1. What is the difference a Software Tester & Testing Analyst?
Testing analysts are more commonly involved with tasks at a higher level of abstraction, such as test process design, test planning, and test case design. Whereas Software Testers may be involved with test case design and test procedure construction, and interaction with the actual software systems.
2. What are Software Testing Specialities?
Testing specialties include test automation, load testing, usability testing, testing methodology, software inspections, industry or application expertise, test metrics, test management, white box testing & security testing etc. 3. What can be the various Job Levels in the Software Testing Domain in a Company?
Various job levels within the testing domain can include the tester, test analyst, test manager or test specialist, test consultant or Test executive.4. What is a Test Suite?
Set of collection of test cases is called a test suite.It contains more detailed instructions or goals for each collection of test cases. It contains a section where the tester identifies the system configuration used during testing. It may also contain prerequisite states or steps, and descriptions of the tests as well.
5. What is a scenario test?
This is a test based on a hypothetical story used to help a person think through a complex problem or system.Generally scenario test have following five key characteristics.
1) A story
2) Which is motivating
3) Which is credible
4) Which is complex
5) Which is easy to evaluate.
Scenario tests are different from test cases in a way that test cases cover single steps whereas scenarios cover a number of steps. Test suites and scenarios can be used together for a complete system test.
6. What is Defect Tracking?
In engineering practice, defect tracking is the process of finding defects in a product by the process of inspection, testing, or recording feedback from customers, and tracking them till their closure.In software engineering, defect tracking is of significant importance, since complex software systems have thousands of defects due to which their management, evaluation and prioritizing is a difficult task. Hence defect tracking systems in software engineering are computer database systems which store defects and help people to manage them.
7. What is Formal Verification in context with Software & Hardware systems?
Formal verification is the process of proving or disproving the correctness of a system with respect to a certain formal specification or property, with the help of formal methods. Generally the formal verification is carried out algorithmically. Approaches to implement formal verification are :
1) State space enumeration
2) Symbolic state space enumeration
3) Abstract interpretation
4) Abstraction refinement
5) Process-algebraic methods
6) Reasoning with the help of automatic theorem provers like HOL or Isabelle.
8. What is the concept of Fuzz Testing?
Fuzz testing is a software testing technique involving attachment of the inputs of a program to a source of random data. Main advantage of fuzz testing is that the test design is extremely simple, and remains free of preconceptions about system behavior.Fuzz testing is generally used in large software development projects which use black box testing. Fuzz testing provides a high benefit to cost ratio.
Fuzz testing technique is also used for the measurement of quality of large software systems. The advantage is that the cost of generating tests is relatively low.
Fuzz testing is helps to enhance the software security and software safety because it often finds odd oversights and defects which normal human testers would fail to find, and even the most careful human test designers would fail to create tests for.
Fuzz testing is not a substitute for exhaustive testing or formal methods; it can only provide a random sample of the system's behavior. Passing a fuzz test may only indicate that a particular software is capable to handles exceptions without crashing and it may not indicate its correct behavior.
9. What are the different forms of fuzz testing?
1) Valid fuzz Testing to assure that the random input is reasonable, or conforms to actual production data.2) Simple fuzz Testing usually uses a pseudo random number generator to provide an input.
3) A combined approach uses valid test data with some proportion of totally random input injected.
By using all the above techniques in combination, fuzz-generated randomness can test the un-designed behavior surrounding a wider range of designed system states.
10. What is a Web Application & How does it look like?
A web application is an internet based application, consisting of a set many scripts, which are normally stored on some Web server and are made to interact with some databases or any other similar sources of the dynamic content. Web applications provide an interactive Form to the user, wherein feeds inputs according to the fields provided in the form; then he clicks on a button like "Submit" or "OK" to store his inputs on the database & perform a set of calculations & present back the desired information.
Web Applications are becoming popular since these are a via media for exchange of information between various service providers and respective customers across the internet. These web applications are by & large not dependent on any platform. Popular examples of Web applications are Google / Yahoo or similar search engines, Internet Banking websites of several Banks, E-mail facility providing sites like Gmail, Yahoo Mail, Rediff Mail etc., Sale & Purchase sites like E-Bay etc.
11. What is Server Side Includes or SSI?
Server Side Includes or SSI is a mechanism by which we can include files using a special type of HTML comment which is similar to the include feature of todays scripting languages like JSP & PHP etc. Old type CGI programs and ASP scripts are still using Server Side Includes or SSI to include libraries of code.
12. What is the difference between Dynamic Analysis & Static Analysis?
Dynamic Analysis: refers to the process of testing and evaluation of a program by executing data in real-time. The objective is to find errors in a program while it is running, rather than by repeatedly examining the code offline. Smoke testing is a type of dynamic analysis. Static Analysis: refers to a set of techniques of program analysis where the program is not actually executed rather it is analyzed by some tools to produce the desired information. Objective of performing static analysis to ensure soundness and completeness of the program.
13. What is Vulnerability Analysis?
Vulnerability Analysis is a process which defines, identifies, and classifies the security holes or vulnerabilities in a computer, network, or communications infrastructure. It can be used to predict the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are implemented in actual practice.Vulnerability Analysis or Vulnerability Assessment involves following steps:
# Defining and classifying network or system resources
# Assigning relative levels of importance to the resources
# Identifying potential threats to each resource
# Developing a strategy to deal with the most serious potential problems
# Defining and implementing ways to minimize the consequences if an attack occurs.
14. What is a Vulnerability Scanner?
A vulnerability scanner is a tool for detecting & reporting genuine vulnerabilities in the system. It uses an up-to-date database containing complete information necessary to check a system for security holes. It provides facility to carry out multiple manual scans at a time. Its reports provide recommendations for countermeasures to remove the vulnerabilities detected by it.15. What is an Ethical Hacker?
Ethical hacker is a computer and network expert who legitimately attacks the security system on behalf of the management with an objective to find vulnerabilities, which any malicious hacker could exploit. For testing a security system, ethical hackers use the same methods as malicious hackers, but their aim is to report back the problems instead of taking advantage of out of them. Ethical hacking is also known as penetration testing or intrusion testing.
16. What is Database testing?
Database testing involves the following activities: 1) Testing of Data validity.
2) Testing of Data Integritity.
3) Performance testing related to the data base.
4) Testing of Procedure, triggers and functions.
17. What are the things checked in Database Testing?
Following things are generally checked In Database Testing:1) Validation of field size
2) Checking of constraints.
3) Checking of Indexes as to whether done or not
4) Checking of stored procedures
5) Checking as to whether the field size defined in the application is matching with that in the database or not
18. What is High Order Testing?
High Order Testing is black-box testing conducted on the software after the completion of all integration activities.
19. What is Internationalization ?
Internationalization refers to the development and testing relating to handling foreign text and data within a software program in such a way that it will be easy to adapt it to several international markets having different languages and cultures. Internationalization includes sorting, importing and exporting text and data, correct handling of currency and date and time formats, string parsing and upper / lower case handling etc.Method of deriving the abbreviation I18N for Internationalization goes like this:
First, we take the first letter of the word Internationalization we want to abbreviate; in this case the letter "I". Next, we take the last letter in the word; in this case the letter "N". These become the first and last letters in the abbreviation. Finally, we count the remaining letters in the word between the first and last letter. In this case. "nternationalizatio" has 18 characters in it. Thus we shall encapsulate the number 18 between the "I" and "N"; thus making the final abbreviation as I18N.
20. What is localization ?
Localization refers to development, testing and adapting the software product to suit a local or regional market. The objective of localization is to ensure suitability of the product with language & cultural aspects of the users of a particular region.localization includes translating the program, choosing appropriate icons and graphics, and other cultural considerations. It also may include translating the program's help files and the documentation.
21. What is Globalization ?
Globalization refers to the activities performed for the purpose of marketing a software product in regional markets. The objective of globalization is to take care of global marketing accounting for economic and legal factors. The main focus of globalization is on marketing providing total enterprise solutions and a support to the management. 22. What are the benefits of Software Validation?
Software validation is an important tool employed to assure the quality of the software products. Few benefits are as under: 1) It increases the usability and reliability of the device software, resulting in reduced failure rates, less recalls and corrective actions, less liability to device manufacturers.
2) It reduces the long term costs by making it easier and less costly to reliably modify software and revalidate software changes.
3) It helps to reduce the long-term cost of software by reducing the cost of validation for each subsequent release of the software.
23. What is the role of Design Reviews in Software Development Life Cycle?
Design review is a primary tool for managing and evaluating software development projects. Design reviews allow management to confirm that all goals defined in the software validation plan have been achieved. Formal design reviews are more structured and include participation from others outside the development team.Design reviews are documented, comprehensive, and systematic examinations of a design to evaluate the adequacy of the design requirements, to evaluate the capability of the design to meet these requirements, and to identify problems.
Design reviews include examination of development plans, requirements specifications, design specifications, testing plans and procedures, all other documents and activities associated with the project.
24. What is the need of Software Validation after a change?
When any change even a small one is made to the software, following activities need to be performed:1) Re-establishment of the validation status of the software.
2) Conducting necessary validation analysis - not for the sake of validation of the individual change, but o to know the effect of the change on the entire software system.
3) Conducting suitable level of regression testing to show that unchanged but vulnerable portions of the system have not been adversely affected. Regression testing is meant to provide a confidence that the software has been validated after the change.
25. What is Output Forcing?
Output Forcing is a sort of functional testing of software applications. It refers to choosing test inputs to ensure that all or the selected software outputs are generated by the testing.
