Chapter 4 - Quality Characteristics for Technical Testing

Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation

Contents
4.1 Introduction
4.2 General Planning Issues
4.3 Security Testing
4.4 Reliability Testing
4.5 Performance Efficiency Testing
4.6 Maintainability Testing
4.7 Portability Testing
4.8 Compatibility Testing
Neeraj Kumar Singh

Introduction
In general, the Technical Test Analyst focuses testing on "how" the product works, rather than the functional
aspects of "what" it does. These tests can take place at any test level.
For example, during component testing of real time and embedded systems, conducting performance efficiency
benchmarking and testing resource usage is important.
The specific system under test may include various servers, clients, databases, networks and other resources.
Regardless of the test level, testing should be performed according to the risk priorities and the available
resources.
It should be noted that both dynamic testing and static testing may be applied to test the non-functional quality
characteristics.
For all of the quality characteristics and sub-characteristics discussed in this section, the typical risks must be
recognized so that an appropriate testing approach can be formed and documented.
Quality characteristic testing requires particular attention to lifecycle timing, required tools, required standards,
software and documentation availability and technical expertise.
Some of this testing, e.g., performance efficiency testing, requires extensive planning, dedicated equipment,
specific tools, specialized testing skills and, in most cases, a significant amount of time.
Neeraj Kumar Singh

Introduction
Neeraj Kumar Singh

General Planning Issues
Failure to plan for non-functional tests can put the success of an application at considerable risk. The Technical
Test Analyst may be requested by the Test Manager to identify the principal risks for the relevant quality
characteristics.
The following general factors are considered when performing these tasks:
 Stakeholder requirements
 Required tool acquisition and training
 Test environment requirements
 Organizational considerations
 Data security considerations
 Risks and typical defects
Neeraj Kumar Singh

Stakeholder Requirements
Non-functional requirements are often poorly specified or even non-existent. At the planning stage, Technical Test
Analysts must be able to obtain expectation levels relating to technical quality characteristics from affected
stakeholders and evaluate the risks that these represent.
It is advisable to obtain multiple viewpoints when capturing non-functional requirements. They must be elicited
from stakeholders such as customers, product owners, users, operations staff and maintenance staff.
Required Tool Acquisition and Training
Commercial tools or simulators are particularly relevant for performance efficiency and certain security tests.
Technical Test Analysts should estimate the costs and timescales involved for acquiring, learning and implementing
the tools. Where specialized tools are to be used, planning should account for the learning curves for new tools
and/or the cost of hiring external tool specialists.
Neeraj Kumar Singh

Test Environment Requirements
Many technical tests (e.g., security tests, performance efficiency tests) require a production-like test environment
in order to provide realistic measures. Depending on the size and complexity of the system under test, this can
have a significant impact on the planning and funding of the tests. Since the cost of such environments may be
high, the following alternatives may be considered:
 Using the production environment
 Using a scaled-down version of the system, taking care that the test results obtained are sufficiently
representative of the production system
 Using cloud-based resources as an alternative to acquiring the resources directly
 Using virtualized environments
Organizational Considerations
Technical tests may involve measuring the behavior of several components in a complete system (e.g., servers,
databases, networks). If these components are distributed across a number of different sites and organizations, the
effort required to plan and co-ordinate the tests may be significant.
Neeraj Kumar Singh

Data Security Considerations
Specific security measures implemented for a system should be taken into account at the test planning stage to
ensure that all testing activities are possible. For example, the use of data encryption may make the creation of
test data and the verification of results difficult.
Data protection policies and laws may preclude the generation of any required test data based on production data
(e.g., personal data, credit card data). Making test data anonymous is a non-trivial task which must be planned for
as part of the test implementation.
Risks and Typical Defect
Identifying and managing risks is a fundamental consideration for test planning. The Technical Test Analyst
identifies product risks by using knowledge of the typical types of defects to be expected for a particular quality
characteristic.
This enables the types of testing required to address those risks to be selected. These specific aspects are covered
within the remaining sections of this chapter which describe the individual quality characteristics
Neeraj Kumar Singh

Reasons for Considering Security Testing
Security testing assesses a system's vulnerability to threats by attempting to compromise the system's security policy. The
following is a list of potential threats which should be explored during security testing: • Unauthorized copying of applications or
data.
 Unauthorized access control
 User rights, access and privileges are the focus of this testing. This information should be available in the specifications for
the system.
 Software which exhibits unintended side-effects when performing its intended function.
 Code inserted into a web page which may be exercised by subsequent users (cross-site scripting or XSS). This code may be
malicious.
 Buffer overflow (buffer overrun) which may be caused by entering strings into a user interface input field which are longer
than the code can correctly handle.
 Denial of service, which prevents users from interacting with an application (e.g., by overloading a web server with
“nuisance” requests).
 The interception, mimicking and/or altering and subsequent relaying of communications (e.g., credit card transactions) by a
third party such that a user remains unaware of that third party’s presence (“Man in the Middle” attack)
 Breaking the encryption codes used to protect sensitive data.
 Logic bombs (sometimes called Easter Eggs), which may be maliciously inserted into code and which activate only under
certain conditions (e.g., on a specific date). When logic bombs activate, they may perform malicious acts such as the
deletion of files or formatting of disks.
Neeraj Kumar Singh

Security Test Planning
In general the following aspects are of particular relevance when planning security tests:
 Because security issues can be introduced during the architecture, design and implementation of the system,
security testing may be scheduled for the unit, integration and system testing levels.
 The test approaches proposed by the Technical Test Analyst may include reviews of the architecture, design, and
code, and the static analysis of code with security tools. These can be effective in finding security issues that are
easily missed during dynamic testing.
 The Technical Test Analyst may be called upon to design and perform certain security “attacks” which require
careful planning and coordination with stakeholders (including security testing specialists).
 An essential aspect of security test planning is obtaining approvals. For the Technical Test Analyst, this means
ensuring that explicit permission has been obtained from the Test Manager to perform the planned security tests.
 All security test planning should be coordinated with an organization’s Information Security Officer if the
organization has such a role.
 It should be noted that improvements which may be made to the security of a system may affect its performance
efficiency or reliability. After making security improvements it is advisable to consider the need for conducting
performance efficiency or reliability tests
Neeraj Kumar Singh

Security Test Specification
Particular security tests may be grouped [Whittaker04] according to the origin of the security risk. These include the following:
 User interface related - unauthorized access and malicious inputs
 File system related - access to sensitive data stored in files or repositories
 Operating system related - storage of sensitive information such as passwords in non-encrypted form in memory which could
be exposed when the system is crashed through malicious inputs
 External software related - interactions which may occur among external components that the system utilizes. These may
be at the network level (e.g., incorrect packets or messages passed) or at the software component level (e.g., failure of a
software component on which the software relies).
The ISO 25010 sub-characteristics of security also provide a basis from which security tests may be specified. These focus on the
following aspects of security:
 Confidentiality – the degree to which a product or system ensures that data is accessible only to those authorized to have
access
 Integrity – the degree to which a system, product or component prevents unauthorized access to, or modification of,
computer programs or data
 Non-repudiation – the degree to which actions or events can be proven to have taken place so they cannot be denied later
 Accountability – the degree to which the actions of an entity can be traced uniquely to the entity
 Authenticity – the degree to which the identity of a subject or resource can be proven to be the one claimed
Neeraj Kumar Singh

Security Test Specification
The following approach [Whittaker04] may be used to develop security tests:
 Gather information which may be useful in specifying tests, such as names of employees, physical addresses, details
regarding the internal networks, IP numbers, identity of software or hardware used, and operating system version.
 Perform a vulnerability scan using widely available tools. Such tools are not used directly to compromise the
system(s), but to identify vulnerabilities that are, or that may result in, a breach of security policy. Specific
vulnerabilities can also be identified using information and checklists such as those provided by the National
Institute of Standards and Technology (NIST) [Web-1] and the Open Web Application Security Project™ (OWASP)
[Web-4].
 Develop “attack plans” (i.e., a plan of testing actions intended to compromise a particular system’s security policy)
using the gathered information. Several inputs via various interfaces (e.g., user interface, file system) need to be
specified in the attack plans to detect the most severe security defects. The various “attacks” described in
[Whittaker04] are a valuable source of techniques developed specifically for security testing.
Neeraj Kumar Singh

Reliability Testing
Introduction & Measuring Software Maturity
Introduction
The ISO 25010 classification of product quality characteristics defines the following sub-characteristics of reliability:
 Maturity - the degree to which a component or system meets needs for reliability under normal operation
 Fault tolerance - the capability of the software product to maintain a specified level of performance in cases of
software defects or of infringement of its specified interface
 Recoverability - the capability of the software product to re-establish a specified level of performance and recover
the data directly affected in case of failure
 Availability - the degree to which a component or system is operational and accessible when required for use
Measuring Software Maturity
An objective of reliability testing is to monitor a statistical measure of software maturity over time and compare this to
a desired reliability goal which may be expressed as a Service Level Agreement (SLA). The measures may take the form
of a Mean Time Between Failures (MTBF), Mean Time To Repair (MTTR) or any other form of failure intensity
measurement (e.g., number of failures of a particular severity occurring per week). These may be used as exit criteria
(e.g., for production release).
Neeraj Kumar Singh

Reliability Testing
Fault Tolerance Testing & Recoverability Testing
Fault Tolerance Testing
In addition to the functional testing that evaluates the software’s tolerance to faults in terms of handling unexpected input
values (so-called negative tests), additional testing is needed to evaluate a system’s tolerance to faults which occur externally to
the application under test. Such faults are typically reported by the operating system (e.g., disk full, process or service not
available, file not found, memory not available). Tests of fault tolerance at the system level may be supported by specific tools.
Recoverability Testing
 Recoverability tests include Failover and Backup and Restore tests.
 Failover tests are performed where the consequences of a software failure are so negative that specific hardware and/or
software measures have been implemented to ensure system operation even in the event of a failure.
 Typical preventive measures for hardware failures might include load balancing across several processors and clustering
servers, processors or disks so that one can immediately take over from another if it should fail (redundant systems).
 Backup and Restore tests focus on the procedural measures set up to minimize the effects of a failure. Such tests evaluate
the procedures (usually documented in a manual) for taking different forms of backup and for restoring that data if data loss
or corruption should occur.
 Measures for Backup and Restore tests may include the following:
 Time taken to perform different types of backup (e.g., full, incremental)
 Time taken to restore data
 Levels of guaranteed data backupNeeraj Kumar Singh

Reliability Testing
Availability Testing
Any system that has interfaces with other systems and/or processes (e.g., for receiving inputs) relies on the availability
of those interfaces to ensure overall operability. Availability testing serves the following principal purposes:
 To establish whether required system components and processes are available (on demand or continuously) and
respond as expected to requests
 To provide measurements from which an overall level of availability can be obtained (often given as a percentage of
time in a SLA).
 To establish whether an overall system is ready for operation (e.g., as one of the criteria for operational acceptance
testing).
Availability testing is performed both before and after entering operational service, and is particularly relevant for the
following situations:
 Where systems are made up of other systems (i.e., systems of systems). Tests focus on the availability of all
individual component systems.
 Where a system or service is sourced externally (e.g., from a third party supplier). Tests focus on measuring
availability levels to ensure that agreed service levels are upheld.
Neeraj Kumar Singh

Reliability Testing
Reliability Test Planning
In general, the following aspects are of particular relevance when planning reliability tests:
 Reliability can continue to be monitored after the software has entered production. The organization and staff
responsible for operation of the software must be consulted when gathering reliability requirements for test
planning purposes.
 The Technical Test Analyst may select a reliability growth model which shows the expected levels of reliability over
time. A reliability growth model can provide useful information to the Test Manager by enabling comparison of the
expected and achieved reliability levels.
 Reliability tests should be performed in a production-like environment. The environment used should remain as
stable as possible to enable reliability trends to be monitored over time.
 Because reliability tests often require use of the entire system, reliability testing is most commonly done as part of
system testing. However, individual components can be subjected to reliability testing as well as integrated sets of
components.
 In order to produce test results that are statistically significant, reliability tests usually require long execution
times. This may make it difficult to schedule within other planned tests.
Neeraj Kumar Singh

Reliability Testing
Reliability Test Specification
Reliability testing may take the form of a repeated set of predetermined tests. These may be tests selected at random
from a pool or test cases generated by a statistical model using random or pseudorandom methods. Tests may also be
based on patterns of use which are sometimes referred to as “Operational Profiles” (see Section 4.5.3).
Where reliability tests are scheduled to run automatically in parallel to normal operations (e.g., to test availability),
they are generally specified to be as simple as possible to avoid possible negative impact on the system performance
efficiency.
Certain reliability tests may specify that memory-intensive actions be executed repeatedly so that possible memory
leaks can be detected.
Neeraj Kumar Singh

Performance Efficiency Testing
Types of Performance Efficiency Testing
Load Testing
Load testing focuses on the ability of a system to handle increasing levels of anticipated realistic loads resulting from
the transaction requests generated by numbers of concurrent users or processes. Average response times for users under
different scenarios of typical use (operational profiles) can be measured and analyzed.
Stress Testing
Stress testing focuses on the ability of a system or component to handle peak loads at or beyond the limits of its
anticipated or specified workloads, or with reduced availability of resources such as available bandwidth.
Performance levels should degrade slowly and predictably without failure as stress levels are increased. In particular,
the functional integrity of the system should be tested while the system is under stress in order to find possible defects
in functional processing or data inconsistencies
One possible objective of stress testing is to discover the limits at which a system actually fails so that the “weakest link
in the chain” can be determined. Stress testing allows additional capacity to be added to the system in a timely manner
(e.g., memory, CPU capability, database storage).
Neeraj Kumar Singh

Types of Performance Efficiency Testing
Scalability Testing
Scalability testing focuses on the ability of a system to meet future efficiency requirements, which may be beyond those
currently required. The objective of the tests is to determine the system’s ability to grow (e.g., with more users, larger
amounts of data stored) without reaching a point where the currently specified performance requirements cannot be
met or the system fails.
Once the limits of scalability are known, threshold values can be set and monitored in production to provide a warning
of impending problems. In addition, the production environment may be adjusted with appropriate amounts of hardware
to meet anticipated needs.
Neeraj Kumar Singh

Performance Efficiency Test Planning
In addition to the general planning issues, the following factors can influence the planning of performance efficiency
tests:
 Depending on the test environment used and the software being tested, performance efficiency tests may require
the entire system to be implemented before effective testing can be done. In this case, performance efficiency
testing is usually scheduled to occur during system test. Other performance efficiency tests which can be performed
effectively at the component level may be scheduled during unit testing.
 In general, it is desirable to conduct initial performance efficiency tests as early as possible, even if a production-
like environment is not yet available. These early tests may find performance efficiency problems (e.g.,
bottlenecks) and reduce project risk by avoiding time consuming corrections in the later stages of software
development or production.
 Code reviews, in particular those which focus on database interaction, component interaction and error handling,
can identify performance efficiency issues (particularly regarding “wait and retry” logic and inefficient queries) and
should be scheduled early in the software development lifecycle.
 The hardware, software and network bandwidth needed to run the performance efficiency tests should be planned
and budgeted. Needs depend primarily on the load to be generated, which may be based on the number of virtual
users to be simulated and the amount of network traffic they are likely to generate. Failure to account for this may
result in unrepresentative performance measurements being taken.
Neeraj Kumar Singh

Performance Efficiency Test Specification
The specification of tests for different performance efficiency test types such as load and stress are based on the
definition of operational profiles. These represent distinct forms of user behavior when interacting with an application.
There may be multiple operational profiles for a given application.
The numbers of users per operational profile may be obtained by using monitoring tools (where the actual or
comparable application is already available) or by predicting usage. Such predictions may be based on algorithms or
provided by the business organization. These are especially important for specifying the operational profile(s) to be
used for scalability testing.
Operational profiles are the basis for the number and types of test cases to be used during performance efficiency
testing. These tests are often controlled by test tools that create "virtual" or simulated users in quantities that will
represent the profile under test.
Neeraj Kumar Singh

Quality Sub-characteristics of Performance Efficiency
The ISO 25010 classification of product quality characteristics includes the following sub-characteristics of performance
efficiency:
 Time behavior - the ability of a component or system to respond to user or system inputs within a specified time
and under specified conditions
 Resource utilization - the capability of the software product to use appropriate amounts and types of resources
 Capacity - the maximum limit to which a particular parameter can be handled
Time Behavior
Time behavior focuses on the ability of a component or system to respond to user or system inputs within a specified
time and under specified conditions. Time behavior measurements vary according to the objectives of the test. For
individual software components, time behavior may be measured according to CPU cycles, while for client-based
systems time behavior may be measured according to the time taken to respond to a particular user request.
For systems whose architectures consist of several components (e.g., clients, servers, databases) time behavior
measurements are taken for transactions between individual components so that “bottlenecks” can be identified.
Neeraj Kumar Singh

Quality Sub-characteristics of Performance Efficiency
Resource Utilization
Tests relating to resource utilization evaluate the usage of system resources (e.g., usage of memory, disk capacity,
network bandwidth, connections) against a predefined benchmark. These are compared under both normal loads and
stress situations, such as high levels of transaction and data volumes, to determine if unnatural growth in usage is
occurring.
For example, for real-time embedded systems, memory usage (sometimes referred to as a “memory footprint”) plays a
significant role in performance efficiency testing. If the memory footprint exceeds the allowed measure, the system
may have insufficient memory needed to perform its tasks within the specified time periods. This may slow down the
system or even lead to a system crash.
Capacity
The capacity of a system (including software and hardware) represents the maximum limit to which a particular
parameter can be handled. Capacity requirements are typically specified by technical and operational stakeholders and
may relate to parameters such as the maximum number of users that can use an application at a given point of time,
the maximum volume of data that can be transmitted per second (i.e., bandwidth) and the maximum number of
transactions that can be handled per second.
Neeraj Kumar Singh

Maintainability Testing
Introduction
Software often spends substantially more of its lifetime being maintained than being developed. Maintenance testing is
performed to test the impact of changes to an operational system or its environment. To ensure that the task of
conducting maintenance is as efficient as possible, maintainability testing is performed to measure the ease with which
code can be analyzed, changed and tested.
Typical maintainability objectives of affected stakeholders (e.g., the software owner or operator) include:
 Minimizing the cost of owning or operating the software
 Minimizing downtime required for software maintenance
Maintainability tests should be included in a test approach where one or more of the following factors apply:
 Software changes are likely after the software enters production (e.g., to correct defects or introduce planned
updates)
 The benefits of achieving maintainability objectives over the software development lifecycle are considered by the
affected stakeholders to outweigh the costs of performing the maintainability tests and making any required
changes
 The risks of poor software maintainability (e.g., long response times to defects reported by users and/or customers)
justify conducting maintainability tests
Neeraj Kumar Singh

Static and Dynamic Maintainability Testing
Static Maintainability Testing
Appropriate techniques for maintainability testing include static analysis and reviews. Maintainability testing should be
started as soon as the design documentation is available and should continue throughout the code implementation
effort.
Since maintainability is built into the code and the documentation for each individual code component, maintainability
can be evaluated early in the software development lifecycle without having to wait for a completed and running
system.
Dynamic Maintainability Testing
Dynamic maintainability testing focuses on the documented procedures developed for maintaining a particular
application (e.g., for performing software upgrades). Selections of maintenance scenarios are used as test cases to
ensure the required service levels are attainable with the documented procedures.
This form of testing is particularly relevant where the underlying infrastructure is complex, and support procedures may
involve multiple departments/organizations. This form of testing may take place as part of operational acceptance
testing.
Neeraj Kumar Singh

Maintainability Sub-characteristics
The maintainability of a system can be measured in terms of the effort required to diagnose problems identified within
a system (analyzability) and test the changed system (testability). Factors which influence both analyzability and
testability include the application of good programming practices (e.g., commenting, naming of variables, indentation),
and the availability of technical documentation (e.g., system design specifications, interface specifications).
Other relevant quality sub-characteristics for maintainability [ISO25010] are:
 Modifiability - the degree to which a component or system can be effectively and efficiently modified without
introducing defects or degrading existing product quality
 Modularity – the degree to which a system, product or component is composed of discrete components such that a
change to one component has minimal impact on other components
 Reusability – the degree to which an asset can be used in more than one system, or in building other assets
Neeraj Kumar Singh

Portability Testing
Introduction
Portability tests in general relate to the degree to which a software component or system can be transferred into its
intended environment, either initially or from an existing environment.
[ISO25010] includes the following sub-characteristics of portability:
 Installability - the capability of the software product to be installed in a specified environment
 Adaptability - the degree to which a component or system can be adapted for different or evolving hardware and
software environments
 Replaceability - the capability of another software product to be used in place of the specified software product
for the same purpose in the same environment
Portability testing can start with the individual components (e.g., replaceability of a particular component such as
changing from one database management system to another) and then expand in scope as more code becomes
available. Installability may not be testable until all the components of the product are functionally working.
Portability must be designed and built into the product and so must be considered early in the design and architecture
phases. Architecture and design reviews can be particularly productive for identifying potential portability requirements
and issues (e.g., dependency on a particular operating system).
Neeraj Kumar Singh

Portability Testing
Installability Testing
Installability testing is performed on the software and written procedures used to install the software on its target
environment. This may include, for example, the software developed to install an operating system onto a processor, or
an installation “wizard” used to install a product onto a client PC.
Typical installability testing objectives include the following:
 Validating that the software can be successfully installed by following the instructions in an installation manual
(including the execution of any installation scripts), or by using an installation wizard. This includes exercising
installation options for different hardware/software configurations and for various degrees of installation (e.g.,
initial or update).
 Testing whether failures which occur during installation (e.g., failure to load particular DLLs) are dealt with by the
installation software correctly without leaving the system in an undefined state (e.g., partially installed software or
incorrect system configurations)
 Testing whether a partial installation/de-installation can be completed
 Testing whether an installation wizard can successfully identify invalid hardware platforms or operating system
configurations
 Measuring whether the installation process can be completed within a specified number of minutes or within a
specified number of steps
 Validating that the software can be successfully downgraded or uninstalled
Neeraj Kumar Singh

Portability Testing
Adaptability Testing
Adaptability testing checks whether a given application can function correctly in all intended target environments
(hardware, software, middleware, operating system, etc.). An adaptive system is therefore an open system that is able
to fit its behavior according to changes in its environment or in parts of the system itself.
Specifying tests for adaptability requires that combinations of the intended target environments are identified,
configured and available to the testing team. These environments are then tested using a selection of functional test
cases which exercise the various components present in the environment.
Adaptability may relate to the ability of the software to be ported to various specified environments by performing a
predefined procedure. Tests may evaluate this procedure.
Adaptability tests may be performed in conjunction with installability tests and are typically followed by functional tests
to detect any defects which may have been introduced in adapting the software to a different environment.
Neeraj Kumar Singh

Portability Testing
Replaceability Testing
Replaceability testing focuses on the ability of software components within a system to be exchanged for others. This
may be particularly relevant for systems which use commercial off-the-shelf (COTS) software for specific system
components.
Replaceability tests may be performed in parallel with functional integration tests where more than one alternative
component is available for integration into the complete system. Replaceability may be evaluated by technical review
or inspection at the architecture and design levels, where the emphasis is placed on the clear definition of interfaces to
potential replaceable components.
Neeraj Kumar Singh

Compatibility Testing
Introduction
Compatibility testing considers the following aspects [ISO25010]:
 Co-existence - the degree to which a test item can function satisfactorily alongside other independent products in
a shared environment.
 Interoperability - the degree to which a system exchanges information with other systems or components.
Neeraj Kumar Singh

Compatibility Testing
Co-existence Testing
Computer systems which are not related to each other are said to co-exist when they can run in the same environment
(e.g., on the same hardware) without affecting each other's behavior (e.g., resource conflicts). Tests for co-existence
should be performed when new or upgraded software will be rolled out into environments which already contain
installed applications.
Co-existence problems may arise when the application is tested in an environment where it is the only installed
application (where incompatibility issues are not detectable) and then deployed onto another environment (e.g.,
production) which also runs other applications.
Typical objectives of co-existence testing include:
 Evaluation of possible adverse impact on functionality when applications are loaded in the same environment (e.g.,
conflicting resource usage when a server runs multiple applications)
 Evaluation of the impact to any application resulting from the deployment of operating system fixes and upgrades
Co-existence issues should be analyzed when planning the targeted production environment but the actual tests are
normally performed after system testing has been successfully completed.
Neeraj Kumar Singh

Exam Pattern
Neeraj Kumar Singh

Sample Questions
1. Assume you are working as a technical test analyst on the system integration testing of the baggage handling
system for a major airport. Most of the system components are developed by a main contractor, but the system
components for baggage redirection and for handling outsized items are being developed off-shore by separate
organizations. The airport operator is the customer for the project and has indicated that the system must run fast
even under peak morning and evening loads. A fully representative test environment has been made available for
the system integration tests and a specialist tools team has been set up to support the functional and non-
functional testing. Some of the functional tests for the continuous integration have already been implemented but
progress is slow. Based on this information, which of the following topics are you most likely to identify as risks in
the system integration test plan?
Select TWO Option
A. Stakeholder requirements
B. Required tool acquisition and training
C. Test environment requirements
D. Organizational considerations
E. Data security considerations
Neeraj Kumar Singh

Sample Questions
2. Consider the following product risk:
Abnormal application termination due to network connection failure.
Which of the following is the appropriate test type to address this risk?
Select ONE Option
A. Reliability testing.
B. Performance testing.
C. Operability testing.
D. Portability testing.
Neeraj Kumar Singh

Sample Questions
3. Which of the following statements is NOT correct?
Select ONE Option
A. It is desirable to conduct initial performance efficiency tests as early as possible, even if a production-like
environment is not yet available
B. Availability testing is performed both before and after entering operational service
C. Because security issues can be introduced during the architecture, design and implementation of the system,
security testing should happen after functional testing is done
D. Maintainability can be evaluated early in the lifecycle without having to wait for a completed and running
system.
Neeraj Kumar Singh

Sample Questions
4. A new personal banking system is to be developed for use on mobile devices. Which of the following reasons
which would justifying including security testing in the test approach.
Select TWO Option
A. To ensure the product can be effectively and efficiently modified without introducing defects
B. To ensure that the software does not exhibit unintended side-effects when performing its intended function
C. To evaluate whether the application installs correctly on a mobile device
D. To check that available functions are correctly implemented
E. To ensure that no sensitive data can be copied
Neeraj Kumar Singh

Chapter 4 - Quality Characteristics for Technical Testing

More Related Content

What's hot

What's hot (20)

Similar to Chapter 4 - Quality Characteristics for Technical Testing

Similar to Chapter 4 - Quality Characteristics for Technical Testing (20)

More from Neeraj Kumar Singh

More from Neeraj Kumar Singh (20)

Recently uploaded

Recently uploaded (20)

Chapter 4 - Quality Characteristics for Technical Testing