CSTE software testing certification exam

question pattern
Posted In | QA certifications, Questions & answers, Testing Interview questions, Testing Tips
and resources

This article will give you general idea about CSTE certification exam paper pattern. I
have included some sample questions and answers for the CSTE mock test paper. You can refer
these questions and can judge the pattern of descriptive answer paper. If you need objective type
questions from CSTE paper you can refer our previous article on CSTE objective type question
answers . Also you can download some more sample papers from our ‘Downloads’ section.

CSTE mock test paper – Questions and Answers:

1. Define the following along with examples [25 Marks]

a. Boundary Value testing
b. Equivalence testing
c. Error Guessing
d. Desk checking
e. Control Flow analysis

Answer:
a) Boundary value Analysis: – A process of selecting test cases/data by identifying the
boundaries that separate valid and invalid conditions. Tests are constructed to test the inside and
outside edges of these boundaries, in addition to the actual boundary points. or A selection
technique in which test data are chosen to lie along “boundaries” of the input domain [or output
range] classes, data structures, procedure parameters, etc. Choices often include maximum,
minimum, and trivial values or parameters.

E.g. – Input data 1 to 10 (boundary value)

Test input data 0, 1, 2 to 9, 10, 11

b) Equivalence testing: – The input domain of the system is partitioned into classes of
representative values, so that the no of test cases can be limited to one-per-class, which
represents the minimum no. of test cases that must be executed.

E.g.- valid data range: 1-10

Test set:-2; 5; 14

c) Error guessing: – Test data selection technique. The selection criterion is to pick values that
seem likely to cause errors Error guessing is based mostly upon experience, with some assistance
from other techniques such as boundary value analysis. Based on experience, the test designer
guesses the types of errors that could occur in a particular type of software and designs test cases
to uncover them.
E.g. – For example, if any type of resource is allocated dynamically, a good place to look for
errors is in the de-allocation of resources. Are all resources correctly deallocated, or are some
lost as the software executes?

d) Desk checking: – Desk checking is conducted by the developer of the system or program. The
process involves reviewing the complete product to ensure that it is structurally sound and that
the standards and requirements have been met. This is the most traditional means for analyzing a
system or program.

e) Control Flow Analysis: – It is based upon graphical representation of the program process. In
control flow analysis; the program graphs has nodes which represent a statement or segment
possibly ending in an unresolved branch. The graph illustrates the flow of program control from
one segment to another as illustrated through branches .the objective of control flow analysis is
to determine the potential problems in logic branches that might result in a loop condition or
improper processing.

2. You find that there is a senior tester who is making more mistakes than the junior
testers. You need to communicate this aspect to the senior tester. Also, you don’t want to
loose this tester. How should one go about the constructive criticism? [10 Marks]

Answer:
In the quality approach, it is the responsibility of the supervisor to make His/Her subordinates
successful. The effective use of criticism is a tool for improving subordinate performance.

In giving constructive criticism, you should incorporate the following tactics: -

• Do it privately.
• Have the facts.
• Be prepared to help the worker improve His/Her performance.
• Be specific on Expectations.
• Follow a specific process in giving the criticism.

3. Your manager has taken you onboard as a test lead for testing a web-based application.
He wants to know what risks you would include in the Test plan. Explain each risk factor
that would be a part of your test plan. [20 marks]

Answer:
Web-Based Application primary risk factors:-

A) Security: anything related to the security of the application.

B) Performance:- The amount of computing resources and code required by the system to
perform its stated functions.
C) Correctness:-Data entered, processed, and outputted in the system is accurate and complete
D) Access Control:-Assurance that the application system resources will be protected
E) Continuity of processing:-The ability to sustain processing in the event problem occurs
F) Audit Trail:-The capability to substantiate the processing that has occurred.
G) Authorization:-Assurance that the data is processed in accordance with the intents of the
management.

General risk or secondary risk’s:-

A) Complex – anything disproportionately large, intricate or convoluted.

B) New – anything that has no history in the product.
C) Changed – anything that has been tampered with or “improved”.
D) Upstream Dependency – anything whose failure will cause cascading failure in the rest of the
system.
E) Downstream Dependency – anything that is especially sensitive to failures in the rest of the
system.
F) Critical – anything whose failure could cause substantial damage.
G) Precise – anything that must meet its requirements exactly.
H) Popular – anything that will be used a lot.
I) Strategic – anything that has special importance to your business, such as a feature that sets
you apart from the competition.
J) Third-party – anything used in the product, but developed outside the project.
K) Distributed – anything spread out in time or space, yet whose elements must work together.
l) Buggy – anything known to have a lot of problems.
M) Recent Failure – anything with a recent history of failure.

4. You are in the contract stage of a project and are developing a comprehensive proposal
for a safety critical software system. Your director has consulted you for preparing a
guideline document what will enlist user’s role during acceptance testing phase. Indicate
the key roles you feel that the user should play during acceptance stage. Also indicate the
categories into which the acceptance requirements should fall. [10 Marks]

Answer:
1) Ensure user involvement in developing systems requirement and acceptance criteria.
2) Identify interim and final products for acceptance their acceptance criteria and schedule.
3) Plan how and by whom each acceptance activity will be performed.
4) Plan resources for providing information.
5) Schedule adequate time for buyer staff to receive and examine the products and evaluation
prior to acceptance review.
6) Prepare the acceptance plan.
7) Respond to the analysis of project entitles before accepting and rejecting.
8 ) Approve the various interim software products.
9) Perform the final acceptance activities, including the formal acceptance testing at delivery.
10) Make an acceptance decision for each product.

5. What is parallel testing and when do we use parallel testing? Explain with
example? [5 marks]

Answer:
Testing a new or an altered data processing system with the same source data that is used in
another system. The other system is considered as the standard of comparison. OR we can say
that parallel testing requires the same input data be run through two versions of the same
application.
Parallel testing should be used when there is uncertainty regarding the correctness of processing
of the new application. And old and new versions of the applications are same.
E.g.-
1) Operate the old and new version of the payroll system to determine that the paychecks from
both systems are reconcilable.
2) Run the old version of the application system to ensure that the operational status of the old
system has been maintained in the event that problems are encountered in the new application.

6. What is the difference between testing Techniques and tools? Give examples. [5 marks]

Answer:
Testing technique: – Is a process for ensuring that some aspects of the application system or unit
functions properly there may be few techniques but many tools.

Tools: – Is a vehicle for performing a test process. The tool is a resource to the tester, but itself is
insufficient to conduct testing

E.g.:- The swinging of hammer to drive the nail. The hammer is a tool, and swinging the hammer
is a technique. The concept of tools and technique is important in the testing process. It is a
combination of the two that enables the test process to be performed. The tester should first
understand the testing techniques and then understand the tools that can be used with each of the
technique.

7. Quality control activities are focused on identifying defects in the actual products
produced; however your boss wants you to identify and define processes that would
prevent defects. How would you explain to him to distinguish between QA and QC
responsibilities? [10 Marks]

Answer:

Quality Assurance:
1) A planned and systematic set of activities necessary to provide adequate confidence that
requirements are properly established and products or services conform to specified requirements
2) An activity that establishes and evaluates the processes to produce the products.
3) Helps establish processes.
4) Sets up measurements programs to evaluate processes.
5) Identifies weaknesses in processes and improves them.
6) QA is the responsibility of the entire team.
7) Prevents the introduction of issues or defects

Quality Control:
1) The process by which product quality is compared with applicable standards; and the action
taken when nonconformance is detected.
2) An activity which verifies if the product meets pre-defined standards.
3) Implements the process.
4) Verifies if specific attribute(s) are in a specific product or service
5) Identifies defects for the primary purpose of correcting defects.
6) QC is the responsibility of the tester.
7) Detects, reports and corrects defects

8 ) Differentiate between Transaction flow modeling, Finite state modeling, Data flow
modeling and Timing modeling? [10 Marks]

Answer:
Transaction Flow modeling: -The nodes represent the steps in transactions. The links
represent the logical connection between steps.

Finite state modeling:-The nodes represent the different user observable states of the software.
The links represent the transitions that occur to move from state to state.

Data flow modeling:-The nodes represent the data objects. The links represent the
transformations that occur to translate one data object to another.

Timing Modeling:-The nodes are Program Objects. The links are sequential connections between
the program objects. The link weights are used to specify the required execution times as
program executes.

9) List what you think are the two primary goals of testing
[5 Marks]

Answer:
1) Determine whether the system meets specifications (producer view)
2) determine whether the system meets business and user needs (Customer view)

****************

1. Verification is:
a. Checking that we are building the right system
b. Checking that we are building the system right
c. Performed by an independent test team
d. Making sure that it is what the user really wants

2. A regression test:
a. Will always be automated
b. Will help ensure unchanged areas of the software have not been affected
c. Will help ensure changed areas of the software have not been affected
d. Can only be run during user acceptance testing
3. If an expected result is not specified then:
a. We cannot run the test
b. It may be difficult to repeat the test
c. It may be difficult to determine if the test has passed or failed
d. We cannot automate the user inputs

4. Which of the following could be a reason for a failure

1) Testing fault
2) Software fault
3) Design fault
4) Environment Fault
5) Documentation Fault
a. 2 is a valid reason; 1,3,4 & 5 are not
b. 1,2,3,4 are valid reasons; 5 is not
c. 1,2,3 are valid reasons; 4 & 5 are not
d. All of them are valid reasons for failure

5. Test are prioritized so that:

a. You shorten the time required for testing
b. You do the best testing in the time available
c. You do more effective testing
d. You find more faults

6. Which of the following is not a static testing technique

a. Error guessing
b. Walkthrough
c. Data flow analysis
d. Inspections

7. Which of the following statements about component testing is not true?

a. Component testing should be performed by development
b. Component testing is also know as isolation or module testing
c. Component testing should have completion criteria planned
d. Component testing does not involve regression testing

8. During which test activity could faults be found most cost effectively?
a. Execution
b. Design
c. Planning
d. Check Exit criteria completion

9. Which, in general, is the least required skill of a good tester?

a. Being diplomatic
b. Able to write software
c. Having good attention to detail
d. Able to be relied on
10. The purpose of requirement phase is
a. To freeze requirements
b. To understand user needs
c. To define the scope of testing
d. All of the above

11. The process starting with the terminal modules is called -

a. Top-down integration
b. Bottom-up integration
c. None of the above
d. Module integration

12. The inputs for developing a test plan are taken from
a. Project plan
b. Business plan
c. Support plan
d. None of the above

13. Function/Test matrix is a type of

a. Interim Test report
b. Final test report
c. Project status report
d. Management report

14. Defect Management process does not include

a. Defect prevention
b. Deliverable base-lining
c. Management reporting
d. None of the above

15. What is the difference between testing software developed by contractor outside your
country, versus testing software developed by a contractor within your country?
a. Does not meet people needs
b. Cultural difference
c. Loss of control over reallocation of resources
d. Relinquishments of control

16. Software testing accounts to what percent of software development costs?

a. 10-20
b. 40-50
c. 70-80
d. 5-10

17. A reliable system will be one that:

a. Is unlikely to be completed on schedule
b. Is unlikely to cause a failure
c. Is likely to be fault-free
d. Is likely to be liked by the users

18. How much testing is enough

a. This question is impossible to answer
b. The answer depends on the risks for your industry, contract and special requirements
c. The answer depends on the maturity of your developers
d. The answer should be standardized for the software development industry

19. Which of the following is not a characteristic for Testability?

a. Operability
b. Observability
c. Simplicity
d. Robustness

20. Cyclomatic Complexity method comes under which testing method.

a. White box
b. Black box
c. Green box
d. Yellow box

21. Which of these can be successfully tested using Loop Testing methodology?
a. Simple Loops
b. Nested Loops
c. Concatenated Loops
d. All of the above

22. To test a function, the programmer has to write a ______, which calls the function and
passes it test data.
a. Stub
b. Driver
c. Proxy
d. None of the above

23. Equivalence partitioning is:

a. A black box testing technique used only by developers
b. A black box testing technique than can only be used during system testing
c. A black box testing technique appropriate to all levels of testing
d. A white box testing technique appropriate for component testing

24. When a new testing tool is purchased, it should be used first by:
a. A small team to establish the best way to use the tool
b. Everyone who may eventually have some use for the tool
c. The independent testing team
d. The vendor contractor to write the initial scripts
25. Inspections can find all the following except
a. Variables not defined in the code
b. Spelling and grammar faults in the documents
c. Requirements that have been omitted from the design documents
d. How much of the code has been covered

1)- b
2)- b
3)- c
4)- d
5)- b
6)- a
7)- d
8 )- c
9) – b
10) – d
11) -b
12) – a
13) – c
14) – b
15) – b
16) – b
17) – b
18) – b
19) – d
20) – a
21) – d
22) – b
23) – c
24) – a
25) – d

1. The customer’s view of quality means:

a. Meeting requirements
b. Doing it the right way
c. Doing it right the first time
d. Fit for use
e. Doing it on time
2. The testing of a single program, or function, usually performed by the developer is
called:
a. Unit testing
b. Integration testing
c. System testing
d. Regression testing
e. Acceptance testing

3. The measure used to evaluate the correctness of a product is called the product:
a. Policy
b. Standard
c. Procedure to do work
d. Procedure to check work
e. Guideline

4. Which of the four components of the test environment is considered to be the most
important component of the test environment:
a. Management support
b. Tester competency
c. Test work processes
d. Testing techniques and tools

5. Effective test managers are effective listeners. The type of listening in which the tester is
performing an analysis of what the speaker is saying is called:
a. Discriminative listening
b. Comprehensive listening
c. Therapeutic listening
d. Critical listening
e. Appreciative listening

6. To become a CSTE, an individual has a responsibility to accept the standards of conduct

defined by the certification board. These standards of conduct are called:
a. Code of ethics
b. Continuing professional education requirement
c. Obtaining references to support experience
d. Joining a professional testing chapter
e. Following the common body of knowledge in the practice of software testing

7. Which of the following are risks that testers face in performing their test activities:
a. Not enough training
b. Lack of test tools
c. Not enough time for testing
d. Rapid change
e. All of the above
8. All of the following are methods to minimize loss due to risk. Which one is not a method
to minimize loss due to risk:
a. Reduce opportunity for error
b. Identify error prior to loss
c. Quantify loss
d. Minimize loss
e. Recover loss

9. Defect prevention involves which of the following steps:

a. Identify critical tasks
b. Estimate expected impact
c. Minimize expected impact
d. a, b and c
e. a and b

10. The first step in designing use case is to:

a. Build a system boundary diagram
b. Define acceptance criteria
c. Define use cases
d. Involve users
e. Develop use cases

11. The defect attribute that would help management determine the importance of the
defect is called:
a. Defect type
b. Defect severity
c. Defect name
d. Defect location
e. Phase in which defect occurred

12. The system test report is normally written at what point in software development:
a. After unit testing
b. After integration testing
c. After system testing
d. After acceptance testing

13. The primary objective of user acceptance testing is to:

a. Identify requirements defects
b. Identify missing requirements
c. Determine if software is fit for use
d. Validate the correctness of interfaces to other software systems
e. Verify that software is maintainable

14. If IT establishes a measurement team to create measures and metrics to be used in

status reporting, that team should include individuals who have:
a. A working knowledge of measures
b. Knowledge in the implementation of statistical process control tools
c. A working understanding of benchmarking techniques
d. Knowledge of the organization’s goals and objectives
e. All of the above

15. What is the difference between testing software developed by a contractor outside your
country, versus testing software developed by a contractor within your country:
a. Does not meet people needs
b. Cultural differences
c. Loss of control over reallocation of resources
d. Relinquishment of control
e. Contains extra features not specified

16. What is the definition of a critical success factor:

a. A specified requirement
b. A software quality factor
c. Factors that must be present
d. A software metric
e. A high cost to implement requirement

17. The condition that represents a potential for loss to an organization is called:
a. Risk
b. Exposure
c. Threat
d. Control
e. Vulnerability

18. A flaw in a software system that may be exploited by an individual for his or her
advantage is called:
a. Risk
b. Risk analysis
c. Threat
d. Vulnerability
e. Control

19. The conduct of business of the Internet is called:

a. e-commerce
b. e-business
c. Wireless applications
d. Client-server system
e. Web-based applications

20. The following is described as one of the five levels of maturing a new technology into an
IT organization’s work processes. The “People-dependent technology” level is equivalent to
what level in SEI’s compatibility maturity model:
a. Level 1
b. Level 2
c. Level 3
d. Level 4
e. Level 5

1. (d) Fit for use

2. (a) Unit testing
3. (b) Standard
4. (a) Management support
5. (d) Critical listening
6. (a) Code of ethics
7. (e) All of the above
8. (c) Quantify loss
9. (d) a, b and c
10. (a) Build a system boundary diagram
11. (b) Defect severity
12. (c) After system testing
13. (c) Determine if software is fit for use
14. (e) All of the above
15. (b) Cultural differences
16. (c) Factors that must be present
17. (a) Risk
18. (d) Vulnerability
19. (b) e-business
20. (a) Level 1

Feb 9th 2009 Questions. exam cente- Chicago

1.how to measure

---Tool usage

---test plan coverage

---tester competency

2. How do you go about "process improvement" ?

3. 4factors for team building

4. What is white box and what is black box. give examples

5. define risk/vulnerability/threat/control/analysis
 6. Why are use cases necessary. what are they used for?

7. fields in a test management tool

8. u have 4 testers for a e-comm application. how will you go about testing

9. process involved in tool automation

10. Thin client vs thick client

11. Roles of tester in acceptance testing

12. Difference between static and dynamic testing. Which one do you recommend

13. The "people factor" - not technology is the key to providing an adequate and appropriate level of security. explain

14.explain defect expectation and how it can be used to analyze current state of system

15. What information should be present in a contract statement b/w customer and s/w develoing organization

CSTE Mock Test - Part III – Questions Along with Answers

Page 4 of 6
26. How much testing is enough (ans: b)
a. This question is impossible to answer
b. The answer depends on the risks for your industry, contract and special requirements
c. The answer depends on the maturity of your developers
d. The answer should be standardized for the software development industry
27. Which of the following is not a characteristic for Testability? (ans:d)
a. Operability
b. Observability
c. Simplicity
d. Robustness
28. Cyclomatic Complexity method comes under which testing method. (Ans: a)
a. White box b. Black box c. Green box
d. Yellow box
29. Which of these can be successfully tested using Loop Testing methodology? (Ans: d)
a. Simple Loops
b. Nested Loops
c. Concatenated Loops
d. All of the above
30. To test a function, the programmer has to write a_ _ _ _ _ _, which calls the function and passes it
test data. (ans: b)
a. Stub
b. Driver
c. Proxy
d. None of the above
31. Equivalence partitioning is: (Ans: c)
a. A black box testing technique used only by developers
b. A black box testing technique than can only be used during system testing
 c. A black box testing technique appropriate to all levels of testing
d. A white box testing technique appropriate for component testing
32. When a new testing tool is purchased, it should be used first by: (Ans: a)
a. A small team to establish the best way to use the tool
b. Everyone who may eventually have some use for the tool
c. The independent testing team
d. The vendor contractor to write the initial scripts
33. Inspections can find all the following except (Ans: d)
a. Variables not defined in the code
b. Spelling and grammar faults in the documents
c. Requirements that have been omitted from the design documents
d. How much of the code has been covered
34. Which activity is not a part of test estimation? (Ans: a)
a. Monitoring progress of tests runs
b. Identifying test activities
c. Planning for rework and retest cycle
d. Estimating total effort to report faults
35. Why are reviews good to do? (Ans: a)

CSTE Mock Test - Part III – Questions Along with Answers

Page 5 of 6
a. They reduce costs by reducing the number of faults before test execution
b. They help build good social relationships in the team
c. It allows people to meet members of the opposite sex in the neutral environment
d. It means that test documentation is not needed
36. The place to start if you want a new testing tool is: (Ans: c)
a. Attend a tool exhibition
b. Invite a vendor to give a demonstration
c. Analyse your needs and requirements
d. Find out what your budget would be for the tool
37. Data flow analysis (Ans: b)
a. Can find unreachable code
b. Can find anomalies such as using a variable before defining it
c. Is a dynamic technique
d. Checks for infinite loops
38. Test managers should not (Ans: b)
a. Report on deviations form the project plan
b. Sign the system off for the release
c. Raise incidents on faults that they have found
d. Provide information for risk analysis and quality improvement
39. Unreachable code would best be found using: (Ans: d)
a. Code inspections
 b. A coverage tool
c. A test management tool
d. A static analysis tool
40. A tool that supports traceability, recording of incidents or scheduling of tests is called: (Ans: c)
a. A test execution tool
b. A debugging tool
c. A test management tool
d. A configuration management tool
41. White box tests are (Ans: b)
a. Normally derived by end users
b. Based on structural aspects of the system
c. Based on functional aspects of the system
d. Are derived from a specification
42. What are Pareto charts commonly know as (Ans: a)
a. 80-20
b. Scatter plots
c. Check sheet
d. None of the above
43. Scatter plot is a graph designed to show – (Ans: c)
a. The variation is testing results
b. The variation in process
c. Relationship between two changing variables
d. Relationship between expected and actual results
44. Continuity of processing means (Ans: a)
a. Ability to sustain processing in the event problems occur
b. Capability to substantiate the processing that has occurred

CSTE Mock Test - Part III – Questions Along with Answers

Page 6 of 6
c. Assurance that the application system resources will be protected against accidental and
intentional modification, destruction.
d. Assurance that the desired results will be available with a time frame acceptable to the
user.
45. The measure used to evaluate the correctness of a product is called the product.( Ans. b)
a. Policy
b. Standard
c. Procedure to do work
d. Procedure to check work
e. Guideline
46. The condition that represents a potential for loss to an organization is called :( An s.a )
a. Risk
b. Exposure
c. Threat
d. Control
Match the appropriate options mentioned below for questions 47-50.
Options:
e. Involvement
f. Extent of testing
g. Resources consumed in testing
 h. Effectiveness of testing
47. Untested change problems (Ans: d)
48. Test cost (Ans: c)
49. User Participation (Ans: a)
50. Acceptance Criteria tested (Ans: b)