Professional Documents
Culture Documents
Cs504 PPT Merge
Cs504 PPT Merge
Topics
Cost Effective
Security
Product Quality
Customer Satisfaction
STLC
Types of Testing
Manual Automation
Stryka Selenium
Bugzilla TestingWhiz
Jira Ranorex
Mantis Sahi
Trac Waitir
Redmine WaitiN
Fogbuz Tosca TestSuite
Lighthouse
What is Verification and Validation in
Software Testing?
Verification: Verification is a static analysis technique. Here, testing is done
without executing the code. Examples include – reviews, inspection, and
walk through.
Unit Testing
Integration Testing
System Testing
Acceptance Testing
Software Testing Documentation Artifacts
Test Plan
Test Scenario
Test Case
Traceability Matrix
Test Scenario
A Test Scenario is a statement describing the functionality of the application
to be tested. It is used for end-to-end testing of a feature and is generally
derived from the use cases.
test scenario
test scenario – “Verify that the user is not able to login with incorrect
credentials”. Now, this test scenario can be further broken down into
multiple test cases like-
Checking that a user with the correct username and incorrect password
should not be allowed to log in.
Checking that a user with an incorrect username and correct password
should not be allowed to log in.
Verifying that users with incorrect usernames and incorrect passwords
should not be allowed to log in.
Test Scenario Template
As, Test Scenarios tell us what needs to be tested, therefore always written
before test cases.
Steps to writing Test Scenarios:
As a tester, you can follow these five steps to create a test scenario:
Go through all the requirement documents available like BRD, SRS, and FSD
to understand the functionalities of the application to be tested.
For each requirement, find out possible actions and goals of the user.
List down all the possible functionalities/scenarios that need to consider for
each requirement. (Test Scenarios Template is provided to download)
Once all possible test scenarios are listed, create a Traceability Matrix to
ensure that all requirements have a corresponding test scenario.
Review the Test Scenario document and Traceability Matrix with Test Lead
/ Business Analyst
Test Case
What is Quality?
Quality is meeting the requirement, expectation, and needs of the
customer is free from the defects, lacks and substantial variants.
There are standards needs to follow to satisfy the customer requirements.
What is Assurance?
Customer
Myths
Management
Myths
Practitioners
myths
Management Myths:
They believe that their work has been completed with the writing of the
plan
There is no other way to achieve system quality, until it is “running”.
An operating system is the only product that can be successfully exported
project.
Engineering software will enable us to build powerful and unnecessary
document & always delay us.
Boundary Value Analysis (Static Analysis )
•Unit Testing
•Integration Testing
•Smoke
•UAT ( User Acceptance Testing)
Functional Testing
•Localization
•Globalization
•Interoperability
•So on
•Performance
•Endurance
•Load
Non-Functional Testing •Volume
•Scalability
•Usability
•So on
•Regression
Maintenance
•Maintenance
Penetration Testing
• This is one of the most vital among all the vulnerability scanning
types. Network vulnerability scanning is the process of identifying the
security vulnerabilities in an organization’s network infrastructure.
• What does network vulnerability scanning entail?
• It Identifies all systems and devices operating in your network
infrastructure
• Then it determines how the different devices and systems are connected
• After preparing an inventory of all the devices and systems under
consideration, the scanner analyzes the said assets to detect common
vulnerabilities.
• Then it scans for exploitable ports and services
• It identifies the weak passwords and authentication errors
3. Database vulnerability scanning
• The ultimate goal of most malicious actors is to get access to the
database where you store all sensitive information.
• Hence, the importance of securing databases is immense.
• Database security involves multiple measures taken to ensure
confidentiality, integrity, and availability of databases along with the
database management systems.
• A hacked database can be devastating for a business as it impacts
business continuity, brand value, finances, intellectual property, and
may incur fines and penalties.
What is a database vulnerability scanner?
• #1) New: This is the first state of a defect in the Defect Life Cycle.
When any new defect is found, it falls in a ‘New’ state, and validations
& testing are performed on this defect in the later stages of the
Defect Life Cycle.
• #2) Assigned: In this stage, a newly created defect is assigned to the
development team to work on the defect. This is assigned by the
project lead or the manager of the testing team to a developer.
• #3) Open: Here, the developer starts the process of analyzing the
defect and works on fixing it, if required.
• Duplicate, Deferred, Rejected, or Not a Bug
• #4) Fixed: When the developer finishes the task of fixing a defect by making the
required changes then he can mark the status of the defect as “Fixed”.
• #5) Pending Retest: After fixing the defect, the developer assigns the defect to
the tester to retest the defect at their end, and until the tester works on retesting
the defect, the state of the defect remains in “Pending Retest”.
• #6) Retest: At this point, the tester starts the task of retesting the defect to verify
if the defect is fixed accurately by the developer as per the requirements or not.
• #7) Reopen: If any issue persists in the defect, then it will be assigned to the
developer again for testing and the status of the defect gets changed to ‘Reopen’.
• #8) Verified: If the tester does not find any issue in the defect after being
assigned to the developer for retesting and he feels that if the defect has been
fixed accurately then the status of the defect gets assigned to ‘Verified’.
• #9) Closed: When the defect does not exist any longer, then the tester changes
the status of the defect to “Closed”.
Deferred
• Rejected: If the defect is not considered a genuine defect by the
developer then it is marked as “Rejected” by the developer.
• Duplicate: If the developer finds the defect as same as any other
defect or if the concept of the defect matches any other defect then
the status of the defect is changed to ‘Duplicate’ by the developer.
• Deferred: If the developer feels that the defect is not of very
important priority and it can get fixed in the next releases or so in
such a case, he can change the status of the defect as ‘Deferred’.
• Not a Bug: If the defect does not have an impact on the functionality
of the application, then the status of the defect gets changed to “Not
a Bug”.
Guidelines for Implementing a Defect Life Cycle
• It is very important that before starting to work on the Defect Life Cycle, the
whole team clearly understands the different states of a defect (discussed above).
• Defect Life Cycle should be properly documented to avoid any confusion in the
future.
• Make sure that each individual who has been assigned any task related to the
Defect Life Cycle should understand his/her responsibility very clearly for better
results.
• Each individual who is changing the status of a defect should be properly aware
of that status and should provide enough details about the status and the reason
for putting that status so that everyone who is working on that particular defect
can understand the reason of such a status of a defect very easily.
• The defect tracking tool should be handled with care to maintain consistency
among the defects and thus, in the workflow of the Defect Life Cycle.
• Error – Bug – Defect –fault – failure
Severity and Priority in testing
• Low: A defect that can be deferred or fixed in the later stages once the
higher priority ones are fixed, as it is not serious from the requirement
point of view is of low priority.
• Medium: A defect that needs to be fixed during the normal course of
development activity is given the status as “Medium”. Such defects occur
when a particular feature cannot be used the way it should be because of
some environmental issue, defect in the program, or some code that has
to be added. Usually, these defects are fixed and delivered to the testing
team as a part of a new release.
• High: Those defects that need to be fixed as soon as possible so that the
testing team can continue with the testing are said to be of high priority.
The core functionality fails as a result of such defects and the system
cannot be tested or used until the defect is fixed.
Who decides the Severity and Priority of a Defect?
• You log in to your amazon.com account, add items to the cart and
click the “Proceed to Checkout” button. You make the payment and
the system crashes. This defect makes the whole buying functionality
unusable and so the severity is high.
• The basic purpose of amazon.com is to buy and sell products and
most of the customers are affected by this. So, this defect is of high
priority which must be fixed immediately for the buying process to
work.
Low Severity and High Priority
• The automation testing is used to change the manual test cases into a test script
with the help of some automation tools.
• We have various types of automation testing tools available in the market. Some
of the most commonly used automation testing tools are as follows:
• Selenium
• Watir
• QTP
• Telerik Studio
• Testim
• Applitools
Performance testing tools (Load testing tools)
• When we have to measure the load, stability, response time of the application, we
required some performance (load) testing tools, which help us to test the performance
of the software or an application. Performance testing tools can be open-source and
commercial.
• We have various types of performance testing tools available in the market; some of the
most used performance (load) testing tools are as follows:
• Apache JMeter
• LoadRunner[HP]
• LoadNinja
• WebLOAD
• LoadComplete
• NeoLoad
• LoadView
Cross-browser testing tools
• GUI (Graphical User Interface) testing tool is used to find the defects that
happened in the design phase, which enhance the quality of the software.
With the help of these tools, we can identify the loopholes quickly rather
than performing GUI testing manually. We will test the application based
on application performance, which is related to mouse and keyboard
actions, and some of the GUI items like buttons, toolbars, Dialog boxes,
Menu bars, and the edit fields.
• Following are some essential strategies that we can perform under GUI
testing:
• Navigation validation, verify the check screens, data integrity validation,
verification of usability situations, and also check the numeric, date field
formats.
• Some of the following GUI testing tools are as follows:
GUI testing tools
• Eggplant
• AutoIT
• Ranorex Studio
• Squish
• RIATest
•
Penetration Testing Tools
• Wireshark
• Netsparkar
• Metasploit
• Aircrack
• Burp Suite Pen Tester
• Kali Linux
• Burp Suite Pen Tester