Himanshu Patel
My Experiences about software testing...
Thursday, March 4, 2010
Tips for Finding Bugs
1) Understand the whole application or module in depth before starting the testing.
2) Prepare good test cases before start to testing. I mean give stress on the functional test cases which includes major risk of the application.
3) Create a sufficient test data before tests, this data set include the test case conditions and also the database records if you are going to test DB related application.
4) Perform repeated tests with different test environment.
5) Try to find out the result pattern and then compare your results with those patterns.
6) When you think that you have completed most of the test conditions and when you think you are tired somewhat then do some monkey testing.
7) Use your previous test data pattern to analyse the current set of tests.
8) Try some standard test cases for which you found the bugs in some different application. Like if you are testing input text box try inserting some html tags as the inputs and see the output on display page.
9) Last and the best trick is try very hard to find the bug ;-) As if you are testing only to break the application!
2) Prepare good test cases before start to testing. I mean give stress on the functional test cases which includes major risk of the application.
3) Create a sufficient test data before tests, this data set include the test case conditions and also the database records if you are going to test DB related application.
4) Perform repeated tests with different test environment.
5) Try to find out the result pattern and then compare your results with those patterns.
6) When you think that you have completed most of the test conditions and when you think you are tired somewhat then do some monkey testing.
7) Use your previous test data pattern to analyse the current set of tests.
8) Try some standard test cases for which you found the bugs in some different application. Like if you are testing input text box try inserting some html tags as the inputs and see the output on display page.
9) Last and the best trick is try very hard to find the bug ;-) As if you are testing only to break the application!
Monday, January 4, 2010
ISTQB Mock Test Paper I
1. When software reliability measures are used to determine when to stop testing, the best types of test cases to use are those that
(A) Push the system beyond its designed operation limits and is likely to make the system fail
(B) Exercise unusual and obscure scenarios that may not have been considered in design
(C) Exercise system functions in proportion to the frequency they will be used in the released product
(D) Exercise the most complicated and the most error-prone portions of the system
2.The inspection process assigns different roles to each of the inspectors in order to
(A) Keep the inspection teams small and manageable
(B) Encourage different viewpoints during the inspection process
(C) Use fewer organizational resources at any point in time
(D) Empower the inspection team members
3. The publisher of a social services resource guide has contracted for the development of an electronic version of
its guide. The product has been loosely defined to date due to the limited knowledge of the technology available
to the user community and to the limited technical expertise of the publisher’s staff. The development team
for this project will consist of two employees who are new to the company and one programmer with minimal
experience. Which of the following approaches would best serve the needs of this project?
A. Clean room methods B. Waterfall model C. Object oriented development D. Iterative development
4. A software quality assurance plan should be based principally on the quality requirements of
A. IEEE 730 B. ISO 9001 C. The customer/Clients D. Software engineering
5. Equivalence class partitioning is a testing technique best defined as the organization of each
A. Element of the specification into workable pieces B. Combination of states into two or more groups
C. Program function by intuition and experience D. Input domain into two or more groups
6. Which of the following models is characterized as being suitable for a software development project that has well-defined requirements?
A. Prototyping B. Spiral C. Waterfall D. Iterative
7.Records of the results of inspections should include which of the following?
(A) Identification of inspectors, list of defects, and date performed
(B) Work product, list of defects, and configuration status
(C) Identification of inspectors, their qualifications, and their training records
(D) Date performed, management approval, and resources used
8.The following code segment contains a potential “divide by 0” error.
J=50
K=1
While (N>=-10) and (N<=10) loop
M [K] = J/N
K = K + 1
N = N - 1
End loop
Which of the following is the most effective way of detecting this error?
A. Boundary testing B. Condition testing C. Compilation of the source code D. Source code inspection
9. Which of the following statements is NOT true about a software verification and validation program?
(A) It strives to ensure that quality is built into software.
(B) It provides management with insights into the state of a software project.
(C) It ensures that alpha, beta, and system tests are performed.
(D) It is executed in parallel with software development activities.
10.Which two of the following are characteristics of a successful defect prevention program?
I. It is performed using a top-down approach.
II. A root cause analysis of defects is conducted.
III. Historical defect data are tracked.
IV. It is initiated at the end of the design phase.
A. I and III B. IV and I C. II and III D. II and IV
11. Which of the following strategic issues needs to be addressed in a successful software testing process?
A. Conduct formal technical reviews prior to testing
B. specify requirements in a quantifiable manner
C. consider using independent test teams
D. all of the above
12. Regression testing should be a normal part of integration testing because as a new module is added to the system new
A. Control logic and data flow paths are invoked B. Memory size increases
C. Drivers require testing D. A and B.
13. Which of the following are objectives for formal technical reviews?
A. Allow senior staff members to correct errors
B. Assess programmer productivity
C. Par determining who introduced an error into a program
D. Uncover errors in software work products
14. When a defect is fixed in production how rather than in requirement, how much expensive is that
A. 5 times B. 50 times C. 500 times D. None
15. Which of the following Test cannot be automated?
A. Performance testing B. Regression Testing C. UAT D. None
16. The incremental model of software development is
A. A reasonable approach when requirements are well defined.
B. A good approach when a working core product is required quickly.
C. The best approach to use for projects with large development teams.
D. A revolutionary model that is not used for commercial products.
17. Software testing activities should start
A. As soon as the code is written B. During the design stage
C. When the requirements have been formally documented D. As soon as possible in the development lifecycle
18. Which is not system level testing?
A. System Testing B. Performance Testing C. Installable Testing D. None
19. Compatibility testing uses
A. All S/W component B. All H/W component C. All N/W component D. A&B E. A&B&C
20. Acceptance test plan is prepared from
A. SRS B.HLD C. DD D.ULD/URD
21. For what purpose IEEE 829 template is used
A. Unit Testing B. Integration Testing C. Test Plan D. Test Documentation
22. Which of the following not comes under testing process?
A. Plan test B. Execute Test C. Manage Test D.Develop Test E. None of these
23. BS 7925-2 is standard for
A. Software Component testing B. Software Test Plan C. Unit Testing D. Integration Testing
24.Which of the following is test design technique
A. Equivalence Partioning B. Cause Effect Graphing C. Boundary Value Analysis D. All
25.Which of the following is the standard for software Unit Testing
A. IEEE 1008 B.IEEE 1009 C.IEEE 10288 D. IEEE 829
26. IEEE 1012 is standard for software
A. Unit Testing B. Software Review C. Verification and Validation D. Test Documentation
27. IEEE 10288 is standard for software
A. Unit Testing B. Software Review C. Verification and Validation D. Test Documentation
28. Which of the following is the standard for the software Test Documentation
A. IEEE 1012 B. IEEE 729 C.IEEE 829 D. IEEE 10288
29. You have delivered a product to the customer, insuring that there is no high severity. After certain time he/she found the bug in the production environment. Then the cost of bug will be
A. Low B. Medium C. High D. Very High
30. Just like with Salman. It’s difficult to swim in upstream. Each step is a discrete, standalone process that follows the one before it. If you get to the end and find that something should have happed further up. It’s too late to go back. This type of tendency found in which SDLC model
A. V-Model B. Spiral Model C. Rapid Application Development D. Water Fall model
Mock Test Paper-I
1 C
2 B
3 D
4 C
5 D
6 C
7 A
8 D
9 C
10 C
11 D
12 D
13 D
14 C
15 C
16 A
17 C
18 D
19 E
20 A
21 D
22 E
23 A
24 D
25 A
26 C
27 B
28 C
29 D
30 D
(A) Push the system beyond its designed operation limits and is likely to make the system fail
(B) Exercise unusual and obscure scenarios that may not have been considered in design
(C) Exercise system functions in proportion to the frequency they will be used in the released product
(D) Exercise the most complicated and the most error-prone portions of the system
2.The inspection process assigns different roles to each of the inspectors in order to
(A) Keep the inspection teams small and manageable
(B) Encourage different viewpoints during the inspection process
(C) Use fewer organizational resources at any point in time
(D) Empower the inspection team members
3. The publisher of a social services resource guide has contracted for the development of an electronic version of
its guide. The product has been loosely defined to date due to the limited knowledge of the technology available
to the user community and to the limited technical expertise of the publisher’s staff. The development team
for this project will consist of two employees who are new to the company and one programmer with minimal
experience. Which of the following approaches would best serve the needs of this project?
A. Clean room methods B. Waterfall model C. Object oriented development D. Iterative development
4. A software quality assurance plan should be based principally on the quality requirements of
A. IEEE 730 B. ISO 9001 C. The customer/Clients D. Software engineering
5. Equivalence class partitioning is a testing technique best defined as the organization of each
A. Element of the specification into workable pieces B. Combination of states into two or more groups
C. Program function by intuition and experience D. Input domain into two or more groups
6. Which of the following models is characterized as being suitable for a software development project that has well-defined requirements?
A. Prototyping B. Spiral C. Waterfall D. Iterative
7.Records of the results of inspections should include which of the following?
(A) Identification of inspectors, list of defects, and date performed
(B) Work product, list of defects, and configuration status
(C) Identification of inspectors, their qualifications, and their training records
(D) Date performed, management approval, and resources used
8.The following code segment contains a potential “divide by 0” error.
J=50
K=1
While (N>=-10) and (N<=10) loop
M [K] = J/N
K = K + 1
N = N - 1
End loop
Which of the following is the most effective way of detecting this error?
A. Boundary testing B. Condition testing C. Compilation of the source code D. Source code inspection
9. Which of the following statements is NOT true about a software verification and validation program?
(A) It strives to ensure that quality is built into software.
(B) It provides management with insights into the state of a software project.
(C) It ensures that alpha, beta, and system tests are performed.
(D) It is executed in parallel with software development activities.
10.Which two of the following are characteristics of a successful defect prevention program?
I. It is performed using a top-down approach.
II. A root cause analysis of defects is conducted.
III. Historical defect data are tracked.
IV. It is initiated at the end of the design phase.
A. I and III B. IV and I C. II and III D. II and IV
11. Which of the following strategic issues needs to be addressed in a successful software testing process?
A. Conduct formal technical reviews prior to testing
B. specify requirements in a quantifiable manner
C. consider using independent test teams
D. all of the above
12. Regression testing should be a normal part of integration testing because as a new module is added to the system new
A. Control logic and data flow paths are invoked B. Memory size increases
C. Drivers require testing D. A and B.
13. Which of the following are objectives for formal technical reviews?
A. Allow senior staff members to correct errors
B. Assess programmer productivity
C. Par determining who introduced an error into a program
D. Uncover errors in software work products
14. When a defect is fixed in production how rather than in requirement, how much expensive is that
A. 5 times B. 50 times C. 500 times D. None
15. Which of the following Test cannot be automated?
A. Performance testing B. Regression Testing C. UAT D. None
16. The incremental model of software development is
A. A reasonable approach when requirements are well defined.
B. A good approach when a working core product is required quickly.
C. The best approach to use for projects with large development teams.
D. A revolutionary model that is not used for commercial products.
17. Software testing activities should start
A. As soon as the code is written B. During the design stage
C. When the requirements have been formally documented D. As soon as possible in the development lifecycle
18. Which is not system level testing?
A. System Testing B. Performance Testing C. Installable Testing D. None
19. Compatibility testing uses
A. All S/W component B. All H/W component C. All N/W component D. A&B E. A&B&C
20. Acceptance test plan is prepared from
A. SRS B.HLD C. DD D.ULD/URD
21. For what purpose IEEE 829 template is used
A. Unit Testing B. Integration Testing C. Test Plan D. Test Documentation
22. Which of the following not comes under testing process?
A. Plan test B. Execute Test C. Manage Test D.Develop Test E. None of these
23. BS 7925-2 is standard for
A. Software Component testing B. Software Test Plan C. Unit Testing D. Integration Testing
24.Which of the following is test design technique
A. Equivalence Partioning B. Cause Effect Graphing C. Boundary Value Analysis D. All
25.Which of the following is the standard for software Unit Testing
A. IEEE 1008 B.IEEE 1009 C.IEEE 10288 D. IEEE 829
26. IEEE 1012 is standard for software
A. Unit Testing B. Software Review C. Verification and Validation D. Test Documentation
27. IEEE 10288 is standard for software
A. Unit Testing B. Software Review C. Verification and Validation D. Test Documentation
28. Which of the following is the standard for the software Test Documentation
A. IEEE 1012 B. IEEE 729 C.IEEE 829 D. IEEE 10288
29. You have delivered a product to the customer, insuring that there is no high severity. After certain time he/she found the bug in the production environment. Then the cost of bug will be
A. Low B. Medium C. High D. Very High
30. Just like with Salman. It’s difficult to swim in upstream. Each step is a discrete, standalone process that follows the one before it. If you get to the end and find that something should have happed further up. It’s too late to go back. This type of tendency found in which SDLC model
A. V-Model B. Spiral Model C. Rapid Application Development D. Water Fall model
Mock Test Paper-I
1 C
2 B
3 D
4 C
5 D
6 C
7 A
8 D
9 C
10 C
11 D
12 D
13 D
14 C
15 C
16 A
17 C
18 D
19 E
20 A
21 D
22 E
23 A
24 D
25 A
26 C
27 B
28 C
29 D
30 D
Thursday, December 3, 2009
Web Application UI Checklist
Testing user interface for web application is slightly different from testing user interface of traditional applications. Irrespective of the web application there are certain things which should be tested for every web application. Following checklist will give some information on items that should be tested to ensure quality of the user interface of your web application.
1.1 COLORS
1.1.1 Are hyperlink colors standard?
1.1.2 Are the field backgrounds the correct color?
1.1.3 Are the field prompts the correct color?
1.1.4 Are the screen and field colors adjusted correctly for non-editable mode?
1.1.5 Does the site use (approximately) standard link colors?
1.1.6 Are all the buttons are in standard format and size?
1.1.7 Is the general screen background the correct color?
1.1.8 Is the page background (color) distraction free?
1.2 CONTENT
1.2.1 All fonts to be the same
1.2.2 Are all the screen prompts specified in the correct screen font?
1.2.3 Does content remain if you need to go back to a previous page, or if you move forward to another new page?
1.2.4 Is all text properly aligned?
1.2.5 Is the text in all fields specified in the correct screen font?
1.2.6 Is all the heading are left aligned
1.2.7 Does the first letter of the second word appears in lowercase? Eg:
1.3 IMAGES
1.3.1 Are all graphics properly aligned?
1.3.2 Are graphics being used the most efficient use of file size?
1.3.3 Are graphics optimized for quick downloads?
1.3.4 Assure that command buttons are all of similar size and shape, and same font & font size.
1.3.5 Banner style & size & display exact same as existing windows
1.3.6 Does text wrap properly around pictures/graphics?
1.3.7 Is it visually consistent even without graphics?
1.4 INSTRUCTIONS
1.4.1 Is all the error message text spelt correctly on this screen?
1.4.2 Is all the micro-help text(i.e tool tip) spelt correctly on this screen?
1.4.3 Microhelp text(i.e tool tip) for every enabled field & button
1.4.4 Progress messages on load of tabbed(active screens) screens
1.5 NAVIGATION
1.5.1 Are all disabled fields avoided in the TAB sequence?
1.5.2 Are all read-only fields avoided in the TAB sequence?
1.5.3 Can all screens accessible via buttons on this screen be accessed correctly?
1.5.4 Does a scrollbar appear if required?
1.5.5 Does the Tab Order specified on the screen go in sequence from Top Left to bottom right? This is the default unless otherwise specified.
1.5.6 Is there a link to home on every single page?
1.5.7 On open of tab focus will be on first editable field
1.5.8 When an error message occurs does the focus return to the field in error when the user cancels it?
1.6 USABILITY
1.6.1 Are all the field prompts spelt correctly?
1.6.2 Are fonts too large or too small to read?
1.6.3 Are names in command button & option box names are not abbreviations.
1.6.4 Assure that option boxes, option buttons, and command buttons are logically grouped together in clearly demarcated areas "Group Box"
1.6.5 Can the typical user run the system without frustration?
1.6.6 Do pages print legibly without cutting off text?
1.6.7 Does the site convey a clear sense of its intended audience?
1.6.8 Does the site have a consistent, clearly recognizable "look-&-feel"?
1.6.9 Does User cab Login Member Area with both UserName/Email ID ?
1.6.9 Does the site look good on 640 x 480, 600x800 etc.?
1.6.10 Does the system provide or facilitate customer service? i.e. responsive, helpful, accurate?
1.6.11 Is all terminology understandable for all of the site’s intended users?
1.1 COLORS
1.1.1 Are hyperlink colors standard?
1.1.2 Are the field backgrounds the correct color?
1.1.3 Are the field prompts the correct color?
1.1.4 Are the screen and field colors adjusted correctly for non-editable mode?
1.1.5 Does the site use (approximately) standard link colors?
1.1.6 Are all the buttons are in standard format and size?
1.1.7 Is the general screen background the correct color?
1.1.8 Is the page background (color) distraction free?
1.2 CONTENT
1.2.1 All fonts to be the same
1.2.2 Are all the screen prompts specified in the correct screen font?
1.2.3 Does content remain if you need to go back to a previous page, or if you move forward to another new page?
1.2.4 Is all text properly aligned?
1.2.5 Is the text in all fields specified in the correct screen font?
1.2.6 Is all the heading are left aligned
1.2.7 Does the first letter of the second word appears in lowercase? Eg:
1.3 IMAGES
1.3.1 Are all graphics properly aligned?
1.3.2 Are graphics being used the most efficient use of file size?
1.3.3 Are graphics optimized for quick downloads?
1.3.4 Assure that command buttons are all of similar size and shape, and same font & font size.
1.3.5 Banner style & size & display exact same as existing windows
1.3.6 Does text wrap properly around pictures/graphics?
1.3.7 Is it visually consistent even without graphics?
1.4 INSTRUCTIONS
1.4.1 Is all the error message text spelt correctly on this screen?
1.4.2 Is all the micro-help text(i.e tool tip) spelt correctly on this screen?
1.4.3 Microhelp text(i.e tool tip) for every enabled field & button
1.4.4 Progress messages on load of tabbed(active screens) screens
1.5 NAVIGATION
1.5.1 Are all disabled fields avoided in the TAB sequence?
1.5.2 Are all read-only fields avoided in the TAB sequence?
1.5.3 Can all screens accessible via buttons on this screen be accessed correctly?
1.5.4 Does a scrollbar appear if required?
1.5.5 Does the Tab Order specified on the screen go in sequence from Top Left to bottom right? This is the default unless otherwise specified.
1.5.6 Is there a link to home on every single page?
1.5.7 On open of tab focus will be on first editable field
1.5.8 When an error message occurs does the focus return to the field in error when the user cancels it?
1.6 USABILITY
1.6.1 Are all the field prompts spelt correctly?
1.6.2 Are fonts too large or too small to read?
1.6.3 Are names in command button & option box names are not abbreviations.
1.6.4 Assure that option boxes, option buttons, and command buttons are logically grouped together in clearly demarcated areas "Group Box"
1.6.5 Can the typical user run the system without frustration?
1.6.6 Do pages print legibly without cutting off text?
1.6.7 Does the site convey a clear sense of its intended audience?
1.6.8 Does the site have a consistent, clearly recognizable "look-&-feel"?
1.6.9 Does User cab Login Member Area with both UserName/Email ID ?
1.6.9 Does the site look good on 640 x 480, 600x800 etc.?
1.6.10 Does the system provide or facilitate customer service? i.e. responsive, helpful, accurate?
1.6.11 Is all terminology understandable for all of the site’s intended users?
Web Application - Interface and Compatibility Checklist
Testing web application is certainly different than testing desktop or any other application. With in web applications, there are certain standards which are followed in almost all the applications. Having these standards makes life easier for use, because these standards can be converted into checklist and application can be tested easily against the checklist.
3. INTERFACE AND ERROR HANDLING
3.1 SERVER INTERFACE
3.1.1 Verify that communication is done correctly, web server-application server, application server-database server and vice versa.
3.1.2 Compatibility of server software, hardware, network connections
3.2 EXTERNAL INTERFACE
3.2.1 Have all supported browsers been tested?
3.2.2 Have all error conditions related to external interfaces been tested when external application is unavailable or server inaccessible?
3.3 INTERNAL INTERFACE
3.3.1 If the site uses plug-ins, can the site still be used without them?
3.3.2 Can all linked documents be supported/opened on all platforms (i.e. can Microsoft Word be opened on Solaris)?
3.3.3 Are failures handled if there are errors in download?
3.3.4 Can users use copy/paste functionality?Does it allows in password/CVV/credit card no field?
3.3.5 Are you able to submit unencrypted form data?
3.4 INTERNAL INTERFACE
3.4.1 If the system does crash, are the re-start and recovery mechanisms efficient and reliable?
3.4.2 If we leave the site in the middle of a task does it cancel?
3.4.3 If we lose our Internet connection does the transaction cancel?
3.4.4 Does our solution handle browser crashes?
3.4.5 Does our solution handle network failures between Web site and application servers?
3.4.6 Have you implemented intelligent error handling (from disabling cookies, etc.)?
4. COMPATIBILITY
4.1 BROWSERS
4.1.1 Is the HTML version being used compatible with appropriate browser versions?
4.1.2 Do images display correctly with browsers under test?
4.1.3 Verify the fonts are usable on any of the browsers
4.1.4 Is Java Code/Scripts usable by the browsers under test?
4.1.5 Have you tested Animated GIFs across browsers?
4.2 VIDEO SETTINGS
4.2.1 Screen resolution (check that text and graphic alignment still work, font are readable etc.) like 1024 by 768, 600x800, 640 x 480 pixels etc
4.2.2 Colour depth (256, 16-bit, 32-bit)
4.3 CONNECTION SPEED
4.3.1 Does the site load quickly enough in the viewer's browser within 8 Seconds?
4.4 PRINTERS
4.4.1 Text and image alignment
4.4.2 Colours of text, foreground and background
4.4.3 Scalability to fit paper size
4.4.4 Tables and borders
4.4.5 Do pages print legibly without cutting off text?
3. INTERFACE AND ERROR HANDLING
3.1 SERVER INTERFACE
3.1.1 Verify that communication is done correctly, web server-application server, application server-database server and vice versa.
3.1.2 Compatibility of server software, hardware, network connections
3.2 EXTERNAL INTERFACE
3.2.1 Have all supported browsers been tested?
3.2.2 Have all error conditions related to external interfaces been tested when external application is unavailable or server inaccessible?
3.3 INTERNAL INTERFACE
3.3.1 If the site uses plug-ins, can the site still be used without them?
3.3.2 Can all linked documents be supported/opened on all platforms (i.e. can Microsoft Word be opened on Solaris)?
3.3.3 Are failures handled if there are errors in download?
3.3.4 Can users use copy/paste functionality?Does it allows in password/CVV/credit card no field?
3.3.5 Are you able to submit unencrypted form data?
3.4 INTERNAL INTERFACE
3.4.1 If the system does crash, are the re-start and recovery mechanisms efficient and reliable?
3.4.2 If we leave the site in the middle of a task does it cancel?
3.4.3 If we lose our Internet connection does the transaction cancel?
3.4.4 Does our solution handle browser crashes?
3.4.5 Does our solution handle network failures between Web site and application servers?
3.4.6 Have you implemented intelligent error handling (from disabling cookies, etc.)?
4. COMPATIBILITY
4.1 BROWSERS
4.1.1 Is the HTML version being used compatible with appropriate browser versions?
4.1.2 Do images display correctly with browsers under test?
4.1.3 Verify the fonts are usable on any of the browsers
4.1.4 Is Java Code/Scripts usable by the browsers under test?
4.1.5 Have you tested Animated GIFs across browsers?
4.2 VIDEO SETTINGS
4.2.1 Screen resolution (check that text and graphic alignment still work, font are readable etc.) like 1024 by 768, 600x800, 640 x 480 pixels etc
4.2.2 Colour depth (256, 16-bit, 32-bit)
4.3 CONNECTION SPEED
4.3.1 Does the site load quickly enough in the viewer's browser within 8 Seconds?
4.4 PRINTERS
4.4.1 Text and image alignment
4.4.2 Colours of text, foreground and background
4.4.3 Scalability to fit paper size
4.4.4 Tables and borders
4.4.5 Do pages print legibly without cutting off text?
Testing Checklists: Web Application - Functional Testing Checklist
Testing web application is certainly different than testing desktop or any other application. With in web applications, there are certain standards which are followed in almost all the applications. Having these standards makes life easier for use, because these standards can be converted into checklist and application can be tested easily against the checklist.
1. FUNCTIONALITY
1.1 LINKS
1.1.1 Check that the link takes you to the page it said it would.
1.1.2 Ensure to have no orphan pages (a page that has no links to it)
1.1.3 Check all of your links to other websites
1.1.4 Are all referenced web sites or email addresses hyperlinked?
1.1.5 If we have removed some of the pages from our own site, set up a custom 404 page that redirects your visitors to your home page (or a search page) when the user try to access a page that no longer exists.
1.1.6 Check all mailto links and whether it reaches properly
1.2 FORMS
1.2.1 Acceptance of invalid input
1.2.2 Optional versus mandatory fields
1.2.3 Input longer than field allows
1.2.4 Radio buttons
1.2.5 Default values on page load/reload(Also terms and conditions should be disabled)
1.2.6 Is Command Button can be used for HyperLinks and Continue Links ?
1.2.6 Is all the datas inside combo/list box are arranged in chronolgical order?
1.2.7 Are all of the parts of a table or form present? Correctly laid out? Can you confirm that selected texts are in the "right place?
1.2.8 Does a scrollbar appear if required?
1.3 DATA VERIFICATION AND VALIDATION
1.3.1 Is the Privacy Policy clearly defined and available for user access?
1.3.2 At no point of time the system should behave awkwardly when an invalid data is fed
1.3.3 Check to see what happens if a user deletes cookies while in site
1.3.4 Check to see what happens if a user deletes cookies after visiting a site
2. APPLICATION SPECIFIC FUNCTIONAL REQUIREMENTS
2.1 DATA INTEGRATION
2.1.1 Check the maximum field lengths to ensure that there are no truncated characters?
2.1.2 If numeric fields accept negative values can these be stored correctly on the database and does it make sense for the field to accept negative numbers?
2.1.3 If a particular set of data is saved to the database check that each value gets saved fully to the database. (i.e.) Beware of truncation (of strings) and rounding of numeric values.
2.2 DATE FIELD CHECKS
2.2.1 Assure that leap years are validated correctly & do not cause errors/miscalculations.
2.2.2 Assure that Feb. 28, 29, 30 are validated correctly & do not cause errors/ miscalculations.
2.2.3 Is copyright for all the sites includes Yahoo co-branded sites are updated
2.3 NUMERIC FIELDS
2.3.1 Assure that lowest and highest values are handled correctly.
2.3.2 Assure that numeric fields with a blank in position 1 are processed or reported as an error.
2.3.3 Assure that fields with a blank in the last position are processed or reported as an error an error.
2.3.4 Assure that both + and - values are correctly processed.
2.3.5 Assure that division by zero does not occur.
2.3.6 Include value zero in all calculations.
2.3.7 Assure that upper and lower values in ranges are handled correctly. (Using BVA)
2.4 ALPHANUMERIC FIELD CHECKS
2.4.1 Use blank and non-blank data.
2.4.2 Include lowest and highest values.
2.4.3 Include invalid characters & symbols.
2.4.4 Include valid characters.
2.4.5 Include data items with first position blank.
2.4.6 Include data items with last position blank.
1. FUNCTIONALITY
1.1 LINKS
1.1.1 Check that the link takes you to the page it said it would.
1.1.2 Ensure to have no orphan pages (a page that has no links to it)
1.1.3 Check all of your links to other websites
1.1.4 Are all referenced web sites or email addresses hyperlinked?
1.1.5 If we have removed some of the pages from our own site, set up a custom 404 page that redirects your visitors to your home page (or a search page) when the user try to access a page that no longer exists.
1.1.6 Check all mailto links and whether it reaches properly
1.2 FORMS
1.2.1 Acceptance of invalid input
1.2.2 Optional versus mandatory fields
1.2.3 Input longer than field allows
1.2.4 Radio buttons
1.2.5 Default values on page load/reload(Also terms and conditions should be disabled)
1.2.6 Is Command Button can be used for HyperLinks and Continue Links ?
1.2.6 Is all the datas inside combo/list box are arranged in chronolgical order?
1.2.7 Are all of the parts of a table or form present? Correctly laid out? Can you confirm that selected texts are in the "right place?
1.2.8 Does a scrollbar appear if required?
1.3 DATA VERIFICATION AND VALIDATION
1.3.1 Is the Privacy Policy clearly defined and available for user access?
1.3.2 At no point of time the system should behave awkwardly when an invalid data is fed
1.3.3 Check to see what happens if a user deletes cookies while in site
1.3.4 Check to see what happens if a user deletes cookies after visiting a site
2. APPLICATION SPECIFIC FUNCTIONAL REQUIREMENTS
2.1 DATA INTEGRATION
2.1.1 Check the maximum field lengths to ensure that there are no truncated characters?
2.1.2 If numeric fields accept negative values can these be stored correctly on the database and does it make sense for the field to accept negative numbers?
2.1.3 If a particular set of data is saved to the database check that each value gets saved fully to the database. (i.e.) Beware of truncation (of strings) and rounding of numeric values.
2.2 DATE FIELD CHECKS
2.2.1 Assure that leap years are validated correctly & do not cause errors/miscalculations.
2.2.2 Assure that Feb. 28, 29, 30 are validated correctly & do not cause errors/ miscalculations.
2.2.3 Is copyright for all the sites includes Yahoo co-branded sites are updated
2.3 NUMERIC FIELDS
2.3.1 Assure that lowest and highest values are handled correctly.
2.3.2 Assure that numeric fields with a blank in position 1 are processed or reported as an error.
2.3.3 Assure that fields with a blank in the last position are processed or reported as an error an error.
2.3.4 Assure that both + and - values are correctly processed.
2.3.5 Assure that division by zero does not occur.
2.3.6 Include value zero in all calculations.
2.3.7 Assure that upper and lower values in ranges are handled correctly. (Using BVA)
2.4 ALPHANUMERIC FIELD CHECKS
2.4.1 Use blank and non-blank data.
2.4.2 Include lowest and highest values.
2.4.3 Include invalid characters & symbols.
2.4.4 Include valid characters.
2.4.5 Include data items with first position blank.
2.4.6 Include data items with last position blank.
Testing Checklists: Performance & Security Testing Checklist
Crating checklists for performance & security is extremely important. This checklist helps in better definition of performance and security requirement. In the absence of properly defined performance & security testing requirements, teams can spend great deal time in things which probably does not matter much.
1.1 LOAD
1.1.1 Many users requesting a certain page at the same time or using the site simultaneously
1.1.2 Increase the number of users and keep the data constant
1.1.3 Does the home page load quickly? within 8 seconds
1.1.4 Is load time appropriate to content, even on a slow dial-in connection?
1.1.5 Can the site sustain long periods of usage by multiple users?
1.1.6 Can the site sustain long periods of continuous usage by 1 user?
1.1.7 Is page loading performance acceptable over modems of different speeds?
1.1.8 Does the system meet its goals for response time, throughput, and availability?
1.1.9 Have you defined standards for response time (i.e. all screens should paint within 10 seconds)?
1.1.10 Does the system operate in the same way across different computer and network configurations, platforms and environments, with different mixes of other applications?
1.2 VOLUME
1.2.1 Increase the data by having constant users
1.2.2 Will the site allow for large orders without locking out inventory if the transaction is invalid?
1.2.3 Can the site sustain large transactions without crashing?
1.3 STRESS
1.3.1 Increase both number of users and the data
1.3.2 Performance of memory, CPU, file handling etc.
1.3.3 Error in software, hardware, memory errors (leakage, overwrite or pointers)
1.3.4 Is the application or certain features going to be used only during certain periods of time or will it be used continuously 24 hours a day 7 days a week? Test that the application is able to perform during those conditions. Will downtime be allowed or is that out of the question?
1.3.5 Verify that the application is able to meet the requirements and does not run out of memory or disk space.
1.4 SECURITY
1.4.1 Is confidentiality/user privacy protected?
1.4.2 Does the site prompt for user name and password?
1.4.3 Are there Digital Certificates, both at server and client?
1.4.4 Have you verified where encryption begins and ends?
1.4.5 Are concurrent log-ons permitted?
1.4.6 Does the application include time-outs due to inactivity?
1.4.7 Is bookmarking disabled on secure pages?
1.4.8 Does the key/lock display on status bar for insecure/secure pages?
1.4.9 Is Right Click, View, Source disabled?
1.4.10 Are you prevented from doing direct searches by editing content in the URL?
1.4.11 If using Digital Certificates, test the browser Cache by enrolling for the Certificate and completing all of the required security information. After completing the application and installation of the certificate, try using the <-- BackSpace key to see if that security information is still residing in Cache. If it is, then any user could walk up to the PC and access highly sensitive Digital Certificate security information.
1.4.12 Is there an alternative way to access secure pages for browsers under version 3.0, since SSL is not compatible with those browsers?
1.4.13 Do your users know when they are entering or leaving secure portions of your site?
1.4.14 Does your server lock out an individual who has tried to access your site multiple times with invalid login/password information?
1.4.15 Test both valid and invalid login names and passwords. Are they case sensitive? Is there a limit to how many tries that are allowed? Can it be bypassed by typing the URL to a page inside directly in the browser?
1.4.16 What happens whentime out is exceeded? Are users still able to navigate through the site?
1.4.17 Relevant information is written to the logfiles and that the information is traceable.
1.4.18 In SSL verify that the encryption is done correctly and check the integrity of the information.
1.4.19 Scripting on the server is not possible to plan or edit scripts without authorisation.
1.4.20 Have you tested the impact of Secure Proxy Server?
1.4.21 Test should be done to ensure that the Load Balancing Server is taking the session information of Server A and pooling it to Server B when A goes down.
1.4.22 Have you verified the use of 128-bit Encryption?
1.1 LOAD
1.1.1 Many users requesting a certain page at the same time or using the site simultaneously
1.1.2 Increase the number of users and keep the data constant
1.1.3 Does the home page load quickly? within 8 seconds
1.1.4 Is load time appropriate to content, even on a slow dial-in connection?
1.1.5 Can the site sustain long periods of usage by multiple users?
1.1.6 Can the site sustain long periods of continuous usage by 1 user?
1.1.7 Is page loading performance acceptable over modems of different speeds?
1.1.8 Does the system meet its goals for response time, throughput, and availability?
1.1.9 Have you defined standards for response time (i.e. all screens should paint within 10 seconds)?
1.1.10 Does the system operate in the same way across different computer and network configurations, platforms and environments, with different mixes of other applications?
1.2 VOLUME
1.2.1 Increase the data by having constant users
1.2.2 Will the site allow for large orders without locking out inventory if the transaction is invalid?
1.2.3 Can the site sustain large transactions without crashing?
1.3 STRESS
1.3.1 Increase both number of users and the data
1.3.2 Performance of memory, CPU, file handling etc.
1.3.3 Error in software, hardware, memory errors (leakage, overwrite or pointers)
1.3.4 Is the application or certain features going to be used only during certain periods of time or will it be used continuously 24 hours a day 7 days a week? Test that the application is able to perform during those conditions. Will downtime be allowed or is that out of the question?
1.3.5 Verify that the application is able to meet the requirements and does not run out of memory or disk space.
1.4 SECURITY
1.4.1 Is confidentiality/user privacy protected?
1.4.2 Does the site prompt for user name and password?
1.4.3 Are there Digital Certificates, both at server and client?
1.4.4 Have you verified where encryption begins and ends?
1.4.5 Are concurrent log-ons permitted?
1.4.6 Does the application include time-outs due to inactivity?
1.4.7 Is bookmarking disabled on secure pages?
1.4.8 Does the key/lock display on status bar for insecure/secure pages?
1.4.9 Is Right Click, View, Source disabled?
1.4.10 Are you prevented from doing direct searches by editing content in the URL?
1.4.11 If using Digital Certificates, test the browser Cache by enrolling for the Certificate and completing all of the required security information. After completing the application and installation of the certificate, try using the <-- BackSpace key to see if that security information is still residing in Cache. If it is, then any user could walk up to the PC and access highly sensitive Digital Certificate security information.
1.4.12 Is there an alternative way to access secure pages for browsers under version 3.0, since SSL is not compatible with those browsers?
1.4.13 Do your users know when they are entering or leaving secure portions of your site?
1.4.14 Does your server lock out an individual who has tried to access your site multiple times with invalid login/password information?
1.4.15 Test both valid and invalid login names and passwords. Are they case sensitive? Is there a limit to how many tries that are allowed? Can it be bypassed by typing the URL to a page inside directly in the browser?
1.4.16 What happens whentime out is exceeded? Are users still able to navigate through the site?
1.4.17 Relevant information is written to the logfiles and that the information is traceable.
1.4.18 In SSL verify that the encryption is done correctly and check the integrity of the information.
1.4.19 Scripting on the server is not possible to plan or edit scripts without authorisation.
1.4.20 Have you tested the impact of Secure Proxy Server?
1.4.21 Test should be done to ensure that the Load Balancing Server is taking the session information of Server A and pooling it to Server B when A goes down.
1.4.22 Have you verified the use of 128-bit Encryption?
Subscribe to:
Posts (Atom)