cases for the required scenarios
It is very important to take a document and monitor the following
- Test Coverage - Whether we have taken notes on the coverage of test cases and improve the quality of the software
- Risks - Which risks need to be covered and which are all important ones?
- Test Execution Log - Recordings on the test execution
- Issues / Queries - Take notes on the question and issues on the system
Smarter exploratory testing finds more errors in less time.
Pros and Cons of Exploratory Testing
| Pro | Con |
|---|---|
|
|
Challenges of Exploratory Testing:
There are many challenges of exploratory testing and those are explained below:
- Learning to use the application or software system is a challenge
- Replication of failure is difficult
- Determining whether tools need to be used can be challenging
- Determine the best test cases to execute can be difficult
- Reporting of the test results is a challenge as the report doesn't have planned scripts or cases to compare with the actual result or outcome
- Documentation of all events during execution is difficult to record
- Don't know when to stop the testing as exploratory testing has definite test cases to execute.
When use exploratory testing?
Exploratory testing can be used extensively when
- The testing team has experienced testers
- Early iteration is required
- There is a critical application
- New testers entered into the team
Conclusion:
In Software Engineering, Exploratory testing is performed to overcome the limitations of scripted testing. It helps in improving Test Case suite. It empathizes on learning and adaptability.
___________________________________________________
2) What is Use Case in Testing?
A Use Case in Testing is a brief description of a particular use of the software application by an actor or user. Use cases are made on the basis of user actions and the response of the software application to those user actions. It is widely used in developing test cases at system or acceptance level.
Use Case Testing
Use Case Testing is a software testing technique that helps to identify test cases that cover entire system on a transaction by transaction basis from start to end. Test cases are the interactions between users and software application. Use case testing helps to identify gaps in software application that might not be found by testing individual software components.
How to do Use Case Testing: Example
In a use-case, an actor is represented by "A" and system by "S". We create Use for a login functionality of a Web Application as shown below
| Main Success Scenario | Step | Description |
|---|---|---|
| A:Actor S:System | 1 | A: Enter Agent Name & Password |
| 2 | S: Validate Password | |
| 3 | S: Allow Account Access | |
| Extensions | 2a | Password not valid S: Display Message and ask for re-try 4 times |
| 2b | Password not valid 4 times S: Close Application |
- Consider the first step of an end to end scenario for a login functionality for our web application where the Actor enters email and password.
- In the next step, the system will validate the password
- Next, if the password is correct, the access will be granted
- There can be an extension of this use case. In case password is not valid system will display a message and ask for re-try four times
- If Password, not valid four times system will ban the IP address.
Here we will test the success scenario and one case of each extension.
This is USE-Case testing in Software Engineering
__________________________________________
3. What is the difference between the STLC (Software Testing Life Cycle) and SDLC (Software Development Life Cycle)?
SDLC deals with development/coding of the software while STLC deales with validation and verification of the software
Difference between SDLC and STLC
In the below table, we have listed some of the important difference between the Software Development Life Cycle and Software Testing Life Cycle:
| S.NO | Comparison basis | SDLC | STLC |
|---|---|---|---|
| 1. | Explanations | It is primarily connected to software development, which means that it is the procedure of developing a software application. | It is mainly linked to software testing, which means that it is a software testing process that contains various phases of the testing process. |
| 2. | Representation | SDLC stands for Software Development Life Cycle. | STLC stands for Software Testing Life cycle. |
| 3. | Resources | While performing the SDLC process, we needed a greater number of developers to complete the development process. | The STLC process needed a smaller number of testers to complete the testing process. |
| 4. | Focuses on | Besides the development phase, other phases like testing are also included. | The STLC concentrate only on testing the software. |
| 5. | Objective | The objective of the Software development life cycle is to complete the development of software successfully. | The objective of the Software testing life cycle is to complete the testing of software successfully. |
| 6. | Help in | The SDLC will help us to develop a good quality software product. | The STLC will helps to create the software bug-free. |
| 7. | Different phases | The various phase includes in Software Development Life Cycle are as follows:
| The various phase includes in Software Testing Life Cycle are as follows:
|
| 8. | Requirement collection phase | In the SDLC Requirement collection phase, the BA [Business Analyst] and PA [ Product Analyst] will collect the requirements and interpret business language into software language. | In the Requirement Analysis phase of the STLC, the QA [ Quality Assurance] team will study requirement documents and prepare the System Test Plan. |
| 9. | Designing phase | Based on the requirement understanding, the development team will develop the HLD [High-Level Design] and LLD [Low-Level Design] of the software. | Generally, in STLC, the Test Architect or a Test Lead plan the test strategy. And also finds the testing points. |
| 10. | Coding phase | In the SDLC coding phase, the developer will start writing the code as per the designed document and beginning of building the software. | In STLC, the QA team writes the test scenarios to authenticate the quality of the product. |
| 11. | Environment Set up | After writing the code, the development team sets up a test environment with the developed product to validate the code. | Based on the prerequisites, the Test team confirms the environment set up. And do one round of smoke testing to ensure that the environment is stable for the product and ready for testing. |
| 12. | Testing Phase | Once the environment has been set, the test engineer will perform various types of testing, such as Unit, Integration, System, Retesting, Regression testing, and so on. And the development team is also involving to fixing the bugs and report back to the tester. | Based on the test cases, the tester will do one round of integration and system testing. While performing the testing, if they encounter with any bugs, it will be reported and fixed after the retesting. |
| 13. | Deployment/ Product Release phase | In the SDLC deployment phase, when we received sign-off from various testing teams, the application is deployed or installed in a production environment for real end-users. | In STLC, the Smoke and sanity testing are performed in the production environment as soon as the product is deployed. And the testing team will prepare the test reports and matrix to analyze the product. |
| 14. | Maintenance Phase | Once the product has been deployed, the development team includes support and release updates. | To check maintenance code deployed, the QA team performs the regression suites. |
| 15. | Performed | The SDLC phases are done before the STLC phases. | The STLC phases are completed after SDLC phases. |
Conclusion
The SDLC and STLC provide a structure to the development and testing of software.
Generally, the test engineer may feel that the Software development life cycle is appropriate to developers only. Still, after understood the complete process of the development and testing life cycle, we can say that both life cycles are dependent and time to time performed in parallel.
Hence, it is beneficial even to test engineers if they understand the SDLC phase with STLC.
___________________________________________________
Explain what Test Deliverables is?
Test Deliverables are a set of documents, tools and other components that have to be developed and maintained in support of testing.
There are different test deliverables at every phase of the software development lifecycle
- Before Testing
- During Testing
- After the Testing
Mutation Testing in Software Testing: Mutant Score & Analysis Example
Mutation Testing
Mutation Testing is a type of software testing in which certain statements of the source code are changed/mutated to check if the test cases are able to find errors in source code. The goal of Mutation Testing is ensuring the quality of test cases in terms of robustness that it should fail the mutated source code.
The changes made in the mutant program should be kept extremely small that it does not affect the overall objective of the program. Mutation Testing is also called Fault-based testing strategy as it involves creating a fault in the program and it is a type of White Box Testing which is mainly used for Unit Testing.
Mutation was originally proposed in 1971 but lost fervor due to the high costs involved. Now, again it has picked steam and is widely used for languages such as Java and XML.
In this tutorial, you will learn-
- What is Mutation Testing?
- How to execute Mutation Testing?
- How to Create Mutant Programs?
- What to change in a Mutant Program?
- Types of Mutation Testing
- Mutation Score:
- Advantages of Mutation Testing:
- Disadvantages of Mutation Testing:
How to execute Mutation Testing?
Following are the steps to execute mutation testing(mutation analysis):
Step 1: Faults are introduced into the source code of the program by creating many versions called mutants. Each mutant should contain a single fault, and the goal is to cause the mutant version to fail which demonstrates the effectiveness of the test cases.
Step 2: Test cases are applied to the original program and also to the mutant program. A Test Case should be adequate, and it is tweaked to detect faults in a program.
Step 3: Compare the results of an original and mutant program.
Step 4: If the original program and mutant programs generate the different output, then that the mutant is killed by the test case. Hence the test case is good enough to detect the change between the original and the mutant program.
Step 5: If the original program and mutant program generate the same output, Mutant is kept alive. In such cases, more effective test cases need to be created that kill all mutants.
How to Create Mutant Programs?
A mutation is nothing but a single syntactic change that is made to the program statement. Each mutant program should differ from the original program by one mutation.
| Original Program | Mutant Program |
|---|---|
| If (x>y) Print "Hello" Else Print "Hi" | If(x<y) Print "Hello" Else Print "Hi" |
What to change in a Mutant Program?
There are several techniques that could be used to generate mutant programs. Let's look at them
| Operand replacement operators | Expression Modification Operators | Statement modification Operators |
|---|---|---|
| Replace the operand with another operand (x with y or y with x) or with the constant value. | Replace an operator or insertion of new operators in a program statement. | Programmatic statements are modified to create mutant programs. |
| Example- If(x>y) replace x and y values If(5>y) replace x by constant 5 | Example- If(x==y) We can replace == into >= and have mutant program as If(x>=y) and inserting ++ in the statement If(x==++y) | Example- Delete the else part in an if-else statement Delete the entire if-else statement to check how a program behaves Some of sample mutation operators:
|
Automation of Mutation Testing:
Mutation testing is extremely time consuming and complicated to execute manually. To speed up the process, it is advisable to go for automation tools. Automation tools reduce the cost of testing as well.
List of tools available -
Types of Mutation Testing
In Software Engineering, Mutation testing could be fundamentally categorized into 3 types– statement mutation, decision mutation, and value mutation.
- Statement Mutation - developer cut and pastes a part of a code of which the outcome may be a removal of some lines
- Value Mutation- values of primary parameters are modified
- Decision Mutation- control statements are to be changed
Mutation Score:
The mutation score is defined as the percentage of killed mutants with the total number of mutants.
- Mutation Score = (Killed Mutants / Total number of Mutants) * 100
Test cases are mutation adequate if the score is 100%. Experimental results have shown that mutation testing is an effective approach for measuring the adequacy of the test cases. But, the main drawback is that the high cost of generating the mutants and executing each test case against that mutant program.
Advantages of Mutation Testing:
Following are the advantages of Mutation Testing:
- It is a powerful approach to attain high coverage of the source program.
- This testing is capable comprehensively testing the mutant program.
- Mutation testing brings a good level of error detection to the software developer.
- This method uncovers ambiguities in the source code and has the capacity to detect all the faults in the program.
- Customers are benefited from this testing by getting a most reliable and stable system.
Disadvantages of Mutation Testing:
On the other side, the following are the disadvantages of Mutant testing:
- Mutation testing is extremely costly and time-consuming since there are many mutant programs that need to be generated.
- Since its time consuming, it's fair to say that this testing cannot be done without an automation tool.
- Each mutation will have the same number of test cases than that of the original program. So, a large number of mutant programs may need to be tested against the original test suite.
- As this method involves source code changes, it is not at all applicable for Black Box Testing.
Conclusion:
Do you want exhaustive testing of your application? The answer is Mutation testing. It is the most comprehensive technique to test a program. This is the method which checks for the effectiveness and accuracy of a testing program to detect the faults or errors in the system.
_______________________
What all things you should consider before selecting automation tools for the AUT?
- Technical Feasibility
- Complexity level
- Application stability
- Test data
- Application size
- Re-usability of automated scripts
- Execution across environment
How will you conduct Risk Analysis?
For the risk analysis following steps need to be implemented
- Finding the score of the risk
- Making a profile for the risk
- Changing the risk properties
- Deploy the resources of that test risk
- Making a database of risk
What are the categories of debugging?
Categories for debugging
- Brute force debugging
- Backtracking
- Cause elimination
- Program Slicing
- Fault tree analysis
What is fault masking explain with example?
When the presence of one defect hides the presence of another defect in the system, it is known as fault masking.
Example: If the "Negative Value" cause a firing of unhandled system exception, the developer will prevent the negative values input. This will resolve the issue and hide the defect of unhandled exception firing.
________________________________
Explain what Test Plan is? What is the information that should be covered in Test Plan?
A test plan can be defined as a document describing the scope, approach, resources, and schedule of testing activities and a test plan should cover the following details.
- Test Strategy
- Test Objective
- Exit/Suspension Criteria
- Resource Planning
- Test Deliverables
How can you eliminate the product risk in your project?
It helps you to eliminate product risk in your project, and there is a simple yet crucial step that can reduce the product risk in your project.
- Investigate the specification documents
- Have discussions about the project with all stakeholders including the developer
- As a real user walk around the website
What is the common risk that leads to project failure?
The common risk that leads to a project failure are
- Not having enough human resource
- Testing Environment may not be set up properly
- Limited Budget
- Time Limitations
On what basis you can arrive at an estimation for your project?
To estimate your project, you have to consider the following points
- Divide the whole project into the smallest tasks
- Allocate each task to team members
- Estimate the effort required to complete each task
- Validate the estimation
Explain how you would allocate a task to team members?
| Task | Member |
|
|
|
|
|
|
|
|
|
_____________ |
Comments
Post a Comment