1. Explain The Requirements of Testing Technique:
Usage " To ensure that system performs correctly
" To ensure that correctness can be sustained for a considerable period of time.
" System can be tested for correctness through all phases of SDLC but incase of reliability the programs should be in place to make system operational.
Objectives " Successfully implementation of user requirements
" Correctness maintained over considerable period of time
" Processing of the application complies with the organization's policies and procedures.
" Secondary users needs are fulfilled -
Security officer
DBA
Internal auditors
Record retention
Comptroller
How to Use " Test conditions created
These test conditions are generalized ones, which becomes test cases as the SDLC progresses until system is fully operational.
Test conditions are more effective when created from user's requirements.
Test conditions if created from documents then if there are any error in the documents those will get incorporated in Test conditions and testing would not be able to find those errors.
Test conditions if created from other sources (other than documents) error trapping is effective.
" Functional Checklist created.
When to use " Every application should be Requirement tested
" Should start at Requirements phase and should progress till operations and maintenance phase.
" The method used to carry requirement testing and the extent of it is important.
Examples " Creating test matrix to prove that system requirements as documented are the requirements desired by the user.
" Creating checklist to verify that application complies to the organizational policies and procedures.
2. Explain Web-Enabled Development and Test automation?
Web-Enabled application go further in these areas:
* Web-enabled application are meant to be stateless. HTTP was designed to be stateless. Each request from a Web-enabled application is meant to be atomic and not rely on any previouse requests. This has huge advantages for system architecture and datacenter provisioning. When requests are stateless, then any sserver can respond to the request and any request handler on any server may service the request.
* Web-enabled application are platform independent. The client application may be written for Windows, Macintosh, Linux, and any other platform that is capable of implementing the command protocol and network connection to the server.
* Web-enabled application expect the client application to provide presentation rendering and simple scripting capabilities. The client application is usually a browser, however, it may also be a dedication client application such as a retail cash register, a Windows-based data analysis tool, ot an electronic address book in your mobile phone.
The missing context in a Web-enabled application test automation means that software developers and QA technicians must manually script tests for each Web-enalbled application. Plus, they need to maintain the test scriots as the application changes. Web-enabled application test automation tools focus on making the scriot writing and maintenance tasks easier. The test automation tool offer these features:
* A friendly, graphical user interface to integrate the record, edit, and run-time script functions.
* A recorder that watches how an application is used and writes a test script for you.
* A playback utility that drives a Web-enalbed application by processing the test script and logging. The playback utility also provides the facility to play back several concurrently running copies of the same script to check the system for scalability and load testing.
* A report utility to show how the playback differed from the original recording. The differences may be slower or faster performance times, errors, and incomplete transactions.
3. Explain Clicent/Server Development and Test automation?
The original intent for client/server applications was to separete presentation logic from business logic. In an ideal system design, the client was reponsible for presenting the user interface, command elements (drop-down menus, buttons, controls), displayed results information in a set of windows, charts, and dials. The client connected to a server to process functions and the server responded with data.
In a client/server environment the protocols are cleanly defined so that all the clients use the same protocols to communicate with the server.
The client-side frameworks to provide the same functionality of desktop application frameworks plus most of the needed communication code to issue commands to the server and the code needed to automatically update a client with new functions received from the server.The server-side frameworks provide code needed to received and handle requests from multiple clients, and code to connect to database for data persistence and remote information providers. Additionally, these framworks need to handle stateful transations and intermittent network connections. Stateful transactions require multiple steps to accomplish a task.
Client/server applications are normally transactional in nature and usually several interactions with the user are needed to finish a single request. For example, in a stock trading application the user begins a transaction by identifying themselves to the server, looking up an order code, and then submitting a request to the server, and receives and presents the results to the user. The client-side application normally knows something about the transaction - for example, the client-side application will normally store the user identification and a session code such as cookie value across the user's interaction with the server-based application. Users like it better when the client-side application knows about the transaction because each step in a request can be optimized in the client application. For example. in the stock trading example the client application could calculate a stock trade commission locally without having to communication with server.
Client/server application test automation provides the functionality of desktop application test automation plus these:
* Client/server applications operate in a network environment. The tests need to not only check for the function of an application, they need to test how the application handles slow or intermittent network performance.
* Automated test are ideal to determine the number of client applications a server is able to efficiently handle at any given time.
* The server is usually a middle tier between the client application and several data sources. Automated tests need to check the server for correct functionality while it communicates with the data source.
4. When test a FoxPro database?
* If the database is linked to other database, are the links secure and working?
* If the database publishes to the Internet, is the data correct?
* When data is deployed, is it still accurate?
* Do the queries give accurate information to the reports?
* If thedatabase performs calculations, are the calculatons accurate?
* If the Web site publishes from inside the SQL Server straight to a Web page, is the data accurate and of the correct data type?
* If the SQL Server reads from a stored procedure to produce a Web page or if the stored procedure is changed, does the data on the page change?
* If you are using FrontPage or interDev is the data connection to your pages secure?
* Does the database have scheduled maintenance with a log so testers can set changes or errors?
* Can the tester check to see how back ups are being handled?
* Is the database secure?
The most common data errors are due to incorrect data entry, called data validity errors.
7. How to Query reaponse time?
The turnaround time for responding to queries in a database must be short; therefor, query response time is essential for online transactions. The results from this test will help to identify problems, such as possible bottlenecks in the network, sspecific queries, the database structure, or the hardware.
8. What is the Regression testing?
Did a new build break an existing function? Repeat testing after changes for managing risk relate to product enhancement.
A regression test is performded when the tester wishes to see the progress of the testing processs by performing identical tests before and after a bug has been fixed. A regression test allows the tester to compare expeted test results with the actual results.
Regression testing's primary objective is to ensure that all bugfree features stay that way. In addition, bugs which have been fixed once should not turn up again in subsequent program versions.
Regression testing: After every software modification or before next release, we repeat all test cases to check if fixed bugs are not show up again and new and existing functions are all working correctly.
Regression testing is used to confirm that fixed bugs have, in fact, been fixed and that new bugs have not been introduced in the process, and that festures that were proven correctly functional are intact. Depending on the size of a project, cycles of regression testing may be perform once per milestone or once per build. Some bug regression testing may also be performed during each accceptance test cycle, forcusing on only the most important bugs. Regression tests can be automated.
CONDITIONS DURING WHICH REGRESSION TESTS MAY BE RUN Issu fixing cycle. Once the development team has fixed issues, a regression test can be run t ovalidate the fixes. Tests are based on the step-by-step test casess that were originally reported:
* If an issue is confirmeded as fixed, then the issue report status should be changed to Closed.
* If an issue is confirmed as fixed, but with side effects, then the issue report status should be changed to Closed. However, a new issue should be filed to report the side effect.
* If an issue is only partially fixed, then the issue report resolution should be changed back to Unfixed, along with comments outlining the oustanding problems
Open-status regression cycle. Periodic regression tests may be run on all open issue in the issue-tracking database. During this cycle, issue status is confirmed either the report is reproducible as is with no modification, the report is reproducible with additional comments or modifications, or the report is no longer reproducible
Closed-fixed regression cycle. In the final phase of testing, a full-regression test cycle should be run to confirm the status of all fixed-closed issues.
Feature regression cycle. Each time a new build is cut or is in the final phase of testing depending on the organizational procedure, a full-regression test cycle should be run to confirm that the proven correctly functional features are still working as expected.
Boundary tests are designed to check a program's response to extreme input values. Extreme output values are generated by the input values. It is important to check that a program handles input values and output results correctly at the lower and upper boundaries. Keep in mind that you can create extreme boundary results from non-extreme input values. It is essential to analyze how to generate extremes of both types. In addition. sometime you know that there is an intermediate variable involved in processing. If so, it is useful to determine how to drive that one through the extremes and special conditions such as zero or overflow condition.
10. What is Privilage testing?
What happens when the everyday user tries to access a control that is authorized only for adminstrators?
11. What is Increas Capacity Testing?
When you begin your stress testing, you will want to increase your capacity testing to make sure you are able to handle the increased load of data such as ASP pages and graphics. When you test the ASP pages, you may want to create a page similar to the original page that will simulate the same items on the ASP page and have it send the information to a test bed with a process that completes just a small data output. By doing this, you will have your processor still stressing the system but not taking up the bandwidth by sending the HTML code along the full path. This will not stress the entire code but will give you a basis from which to work. Dividing the requests per second by the total number of user or threads will determine the number of transactions per second. It will tell you at what point the server will start becoming less efficient at handling the load. Let's look at an example. Let's say your test with 50 users shows your server can handle 5 requests per seconf, with 100 users it is 10 requests per second, with 200 users it is 15 requests per second, and eventually with 300 users it is 20 requests per second. Your requests per second are continually climbing, so it seems that you are obtaining steadily improving performance. Let's look at the ratios:
05/50 = 0.1
10/100 = 0.1
15/200 = 0.075
20/300 = 0.073
From this example you can see that the performance of the server is becoming less and less efficient as the load grows. This in itself is not necessarily bad (as long as your pages are still returning within your target time frame). However, it can be a useful indicator during your optimization process and does give you some indication of how much leeway you have to handle expected peaks.
The primary goal of performance-testing is to develop effective enhancement strategies for maintaining acceptable system performance. Performance testing is a capacity analysis and planning process in which measurement data are used to predict when load levels will exhaust system resources.
13. Explain Difference between Load and Strees testing?
The idea of stress testing is to find the breaking point in order to find bugs that will make that break potentially harmful. Load testing is merely testing at the highest transaction arrival rate in performance testing to see the resource contention, database locks etc..
14. Explain Error - Handling Testing Technique?
Background " Pre determination of Error handling features is the basic difference between Automated and manual systems.
" Manual System: can deal with problems as they occur.
" Automated Systems: Must pre program error handling.
Usage " It determines the ability of applications system to process the incorrect transactions properly
" Errors encompass all unexpected conditions.
" In some system approx. 50% of programming effort will be devoted to handling error condition.
Objectives " Determine:
" Application system recognizes all expected error conditions.
" Accountability of processing errors has been assigned and procedures provide a high probability that errors will be properly corrected.
" During correction process reasonable control is maintained over errors.
How to Use " A group of knowledgeable people is required to anticipate what can go wrong in the application system.
" It is needed that all the application knowledgeable people assemble to integrate their knowledge of user area, auditing and error tracking.
" Then logical test error conditions should be created based on this assimilated information.
" The error handling testing technique should test -
Error
Processing of error
Control condition
Reentry of condition is proper or not.
" The iterative process should be used where first the errors in the system trapped should be corrected and then the corrected system should be re-tested to check the authenticity of application operation and to complete the error handling testing cycle.
" Tester should think negatively to trap errors.
" Testers should determine how the system should fail so that they can test to determine if the software can properly process the erroneous data.
When to use " Throughout SDLC
" Impact from errors should be identified and should be corrected to reduce the errors to acceptable level.
" Used to assist in error management process of system development and maintenance.
Examples " Create a set of erroneous transactions and enter them into the application system then find out whether the system is able to identify the problems.
" Using iterative testing enters transactions and trap errors. Correct them. Then enter transactions with errors, which were not present in the system earlier.
15. Explain Control Testing Technique?
Background " One half of total system development effort is directly attributable to controls.
" Controls include:
Data validation
File integrity
Audit trail
Back up and recovery
Documentation.
Other aspects of system related to integrity
" Control is system within a system.
" Control looks at the totality of the system.
Usage " Control is a management tool to ensure that processing is performed in accordance to what management desire or intents of management.
Objectives " Accurate and complete data
" Authorized transactions
" Maintenance of adequate audit trail of information.
" Efficient, effective and economical process.
" Process meeting the needs of the user.
How to Use " To test controls risks must be identified.
" Develop risk matrix, which identifies the risks, controls; segment within application system in which control resides.
" Testers should have negative approach i.e. should determine or anticipate what can go wrong in the application system.
When to use " Should be tested with other system tests.
Examples " file reconciliation procedures work
" Manual controls in place.
16. What is the Stress Testing?
Overwhelm the product for performance, reliability, and efficiency assessment; To find the breakpoint when system is failure; to increase load regressively to gather information for finding out maximum concurrent users.
Stress tests force programs to operate under limited resource conditions. The goal is to push the upper functional limits of a program to ensure that it can function correctly and handle error conditions gracefully. Examples of resources that may be artificially manipulated to create stressful conditions include memory, disk space, and network bandwidth. If other memory-oriented tests are also planned, they should be performed here as part of the stress test suite. Stress tests can be automated.
Breakpoint:
the capabilites and weakness of the product:
* High volunmes of data
* Device connections
* Long transation chains
Stress Test Environment:
As you set up your testing environment for a stress test, you need to make sure you can answer the following questions:
* Will my test be able to support all the users and still maintain performance?
* Will my test be able to simulate the number of transactions that pass through in a matter of hours?
* Will my test be able to uncover whether the system will break?
* Will my server crash if the load continues over and over?
The test should be set up so that you can simulate the load; for example:
* If you have a remote Web site you should be able to monitor up to four Web sites or URLs.
* There should be a way to monitor the load intervals.
* The load test should be able to simulate the SSL (Secure Server)
* The test should be able to simulate when a user submits the Form Data (GET method)
* The test should be set up to simulate and authentical the keyword verification.
* The test should be able to simulate up to six email or pager mail addresses and an alert should occur when there is a failure.
It is important to remember when stressing your Web site to give a certain number of users a page to stress test and give them a certain amount of time in which to run the test.
Some of the key data features that can help you measure this type of stress test, determine the load, and uncover bottlenecks in the system are:
* Amount of memory available and used
* The processor time used
* The number of requests per second
* The amount of time it takes ASP pages to be set up.
* Server timing errors.
17. What is black-box (or functional) testing?
Black Box Testing is testing without knowledge of the internal workings of the item being tested. The Outside world comes into contact with the test items, --only through the application interface ,,, an internal module interface, or the INPUT/OUTPUT description of a batch process. They check whether interface definitions are adhered to in all situation and whether the product conform to all fixed requirements. Test cases are created based on the task descriptions.
Black Box Testing assumes that the tester does not know anything about the application that is going to be tested. The tester needs to understand what the program should do, and this is achieved through the business requirements and meeting and talking with users.
Funcional tests: This type of tests will evaluate a specific operating condition using inputs and validating results. Functional tests are designed to test boundaries. A combination of correst and incorrect data should be used in this type of test.
18. What is HTML content-checking tests?
HTML content checking tests makes a request to a Web page, parses the response for HTTP hyperlinks, requests hyperlinks from their associated host, and if the links returned successful or exceptional conditions. The downside is that the hyperlinks in a Web-enalbled application are dynamic and can change, depending on the user's actions. There is little way to know the context of the hyperlinks in a Web-enabled application. Just checking the links' validity is meaningless if not misleading. These tests were meant to test static Web sites, not Web-enabled application
19. What is Click-Stream Testing?
Click stream Testing is to show which URLs the user clicked, The Web site's user activity by time period during the day, and other data otherwise found in the Web server logs. Popular choice for Click-Stream Testing statisticss include KeyNote Systems Internet weather report , WebTrends log analysis utility, and the NetMechanic monitoring service.
Disadvantage: Click-Stream Testing statistics reveal almost nothing about the user's ability to achieve their goals using the Web site. For example, a Web site may show a million page views, but 35% of the page views may simply e pages with the message "Found no search results," With Click-Stream Testing, there's no way to tell when user reach their goals.
Security measures protect Web systems from both internal and external threats. E-commerce concerns and the growing popularity of Web-based applications have made security testing increasingly relevant. Security tests determine whether a company's security policies have been properly implemented; they evaluate the functionality of existing systems, not whether the security policies that have been implemented are appropriate.
PRIMARY COMPONENTS REQUIRING SECURITY TESTING
* Application software
* Database
* Servers
* Client workstations
* Networks
21. What is User Interface Tests?
Easy-of-use UI testing evaluates how intuitive a system is. Issues pertaining to navigation, usablility, commands, and accessibility are considered. User interface functionality testing examines how well a UI operates to specifications.
AREAS COVERED IN UI TESTING
* Usability
* Look and feel
* Navigation controls/navigation bar
* Instructional and technical information style
* Images
* Tables
* Navigation branching
* Accessibility
Online help tests check the accuracy of help contents, correctness of features in the help system, and functionality of the help system.
23. How to performance Compatibility and Configuration Testing?
Compatibility and configuration testng is performanced to check that an application functions properly across various hardware and software environments. Often, the stragegy is to run the functional acceptance simple tests or a subset of the task-oriented functional tests on a range of software and hardware configurations. Sometimes, another strategy is to create a specific test that takes into account the error risks associated with configuration differences. For example, you might design an extensive series of tests to check for browser compatibility issues.
Software compatibility configurations include variances in OS versions, input/output (I/O) devices, extension, network software, concurrent applications, online services and firewalls. Hardwere configurations include variances in manufacturers, CPU types, RAM, graphic display cards, video capture cards, sound cards, monitors, network cards, and connection types(e.g. T1, DSL, modem, etc..).
24. What is Real-world User-level Test?
These tests simulate the actions customers may take with a program. Real-World user-level testing often detects errors that are otherwise missed by formal test types.
25. What does Task-Oriented Functional Test consists of?
The task-oriented functional test (TOFT) consists of positive test cases that are designed to verify program features by checking the task that each feature performs against specifications, user guides, requirements, and design documents. Usually, features are organized into list or test matrix format. Each feature is tested for:
* The validity of the task it performs with supported data conditions under supported operating conditions.
* The integrity od the task's end result
* The feature's integrity when used in conjunction with related features
26. Explain Black Box testing for web-based application Part 5:
27. Directory setup
The most elementary step of web security is proper setup of directories. Each directory should have an index.html or main.html page so a directory listing doesn't appear.
One company I was consulting for didn't observe this principal. I right clicked on an image and found the path "...com/objects/images". I went to that directory manually and found a complete listing of the images on that site. That wasn't too important. Next, I went to the directory below that: "...com/objects" and I hit the jackpot. There were plenty of goodies, but what caught my eye were the historical pages. They had changed their prices every month and kept the old pages. I browsed around and could figure out their profit margin and how low they were willing to go on a contract. If a potential customer did a little browsing first, they would have had a definite advantage at the bargaining table.
SSL Many sites use SSL for secure transactions. You know you entered an SSL site because there will be a browser warning and the HTTP in the location field on the browser will change to HTTPS. If your development group uses SSL you need to make sure there is an alternate page for browser with versions less than 3.0, since SSL is not compatible with those browsers. You also need to make sure that there are warnings when you enter and leave the secured site. Is there a timeout limit? What happens if the user tries a transaction after the timeout?
28 Logins
In order to validate users, several sites require customers to login. This makes it easier for the customer since they don't have to re-enter personal information every time. You need to verify that the system does not allow invalid usernames/password and that it does allow valid logins. Is there a maximum number of failed logins allowed before the server locks out the current user? Is the lockout based on IP? What if the maximum failed login attempts is three, and you try three, but then enter a valid login? What are the rules for password selection?
29. Log files
Behind the scenes, you will need to verify that server logs are working properly. Does the log track every transaction? Does it track unsuccessful login attempts? Does it only track stolen credit card usage? What does it store for each transaction? IP address? User name?
30. Scripting languages
Scripting languages are a constant source of security holes. The details are different for each language. Some exploits allow access to the root directory. Others allow access to the mail server. Find out what scripting languages are being used and research the loopholes. It might also be a good idea to subscribe to a security newsgroup that discusses the language you will be testing.
31. Web Server Testing Features
* Feature: Definition
* Transactions: The nunber of times the test script requested the current URL
* Elapsed time: The number of seconds it took to run the request
* Bytes transferred: The total number of bytes sent or received, less HTTP headers
* Response time: The average time it took for the server to respond to each individual request.
* Transaction rate: The average number of transactions the server was able to handle per second.
* Transferance: The average number of bytes transferred per second.
* Concurrency: The average number of simultaneous connections the server was able to handle during the test session.
* Status code nnn: This indicates how many times a particular HTTP status code was seen.
27. Explain Black Box testing for web-based application Part 4:
23. Printers
Users like to print. The concept behind the web should save paper and reduce printing, but most people would rather read on paper than on the screen. So, you need to verify that the pages print properly. Sometimes images and text align on the screen differently than on the printed page. You need to at least verify that order confirmation screens can be printed properly.
24. Combinations
Now you get to try combinations. Maybe 600x800 looks good on the MAC but not on the IBM. Maybe IBM with Netscape works, but not with Lynx.
If the web site will be used internally it might make testing a little easier. If the company has an official web browser choice, then you just need to verify that it works for that browser. If everyone has a T1 connection, then you might not need to check load times. (But keep in mind, some people may dial in from home.) With internal applications, the development team can make disclaimers about system requirements and only support those systems setups. But, ideally, the site should work on all machines so you don't limit growth and changes in the future.
25. Load/Stress
You will need to verify that the system can handle a large number of users at the same time, a large amount of data from each user, and a long period of continuous use. Accessibility is extremely important to users. If they get a "busy signal", they hang up and call the competition. Not only must the system be checked so your customers can gain access, but many times crackers will attempt to gain access to a system by overloading it. For the sake of security, your system needs to know what to do when it's overloaded and not simply blow up.
Many users at the same time
If the site just put up the results of a national lottery, it better be able to handle millions of users right after the winning numbers are posted. A load test tool would be able to simulate large number of users accessing the site at the same time.
Large amount of data from each user
Most customers may only order 1-5 books from your new online bookstore, but what if a university bookstore decides to order 5000 different books? Or what if grandma wants to send a gift to each of her 50 grandchildren for Christmas (separate mailing addresses for each, of course.) Can your system handle large amounts of data from a single user?
Long period of continuous use
If the site is intended to take orders for flower deliveries, then it better be able to handle the week before Mother's Day. If the site offers web-based email, it better be able to run for months or even years, without downtimes.
You will probably want to use an automated test tool to implement these types of tests, since they are difficult to do manually. Imagine coordinating 100 people to hit the site at the same time. Now try 100,000 people. Generally, the tool will pay for itself the second or third time you use it. Once the tool is set up, running another test is just a click away.
26. Security
Even if you aren't accepting credit card payments, security is very important. The web site will be the only exposure some customers have to your company. And, if that exposure is a hacked page, they won't feel safe doing business with you.
28. Explain Black Box testing for web-based application Part 3:
16. Interface Testing
Many times, a web site is not an island. The site will call external servers for additional data, verification of data or fulfillment of orders.
16. Server interface
The first interface you should test is the interface between the browser and the server. You should attempt transactions, then view the server logs and verify that what you're seeing in the browser is actually happening on the server. It's also a good idea to run queries on the database to make sure the transaction data is being stored properly.
17. External interfaces
Some web systems have external interfaces. For example, a merchant might verify credit card transactions real-time in order to reduce fraud. You will need to send several test transactions using the web interface. Try credit cards that are valid, invalid, and stolen. If the merchant only takes Visa and MasterCard, try using a Discover card. (A script can check the first digit of the credit card number: 3 for American Express, 4 for Visa, 5 for MasterCard, or 6 for Discover, before the transaction is sent.) Basically, you want to make sure that the software can handle every possible message returned by the external server.
18. Error handling
One of the areas left untested most often is interface error handling. Usually we try to make sure our system can handle all of our errors, but we never plan for the other systems' errors or for the unexpected. Try leaving the site mid-transaction - what happens? Does the order complete anyway? Try losing the internet connection from the user to the server. Try losing the connection from the server to the credit card verification server. Is there proper error handling for all these situations? Are charges still made to credit cards? Is the interruption is not user initiated, does the order get stored so customer service reps can call back if the user doesn't come back to the site?
19. Compatibility
You will also want to verify that the application can work on the machines your customers will be using. If the product is going to the web for the world to use, you will need to try different combinations of operating system, browser, video setting and modem speed.
20. Operating systems
Does the site work for both MAC and IBM-Compatibles? Some fonts are not available on both systems, so make sure that secondary fonts are selected. Make sure that the site doesn't use plug-ins only available for one OS, if your users will use both.
21. Browsers
Does your site work with Netscape? Internet Explorer? Lynx? Some HTML commands or scripts only work for certain browsers. Make sure there are alternate tags for images, in case someone is using a text browser. If you're using SSL security, you only need to check browsers 3.0 and higher, but verify that there is a message for those using older browsers.
22. Video settings
Does the layout still look good on 640x400 or 600x800? Are fonts too small to read? Are they too big? Does all the text and graphic alignment still work?
23. Modem/connection speeds
Does it take 10 minutes to load a page with a 28.8 modem, but you tested hooked up to a T1? Users will expect long download times when they are grabbing documents or demos, but not on the front page. Make sure that the images aren't too large. Make sure that marketing didn't put 50k of font size -6 keywords for search engines.
29. Explain Black Box testing for web-based application Part 2:
7. Images
Whether it's a screen grab or a little icon that points the way, a picture is worth a thousand words. Sometimes, the best way to tell the user something is to simply show them. However, bandwidth is precious to the client and the server, so you need to conserve memory usage. Do all the images add value to each page, or do they simply waste bandwidth? Can a different file type (.GIF, .JPG) be used for 30k less?
In general, you don't want large pictures on the front page, since most users who abandon a page due to a large load will do it on the front page. If you can get them to see the front page quickly, it will increase the chance they will stay.
8. Tables
You also want to verify that tables are setup properly. Does the user constantly have to scroll right to see the price of the item? Would it be more effective to put the price closer to the left and put miniscule details to the right? Are the columns wide enough or does every row have to wrap around? Are certain columns considerably longer than others?
9. Wrap-around
Finally, you will want to verify that wrap-around occurs properly. If the text refers to "a picture on the right", make sure the picture is on the right. Make sure that widowed and orphaned sentences and paragraphs don't layout in an awkward manner because of pictures.
10. Functionality
The functionality of the web site is why your company hired a developer and not just an artist. This is the part that interfaces with the server and actually "does stuff".
11. Links
A link is the vehicle that gets the user from page to page. You will need to verify two things for each link: that the link brings you to the page it said it would and that the pages you are linking to actually exists. It may sound a little silly but I have seen plenty of web sites with internal broken links.
12. Forms
When a user submits information through a form it needs to work properly. The submit button needs to work. If the form is for an online registration, the user should be given login information (that works) after successful completion. If the form gathers shipping information, it should be handled properly and the customer should receive their package. In order to test this, you need to verify that the server stores the information properly and that systems down the line can interpret and use that information.
13. Data verification
If the system verifies user input according to business rules, then that needs to work properly. For example, a State field may be checked against a list of valid values. If this is the case, you need to verify that the list is complete and that the program actually calls the list properly (add a bogus value to the list and make sure the system accepts it).
14. Cookies
Most users only like the kind with sugar, but developers love web cookies. If the system uses them, you need to check them. If they store login information, make sure the cookies work. If the cookie is used for statistics, verify that totals are being counted properly. And you'll probably want to make sure those cookies are encrypted too, otherwise people can edit their cookies and skew your statistics.
Application specific functional requirements Most importantly, you want to verify the application specific functional requirements. Try to perform all functions a user would: place an order, change an order, cancel an order, check the status of the order, change shipping information before an order is shipped, pay online, ad naseum.
This is why your users will show up on your doorstep, so you need to make sure you can do what you advertise.
30. Explain Black Box testing for web-based application Part 1:
1. Browser functionality:
* Is the browser compatible with the application design?
* There are many different types of browsers available.
# GUI design components
* Are the scroll bars, buttons, and frames compatible with the browser and functional?
* To check the functionality of the scroll bars on the interface of the Web page to make sure the the user can scroll through items and make the correct selection from a list of items.
* The button on the interface need to be functional and the correct hyperlink should go to the correct page.
* If frames are used on the interface, they should be checked for the correct size and whether all of the components fit within the viewing screen of the monitor.
2. User Interface
One of the reasons the web browser is being used as the front end to applications is the ease of use. Users who have been on the web before will probably know how to navigate a well-built web site. While you are concentrating on this portion of testing it is important to verify that the application is easy to use. Many will believe that this is the least important area to test, but if you want to be successful, the site better be easy to use.
3.Instructions
You want to make sure there are instructions. Even if you think the web site is simple, there will always be someone who needs some clarification. Additionally, you need to test the documentation to verify that the instructions are correct. If you follow each instruction does the expected result occur?
4. Site map or navigational bar
Does the site have a map? Sometimes power users know exactly where they want to go and don't want to wade through lengthy introductions. Or new users get lost easily. Either way a site map and/or an ever-present navigational bar can help guide the user. You need to verify that the site map is correct. Does each link on the map actually exist? Are there links on the site that are not represented on the map? Is the navigational bar present on every screen? Is it consistent? Does each link work on each page? Is it organized in an intuitive manner?
5. Content
To a developer, functionality comes before wording. Anyone can slap together some fancy mission statement later, but while they are developing, they just need some filler to verify alignment and layout. Unfortunately, text produced like this may sneak through the cracks. It is important to check with the public relations department on the exact wording of the content.
You also want to make sure the site looks professional. Overuse of bold text, big fonts and blinking (ugh) can turn away a customer quickly. It might be a good idea to consult a graphic designer to look over the site during User Acceptance Testing. You wouldn't slap together a brochure with bold text everywhere, so you want to handle the web site with the same level of professionalism.
Finally, you want to make sure that any time a web reference is given that it is hyperlinked. Plenty of sites ask you to email them at a specific address or to download a browser from an address. But if the user can't click on it, they are going to be annoyed.
6. Colors/backgrounds
Ever since the web became popular, everyone thinks they are graphic designers. Unfortunately, some developers are more interested in their new backgrounds, than ease of use. Sites will have yellow text on a purple picture of a fractal pattern. (If you've never seen this, try most sites at GeoCities or AOL.) This may seem "pretty neat", but it's not easy to use.
Usually, the best idea is to use little or no background. If you have a background, it might be a single color on the left side of the page, containing the navigational bar. But, patterns and pictures distract the user.
31. Explain Regression Testing Technique?
Background " One segment of system is developed and thoroughly tested.
" Another segment is changed which has disastrous effect on the tested segment.
" The implemented change, new data or parameters have created change in the already tested segment.
Usage " All aspects of system remain functional after testing.
" Change in one segment does not change the functionality of other segment.
Objectives " Determine -
system documents remain current
System test data and test conditions remain current.
Previously tested system functions properly without getting effected though changes are made in some other segment of application system.
How to Use " Test cases, which were used previously for the already tested segment is, re-run to ensure that the results of the segment tested currently and the results of same segment tested earlier are same.
" Test automation is needed to carry out the test transactions (test condition execution) else the process is very time consuming and tedious.
" In this case of testing cost/benefit should be carefully evaluated else the efforts spend on testing would be more and payback would be minimum.
When to use " When there is high risk that the new changes may effect the unchanged areas of application system.
" In development process: Regression testing should be carried out after the pre-determined changes are incorporated in the application system.
" In Maintenance phase : regression testing should be carried out if there is a high risk that loss may occur when the changes are made to the system
Examples " Re-running of previously conducted tests to ensure that the unchanged portion of system functions properly.
" Reviewing previously prepared system documents (manuals) to ensure that they do not get effected after changes are made to the application system.
" Obtaining printout of data dictionary to ensure that the data elements reflect the changes being incorporated.
Disadvantage " Time consuming and tedious if test automation not done.
32. What is Testing Web Sites Applications?
Many developers and testers are making the transition from testing traditional client/server, PC, and/or mainframe systems, to testing rapidly changing Web applications.
Web test: This testing forcuses on how well all parts of the web site hold together, whether inside and outside the website are working and whether all parts of the website are connected.
Web sites Server consist of three back-end layer:
* Web server
* Application server
* Data layers
33. What is Black-Box testing on Window-based Application?
Editable Fields Checking and Validation:
* Valid/invalid characters/strings data in all editable fields
* Valid minimum/maximum/mid range values in fields
* Null strings (or no data ) in required fields
* Record length (character limit)in text/memo fields
* Cut/copy/paste into/from fields when possible
Not Editable Fields Checking:
* Check for all test/spelling in warnings and error messages/dialogs
* Invoke/check all menu items and their options
Application Usability:
* Appearance an outlook (Placement an alignment of objects on screen)
* User Interface Test (open all menus, check all items)
* Basic functionality checking (File+Open+Save, etc..)
* Right mouse clicking sensitivity
* Resize/min/max/restore app, windows (check min app size)
* Scrollability when applicable (scrollbars, keyboard, autoscrolling)
* Keyboard and mouse navigation, highlighting, dragging, drag/drop
* Print in landscape an portrait modes
* Check F1, What's This , Help menu
* Short-cut and Accelerator keys
* Tab Key order and Navigation in all dialog boxes and menus
34. Explain Desktop application development and Test automation?
The software was written to provide a friendly interface for information workers: Spreadsheet jockeys, business people needing written reports, and game players. The full spectrum of desktop software could pretty well be categorized into spreadsheet, wordprocessor, database, and entertainment categories since desktop computers were rarely networked to other information resources. Desktop applications used the keyboard, and then later a mouse, to navigate through windows and a drop-down menu. Inside a desktop application software package one would find an event-driven framework surrounding individual procedural functions. The automation focused on improving the time it took to test a desktop application for functionality. The test utilities link into desktop applications and try each command as though a user were accessing the menu and window commands. Most QA technicians testing a desktop application compare the function of all the menus and windows to a written functional specification document. The variation from the document to the performance shows the relative health of a desktop application.
Usage " Security is a protection system that is needed for both securing the confidential information and for competitive purposes to assure third parties that their data will be protected.
" Amount of security provided depends upon risks associated with compromise or loss of information.
" Protecting the confidentiality of the information is designed to protect the resources of the organization.
" Used to check the adequacy of protective procedures and countermeasures..
Objectives " To identify the defects which are very difficult to identify.
" The failures in security system operation may not be detected , resulting in a loss or compromise of information without the knowledge of that loss.
" To determine that adequate attention is paid to identify security risks.
" Determine realistic definition and enforcement of access to the system has been implemented.
" To determine that sufficient expertise exists to perform adequate security testing.
" Conducting reasonable tests to ensure that the implemented security measures function properly.
How to Use " Involves a wide spectrum of conditions.
" Testing divided into physical and logical security.
" Physical security - deals with penetration by people in order to physically gather information.
" Logical Security - deals with use of computer operations / communications capabilities to improperly access information.
When to use " Security testing should be used when the information and/or assets protected by the application system are of significant value to the organization.
" Should be conducted before system goes to operational status.
" Extent of testing should depend upon the security risk.
Examples " Access denied " Procedures in place
