The document discusses quality characteristics for technical testing, focusing on reliability testing. It provides definitions and explanations of reliability sub-characteristics like maturity, fault tolerance, and recoverability. It describes approaches to measuring software maturity and reliability over time. Types of reliability tests discussed include fault tolerance testing, recoverability (failover and backup/restore) testing, and availability testing. General guidance is provided on planning and specifying reliability tests, noting the need for production-like environments and long test durations to obtain statistically significant results.
Chapter 1 - The Technical Test Analyst Tasks in Risk Based TestingNeeraj Kumar Singh
This is chapter 1 of ISTQB Advance Technical Test Analyst certification. This presentation helps aspirants understand and prepare the content of the certification.
Test Management as Chapter 5 of ISTQB Foundation 2018. Topics covered are Test Organization, Test Planning and Estimation, Test Monitoring and Control, Test Execution Schedule, Test Strategy, Risk and Testing, Defect Management
The document discusses fundamentals of software testing including definitions of testing, why testing is necessary, seven testing principles, and the test process. It describes the test process as consisting of test planning, monitoring and control, analysis, design, implementation, execution, and completion. It also outlines the typical work products created during each phase of the test process.
Test Case Design Techniques as chapter 4 of ISTQB Foundation. Topics included are Equivalence Partition, Boundary Value Analysis, State Transition Testing, Decision Table Testing, Use Case Testing, Statement Coverage, Decision Coverage, Error Guessing, Exploratory Testing, Checklist Based Testing
Continuous integration, testing, and delivery processes aim to provide fast feedback on code changes. This is done through frequent automated testing and deployment of code changes. Some key aspects discussed are:
- Continuous integration involves automatically testing code changes through builds and running automated tests. Frequent and immediate feedback is the goal but all tests may be too time-consuming.
- Continuous testing executes tests early and often based on code modifications to provide quick feedback.
- Continuous delivery deploys code changes to testing environments after builds to allow more testing, including performance and load tests. Continuous deployment then automatically deploys to production.
Prioritizing tests, running different test configurations, increasing non-UI testing, and splitting test
The document discusses various types and stages of software testing in the software development lifecycle, including:
1. Component testing, the lowest level of testing done in isolation on individual software modules.
2. Integration testing in small increments to test communication between components and non-functional aspects.
3. System testing to test functional and non-functional requirements at the full system level, often done by an independent test group.
4. The document provides details on planning, techniques, and considerations for each type of testing in the software development and integration process.
This is chapter 3 of ISTQB Advance Agile Technical Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 3 of ISTQB Advance Test Manager certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 2 of ISTQB Advance Agile Technical Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 5 of ISTQB Specialist Performance Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is the chapter 8 of ISTQB Advance Test Automation Engineer certification. This presentation helps aspirants understand and prepare content of certification.
This is chapter 6 of ISTQB Advance Test Manager certification. This presentation helps aspirants understand and prepare the content of the certification.
The document provides an agenda for Day 2 of an ISTQB Foundation Level training which includes the following topics: test design techniques like test analysis, test design, equivalence partitioning, boundary value analysis, use case testing and experience-based testing. It also discusses test management topics like test leader and tester roles and responsibilities, test plan vs test strategy, estimation techniques, configuration management, risk based testing, exploratory testing and defect management. The last sections provide overviews of tool support for testing and an exercise on classifying different types of triangles based on side lengths.
Static analysis is a static testing technique that analyzes source code without executing it. It can find faults like unreachable code, undeclared variables, and array bound violations. Some key advantages are that it can find faults difficult to see otherwise and provides an objective assessment of code quality. However, it also has limitations like not being able to distinguish fail-safe code from actual faults. Reviews are also useful for finding faults early and help achieve consensus, while inspections are more formal reviews.
This is chapter 1 of ISTQB Specialist Performance Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 4 of ISTQB Specialist Mobile Application Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
The document summarizes the key activities in the software testing process according to ISTQB, including test planning, monitoring and control, analysis, design, implementation, execution, evaluating exit criteria and reporting, and test closure activities. It provides details on each activity, such as the objectives of test planning, factors to consider for test analysis, and outputs that should be captured during test closure.
System testing evaluates a complete integrated system to determine if it meets specified requirements. It tests both functional and non-functional requirements. Functional requirements include business rules, transactions, authentication, and external interfaces. Non-functional requirements include performance, reliability, security, and usability. There are different types of system testing, including black box testing which tests functionality without knowledge of internal structure, white box testing which tests internal structures, and gray box testing which is a combination. Input, installation, graphical user interface, and regression testing are examples of different types of system testing.
This document provides an overview of software security testing. It defines security testing as verifying and validating the correctness and effectiveness of security implementation. It describes different types of security testing like vulnerability scanning, security scanning, and penetration testing. It discusses security test methodologies like model-based, code-based, and dynamic analysis testing. It outlines the typical tasks for a risk assessment that informs security testing. It also provides details on developing a security test plan, designing test cases, executing tests in an isolated environment, and using tools to support the testing process.
An integrated security testing framework and toolMoutasm Tamimi
The document presents an integrated security testing framework for the secure software development life cycle (SSDLC). The framework includes four main phases: 1) defining security guidelines based on enterprise security requirements for each SSDLC phase, 2) constructing security test cases based on the guidelines, 3) executing test cases by integrating various security testing tools, and 4) converging results from different tools using a meta-vulnerability data model. The framework aims to adopt security activities into each SSDLC phase to improve security, generate test cases, integrate testing tools, and provide accurate results. It was evaluated through prototype testing of 50 software projects.
This document discusses security requirements engineering and the SQUARE framework. It defines key terms like requirements, requirements engineering, and security requirements engineering. It then outlines the SQUARE framework which is a 9 step process for eliciting security requirements that includes agreeing on definitions, identifying goals, risk assessment, selecting techniques, and prioritizing requirements. Other frameworks are also briefly discussed and compared to SQUARE. Implementing security requirements engineering and SQUARE provides benefits like reducing risks and costs while protecting the business.
The document discusses various types of testing used in object-oriented software development including requirement testing, analysis testing, design testing, code testing, integration testing, unit testing, user testing, and system testing. It provides details on each type of testing such as the purpose, techniques, and processes involved. Scenario based testing and fault based testing are also summarized in the document.
The document provides an overview of topics related to software quality assurance including software testing strategies, project management, risk management, and maintenance. It discusses software quality assurance and defines verification and validation. It describes different testing types like unit testing, integration testing, system testing, and validation testing. It also covers ISO standards for testing, SQA plans, testing goals and attributes. Finally, it discusses testing approaches, strategies for validation testing, and the goals of system testing.
Manual testing interview questions and answersRajnish Sharma
This document contains answers to 10 common manual testing interview questions. It defines key terms like software testing, quality assurance, quality control, and the software development life cycle. It also describes different types of testing such as functional vs non-functional, black box vs white box vs gray box testing. Finally, it explains what a test bed is in the context of software testing.
The document discusses various topics related to software testing such as test case design strategies, levels of testing, test management, and test automation. It covers black box and white box test design approaches like boundary value analysis, equivalence partitioning, state-based testing and requirements-based testing. It also discusses different levels of testing from unit to system testing and the need for test planning, tracking, and reporting. The last unit covers test automation topics like skills required, challenges, and metrics.
Testing and Rolling Out Enterprise ApplicationsGem WeBlog
The document discusses various aspects of testing and rolling out enterprise applications. It describes different types of testing like functional testing, non-functional testing, white box testing, black box testing and gray box testing. It also discusses different testing levels from unit testing to acceptance testing and production testing. The document then covers testing approaches, environments, performance testing and security testing in detail. Finally, it provides an overview of user acceptance testing and strategies for rolling out enterprise applications.
CHAPTER 15Security Quality Assurance TestingIn this chapter yoJinElias52
CHAPTER 15
Security Quality Assurance Testing
In this chapter you will
• Explore the aspects of testing software for security
• Learn about standards for software quality assurance
• Discover the basic approaches to functional testing
• Examine types of security testing
• Explore the use of the bug bar and defect tracking in an effort to improve the SDL process
Testing is a critical part of any development process and testing in a secure development lifecycle (SDL) environment is an essential part of the security process. Designing in security is one step, coding is another, and testing provides the assurance that what was desired and planned becomes reality. Validation and verification have been essential parts of quality efforts for decades, and software is no exception. This chapter looks at how and what to test to obtain an understanding of the security posture of software.
Standards for Software Quality Assurance
Quality is defined as fitness for use according to certain requirements. This can be different from security, yet there is tremendous overlap in the practical implementation and methodologies employed. In this regard, lessons can be learned from international quality assurance standards, for although they may be more expansive in goals than just security, they can make sense there as well.
ISO 9216
The International Standard ISO/IEC 9216 provides guidance for establishing quality in software products. With respect to testing, this standard focuses on a quality model built around functionality, reliability, and usability. Additional issues of efficiency, maintainability, and portability are included in the quality model of the standard. With respect to security and testing, it is important to remember the differences between quality and security. Quality is defined as fitness for use, or conformance to requirements. Security is less cleanly defined, but can be defined by requirements. One issue addressed by the standard is the human side of quality, where requirements can shift over time, or be less clear than needed for proper addressing by the development team. These are common issues in all projects, and the standard works to ensure a common understanding of the goals and objectives of the projects as described by requirements. This information is equally applicable to security concerns and requirements.
SSE-CMM
The Systems Security Engineering Capability Maturity Model (SSE-CMM) is also known as ISO/IEC 21827, and is an international standard for the secure engineering of systems. The SSE-CMM addresses security engineering activities that span the entire trusted product or secure system lifecycle, including concept definition, requirements analysis, design, development, integration, installation, operations, maintenance, and decommissioning. The SSE-CMM is designed to be employed as a tool to evaluate security engineering practices and assist in the definition of improvements to them. The SSE-CMM is organized into p ...
Software testing for project report .pdfKamal Acharya
Methods of Software Testing There are two basic methods of performing software testing: 1. Manual testing 2. Automated testing Manual Software Testing As the name would imply, manual software testing is the process of an individual or individuals manually testing software. This can take the form of navigating user interfaces, submitting information, or even trying to hack the software or underlying database. As one might presume, manual software testing is labor-intensive and slow.
Welingkar_final project_ppt_IMPORTANCE & NEED FOR TESTINGSachin Pathania
Software testing is an important step in the software development process to identify bugs and ensure quality. It is done at various stages including unit, integration, system, and acceptance testing. Automation testing helps test cases be run quickly and consistently. In conclusion, software testing is crucial to identify and remove errors, improving the performance and consistency of software products.
Group #8, represented by Haris Jamil, discussed various types of software testing for their information technology project. They will review object-oriented analysis and design models, conduct class testing after coding, and integration testing within subsystems. The types of testing included are: object-oriented testing, requirement testing, analysis and design testing, code testing, user testing, integration tests, and system tests. Stages of requirement-based testing were defined as well as analysis testing, design testing techniques, code-based testing, integration testing strategies, system testing purposes, and user acceptance testing. Scenario-based testing was also explained.
This document discusses software test documentation standards and processes. It describes the IEEE 829 standard for software test documentation, which includes a test planning and control process involving test plans, analysis and design involving test cases and procedures, implementation and execution involving bug reports and test procedures, and evaluation and reporting involving status reports and test logs. It provides details on various test documentation artifacts like test plans, test designs, test cases, test procedures, and reports. It explains the purpose, structure, and contents of each artifact to provide documentation at different stages of the testing process.
This document outlines a secure software development course. The course goals are to explain computer security needs and requirements, introduce security best practices, and present techniques for evaluating security solutions. It will be graded through exams, assignments, and a final exam. The course material will include a delivered textbook. The timeline shows the course content by week, covering topics like risk assessment, secure design patterns, threat modeling, and security testing. The document also provides the lecturer's contact information and defines key terms like information security risks and software security.
This is the most important topic of OOAD named as Object Oriented Testing. It is used to prepare a good software which has no bug in it and it performs very fast. <a href="https://harisjamil.pro">Haris Jamil</a>
Security Services and Approach by Nazar TymoshykSoftServe
The document discusses SoftServe's security services and approach to application security testing. It provides an overview of typical security reports, how the security process often looks in reality versus how it should ideally be, and how SoftServe aims to minimize repetitive security issues through practices like automated security tests, secure coding trainings, and vulnerability scans integrated into continuous integration/delivery pipelines. The document also discusses benefits of SoftServe's internal security testing versus outsourcing to third parties, like catching problems earlier and improving a development team's security expertise.
Similar to Chapter 4 - Quality Characteristics for Technical Testing (20)
Tool Support for Testing as Chapter 6 of ISTQB Foundation 2018. Topics covered are Tool Benefits, Test Tool Classification, Benefits of Test Automation and Risk of Test Automation
Test Management as Chapter 5 of ISTQB Foundation. Topics covered are Test Organization, Test Planning and Estimation, Test Monitoring and Control, Test Execution Schedule, Test Strategy, Risk Management, Defect Management
Test Case Design Techniques as chapter 4 of ISTQB Foundation. Topics included are Equivalence Partition, Boundary Value Analysis, State Transition Testing, Decision Table Testing, Use Case Testing, Statement Coverage, Decision Coverage, Error Guessing, Exploratory Testing, Checklist Based Testing
Chapter 3 of ISTQB Foundation 2018 syllabus with sample questions. Answers about what is static testing, what is review, types of review, informal review, walkthrough, technical review, inspection.
The document discusses testing throughout the software development life cycle. It describes different software development models including sequential, incremental, and iterative models. It also covers different test levels from component and integration testing to system and acceptance testing. The document discusses different types of testing including functional and non-functional testing. It also covers topics like maintenance testing and triggers for additional testing when changes are made. Also covers concepts of Agile including DevOps, Shift Left Approach, TDD, BDD, ATDD, Retrospective and Process Improvement
The document discusses fundamentals of software testing including definitions of testing, why testing is necessary, seven testing principles, and the test process. It describes the test process as consisting of test planning, monitoring and control, analysis, design, implementation, execution, and completion. It also outlines the typical work products created during each phase of the test process.
Chapter 4 - Mobile Application Platforms, Tools and EnvironmentNeeraj Kumar Singh
This is chapter 4 of ISTQB Specialist Mobile Application Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
Chapter 3 - Common Test Types and Test Process for Mobile ApplicationsNeeraj Kumar Singh
This is chapter 3 of ISTQB Specialist Mobile Application Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 2 of ISTQB Specialist Mobile Application Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
Chapter 1 - Mobile World - Business and Technology DriversNeeraj Kumar Singh
This is chapter 1 of ISTQB Specialist Mobile Application Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is a Sample Question Paper of ISTQB Specialist Performance Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is the answer to Sample Questions of ISTQB Specialist Performance Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
ISTQB Performance Tester Certification Syllabus and Study MaterialNeeraj Kumar Singh
This is Syllabus of ISTQB Specialist Performance Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 4 of ISTQB Specialist Performance Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
Chapter 3 - Performance Testing in the Software LifecycleNeeraj Kumar Singh
The document discusses performance testing activities across different software development lifecycles. It describes how performance testing should be conducted iteratively throughout sequential development models, with testing at each stage from concept to acceptance. For iterative models, performance testing is also iterative and can be part of continuous integration. Specific activities discussed include test planning, monitoring, analysis, design, implementation, execution and completion. Performance risks are also discussed for different architectures.
This is chapter 2 of ISTQB Specialist Performance Tester certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 7 of ISTQB Advance Test Manager certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 5 of ISTQB Advance Test Manager certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 4 of ISTQB Advance Test Manager certification. This presentation helps aspirants understand and prepare the content of the certification.
This is chapter 2 of ISTQB Advance Test Manager certification. This presentation helps aspirants understand and prepare the content of the certification.
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Bert Blevins
Today’s digitally connected world presents a wide range of security challenges for enterprises. Insider security threats are particularly noteworthy because they have the potential to cause significant harm. Unlike external threats, insider risks originate from within the company, making them more subtle and challenging to identify. This blog aims to provide a comprehensive understanding of insider security threats, including their types, examples, effects, and mitigation techniques.
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
Choose our Linux Web Hosting for a seamless and successful online presencerajancomputerfbd
Our Linux Web Hosting plans offer unbeatable performance, security, and scalability, ensuring your website runs smoothly and efficiently.
Visit- https://onliveserver.com/linux-web-hosting/
How RPA Help in the Transportation and Logistics Industry.pptxSynapseIndia
Revolutionize your transportation processes with our cutting-edge RPA software. Automate repetitive tasks, reduce costs, and enhance efficiency in the logistics sector with our advanced solutions.
Transcript: Details of description part II: Describing images in practice - T...BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and slides: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Em...Erasmo Purificato
Slide of the tutorial entitled "Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Emerging Trends" held at UMAP'24: 32nd ACM Conference on User Modeling, Adaptation and Personalization (July 1, 2024 | Cagliari, Italy)
Measuring the Impact of Network Latency at TwitterScyllaDB
Widya Salim and Victor Ma will outline the causal impact analysis, framework, and key learnings used to quantify the impact of reducing Twitter's network latency.
INDIAN AIR FORCE FIGHTER PLANES LIST.pdfjackson110191
These fighter aircraft have uses outside of traditional combat situations. They are essential in defending India's territorial integrity, averting dangers, and delivering aid to those in need during natural calamities. Additionally, the IAF improves its interoperability and fortifies international military alliances by working together and conducting joint exercises with other air forces.
Kief Morris rethinks the infrastructure code delivery lifecycle, advocating for a shift towards composable infrastructure systems. We should shift to designing around deployable components rather than code modules, use more useful levels of abstraction, and drive design and deployment from applications rather than bottom-up, monolithic architecture and delivery.
Blockchain technology is transforming industries and reshaping the way we conduct business, manage data, and secure transactions. Whether you're new to blockchain or looking to deepen your knowledge, our guidebook, "Blockchain for Dummies", is your ultimate resource.
Comparison Table of DiskWarrior Alternatives.pdfAndrey Yasko
To help you choose the best DiskWarrior alternative, we've compiled a comparison table summarizing the features, pros, cons, and pricing of six alternatives.
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxSynapseIndia
Your comprehensive guide to RPA in healthcare for 2024. Explore the benefits, use cases, and emerging trends of robotic process automation. Understand the challenges and prepare for the future of healthcare automation
Advanced Techniques for Cyber Security Analysis and Anomaly DetectionBert Blevins
Cybersecurity is a major concern in today's connected digital world. Threats to organizations are constantly evolving and have the potential to compromise sensitive information, disrupt operations, and lead to significant financial losses. Traditional cybersecurity techniques often fall short against modern attackers. Therefore, advanced techniques for cyber security analysis and anomaly detection are essential for protecting digital assets. This blog explores these cutting-edge methods, providing a comprehensive overview of their application and importance.
3. Quality Characteristics for Technical Testing
Introduction
In general, the Technical Test Analyst focuses testing on "how" the product works, rather than the functional
aspects of "what" it does. These tests can take place at any test level.
For example, during component testing of real time and embedded systems, conducting performance efficiency
benchmarking and testing resource usage is important.
The specific system under test may include various servers, clients, databases, networks and other resources.
Regardless of the test level, testing should be performed according to the risk priorities and the available
resources.
It should be noted that both dynamic testing and static testing may be applied to test the non-functional quality
characteristics.
For all of the quality characteristics and sub-characteristics discussed in this section, the typical risks must be
recognized so that an appropriate testing approach can be formed and documented.
Quality characteristic testing requires particular attention to lifecycle timing, required tools, required standards,
software and documentation availability and technical expertise.
Some of this testing, e.g., performance efficiency testing, requires extensive planning, dedicated equipment,
specific tools, specialized testing skills and, in most cases, a significant amount of time.
Neeraj Kumar Singh
7. Quality Characteristics for Technical Testing
General Planning Issues
Failure to plan for non-functional tests can put the success of an application at considerable risk. The Technical
Test Analyst may be requested by the Test Manager to identify the principal risks for the relevant quality
characteristics.
The following general factors are considered when performing these tasks:
Stakeholder requirements
Required tool acquisition and training
Test environment requirements
Organizational considerations
Data security considerations
Risks and typical defects
Neeraj Kumar Singh
8. Quality Characteristics for Technical Testing
General Planning Issues
Stakeholder Requirements
Non-functional requirements are often poorly specified or even non-existent. At the planning stage, Technical Test
Analysts must be able to obtain expectation levels relating to technical quality characteristics from affected
stakeholders and evaluate the risks that these represent.
It is advisable to obtain multiple viewpoints when capturing non-functional requirements. They must be elicited
from stakeholders such as customers, product owners, users, operations staff and maintenance staff.
Required Tool Acquisition and Training
Commercial tools or simulators are particularly relevant for performance efficiency and certain security tests.
Technical Test Analysts should estimate the costs and timescales involved for acquiring, learning and implementing
the tools. Where specialized tools are to be used, planning should account for the learning curves for new tools
and/or the cost of hiring external tool specialists.
Neeraj Kumar Singh
9. Quality Characteristics for Technical Testing
General Planning Issues
Test Environment Requirements
Many technical tests (e.g., security tests, performance efficiency tests) require a production-like test environment
in order to provide realistic measures. Depending on the size and complexity of the system under test, this can
have a significant impact on the planning and funding of the tests. Since the cost of such environments may be
high, the following alternatives may be considered:
Using the production environment
Using a scaled-down version of the system, taking care that the test results obtained are sufficiently
representative of the production system
Using cloud-based resources as an alternative to acquiring the resources directly
Using virtualized environments
Organizational Considerations
Technical tests may involve measuring the behavior of several components in a complete system (e.g., servers,
databases, networks). If these components are distributed across a number of different sites and organizations, the
effort required to plan and co-ordinate the tests may be significant.
Neeraj Kumar Singh
10. Quality Characteristics for Technical Testing
General Planning Issues
Data Security Considerations
Specific security measures implemented for a system should be taken into account at the test planning stage to
ensure that all testing activities are possible. For example, the use of data encryption may make the creation of
test data and the verification of results difficult.
Data protection policies and laws may preclude the generation of any required test data based on production data
(e.g., personal data, credit card data). Making test data anonymous is a non-trivial task which must be planned for
as part of the test implementation.
Risks and Typical Defect
Identifying and managing risks is a fundamental consideration for test planning. The Technical Test Analyst
identifies product risks by using knowledge of the typical types of defects to be expected for a particular quality
characteristic.
This enables the types of testing required to address those risks to be selected. These specific aspects are covered
within the remaining sections of this chapter which describe the individual quality characteristics
Neeraj Kumar Singh
11. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
13. Quality Characteristics for Technical Testing
Reasons for Considering Security Testing
Security testing assesses a system's vulnerability to threats by attempting to compromise the system's security policy. The
following is a list of potential threats which should be explored during security testing: • Unauthorized copying of applications or
data.
Unauthorized access control
User rights, access and privileges are the focus of this testing. This information should be available in the specifications for
the system.
Software which exhibits unintended side-effects when performing its intended function.
Code inserted into a web page which may be exercised by subsequent users (cross-site scripting or XSS). This code may be
malicious.
Buffer overflow (buffer overrun) which may be caused by entering strings into a user interface input field which are longer
than the code can correctly handle.
Denial of service, which prevents users from interacting with an application (e.g., by overloading a web server with
“nuisance” requests).
The interception, mimicking and/or altering and subsequent relaying of communications (e.g., credit card transactions) by a
third party such that a user remains unaware of that third party’s presence (“Man in the Middle” attack)
Breaking the encryption codes used to protect sensitive data.
Logic bombs (sometimes called Easter Eggs), which may be maliciously inserted into code and which activate only under
certain conditions (e.g., on a specific date). When logic bombs activate, they may perform malicious acts such as the
deletion of files or formatting of disks.
Neeraj Kumar Singh
14. Quality Characteristics for Technical Testing
Security Test Planning
In general the following aspects are of particular relevance when planning security tests:
Because security issues can be introduced during the architecture, design and implementation of the system,
security testing may be scheduled for the unit, integration and system testing levels.
The test approaches proposed by the Technical Test Analyst may include reviews of the architecture, design, and
code, and the static analysis of code with security tools. These can be effective in finding security issues that are
easily missed during dynamic testing.
The Technical Test Analyst may be called upon to design and perform certain security “attacks” which require
careful planning and coordination with stakeholders (including security testing specialists).
An essential aspect of security test planning is obtaining approvals. For the Technical Test Analyst, this means
ensuring that explicit permission has been obtained from the Test Manager to perform the planned security tests.
All security test planning should be coordinated with an organization’s Information Security Officer if the
organization has such a role.
It should be noted that improvements which may be made to the security of a system may affect its performance
efficiency or reliability. After making security improvements it is advisable to consider the need for conducting
performance efficiency or reliability tests
Neeraj Kumar Singh
15. Quality Characteristics for Technical Testing
Security Test Specification
Particular security tests may be grouped [Whittaker04] according to the origin of the security risk. These include the following:
User interface related - unauthorized access and malicious inputs
File system related - access to sensitive data stored in files or repositories
Operating system related - storage of sensitive information such as passwords in non-encrypted form in memory which could
be exposed when the system is crashed through malicious inputs
External software related - interactions which may occur among external components that the system utilizes. These may
be at the network level (e.g., incorrect packets or messages passed) or at the software component level (e.g., failure of a
software component on which the software relies).
The ISO 25010 sub-characteristics of security also provide a basis from which security tests may be specified. These focus on the
following aspects of security:
Confidentiality – the degree to which a product or system ensures that data is accessible only to those authorized to have
access
Integrity – the degree to which a system, product or component prevents unauthorized access to, or modification of,
computer programs or data
Non-repudiation – the degree to which actions or events can be proven to have taken place so they cannot be denied later
Accountability – the degree to which the actions of an entity can be traced uniquely to the entity
Authenticity – the degree to which the identity of a subject or resource can be proven to be the one claimed
Neeraj Kumar Singh
16. Quality Characteristics for Technical Testing
Security Test Specification
The following approach [Whittaker04] may be used to develop security tests:
Gather information which may be useful in specifying tests, such as names of employees, physical addresses, details
regarding the internal networks, IP numbers, identity of software or hardware used, and operating system version.
Perform a vulnerability scan using widely available tools. Such tools are not used directly to compromise the
system(s), but to identify vulnerabilities that are, or that may result in, a breach of security policy. Specific
vulnerabilities can also be identified using information and checklists such as those provided by the National
Institute of Standards and Technology (NIST) [Web-1] and the Open Web Application Security Project™ (OWASP)
[Web-4].
Develop “attack plans” (i.e., a plan of testing actions intended to compromise a particular system’s security policy)
using the gathered information. Several inputs via various interfaces (e.g., user interface, file system) need to be
specified in the attack plans to detect the most severe security defects. The various “attacks” described in
[Whittaker04] are a valuable source of techniques developed specifically for security testing.
Neeraj Kumar Singh
17. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
19. Reliability Testing
Introduction & Measuring Software Maturity
Introduction
The ISO 25010 classification of product quality characteristics defines the following sub-characteristics of reliability:
Maturity - the degree to which a component or system meets needs for reliability under normal operation
Fault tolerance - the capability of the software product to maintain a specified level of performance in cases of
software defects or of infringement of its specified interface
Recoverability - the capability of the software product to re-establish a specified level of performance and recover
the data directly affected in case of failure
Availability - the degree to which a component or system is operational and accessible when required for use
Measuring Software Maturity
An objective of reliability testing is to monitor a statistical measure of software maturity over time and compare this to
a desired reliability goal which may be expressed as a Service Level Agreement (SLA). The measures may take the form
of a Mean Time Between Failures (MTBF), Mean Time To Repair (MTTR) or any other form of failure intensity
measurement (e.g., number of failures of a particular severity occurring per week). These may be used as exit criteria
(e.g., for production release).
Neeraj Kumar Singh
20. Reliability Testing
Fault Tolerance Testing & Recoverability Testing
Fault Tolerance Testing
In addition to the functional testing that evaluates the software’s tolerance to faults in terms of handling unexpected input
values (so-called negative tests), additional testing is needed to evaluate a system’s tolerance to faults which occur externally to
the application under test. Such faults are typically reported by the operating system (e.g., disk full, process or service not
available, file not found, memory not available). Tests of fault tolerance at the system level may be supported by specific tools.
Recoverability Testing
Recoverability tests include Failover and Backup and Restore tests.
Failover tests are performed where the consequences of a software failure are so negative that specific hardware and/or
software measures have been implemented to ensure system operation even in the event of a failure.
Typical preventive measures for hardware failures might include load balancing across several processors and clustering
servers, processors or disks so that one can immediately take over from another if it should fail (redundant systems).
Backup and Restore tests focus on the procedural measures set up to minimize the effects of a failure. Such tests evaluate
the procedures (usually documented in a manual) for taking different forms of backup and for restoring that data if data loss
or corruption should occur.
Measures for Backup and Restore tests may include the following:
Time taken to perform different types of backup (e.g., full, incremental)
Time taken to restore data
Levels of guaranteed data backupNeeraj Kumar Singh
21. Reliability Testing
Availability Testing
Any system that has interfaces with other systems and/or processes (e.g., for receiving inputs) relies on the availability
of those interfaces to ensure overall operability. Availability testing serves the following principal purposes:
To establish whether required system components and processes are available (on demand or continuously) and
respond as expected to requests
To provide measurements from which an overall level of availability can be obtained (often given as a percentage of
time in a SLA).
To establish whether an overall system is ready for operation (e.g., as one of the criteria for operational acceptance
testing).
Availability testing is performed both before and after entering operational service, and is particularly relevant for the
following situations:
Where systems are made up of other systems (i.e., systems of systems). Tests focus on the availability of all
individual component systems.
Where a system or service is sourced externally (e.g., from a third party supplier). Tests focus on measuring
availability levels to ensure that agreed service levels are upheld.
Neeraj Kumar Singh
22. Reliability Testing
Reliability Test Planning
In general, the following aspects are of particular relevance when planning reliability tests:
Reliability can continue to be monitored after the software has entered production. The organization and staff
responsible for operation of the software must be consulted when gathering reliability requirements for test
planning purposes.
The Technical Test Analyst may select a reliability growth model which shows the expected levels of reliability over
time. A reliability growth model can provide useful information to the Test Manager by enabling comparison of the
expected and achieved reliability levels.
Reliability tests should be performed in a production-like environment. The environment used should remain as
stable as possible to enable reliability trends to be monitored over time.
Because reliability tests often require use of the entire system, reliability testing is most commonly done as part of
system testing. However, individual components can be subjected to reliability testing as well as integrated sets of
components.
In order to produce test results that are statistically significant, reliability tests usually require long execution
times. This may make it difficult to schedule within other planned tests.
Neeraj Kumar Singh
23. Reliability Testing
Reliability Test Specification
Reliability testing may take the form of a repeated set of predetermined tests. These may be tests selected at random
from a pool or test cases generated by a statistical model using random or pseudorandom methods. Tests may also be
based on patterns of use which are sometimes referred to as “Operational Profiles” (see Section 4.5.3).
Where reliability tests are scheduled to run automatically in parallel to normal operations (e.g., to test availability),
they are generally specified to be as simple as possible to avoid possible negative impact on the system performance
efficiency.
Certain reliability tests may specify that memory-intensive actions be executed repeatedly so that possible memory
leaks can be detected.
Neeraj Kumar Singh
24. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
26. Performance Efficiency Testing
Types of Performance Efficiency Testing
Load Testing
Load testing focuses on the ability of a system to handle increasing levels of anticipated realistic loads resulting from
the transaction requests generated by numbers of concurrent users or processes. Average response times for users under
different scenarios of typical use (operational profiles) can be measured and analyzed.
Stress Testing
Stress testing focuses on the ability of a system or component to handle peak loads at or beyond the limits of its
anticipated or specified workloads, or with reduced availability of resources such as available bandwidth.
Performance levels should degrade slowly and predictably without failure as stress levels are increased. In particular,
the functional integrity of the system should be tested while the system is under stress in order to find possible defects
in functional processing or data inconsistencies
One possible objective of stress testing is to discover the limits at which a system actually fails so that the “weakest link
in the chain” can be determined. Stress testing allows additional capacity to be added to the system in a timely manner
(e.g., memory, CPU capability, database storage).
Neeraj Kumar Singh
27. Performance Efficiency Testing
Types of Performance Efficiency Testing
Scalability Testing
Scalability testing focuses on the ability of a system to meet future efficiency requirements, which may be beyond those
currently required. The objective of the tests is to determine the system’s ability to grow (e.g., with more users, larger
amounts of data stored) without reaching a point where the currently specified performance requirements cannot be
met or the system fails.
Once the limits of scalability are known, threshold values can be set and monitored in production to provide a warning
of impending problems. In addition, the production environment may be adjusted with appropriate amounts of hardware
to meet anticipated needs.
Neeraj Kumar Singh
28. Performance Efficiency Testing
Performance Efficiency Test Planning
In addition to the general planning issues, the following factors can influence the planning of performance efficiency
tests:
Depending on the test environment used and the software being tested, performance efficiency tests may require
the entire system to be implemented before effective testing can be done. In this case, performance efficiency
testing is usually scheduled to occur during system test. Other performance efficiency tests which can be performed
effectively at the component level may be scheduled during unit testing.
In general, it is desirable to conduct initial performance efficiency tests as early as possible, even if a production-
like environment is not yet available. These early tests may find performance efficiency problems (e.g.,
bottlenecks) and reduce project risk by avoiding time consuming corrections in the later stages of software
development or production.
Code reviews, in particular those which focus on database interaction, component interaction and error handling,
can identify performance efficiency issues (particularly regarding “wait and retry” logic and inefficient queries) and
should be scheduled early in the software development lifecycle.
The hardware, software and network bandwidth needed to run the performance efficiency tests should be planned
and budgeted. Needs depend primarily on the load to be generated, which may be based on the number of virtual
users to be simulated and the amount of network traffic they are likely to generate. Failure to account for this may
result in unrepresentative performance measurements being taken.
Neeraj Kumar Singh
29. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
31. Performance Efficiency Testing
Performance Efficiency Test Specification
The specification of tests for different performance efficiency test types such as load and stress are based on the
definition of operational profiles. These represent distinct forms of user behavior when interacting with an application.
There may be multiple operational profiles for a given application.
The numbers of users per operational profile may be obtained by using monitoring tools (where the actual or
comparable application is already available) or by predicting usage. Such predictions may be based on algorithms or
provided by the business organization. These are especially important for specifying the operational profile(s) to be
used for scalability testing.
Operational profiles are the basis for the number and types of test cases to be used during performance efficiency
testing. These tests are often controlled by test tools that create "virtual" or simulated users in quantities that will
represent the profile under test.
Neeraj Kumar Singh
32. Performance Efficiency Testing
Quality Sub-characteristics of Performance Efficiency
The ISO 25010 classification of product quality characteristics includes the following sub-characteristics of performance
efficiency:
Time behavior - the ability of a component or system to respond to user or system inputs within a specified time
and under specified conditions
Resource utilization - the capability of the software product to use appropriate amounts and types of resources
Capacity - the maximum limit to which a particular parameter can be handled
Time Behavior
Time behavior focuses on the ability of a component or system to respond to user or system inputs within a specified
time and under specified conditions. Time behavior measurements vary according to the objectives of the test. For
individual software components, time behavior may be measured according to CPU cycles, while for client-based
systems time behavior may be measured according to the time taken to respond to a particular user request.
For systems whose architectures consist of several components (e.g., clients, servers, databases) time behavior
measurements are taken for transactions between individual components so that “bottlenecks” can be identified.
Neeraj Kumar Singh
33. Performance Efficiency Testing
Quality Sub-characteristics of Performance Efficiency
Resource Utilization
Tests relating to resource utilization evaluate the usage of system resources (e.g., usage of memory, disk capacity,
network bandwidth, connections) against a predefined benchmark. These are compared under both normal loads and
stress situations, such as high levels of transaction and data volumes, to determine if unnatural growth in usage is
occurring.
For example, for real-time embedded systems, memory usage (sometimes referred to as a “memory footprint”) plays a
significant role in performance efficiency testing. If the memory footprint exceeds the allowed measure, the system
may have insufficient memory needed to perform its tasks within the specified time periods. This may slow down the
system or even lead to a system crash.
Capacity
The capacity of a system (including software and hardware) represents the maximum limit to which a particular
parameter can be handled. Capacity requirements are typically specified by technical and operational stakeholders and
may relate to parameters such as the maximum number of users that can use an application at a given point of time,
the maximum volume of data that can be transmitted per second (i.e., bandwidth) and the maximum number of
transactions that can be handled per second.
Neeraj Kumar Singh
34. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
36. Maintainability Testing
Introduction
Software often spends substantially more of its lifetime being maintained than being developed. Maintenance testing is
performed to test the impact of changes to an operational system or its environment. To ensure that the task of
conducting maintenance is as efficient as possible, maintainability testing is performed to measure the ease with which
code can be analyzed, changed and tested.
Typical maintainability objectives of affected stakeholders (e.g., the software owner or operator) include:
Minimizing the cost of owning or operating the software
Minimizing downtime required for software maintenance
Maintainability tests should be included in a test approach where one or more of the following factors apply:
Software changes are likely after the software enters production (e.g., to correct defects or introduce planned
updates)
The benefits of achieving maintainability objectives over the software development lifecycle are considered by the
affected stakeholders to outweigh the costs of performing the maintainability tests and making any required
changes
The risks of poor software maintainability (e.g., long response times to defects reported by users and/or customers)
justify conducting maintainability tests
Neeraj Kumar Singh
37. Maintainability Testing
Static and Dynamic Maintainability Testing
Static Maintainability Testing
Appropriate techniques for maintainability testing include static analysis and reviews. Maintainability testing should be
started as soon as the design documentation is available and should continue throughout the code implementation
effort.
Since maintainability is built into the code and the documentation for each individual code component, maintainability
can be evaluated early in the software development lifecycle without having to wait for a completed and running
system.
Dynamic Maintainability Testing
Dynamic maintainability testing focuses on the documented procedures developed for maintaining a particular
application (e.g., for performing software upgrades). Selections of maintenance scenarios are used as test cases to
ensure the required service levels are attainable with the documented procedures.
This form of testing is particularly relevant where the underlying infrastructure is complex, and support procedures may
involve multiple departments/organizations. This form of testing may take place as part of operational acceptance
testing.
Neeraj Kumar Singh
38. Maintainability Testing
Maintainability Sub-characteristics
The maintainability of a system can be measured in terms of the effort required to diagnose problems identified within
a system (analyzability) and test the changed system (testability). Factors which influence both analyzability and
testability include the application of good programming practices (e.g., commenting, naming of variables, indentation),
and the availability of technical documentation (e.g., system design specifications, interface specifications).
Other relevant quality sub-characteristics for maintainability [ISO25010] are:
Modifiability - the degree to which a component or system can be effectively and efficiently modified without
introducing defects or degrading existing product quality
Modularity – the degree to which a system, product or component is composed of discrete components such that a
change to one component has minimal impact on other components
Reusability – the degree to which an asset can be used in more than one system, or in building other assets
Neeraj Kumar Singh
39. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
41. Portability Testing
Introduction
Portability tests in general relate to the degree to which a software component or system can be transferred into its
intended environment, either initially or from an existing environment.
[ISO25010] includes the following sub-characteristics of portability:
Installability - the capability of the software product to be installed in a specified environment
Adaptability - the degree to which a component or system can be adapted for different or evolving hardware and
software environments
Replaceability - the capability of another software product to be used in place of the specified software product
for the same purpose in the same environment
Portability testing can start with the individual components (e.g., replaceability of a particular component such as
changing from one database management system to another) and then expand in scope as more code becomes
available. Installability may not be testable until all the components of the product are functionally working.
Portability must be designed and built into the product and so must be considered early in the design and architecture
phases. Architecture and design reviews can be particularly productive for identifying potential portability requirements
and issues (e.g., dependency on a particular operating system).
Neeraj Kumar Singh
42. Portability Testing
Installability Testing
Installability testing is performed on the software and written procedures used to install the software on its target
environment. This may include, for example, the software developed to install an operating system onto a processor, or
an installation “wizard” used to install a product onto a client PC.
Typical installability testing objectives include the following:
Validating that the software can be successfully installed by following the instructions in an installation manual
(including the execution of any installation scripts), or by using an installation wizard. This includes exercising
installation options for different hardware/software configurations and for various degrees of installation (e.g.,
initial or update).
Testing whether failures which occur during installation (e.g., failure to load particular DLLs) are dealt with by the
installation software correctly without leaving the system in an undefined state (e.g., partially installed software or
incorrect system configurations)
Testing whether a partial installation/de-installation can be completed
Testing whether an installation wizard can successfully identify invalid hardware platforms or operating system
configurations
Measuring whether the installation process can be completed within a specified number of minutes or within a
specified number of steps
Validating that the software can be successfully downgraded or uninstalled
Neeraj Kumar Singh
43. Portability Testing
Adaptability Testing
Adaptability testing checks whether a given application can function correctly in all intended target environments
(hardware, software, middleware, operating system, etc.). An adaptive system is therefore an open system that is able
to fit its behavior according to changes in its environment or in parts of the system itself.
Specifying tests for adaptability requires that combinations of the intended target environments are identified,
configured and available to the testing team. These environments are then tested using a selection of functional test
cases which exercise the various components present in the environment.
Adaptability may relate to the ability of the software to be ported to various specified environments by performing a
predefined procedure. Tests may evaluate this procedure.
Adaptability tests may be performed in conjunction with installability tests and are typically followed by functional tests
to detect any defects which may have been introduced in adapting the software to a different environment.
Neeraj Kumar Singh
44. Portability Testing
Replaceability Testing
Replaceability testing focuses on the ability of software components within a system to be exchanged for others. This
may be particularly relevant for systems which use commercial off-the-shelf (COTS) software for specific system
components.
Replaceability tests may be performed in parallel with functional integration tests where more than one alternative
component is available for integration into the complete system. Replaceability may be evaluated by technical review
or inspection at the architecture and design levels, where the emphasis is placed on the clear definition of interfaces to
potential replaceable components.
Neeraj Kumar Singh
45. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
47. Compatibility Testing
Introduction
Compatibility testing considers the following aspects [ISO25010]:
Co-existence - the degree to which a test item can function satisfactorily alongside other independent products in
a shared environment.
Interoperability - the degree to which a system exchanges information with other systems or components.
Neeraj Kumar Singh
48. Compatibility Testing
Co-existence Testing
Computer systems which are not related to each other are said to co-exist when they can run in the same environment
(e.g., on the same hardware) without affecting each other's behavior (e.g., resource conflicts). Tests for co-existence
should be performed when new or upgraded software will be rolled out into environments which already contain
installed applications.
Co-existence problems may arise when the application is tested in an environment where it is the only installed
application (where incompatibility issues are not detectable) and then deployed onto another environment (e.g.,
production) which also runs other applications.
Typical objectives of co-existence testing include:
Evaluation of possible adverse impact on functionality when applications are loaded in the same environment (e.g.,
conflicting resource usage when a server runs multiple applications)
Evaluation of the impact to any application resulting from the deployment of operating system fixes and upgrades
Co-existence issues should be analyzed when planning the targeted production environment but the actual tests are
normally performed after system testing has been successfully completed.
Neeraj Kumar Singh
49. Quality Characteristics for Technical Testing
1 TTA’s Task in
Risk Based Testing
2 White Box Test
Techniques
3 Analytical
Techniques
Software Testing - ISTQB Advance
Technical Test Analyst Exam Preparation
Chapter 4
Neeraj Kumar Singh
4 Quality
Characteristics
5 Reviews
6 Test Tools &
Automation
51. Quality Characteristics for Technical Testing
Sample Questions
1. Assume you are working as a technical test analyst on the system integration testing of the baggage handling
system for a major airport. Most of the system components are developed by a main contractor, but the system
components for baggage redirection and for handling outsized items are being developed off-shore by separate
organizations. The airport operator is the customer for the project and has indicated that the system must run fast
even under peak morning and evening loads. A fully representative test environment has been made available for
the system integration tests and a specialist tools team has been set up to support the functional and non-
functional testing. Some of the functional tests for the continuous integration have already been implemented but
progress is slow. Based on this information, which of the following topics are you most likely to identify as risks in
the system integration test plan?
Select TWO Option
A. Stakeholder requirements
B. Required tool acquisition and training
C. Test environment requirements
D. Organizational considerations
E. Data security considerations
Neeraj Kumar Singh
52. Quality Characteristics for Technical Testing
Sample Questions
2. Consider the following product risk:
Abnormal application termination due to network connection failure.
Which of the following is the appropriate test type to address this risk?
Select ONE Option
A. Reliability testing.
B. Performance testing.
C. Operability testing.
D. Portability testing.
Neeraj Kumar Singh
53. Quality Characteristics for Technical Testing
Sample Questions
3. Which of the following statements is NOT correct?
Select ONE Option
A. It is desirable to conduct initial performance efficiency tests as early as possible, even if a production-like
environment is not yet available
B. Availability testing is performed both before and after entering operational service
C. Because security issues can be introduced during the architecture, design and implementation of the system,
security testing should happen after functional testing is done
D. Maintainability can be evaluated early in the lifecycle without having to wait for a completed and running
system.
Neeraj Kumar Singh
54. Quality Characteristics for Technical Testing
Sample Questions
4. A new personal banking system is to be developed for use on mobile devices. Which of the following reasons
which would justifying including security testing in the test approach.
Select TWO Option
A. To ensure the product can be effectively and efficiently modified without introducing defects
B. To ensure that the software does not exhibit unintended side-effects when performing its intended function
C. To evaluate whether the application installs correctly on a mobile device
D. To check that available functions are correctly implemented
E. To ensure that no sensitive data can be copied
Neeraj Kumar Singh