Câu hỏi ôn tập môn Software Testing

1. What is static code analysis?
Static Code Analysis (also known as Source Code Analysis) is usually performed
as part of a Code Review (also known as white-box testing) and is carried out at
the Implementation phase of a Security Development Lifecycle (SDL). Static
Code Analysis commonly refers to the running of Static Code Analysis tools that
attempt to highlight possible vulnerabilities within 'static' (non-running) source
code by using techniques such as Taint Analysis and Data Flow Analysis.
2. What is the difference between Testing Techniques and Testing Tools?
- Testing technique: – Is a process for ensuring that some aspects of the
application system or unit functions properly there may be few techniques but
many tools.
- Testing Tools: – Is a vehicle for performing a test process. The tool is a resource
to the tester, but itself is insufficient to conduct testing
3. What is component / Unit testing?
- Component: Component testing is a method where testing of each component
in an application is done separately. Suppose, in an application there are 5
components. Testing of each 5 components separately and efficiently is called
as component testing.
- Unit testing: Unit testing is a software development process in which the
smallest testable parts of an application, called units, are individually and
independently scrutinized for proper operation. Unit testing can be done
manually but is often automated.
4. What are the different Methodologies in Agile Development Model?
5. Consider the following techniques. Which are static and which are dynamic
techniques?
6. What are the phases of a formal review?
1) Planning Selecting the personal, allocating roles, defining entry and exit criteria
for more formal reviews etc.
2) Kick-off Distributing documents, explaining the objectives, checking entry

criteria etc.
3) Individual preparation Work done by each of the participants on their own work
before the review meeting, questions and comments
4) Review meeting Discussion or logging, make recommendations for handling
the defects, or make decisions about the defects
5) Rework Fixing defects found, typically done by the author Fixing defects
found, typically done by the author
6) Follow-up Checking the defects have been addressed, gathering metrics and
checking on exit criteria.


7. What are the Structure-based (white-box) testing techniques?
8. When should testing be stopped?
 Deadlines (release deadlines, testing deadlines, etc.)
 Test cases completed with certain percentage passed
 Test budget depleted
 Coverage of code/functionality/requirements reaches a specified point
 Bug rate falls below a certain level
 Beta or alpha testing period ends
9. What is black box testing? What are the different black box testing
techniques?
- Black Box Testing, also known as Behavioral Testing, is a software testing
method in which the internal structure/ design/ implementation of the item
being tested is not known to the tester. These tests can be functional or nonfunctional, though usually functional.
- Black box testing techniques:
 Equivalence partitioning
 Boundary value analysis
 Decision tables
 Other combinational techniques
 State transition testing

 Use case testing
 Limitations and assumptions
10. Why we use decision tables?
The techniques of equivalence partitioning and boundary value analysis are often
applied to specific situations or inputs. However, if different combinations of
inputs result in different actions being taken, this can be more difficult to show
using equivalence partitioning and boundary value analysis, which tend to be more
focused on the user interface. The other two specification-based tech-niques,
decision tables and state transition testing are more focused on business logic or
business rules. A decision table is a good way to deal with combinations of things
(e.g. inputs). This technique is sometimes also referred to as a 'cause-effect' table.
The reason for this is that there is an associated logic diagramming technique


called 'cause-effect graphing' which was sometimes used to help derive the
decision table

11. What is test coverage?
Test coverage measures the amount of testing performed by a set of test. Wherever
we can count things and can tell whether or not each of those things has been
tested by some test, then we can measure coverage and is known as test coverage.
12. What is DRE? (Defect Removal Efficiency)
Defect Removal Efficiency is a weighty metric used to estimate test efficacy.
DRE = Quantity of Bugs during Software Testing / (Quantity of Bugs during
Software Testing + Quantity of Bugs found by User)
13. The later in the development life cycle a fault is discovered, the more expensive it
is to fix. Why?
Because the fault has been built into more documentation, code, tests, etc
14. What is exploratory testing?
15. What is the difference between STLC (Software Testing Life Cycle) and SDLC

(Software Development Life Cycle) ?
16. In white box testing what do you verify?
17. What is the difference between static and dynamic testing?
Static Testing

Dynamic Testing

Testing done without executing the program

Testing done by executing the program

This testing does verification process

Dynamic testing does validation process

Static testing is about prevention of defects

Dynamic testing is about finding and fixing the
defects

Static testing gives assessment of code and
documentation

Dynamic testing gives bugs/bottlenecks in the
software system.

Static testing involves checklist and process to be
followed

Dynamic testing involves test cases for execution


This testing can be performed before compilation

Dynamic testing is performed after compilation

Static testing covers the structural and statement
coverage testing

Dynamic testing covers the executable file of the
code


Cost of finding defects and fixing is less

Cost of finding and fixing defects is high

Return on investment will be high as this process
involved at early stage

Return on investment will be low as this process
involves after the development phase

More reviews comments are highly recommended
for good quality

More defects are highly recommended for good
quality.

Requires loads of meetings


Comparatively requires lesser meetings

18. What is verification and validation?
- Verification: Verification is a process of evaluating the intermediary work
products of a software development lifecycle to check if we are in the right
track of creating the final product.
- Validation:
+ Definition: the process of evaluating software during or at the end of the
development process to determine whether it satisfies specified requirements.
Validation is the process of evaluating the final product to check whether the
software meets the business needs. In simple words the test execution which
we do in our day to day life are actually the validation activity which includes
smoke testing, functional testing, regression testing, systems testing etc…
19. What are different test levels? What is Integration testing?
20. What are the tables in test plans (test plan document consists of)?
21. What is the difference between UAT (User Acceptance Testing) and System
testing?
22. What is the difference between test scenarios, test cases and test script?
23. What does a typical test report contains? What are the benefits of test reports?
24. What does a typical bug report contains? What are the benefits of bug reports?
25. What makes a good Software Test engineer?
A good test engineer has a 'test to break' attitude, an ability to take the point of
view of the customer, a strong desire for quality, and an attention to detail. Tact
and diplomacy are useful in maintaining a cooperative relationship with
developers, and an ability to communicate with both technical (developers) and
non-technical (customers, management) people is useful. Judgement skills are
needed to assess high-risk or critical areas of an application on which to focus
testing efforts when time is limited.
26. What are the attributes of good test case?
27. What are the different between manual testing and automation testing?

Manual Testing
Automation Testing

Manual testing is not accurate at 
Automated testing is more




all times due to human error, hence it

reliable, as it is performed by tools

is less reliable.

and/or scripts.

Manual testing is time-



Automated testing is executed

consuming, taking up human

by software tools, so it is

resources.

significantly faster than a manual

approach.



Investment is required for



human resources.


Investment is required for
testing tools.

Manual testing is only practical 

Automated testing is a practical

when the test cases are run once or

option when the test cases are run

twice, and frequent repetition is not

repeatedly over a long time period.

required.


Manual testing allows for




Automated testing does not

human

entail human observation and cannot

observation, which may be more

guarantee user-friendliness or

useful if the goal is user-friendliness

positive customer experience.

or improved customer experience.
28. List 5 free-open source automation test tools
- Selenium
- Testing Whiz
- Test Complete
- Ranorex
- Telerik Test Studio
29. What is defect management cycle?
Defect life cycle, also known as Bug Life cycle is the journey of a defect cycle,
which a defect goes through during its lifetime. It varies from organization to
organization and also from project to project as it is governed by the software
testing process and also depends upon the tools used.
30. Practice: Give a source code of a program

a. Detect defects in the source code (static analysis) (ex: code conventions,
out of memory, index…)


b. Fix the bug (defects) in the source code
c. Draw CFG and basic Paths?
d. Derive test cases to coverage the basic path
31. Write a unit test for specific method in class (java)