- Capacity of the lift
- Usability (whether its easy to operate or not)
- Functionality (whether it functions properly or not)
- Comfort (whether a person is comfortable in it or not)
- Height
- Weight
- Volume
Time it takes to reach every floor - Test for maximum capacity of the lift
- Test for more than max capacity
- Check the working in case of a power failure
- To check the keyboard company
- To check the keyboard category i.e normal keyboard or multimedia keyboard
- To check the total no of keys in that keyboard
- To check the keyboard type i.e normal or PS/2
- To check the keyboard color i.e white or black
- To check default Num Lock should be in on condition
- Default the caps lock and scroll lock should be in off condition
- To check the keyboard wire length
- To check all keys are working properly or not
Step 2:when the account has some balance amount, try to withdraw amount(amount>balance amount in account), should display "insufficient funds in acc"
Step 3: when the account has some balance amount, enter a amount (amount<=balance amount), should withdrawn correct amount from account.
Step 4: when the account has some balance amount, enter the amount as 0, should display msg as withdrawal amount should be > 0 and should be in multiples of hundreds( varies depending on reqs docs).
In the case of Minimum balance mandatory in the Account:
Step 5: When the account has balance amount, try to withdraw whole amount , should display msg as " Minimum balance should be maintained".
Step 6: When the account has balance amount=minimum balance, try to withdraw any amount , should display msg as " Minimum balance should be maintained".
2. Check whether it has a TO, CC, BCC to enter email address.
3. Check whether TO, CC, BCC accepts valid email address, if it does then check how many mails address can be entered.
4. Checkout if you can delete/edit, copy, paste & format the text content.
5. Can send mail or cancel mail.
- Test Case ID no,
- Title, type of test being conducted,
- Input,
- Action or Event to be performed,
- Expected output
- Test Case Result (Pass/Fail)
- Click File-Save (should open a window and should ask you the file name and path as well)
- Check for .extension like it should be .txt only
- Check for short-key like (Ctrl+S) and ask for same option as above (should open an window and should ask you the file name and path as well)
- Save as (should open the same window with same file name path)
- If you change that file name and path in that window then it should accept.
- If you dont give any name in it then data should not be saved.
- Should accept all alph-numeric, space and special characters.
- Field length of User & Password fields
- Enable and Disable Login button
- Password Character & Strongest
- User views message after entering invalid details
- User views a home page after entering valid values and pressing the login button.
- Correct information stored in cookie as per previously visited on same PC
- How does having a cookie affect or not affect the login and home pages?
- Can a user that has been inactivated log in?
- Reset password functionality available if a user forgets their password
- Error message appears during entering invalid & no value in the field
- Testing is carried out by the Developer as the component is being developed.
- Statement coverage: Each line of code covered by at least one test case (need more test cases than above).
- Path coverage: Every possible path through code covered by at least one test case (need plenty of test cases).
Functional testing as black box testing addresses concerns surrounding the correct implementation of functional requirements, this type of testing requires no knowledge of the underlying implementation.
- Ensure new changes did not adversely affect other parts of the system with Regression Testing.
- Ensure the system integrates with and does not adversely affect other enterprise systems with System Integration Testing.
- Ensure the customer is satisfied with the system with Acceptance Testing.
- High level view of the area
- Investigated the importance of usability
- What barriers there are to it being implemented
- How it can be imbedded into the development process
- Importance was understood
- The barriers had been removed
- Concentrated on the question "How to design and test for usability?"
- Representatives of academia
- Large enterprise
- Web development
- Internet psychology
- Journalism
- Usability testing
- How to collect usability requirements?
- How to design for usability?
- What usability testing is needed?
- How to run usability testing?
- Effective (the user can successfully achieve their objectives).
- Efficient (with the least amount of time and effort).
- Satisfactory (the user must be satisfied, and delighted, by the experience).
- Try different menu structures.
- Check user understanding of terminology.
- Provide alternative navigation techniques and potentially provide multiple routes to the same place.
- Be consistent across the system and use standard best practice
- Technology Oriented Tester
- Functional Component
- Integrated features
- Requirements specification
- Design Specification
- Interface level entry points
- Analysis testing tools
- UI end to end features
- Prior to UAT
- Business Oriented Testers
- Business Scenarios
- Real World business needs
- UI end to end features
- Final and Integrated
- Prior to signoff/prod deployment
- Make it your plan as per list of goals
- No need to keep actual steps in you plan
- No need to write every requirement in your planed document
- Write requirement to help keep everything straight
- Summarize a group of requirements with a simple sentence
- Plan should not be documented as huge
- If the requirement changed during executing test then change it into your document
- If original requirement changed during executing test then stop testing and make new document
- Ensure that application or module is stable then update the main document (test case & traceability) and execute updated test cases and finally the sign off the document
Increases Company Reputation
Recognition by IT management for professional achievement
Competency resources to IT staff
Helpful for Marketing with the clients
Increased Confidence in Personal Capabilities
Improved Software Testing Methods, Techniques, and Measurement
Certification gives you a competitive edge for promotion and hiring.
Raises profile of testing in an organization
Able to detect defects those others miss and save your employers and clients from costly and embarrassing field failures.
Knows how to apply sound software testing techniques
Reduced development costs
Increased customer trust and confidence
We understood the software life cycle
Quality of the defect has been increase
Understood the testing terminology
Increase the standard for defect post
Started thinking out of the box
Communication
Testing based on the risk factors
We started concentrating on usability
Started conducting meeting and reviews
Soft skills (e.g. handling the development team)
Updated the process/frame work
Increase the type of testing. (e.g. compatibility)
Possible test cases for a/c transactions are:
test case 1 : name of the a/c holder ( max and min character value)
test case 2 : available balance
test case 3 : max no of transactions ( withdrawals )on a particular day
test case 4 : total amount drawn on a a particular against amount withdrawal limit
Test Cases for Mobile Phone:
1)Chek whether Battery is inserted into mobile properly
2)Chek Switch on/Switchoff of the Mobile
3)Insert the sim into the phone n chek
4)Add one user with name and phone number in Address book
5)Chek the Incoming call
6)chek the outgoing call
7)send/receive messages for that mobile
8)Chek all the numbers/Characters on the phone working fine by clicking on them..
9)Remove the user from phone book n chek removed properly with name and phone number
10)Chek whether Network working fine..
11)If its GPRS enabled chek for the connectivity.
12)if its bluetooth there check it.
13) check mobile performance
14) check the talk time
15) check the mobile panel and keys
Test case for cut/Paste in XL
=>Verify that the Excel is install in your computer or not.
=>Verify that the Excel is open and work carrectly
=>Verify that the text is cut and save in clipboard after cutting a text.
=>verify that the Text(which is cut by cut command) is paste in the place where you want to paste.
TC 1 :- succesful card insertion.
TC 2 :- unsuccessful operation due to wrong angle card insertion.
TC 3 :- unsuccesssful operation due to invalid account card.
TC 4 :- successful entry of pin number.
TC 5 :- unsuccessful operation due to wrong pin number entered 3 times.
TC 6 :- successful selection of language.
TC 7 :- successful selection of account type.
TC 8 :- unsuccessful operation due to wrong account type selected w/r to that inserted card.
TC 9 :- successful selection of withdrawl option.
TC 10 :- successful selection of amount.
TC 11:- unsuccessful operation due to wrong denominations.
TC 12 :- successful withdrawl operation.
TC 13 :- unsuccessful withdrawl operation due to amount greater than possible balance.
TC 14 :- unsucceful due to lack of amount in ATM.
TC 15 :- un due to amount greater than the day limit.
TC 16 :- un due to server down.
TC 17 :- un due to click cancel after insert card.
TC 18 :- un due to click cancel after indert card and pin no.
TC 19:- un due to click cancel after language selection,account type selection,withdrawl selection, enter amount
Unit test:
Write test case for each & every part of the pen, like Refil, Pen cap, the upper neck of the pen & the lower part of the pen etc... Against the configuration mentioned.
Integration Test:
Check integration of Ink flow in the refill, Cap with the pen , both parts of the pen & Refill fits b/w the pen or not etc...
Compatibility Test:
Try to write with the pen on different papers like wet paper , rice paper, Oily paper,
Load Test:
Turn the pen upside down & note the time till which it can write, Ink flow in different weathers etc...
Security testing can be performed in many ways. It can performed specified areas
1. Black-Box Level
2. White-Box Level and finally at
3. Database Level.
For each of these there includes different types of methods and based on these we can follow them. But all these methods can be used manually to test your application in above specified areas. We also require certain tools for few of the methods
Here are the list of security testing methods and techniques used in 3 areas
Functionality Testing
a. Session Hijacking
b. Session Prediction
c. E-mail Spoofing
d. Content Spoofing
e. Phishing
f. Password Cracking
g. Active Program Scripting Exploits
White-Box Testing
a. Malicious Code Injection
b. Penetration testing
c. Input Validation
d. Variable Manipulation
Database Testing (Stored procedures can be testing by SQL Injection and variable manipulation techniques you can fine more info on net)
a. SQL injection
b. Blind SQL Injection (Part of SQL Injection)
c. Input Validation
At last at website/web application level
a. Cross-site scripting
b. SSI Injection
c. IP Spoofing
Hope this gives idea on what is security testing and in which all areas we carry out testing with what all methods and techniques
DDL (Data Definition Language) - creating tables and database
DML (Data Manipulation Language) - manipulations like insert, alter, and delete operations.
DDL is Data Definition Language statements:
CREATE
ALTER
DROP
TRUNCATE
COMMENT
RENAME
DML is Data Manipulation Language statements:
· SELECT
· INSERT
· UPDATE
· DELETE
· MERGE
UPSERT
· CALL
· EXPLAIN PLAN
· LOCK TABLE
DCL is Data Control Language statements:
· GRANT
· REVOKE
· COMMIT
· SAVEPOINT
· ROLLBACK
- COMMIT
· SET TRANSACTION
In DB testing we need to check for,
1. The field size validation
2. Check constraints.
3. Indexes are done or not (for performance related issues)
4. Stored procedures.
5. The field size defined in the application is matching with that in the db.
Database testing involves some in depth knowledge of the given application and requires more defined plan of approach to test the data.
Key issues include:
1) Data Integrity
2) Data validity
3) Data manipulation and updates.
Tester must be aware of the database design concepts and implementation rules
Check for Database Testing
1.To validate the Front end data which is displaying is same as the Back end Data.
2.To validate the extraction processes (nightly or scheduled), whether the correct data is coming in to our project Tables.
1. Print statement is not valid within the function because functions are meant for process or execute group of statement and return a value, where as procedure are meant for executing group of statement and display output.
2. Return keyword is use to return a value from a stored function with specified data type of the value expecting to be returned from stored function.
3. One of the major advantage of stored function is that can be used in the query directly where as an stored procedure can never be used in a query as it is not returning any value.You have to do the following for writing the database test cases.
1. First of all you have to understand the functional requirement of the application thoroughly.
2. Then you have to find out the back end tables used, joined used between the tables, cursors used (if any), triggers used(if any), stored procedures used (if any), input parameter used and output parameters used for developing that requirement.
3. After knowing all these things you have to write the test case with different input values for checking all the paths of SP.
One thing writing test cases for back end testing not like functional testing. You have to use white box testing techniques.
To write test case for database it’s just like functional testing.
1.Objective: Write the objective that you would like to test. eg: To check the shipment that i load thru xml is getting inserted for particular customer.
2.Write the method of input or action that you do. eg: Load an xml with all data which can be added to a customer.
3.Expected :Input should be viewed in database. eg: The shipment should be loaded successfully for that customer, also it should be seen in application.
4.You can write such type of test cases for any functionality like update, delete etc.
The documentation guidelines for database testing should be more and more detailed:
- The tester should know how to log on to the database (The Credentials)
- The tester should know which tables to look at.
- Check the names of the tables
- Specify which columns should be concentrated on in the table.
- Check the spellings of columns
- Give a sample data example for the table to be tested.
- Specify the possible values for a column
- Specify the conditions of pass/fail for the data in the column
Database Testing is a process working with data that's stored in the database. If we change anything in the front-end and back end then what will the effect on the database.
Example: An table which has stored the records of students name, roll no., class and sections etc. if we delete the students name in front end then what's effect in database whether we test the student name deleted or not from database.
While doing Functional Test:
From the front end do the Transaction like, creating new order, update order, delete order, then login into the data base and check the related table to see if the order has been inserted, updated or deleted.
Database testing means test engineer should test the data integrity, data accessing, query retrieving, modifications, updation and deletion etc.
Database testing involves mainly
1. When a record is inserted in the front end checking whether the record is inserted in the corresponding tables correctly in the back-end.
2. Whether the field size validations are done according to the requirements in front-end as well as back end.
3. Testing the performance of the stored procedures.This is done by calculating the time taken to execute the stored procedure.
4. Primary key,foreign key validations are done correctly.
Data bas testing basically include the following.
1)Data validity testing.
2)Data Integritity testing
3)Performance related to data base.
4)Testing of Procedure,triggers and functions.
for doing data validity testing you should be good in SQL queries
For data integrity testing you should know about referential integrity and different constraint.
For performance related things you should have idea about the table structure and design.
for testing Procedure triggers and functions you should be able to understand the same.
Basically in Database testing to check:
1.Data integritity and validaty testing.
2.Any strored procedure written.
3.Execution of Triggers and constraints.
Database testing generally deals with the following:
a) Checking the integrity of UI data with Database Data
b) Checking whether any junk data is displaying in UI other than that stored in Database
c) Checking execution of stored procedures with the input values taken from the database tables
d) Checking the Data Migration.
Client server Technology:
1. Number of clients is predicted or known
2. Client and server are the entities to be tested
3. Both server and client locations are fixed and known to the user
4. Server to server interaction is prohibited
5. Low multimedia type of data transaction
6. Designed and implemented on intranet environment
Web based Technology:
1. Number of clients is difficult to predict (millions of clients)
2. Client, Server and network are the entities to be tested
3. Server location is certain, client locations are not certain
4. Server to server interaction is normal
5. Rich multimedia type of data transaction
6. Designed and implemented on internet environment
Testing Point of view Differnce between client-server applications and web based applications
Client Server Testing:-
In client server testing test engineer are conduct the following testings:-
1.Behaviour testing(GUI TESTING)
2.Input domain testing
3.Error Handling testing
4.Backend testing
Web Based Testing:-
In Web testing test engineer are condut the following testings:-
1.Behaviour Testing
2.Static web testing
3.Input domain testing
4.Backend testing
5.Error handling testing
6. Frame Level testing
A software program for hosting and managing Web applications on Microsoft Windows platform.।
Internet Information Server (IIS) is a World Wide Web server, a Gopher server and an FTP server all rolled into one. IIS means that you can publish WWW pages and extend into the realm of ASP (Active Server Pages) whereby JAVA or VBscript (server side scripts) can generate the pages on the fly. IIS has fun things like application development environment (FrontPage), integrated full-text searching (Index Server), multimedia streaming (NetShow), and site management extensions.
Internet Information Services (IIS) 6.0
Internet Information Services (IIS) 6.0 provide the services to support a secure, available, and scalable Web server on which to run your Web sites and applications.
IIS 6।0 Request Processing ModelsWorker process isolation mode is the new IIS request processing model. In this application isolation mode, you can group Web applications into application pools, through which you can apply configuration settings to the worker processes that service those applications.
Architecture of Worker Process Isolation Mode by IIS 6.0
Application Pool
· W3wp.exe
· Worker Process
· ISAPI Extensions
· ISAPI Filters
Lsass.exe
Inetinfo.exe
Svchost.exe
Application Pool
An Application Pool can contain one or more applications and allows us to configure a level of isolation between different Web applications.
Example: if you want to isolate all the Web applications running in the same computer, you can do this by creating a separate application pool for every Web application and placing them in their corresponding application pool. Because each application pool runs in its own worker process, errors in one application pool will not affect the applications running in other application pools.
W3wp.exe
w3wp.exe is a process associated with application pool in ISS. If you have more than one application pool, you will have more than one instance of w3wp.exe running. This process usually allocates large amounts of resources. This program is important for the stable and secure running of your computer and should not be terminated.
Worker Processes
A worker process is user-mode code whose role is to process requests, such as processing requests to return a static page, invoking an ISAPI extension or filter, or running a Common Gateway Interface (CGI) handler.
In both application isolation modes, the worker process is controlled by the WWW service. However, in worker process isolation mode, a worker process runs as an executable file named W3wp.exe,
Worker processes use HTTP.sys to receive requests and to send responses by using HTTP. Worker processes also run application code, such as ASP.NET applications and XML Web services. You can configure IIS to run multiple worker processes that serve different application pools concurrently.
ISAPI consists of two components: Extensions and Filters. These are the only two types of application that can be developed using ISAPI. Both Filters and Extensions must be written in C++ and compiled into DLL files which are then registered with IIS to be run on the web server.
Lsass.exe
"lsass.exe" is the Local Security Authentication Server. It verifies the validity of user logons to your PC/Server. It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell. Other processes that the user initiates inherit this token.
Inetinfo.exe
"inetinfo.exe" belongs to Microsoft Internet Information Services (IIS) and is used for debugging.
svchost.exe
svchost.exe is a system process belonging to the Microsoft Windows Operating System which handles processes executed from DLLs.
The Ajax web model is based on the traditional web model with changes to the transmitted message on the web server and the web browser.
What happens when the user submits a request?
When user submits request, the steps below occur sequentially:
1. Web browser requests for the content of just the part of the page that it needs.
2. Web server analyzes the received request and builds up an XML message, which is then sent back to the web browser.
3. Web browser receives the XML message. It parses the message in order to update the content of that part of the page.
AJAX uses JavaScript language through HTTP protocol to send/receive XML messages asynchronously to/from web server.
Note - Asynchronously means that data is not sent in a sequence.
An HTML page has two components as shown in the figure below:
Document Object Model (DOM):
• The W3C Document Object Model is a platform and language neutral interface that allows programs and scripts to dynamically access and update content,structure and style of a document
• The HTML DOM is the Document Object Model for HTML. The HTML DOM defines a standard set of objects for HTML and a standard way to access and manipulate HTML documents
• The HTML DOM views HTML documents as a tree structure of elements. All elements,along with their text and attributes,can be accessed and manipulated through the DOM tree
• The HTML code below shows DOM Body,Form and Input objects. The Input objects are embedded in the Form and the Form is embedded in the Body object
Javascript
JavaScript is a scripting language that is supported and runs on almost all web browsers,such as Internet Explorer,Mozilla,Firefox,Nestcape and Opera.
· JavaScript was designed to add interactivity to HTML pagesBy embedding JavaScript in an HTML page,parts of the Document Object Model (DOM) within the HTML document can be updated.
ASP.NET is the modern form of ASP. ASP.NET was introduced with Microsoft .NET Framework 1.0 in 2001. ASP.NET is a complete makeover of ASP and introduces a new paradigm of Web development.
ASP.NET is programmable using any .NET language (VB.NET, C#, J#, JScript.NET, etc.). The .NET Framework languages are object oriented languages, supporting the full capabilities of a programming language as compared to scripting languages which are a subset of the actual language.
The ASP.NET pages are saved with the .aspx extension. The (asp_net.dll) component works along with IIS to parse, compile and respond to any requests for ASP.NET pages.
Some of the advantages that ASP.NET offers over classic ASP are:
· Event based programming model
· A vast library of pre-built controls
· Ability to develop custom controls
· Easy configuration and deployment
· No machine/application restarts required on configuring new components
· Improved application and session states
· Allows separation of server-side code from HTML (a feature known as Code Behind)
ASP is a COM (Component Object Model) based technology. The ASP component (asp.dll) attaches itself with the IIS (Internet Information Server). Upon receiving a request for an ASP page (.asp), IIS redirects it to the asp.dll. The asp.dll parses the ASP page for any script within it and if found, combines it with the HTML code and returns it to IIS which then forwards it to the requesting browser.
A sample of an ASP script is shown in the snippet below.:
<%
Response.Write("ASP script embedded inside HTML")
%>
ASP, Active Server Pages, is a Microsoft server-side technology that was introduced for developing dynamic Web applications for the Windows platform. ASP 3.0 was the last version of ASP introduced with Windows 2000.
ASP programming is done using JavaScript, JScript or VBScript; with VBScript being the most popular. The ASP pages are saved with a .asp extension and the script is embedded inside width the HTML within “<% %>” delimiters.
There are no special installation requirements for ASP. It is available by default with the IIS (Internet Information Server) and if it is installed on your machine, you will have ASP available.
Web sites can be classified into two major categories; static and dynamic.
Static Web sites
Web sites on the Internet providing you with nothing more than just information presented on HTML (।htm or ।html) Web pages with navigation are usually static sites. This is because the technology that they are based on is static. Such Web sites have a set of Web pages that contain all the content and the content structure predefined into them by the designers. The content of these Web sites cannot be changed, customized or personalized by the visitors of the Web site. Such Web sites don’t utilize no database or any other such technology that dynamically builds up their pages or content at runtime based on their visitor’s input or their preferences.
The three primary components of the .NET architecture are the Common Language Runtime (CLR), the Common Type System (CTS), and the .NET Framework class libraries.
The CLR is essentially the runtime engine that executes .NET applications;
the CTS define all of the basic data types as well as the operations that can be performed on those data types। The .NET Framework class libraries is a base set of classes grouped into Namespaces that provide access to system resources as well as standard language capabilities, such as string manipulation, I/O, and numerical functions.
The .NET Framework class library contains a collection of programming classes that enable your applications to perform various functions. These classes are organized into related groupings referred to as Namespaces. As the name implies, all class names with a given Namespace must be unique.
The .NET Framework Namespaces use a dot notation syntax scheme to describe a hierarchical organization. This naming scheme allows developers to easily group together related classes as well as to extend the functionality of a Namespace in an organized and easy-to-understand manner. Namespaces adhere to the following naming pattern: companyname.technologyname.
One clear example of this is the Microsoft.Win32 Namespace, which is a Microsoft-created Namespace that contains classes that enable an application to access the Win32
Another example of this naming scheme within the .NET Framework is the System.Data Namespace, which is the root level of the ADO.NET classes.
CTS (Common Type System):
The CTS implements the formal specifications for the type system used by the .NET Framework. All data types represented by the CTS are objects. The CTS defines how a type is defined and the operators that it can accept. One of the primary goals of the CTS is to enable deep language integration by allowing code that's written in one language to be inherited and used by another language. Sharing a common system of data types is one of the most fundamental building blocks that enable this to happen.
CLR (Common Language Runtime):
CLR is basically to load and run ।NET applications. The CLR marks a big change from Microsoft's earlier methods of software development where your application glues together many separate components in order to perform various functions. In many ways, the CLR is analogous to Java's JVM (Java Virtual Machine) or to VB 6's MSVBSM.DLL in that it's a runtime layer over the operating system.