Testing Interview Questions

1) Write test cases for Amazon search functionality

Amazon search functionality can be tested in following ways:

UI Testing
Functional Testing
Boundary Value Testing
Data Correctness Tests
Load and Stress Tests
Search relevance
Search advanced features

Search Box Test Cases

Does the search box shows search page without any search query?
What does search page shows if you enter nothing in search box and hit enter or press finder icon?
What does search box does if the search query is not entered?
Check if the search box is present or not.
Check if the search box length is as per the specification.
Check the length of the query to be added into the search box.
Check the characters allowed to be entered into the search box.
Does the search box presents auto suggestions when the query is being typed?
Does the search box offers typo corrections for the search query?
Does the search box allows searching with incorrect spellings?
Check if the amazon page offers default focus at search box or not.

Search History Test Cases

Does the search history page keeps history of your previously searched products on amazon?
Does the search history page offers you option to hide the history of previously searched products?
Does the search history page offers matching products related to the search keywords?
Does the search history page allows you to disable tracking the search completely?
Does disabling search history makes any change to the suggestions offered by search-box?
Does disabling search history stops certain products being featured?
Does disabling search history reverts back to the default setting in a new session?

Search Page Test Cases

Does the search page categorizes more options to filter product search?
Does the search page offers price sorting from low to high?
Does the search page offers price sorting based on sales rank?
Does the search page offers price sorting as per the popularity?
Does the search page offers price sorting as per the brands?
Does the search page offers product sorting as per reviews?
Does the search page offers product sorting as per the category?
Does the search page offers product sorting as per the condition of the product? (New, old, refurbished)
Does the search page offers product sorting as per the shipping options?
Does the search page offers sorting as per the sellers?
Does the search page excludes not available products?
Does the search page offers alternative if the searched product is not available?

Responsive Test Cases

Does the search box appears on mobile?
Does the search box suggestions appear on mobile or tablet?
Does the search box offers category selector on mobile or tablet?
Does the search box offers drop-down menu on smaller devices?

Write Test cases for API Testing

Validate the keys with the Min. and Max range of APIs (e.g maximum and minimum length)
Keys verification. If we have JSON, XML APIs we should verify it’s that all the keys are coming.
Have a test case to do XML, JSON Schema validation.
Verify the Parse the Response data
Verify the JSON Schema validation, Verify the Field Type,Verify the Mandatory Fields
Valid Response headers & Negative Testcases response
Verify that how the APIs error codes handled.
Verify the response HTTP status code.
Valid Response payload
Chaining Request verification.
Verification of APIs with Data parameters.
End to End CRUD flows
Database Integrity Test Cases
File Upload Testcases

What aspects of the API should we test?

API test actions :

Each test is comprised of test actions. These are the individual actions a test needs to take per API test flow. For each API request, the test would need to take the following actions:

1. Verify correct HTTP status code. For example, creating a resource should return 201 CREATED and unpermitted requests should return 403 FORBIDDEN, etc.

2. Verify response payload. Check valid JSON body and correct field names, types, and values — including in error responses.

3. Verify response headers. HTTP server headers have implications on both security and performance.

4. Verify correct application state. This is optional and applies mainly to manual testing, or when a UI or another interface can be easily inspected.

5. Verify basic performance sanity. If an operation was completed successfully but took an unreasonable amount of time, the test fails.

What non-functional test approaches which are essential for API testing?

Security and Authorization

Check that the API is designed according to correct security principles: deny-by-default, fail securely, least privilege principle, reject all illegal inputs, etc.

Positive: ensure API responds to correct authorization via all agreed auth methods – Bearer token, cookies, digest, etc. – as defined in spec
Negative: ensure API refuses all unauthorized calls

Role Permissions: ensure that specific endpoints are exposed to user based on role. API should refuse calls to endpoints which are not permitted for user’s role
Protocol: check HTTP/HTTPS according to spec
Data leaks: ensure that internal data representations that are desired to stay internal do not leak outside to the public API in the response payloads
Rate limiting, throttling, and access control policies

Performance

Check API response time, latency, TTFB/TTLB in various scenarios (in isolation and under load)

Load Tests (positive), Stress Tests (negative)

Find capacity limit points and ensure the system performs as expected under load, and fails gracefully under stress

Usability Tests

For public APIs: a manual “Product”-level test going through the entire developer journey from documentation, login, authentication, code examples, etc. to ensure the usability of the API for users without prior knowledge of our system.

Video Streaming Test Scenarios - Youtube, netflix etc
Verify the availability of Multimedia device like Desktop or Laptop or Smart phone or Smart TV etc.
Verify the availability of video streaming software should be installed in appropriate device.
Verify the multimedia setting of device should be appropriate for the video streaming.
Verify the availability of proper internet connection in device required for video streaming.
Verify the availability of online video streaming player which is compatible to the device.
Verify the availability of a video should be uploaded over the internet.
Verify the file format of available video is supported by the video streaming software or online streaming player.
Verify the availability of play & pause functionality while video streaming in player.
Verify the video buffering time between video streaming software and online video streaming player according to the different internet speed for a video of same quality.
Verify the video quality of any video can be automatic adjustable while streaming in video streaming player according to internet connection speed.
Verify the video quality of any video can be set manually while streaming in video streaming player at any internet connection speed.
Verify the availability of progress bar with timer while streaming video in player.
Verify the availability of forward and backward functionality in video streaming player while streaming the video.
Verify that after using forward or backward functionality while streaming, video playing speed should not be change.
Verify that after using forward or backward functionality while streaming, audio listening speed should not be change or lag or lead with respect to the video.
Verify that while streaming, video should not be distorted or pixilated.
Verify that voice of video should not be interrupted while streaming in different speed of internet connection.
Verify that streaming video should be adjustable according to the video streaming player’s screen sizes.
Verify that internet connection lost while streaming the video, then video buffering should be stopped with internet connection lost message.
Verify that video streaming player is retaining the video’s last position for resume, if pause that video and close the player or directly close the video streaming player while streaming.
Verify that the total duration of video is displaying or not, also verify the pause duration & remaining video duration is displaying or not.
Verify the response of streaming player when user trying to stream a corrupt video file.
Verify the buffering functionality if video streaming get paused.
Verify that if a video has streamed for some duration and get paused, then move the progress bar of video backward for some duration and now again play, so video will buffer again or not.
Verify that if video streaming pause after some duration and again play then video will playing from the paused position or again buffer & play from initial position.

You are given the source to an application which crashes when it is run. After running
it ten times in a debugger, you find it never crashes in the same place. The application
is single threaded, and uses only the C standard library. What programming errors
could be causing this crash? How would you test each one?
The question largely depends on the type of application being diagnosed. However, we can
give some general causes of random crashes.

1. Random variable: The application uses some random number or variable component
which may not be fixed for every execution of the program. Examples include: user
input, a random number generated by the program, or the time of day.
2. Memory Leak: The program may have run out of memory. Other culprits are totally
random for each run since it depends on the number of processes running at that
particular time. This also includes heap overflow or corruption of data on the stack.
It is also possible that the program depends on another application / external module that could lead to the crash. If our application, for example, depends on some system attributes and they are modified by another program, then this interference may lead to a crash. Programs which interact with hardware are more prone to these errors.
In an interview, we should ask about which kind of application is being run. This information may give you some idea about the kind of error the interviewer is looking for. For example,a web server is more prone to memory leakage, whereas a program that runs close to the system level is more prone to crashes due to system dependencies

How would you load test a webpage without using any test tools?

Load testing helps to identify a web application’s maximum operating capacity, as well as

any bottlenecks that may interfere with its performance. Similarly, it can check how an application responds to variations in load.

To perform load testing, we must first identify the performance-critical scenarios and the
metrics which fulfill our performance objectives. Typical criteria include:
response time
throughput
resource utilization
maximum load that the system can bear.
Then, we design tests to simulate the load, taking care to measure each of these criteria.

In the absence of formal testing tools, we can basically create our own. For example, we
could simulate concurrent users by creating thousands of virtual users. We would write a
multi-threaded program with thousands of threads, where each thread acts as a real-world
user loading the page. For each user, we would programmatically measure response time,
data I/O, etc.

We would then analyze the results based on the data gathered during the tests and compare it with the accepted values

How would you test a pen?

This problem is largely about understand the constraints: what exactly is the pen? You
should ask a lot of questions to understand what exactly you are trying to test. To illustrate
the technique in this problem, let us guide you through a mock-conversation.
Interviewer: How would you test a pen?
Candidate: Let me find out a bit about the pen. Who is going to use the pen?
Interviewer: Probably children.
Candidate: Ok, that’s interesting. What will they be doing with it? Will they be writing, drawing, or doing something else with it?
Interviewer: Drawing.
Candidate: Ok, great. On what? Paper? Clothing? Walls?
Interviewer: On clothing.
Candidate: Great. What kind of tip does the pen have? Felt? Ball point? Is it intended to
wash off, or is it intended to be permanent?
Interviewer: It’s intended to wash off.
…. many questions later ...
Candidate: Ok, so as I understand it, we have a pen that is being targeted at 5—10 year olds.
The pen has a felt tip and comes in red, green, blue and black. It’s intended to wash off clothing. Is that correct?
…

The candidate now has a problem that is significantly different from what it initially seemed
to be. Thus, the candidate might now want to test:
1. Does the pen wash off with warm water, cold water, and luke warm water?
2. Does the pen wash off after staying on the clothing for several weeks? What happens if
you wash the clothing while the pen is still wet?
3. Is the pen safe (e.g.—non-toxic) for children?

What Are The Possible Test Scenarios For Database Testing?

Here, we are listing down three types of scenarios possible for testing a database.

1. General Test Scenarios.

General tests should capture the following scenarios.
Name of the database.
Name of the log file.
Disk space allocation for databases.
Names of all tables, columns, and their types.
Null value checks.
Verify keys (primary/foreign), indexes, and data types of columns used.

2. Functional Test Scenarios.

Identify events causing the triggers
Functions inside stored procedures and possible combinations.
End to end data flow starting from the front end to the backend.

3. Non-Functional Test Scenarios.

Create test scripts for major features and use them for regression testing at regular intervals.
Write tests that track errors (OOM/deadlocks/exceptions) in log files.
Change data in backend tables and watch the effect on the frontend.
Insert invalid values from the backend and observe the effect.

Example Test Scenarios for Security Testing:

Sample Test scenarios to give you a glimpse of security test cases -

A password should be in encrypted format
Application or System should not allow invalid users
Check cookies and session time for application
For financial sites, the Browser back button should not work.

What are types of Security Testing:

There are seven main types of security testing as per Open Source Security Testing methodology manual. They are explained as follows:

Vulnerability Scanning: This is done through automated software to scan a system against known vulnerability signatures.
Security Scanning: It involves identifying network and system weaknesses, and later provides solutions for reducing these risks. This scanning can be performed for both Manual and Automated scanning.
Penetration testing: This kind of testing simulates an attack from a malicious hacker. This testing involves analysis of a particular system to check for potential vulnerabilities to an external hacking attempt.
Risk Assessment: This testing involves analysis of security risks observed in the organization. Risks are classified as Low, Medium and High. This testing recommends controls and measures to reduce the risk.
Security Auditing: This is an internal inspection of Applications and Operating systems for security flaws. An audit can also be done via line by line inspection of code
Ethical hacking: It's hacking an Organization Software systems. Unlike malicious hackers, who steal for their own gains, the intent is to expose security flaws in the system.
Posture Assessment: This combines Security scanning, Ethical Hacking and Risk Assessments to show an overall security posture of an organization.

Explain the Security Testing in Web Application Testing?

Security Testing involves the test to identify any flaws and gaps from a security point of view.

Sample Test Scenarios for Security Testing:

Verify the web page which contains important data like password, credit card numbers, secret answers for security question etc should be submitted via HTTPS (SSL).
Verify the important information like password, credit card numbers etc should display in encrypted format.
Verify password rules are implemented on all authentication pages like Registration, forgot password, change password.
Verify if the password is changed the user should not be able to login with the old password.
Verify the error messages should not display any important information.
Verify if the user is logged out from the system or user session was expired, the user should not be able to navigate the site.
Verify to access the secured and non-secured web pages directly without login.
Verify the “View Source code” option is disabled and should not be visible to the user.
Verify the user account gets locked out if the user is entering the wrong password several times.
Verify the cookies should not store passwords.
Verify if, any functionality is not working, the system should not display any application, server, or database information. Instead, it should display the custom error page.
Verify the SQL injection attacks.
Verify the user roles and their rights. For Example, the requestor should not be able to access the admin page.
Verify the important operations are written in log files, and that information should be traceable.
Verify the session values are in an encrypted format in the address bar.
Verify the cookie information is stored in encrypted format.
Verify the application for Brute Force Attacks

Explain Usability testing in Web Application Testing?

Usability testing is nothing but the User-friendliness check.
In Usability testing, the application flow is tested so that a new user can understand the application easily.
Basically, system navigation is checked in Usability testing.

What is the purpose or Goal of Usability testing?

A Usability test establishes the ease of use and effectiveness of a product using a standard Usability test practices.

Example Usability Test Cases

Web page content should be correct without any spelling or grammatical errors
All fonts should be same as per the requirements.
All the text should be properly aligned.
All the error messages should be correct without any spelling or grammatical errors and the error message should match with the field label.
Tool tip text should be there for every field.
All the fields should be properly aligned.
Enough space should be provided between field labels, columns, rows, and error messages.
All the buttons should be in a standard format and size.
Home link should be there on every single page.
Disabled fields should be grayed out.
Check for broken links and images.
Confirmation message should be displayed for any kind of update and delete operation.
Check the site on different resolutions (640 x 480, 600x800 etc.?)
Check the end user can run the system without frustration.
Check the tab should work properly.
Scroll bar should appear only if required.
If there is an error message on submit, the information filled by the user should be there.
Title should display on each web page
All fields (Textbox, dropdown, radio button, etc) and buttons should be accessible by keyboard shortcuts and the user should be able to perform all operations by using keyboard.
Check if the dropdown data is not truncated due to the field size. Also, check whether the data is hardcoded or managed via administrator.

Explain Functional testing in Web Application Testing?

Testing the features and operational behavior of a product to ensure they correspond to its specifications.

Testing that ignores the internal mechanism of a system or component and focuses solely on the outputs generated in response to selected inputs and execution conditions.

What is the purpose or Goal of Functional testing?

The goal of Functional Testing is to verify whether your product meets the intended functional specifications mentioned in your development documentation.

Example Functional Test Scenarios:

Test all the mandatory fields should be validated.
Test the asterisk sign should display for all the mandatory fields.
Test the system should not display the error message for optional fields.
Test that leap years are validated correctly & do not cause errors/miscalculations.
Test the numeric fields should not accept the alphabets and proper error message should display.
Test for negative numbers if allowed for numeric fields.
Test division by zero should be handled properly for calculations.
Test the max length of every field to ensure the data is not truncated.
Test the pop up message ("This field is limited to 500 characters") should display if the data reaches the maximum size of the field.
Test that a confirmation message should display for update and delete operations.
Test the amount values should display in currency format.
Test all input fields for special characters.
Test the timeout functionality.
Test the Sorting functionality.
Test the functionality of the buttons available
Test the Privacy Policy & FAQ is clearly defined and should be available for users.
Test if any functionality fails the user gets redirected to the custom error page.
Test all the uploaded documents are opened properly.
Test the user should be able to download the uploaded files.
Test the email functionality of the system.
Test the Java script is properly working in different browsers (IE, Firefox, Chrome, safari and Opera).
Test to see what happens if a user deletes cookies while in the site.
Test to see what happens if a user deletes cookies after visiting a site.
Test all the data inside combo/list box is arranged in chronological order.

Explain Compatibility testing in Web Application Testing?

Compatibility testing is used to determine if your software is compatible with other elements of a system with which it should operate, e.g. Browsers, Operating Systems, or hardware.

What is the purpose or Goal of Compatibility testing?

The purpose of Compatibility testing is to evaluate how well software performs in a particular browser, Operating Systems, hardware or software.

Sample Compatibility Test Scenarios:
Test the website in different browsers (IE, Firefox, Chrome, Safari and Opera) and ensure the website is displaying properly.
Test the HTML version being used is compatible with appropriate browser versions.
Test the images display correctly in different browsers.
Test the fonts are usable in different browsers.
Test the java script code is usable in different browsers.
Test the Animated GIF's across different browsers.

Explain Database testing in Web Application Testing?

In Database testing backend records are tested which have been inserted through the web or desktop applications. The data which is displaying in the web application should match with the data stored in the Database.

To perform the Database testing, the tester should be aware of the below mentioned points:
The tester should understand the functional requirements, business logic, application flow and database design thoroughly.
The tester should figure out the tables, triggers, store procedures, views and cursors used for the application.
The tester should understand the logic of the triggers, store procedures, views and cursors created.
The tester should figure out the tables which get affected when insert update and delete (DML) operations are performed through the web or desktop applications.

Example Test Cases for Database Testing:

Verify the database name: The database name should match with the specifications.
Verify the Tables, columns, column types and defaults: All things should match with the specifications.
Verify whether the column allows a null or not.
Verify the Primary and foreign key of each table.
Verify the Stored Procedure:
Test whether the Stored procedure is installed or not.
Verify the Stored procedure name
Verify the parameter names, types and number of parameters.
Test the parameters if they are required or not.
Test the stored procedure by deleting some parameters
Test when the output is zero, the zero records should be affected.
Test the stored procedure by writing simple SQL queries.
Test whether the stored procedure returns the values
Test the stored procedure with sample input data.
Verify the behavior of each flag in the table.
Verify the data gets properly saved into the database after each page submission.
Verify the data if the DML (Update, delete and insert) operations are performed.
Check the length of every field: The field length in the back end and front end must be same.
Verify the database names of QA, UAT and production. The names should be unique.
Verify the encrypted data in the database.
Verify the database size. Also test the response time of each query executed.
Verify the data displayed on the front end and make sure it is same in the back end.
Verify the data validity by inserting the invalid data in the database.
Verify the Triggers.

Explain Performance testing in Web Application Testing?

Performance Testing is conducted to evaluate the compliance of a system or component with specified performance requirements.

General Test scenarios:
To determine the performance, stability and scalability of an application under different load conditions.
To determine if the current architecture can support the application at peak user levels.
To determine which configuration sizing provides the best performance level.
To identify application and infrastructure bottlenecks.
To determine if the new version of the software adversely had an impact on response time.
To evaluate product and/or hardware to determine if it can handle projected load volumes.

How to do Performance testing? By Manual Testing or by Automation
Practically it is not possible to do the Performance Testing manually because of some drawbacks like:
More number of resources will be required.
Simultaneous actions are not possible.
Proper system monitoring is not available.
Not easy to perform the repetitive task.

How do You Verify the Results of Your Search on Search Results Page?

This is another common Software Testing Interview Question for e-commerce testing roles. This question refers to verifying the results are what we expect to see.

Suppose you search for a product on Amazon.com website. On the search results page you will see a list of items related to your search. How can you verify that the results that you see are really the ones that you are supposed to see?

Answer: The answer to this question is rather simple. At first instance, we need to know where the data is coming from. Are they coming from a database? Or some XML files from 3rd party websites?

Once we have this information, we can start comparing the results we see on the result page with the results from the source, e.g. database.

Another option is to use mocks to generate the data that we need so we can fully control the data that we see on the search results page.

What is the use of SSL certificate?

SSL certificate is used for providing authenticity to the web service or website in HTTPS.

Is JSON an API?

No, JSON is not a API as it is data format for exchange over various protocols like HTTP. JSON expands to JavaScript Object Notation. JSON has two types of data stores - attribute–value pairs and array data types

Is JSON a protocol?

No, JSON is not a protocol as it is data format for exchange over various protocols like HTTP. JSON expands to JavaScript Object Notation. JSON has two types of data stores - attribute–value pairs and array data types

What is a requirements traceability matrix (RTM) and what are its advantages?

An RTM is a document that shows the relationship between test cases (written by the QA engineer) and the business/technical requirements (specified by the client or the development team.) The principal idea of RTM is to ensure that all the requirements are covered with test cases, thus ensuring that no functionality is left untested.

Using an RTM, we can confirm 100 percent test coverage of the business and technical requirements, as well as have a clear overview of defects and execution status. It undoubtedly highlights any missing requirements and/or discrepancies in the documentation.

RTMs allow a deeper insight into QA work and the impact that going through test cases and re-working them has on QA engineers.

For example, say we have the following requirements:

R.01: A user can log in to the system
R.02: A user can open the profile page
R.03: A user can send messages to other users
R.04: A user can have a profile picture
R.05: A user can edit sent messages

Then we can design the following test cases:

T.01: Verify that a user is able to log in
T.02: Verify that a user can open the profile page and edit the profile picture
T.03: Verify that a user can send and edit messages

This will give the following RTM showing the relationship between the requirements and test cases:

		Requirements
		R.01	R.02	R.03	R.04	R.05
Test Cases	T.01	X
	T.02		X		X
	T.03			X		X

Write the test cases for the Amazon customer Review page.

FUNCTIONAL TEST CASES:

Pre-requisite: The customer should already login to the Amazon account with valid id and password..

	*Test Scenario*	*Test Steps*	*Expected Results*
1	Adding a review	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review. 3. Select the number of stars. 4. Enter heading. 5. Enter the message. 6. Click submit	1. The selection of stars should be mandatory. 2. Heading and message should also be mandatory. 3. After clicking, the system should review the message and publish it on site after some time. 4. Attaching video/photo should be optional. 5. Once the review is accepted by Amazon, it should be available for the product and in the user profile page.
2	Editing a review	1. Go to the product detail page. 2. Look for your existing review. 3. Click Edit review. 4. Edit stars, heading, and message.	1. Editing of the review should be allowed. 2. Users should be able to edit the stars, heading, and message.
3	Attaching image/Video with review	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review. 3. Select the number of stars. 4. Attach a relevant image. 5. Enter heading. 6. Enter the message. 7. Click submit	1. After the review content gets reviewed by Amazon, the review should be made available for the product and in the user profile.
4	Attaching un-relevant photo/video	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review. 3. Select the number of stars. 4. Attach an un-relevant image. 5. Enter heading. 6. Enter the message. 7. Click submit	1. After the review content gets reviewed by Amazon, the attachment should get rejected.
5	Deleting review	1. Go to the product detail page. 2. Look for your existing review. 3. Click Delete review	1. The review should immediately get removed from the product page and profile page.
6	Hide review	1. Go to the product detail page. 2. Look for your existing review. 3. Click Hide review	1. The review should immediately get removed from the profile page.
7	Helpful button of reviews	1. Go to the product details page. 2. Look for reviews given by other users. 3. Click Helpful button.	1. The helpful count should increase by one.
8	Limit of words in review	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review. 3. Select the number of stars. 4. Attach a relevant image. 5. Enter heading with more than limit of words allowed. 6. Enter message with more than limit of words allowed.	1. The message and heading field should not allow user to write more than the max limit of words in the field.
9	Limit of size of image and video	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review. 3. Select the number of stars. 4. Attach a relevant image with size more than allowed.	1. Attachment should fail.
10	Review of comments in reviews by customer	1. Check the logic of the review given by the customer. 2. Create customer/product review which is violating rules of review. 3. Verify the review posted on Amazon or not.	1. All reviews violating the rules of Amazon should not be published on the site.
11	Display of reviews	1. Go to the product details page. 2. Check the reviews displayed on the page.	1. By default, only a few top reviews should be displayed on the page. 2. To see more pages, users can click pagination numbers. 3. The stars should be displayed properly. 4. The heading should be displayed in bold. 5. The message should be clearly shown. 6. The attached image/videos’ thumbnail should be shown. 7. Then buttons like Helpful, ReportAbuse, etc should be shown below for all reviews.
12	Sorting of reviews	1. Go to the product details page. 2. Check the reviews displayed on the page. 3. Sort the review based on stars etc	1. The review should get sorted by the selected sorting option.
13	Filtering of reviews	1. Go to the product details page. 2. Check the reviews displayed on the page. 3.Filter the review based on stars, product color, etc	1. Only reviews satisfying the filters should be visible on the screen.
14	Storing of reviews in the database	1. Verify the database as in the tables etc to make sure the database is storing the data correctly.	1. Data in the database should be correct. 2. The database should be scalable. 3. Sensitive data should not be stored in the schema. like username and password
15	Report abuse on review	1. Go to the product details page. 2. Check the reviews displayed on the page. 3. For one review click ReportAbuse	1. Verify the data in the database, the particular review data should be updated with report abuse count. 2. The profile rating should get impacted by this. 3. The review should go to manual verification.
16	Comment on review	1. Go to the product details page. 2. Check the reviews displayed on the page. 3. For one review click Comment. 4. Write some comments.	1. The new comment added should also go for review. 2. For comment, there should be an option to click Helpful, ReportAbuse

Security Test Cases:

	*Test Scenario*	*Test steps*	*Expected Result*
1	No objectionable word/image/video	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review 3. Write a review with a combination of objectionable word/image a. Attachments b. Heading c. Message 4. Click submit	1. The review should not get posted on the Amazon site.
2	Sql injection	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review 3. Write SQL query in below fields a. Heading b. Message	1. Relevant validation should be done in fields.
3	User critical info	1. Go to the product detail page or open order to give a review to the purchased item. 2. Click Write a customer/product review 3. Write a review with sensitive data like SSN in below fields a. Heading b. Message	1. The review should not publish sensitive data.
4	User can’t delete other’s review	1. Go to the product detail page. 2. Try to edit/delete review written by others.	1. Editing/deleting of other’s reviews should not be allowed.

Write Test Cases for a Login Page

We usually write test cases for the login page for every application we test. Every login page should have the following elements.

‘Email/Phone Number/Username’ Textbox
‘Password’ Textbox
Login Button
‘Remember Me’ Checkbox
‘Keep Me Signed In’ Checkbox
‘Forgot Password’ Link
‘Sign up/Create an account’ Link
CAPTCHA

We have to write test cases on each object in the login form.

We have to write both positive and negative test cases.
We have to write both functional and nonfunctional test cases.
We have to write UI, functional, compatibility and performance test cases.

Test Cases of a Login Page (Test Scenarios Login Page):

Verify that cursor is focused on the “Username” text box on the page load (login page)
Verify that the login screen contains elements such as Username, Password, Sign in button, Remember password check box, Forgot password link, and create an account link.
Verify that tab functionality is working properly or not
Verify that Enter/Tab key works as a substitute for the Sign-in button
Verify that all the fields such as Username, Password has a valid placeholder
Verify whether all the text boxes have a minimum and maximum length.
Verify that the labels float upward when the text field is in focus or filled (In case of the floating label)
Verify that the User is able to Login with Valid Credentials
Verify that the User is not able to Login with an invalid Username and invalid Password
Verify that the User is not able to Login with a Valid Username and invalid Password
Verify that the User is not able to log in with an invalid Username and Valid Password
Verify that the User is not able to log in with a blank Username or Password
Verify that the User is not able to Login with inactive credentials
Verify that the reset button clears the data from all the text boxes in the login form
Verify that the login credentials, mainly password stores in a database in an encrypted format
Verify that clicking on the browser back button after successful login should not take the User to log out mode
Verify that clicking on the browser back button after successful logout should not take the User to a logged-in mode
Verify that there is a limit on the total number of unsuccessful login attempts (No. of invalid attempts should be based on business logic. Based on the business logic, User will be asked to enter the captcha and try again or user will be blocked)
Verify that the password is in encrypted form (masked format) when entered
Verify the password can be copy-pasted. System shouldn’t allow users to copy paste password.
Verify that encrypted characters in the “Password” field should not allow deciphering if copied
Verify that the User should be able to login with the new password after changing the password
Verify that the user should not be able to login with the old password after changing the password
Verify that spaces should not be allowed before any password characters attempted
Verify whether the user is still logged in after a series of actions such as sign-in, close the browser, and reopen the application.
Verify that the ways to retrieve the password if the user forgets the password
Verify that the “Remember password” checkbox is unselected by default (depends on business logic, it may be selected or unselected)
Verify that the “Keep me logged in” checkbox is unselected by default (depends on business logic, it may be selected or unselected)
Verify that the timeout of the login session (Session Timeout)
Verify that the logout link is redirected to login/home page
Verify that User is redirected to appropriate page after successful login
Verify that the User is redirected to the Forgot password page when clicking on the Forgot Password link
Verify that the User is redirected to the Create an account page when clicking on the Signup / Create an account link
Verify that validation message is displayed in the case when User leaves Username or Password as blank
Verify that validation message is displayed in case of exceeding the character limit of the Username and Password fields
Verify that validation message is displayed in case of entering special character in the Username and password fields
Verify whether the login form is revealing any security information by viewing the page source
Verify that the login page is vulnerable to SQL injection
Verify whether Cross-site scripting (XSS ) vulnerability works on a login page. XSS vulnerability may be used by hackers to bypass access controls.
If there is a captcha on the login page (Test Cases for CAPTCHA):
Verify that whether there is a client-side validation when the User doesn’t enter the CAPTCHA
Verify that the refresh link of CAPTCHA is generating the new CAPTCHA
Verify that the CAPTCHA is case sensitive
Verify whether the CAPTCHA has audio support to listen
Verify whether virtual keyboard is available and working properly to enter login credentials incase of banking applications.
Verify two-way authentication through OTP is working properly incase of banking applications.
Verify SSL certificate is implemented or not
Verify the login page and all the fields in the login page are displaying without any break in different browsers
Cookies – Learn Website Cookie Testing
Verify that the user is able to login when the browser cookies are cleared. When the cookies are cleared, system should not allow user to login automatically.
Verify the login functionality when the browser cookies are turned off.

Why is API needed?
API expands to Application Programming Interface, is an interface to connect, access and transfer data among different computing systems. It is needed so that different systems can interact and share data among them. For example data being shared among social media applications like Google and Facebook.

What is API in layman terms?
API in layman terms is like a translator who makes two different language speaking persons interact – share data and functionality. API expands to Application Programming Interface, is an interface to connect, access and transfer data among different computing systems. It is needed so that different systems can interact and share data among them. .Different persons are different software / process/ web services like data exchange between Facebook and Google.

Is an API an application?
API is not a application but rather just an interface to provide data exchange and functionality among different software application or processes. As API provides access to data and functionality, it can be thought as a application which fulfills our need. For example authentication service provided by Google to different websites for one click login.
What is API example?
API example is data being shared among social media applications like Google and Facebook. Another example is authentication service provided by Google to different websites for one click login.

What is API performance testing?
API performance testing refers to testing of API for verification and validation of performance parameters as provided by customer. It usually includes load testing and functional testing.

Is API a software?
API is not a software but rather just an interface to provide data exchange and functionality among different software application or processes. As API provides access to data and functionality, it can be thought as a software which fulfills our need. For example authentication service provided by Google to different websites for one click login.

Can selenium be used for API testing?
Yes, selenium be used for API testing but supports web browser based automation testing hence, Selenium will need a API testing tool and will provide automation in API testing.

What are Web Application Testing – Techniques?

1. Functionality Testing - The below are some of the checks that are performed but not limited to the below list:

Verify there is no dead page or invalid redirects.

First check all the validations on each field.

Wrong inputs to perform negative testing.

Verify the workflow of the system.

Verify the data integrity.

2. Usability testing - To verify how the application is easy to use with.

Test the navigation and controls.

Content checking.

Check for user intuition.

3. Interface testing - Performed to verify the interface and the dataflow from one system to other.

4. Compatibility testing- Compatibility testing is performed based on the context of the application.

Browser compatibility

Operating system compatibility

Compatible to various devices like notebook, mobile, etc.

5. Performance testing - Performed to verify the server response time and throughput under various load conditions.

Load testing - It is the simplest form of testing conducted to understand the behaviour of the system under a specific load. Load testing will result in measuring important business critical transactions and load on the database, application server, etc. are also monitored.

Stress testing - It is performed to find the upper limit capacity of the system and also to determine how the system performs if the current load goes well above the expected maximum.

Soak testing - Soak Testing also known as endurance testing, is performed to determine the system parameters under continuous expected load. During soak tests the parameters such as memory utilization is monitored to detect memory leaks or other performance issues. The main aim is to discover the system's performance under sustained use.

Spike testing - Spike testing is performed by increasing the number of users suddenly by a very large amount and measuring the performance of the system. The main aim is to determine whether the system will be able to sustain the work load.

6. Security testing - Performed to verify if the application is secured on web as data theft and unauthorized access are more common issues and below are some of the techniques to verify the security level of the system.

Injection
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Insecure Direct Object References
Security Misconfiguration
Sensitive Data Exposure
Missing Function Level Access Control
Cross-Site Request Forgery (CSRF)
Using Components with Known Vulnerabilities
Unvalidated Redirects and Forwards

What is the difference between requirements and specifications?
Requirements are the features, functions, and goals of the proposed software system as defined by the client. For example, a company may want their software to “Store shopping cart data for at least 30 days.” This would be a requirement.

Specifications, on the other hand, explain how these features, functions, and goals are to be met. For example, a specification would be “A user’s session information will be persisted into the operational datastore upon logout or session timeout and maintained for 30 days.”

What if there isn’t enough time for thorough testing? What would you do?
In order to understand where to focus testing efforts during a time crunch, the project team must perform risk analysis and speak with stakeholders. Primary considerations include, but are not limited to, understanding important functionality, especially those apparent to the end user, and making sure that the software is capable of meeting it’s initial specifications.

Write test cases for CLIENT / SERVER TESTING?

The tests performed on these types of applications would be

User Interface Testing
Functionality Testing
Security Testing
Browser Compatibility Testing
Load/Stress Testing
Interoperability Testing/Intersystem Testing
Storage and Data Volume Testing

In Client-server testing there are several clients communicating with the server.

Multiple users can access the system at a time and they can communicate with the server.
Configuration of client is known to the server with certainty.
Client and server are connected by real connection.
Testing approaches of client server system:

Component Testing: One need to define the approach and test plan for testing client and server individually. When server is tested there is need of a client simulator, whereas testing client a server simulator, and to test network both simulators are used at a time.
Integration testing: After successful testing of server, client and network, they are brought together to form system testing.
Performance testing: System performance is tested when number of clients is communicating with server at a time. Volume testing and stress testing may be used for testing, to test under maximum load as well as normal load expected. Various interactions may be used for stress testing.
Concurrency Testing: It is very important testing for client-server architecture. It may be possible that multiple users may be accessing same record at a time, and concurrency testing is required to understand the behavior of a system in this situation.
Disaster Recovery Business continuity testing: When the client server are communicating with each other , there exit a possibility of breaking of the communication due to various reasons or failure of either client or server or link connecting them. The requirement specifications must describe the possible expectations in case of any failure.
Testing for extended periods: In case of client server applications generally server is never shutdown unless there is some agreed Service Level Agreement (SLA) where server may be shut down for maintenance. It may be expected that server is running 24X7 for extended period. One needs to conduct testing over an extended period to understand if service level of network and server deteriorates over time due to some reasons like memory leakage.
Compatibility Testing: Client server may be put in different environments when the users are using them in production. Servers may be in different hardware, software, or operating system environment than the recommended. Other testing such as security testing and compliance testing may be involved if needed, as per testing and type of system.

How to Report a Bug? Or What are the elements need to be captured while opening a bug

Use following simple Bug report template:

This is a simple bug report format. It may vary on the bug report tool you are using. If you are writing bug report manually then some fields need to specifically mention like Bug number which should be assigned manually.

Reporter: Your name and email address.

Product: In which product you found this bug.

Version: The product version if any.

Component: These are the major sub modules of the product.

Platform: Mention the hardware platform where you found this bug. The various platforms like ‘PC’, ‘MAC’, ‘HP’, ‘Sun’ etc.

Operating system: Mention all operating systems where you found the bug. Operating systems like Windows, Linux, Unix, SunOS, Mac OS. Mention the different OS versions also if applicable like Windows XP, Windows Vista, Windows 7, etc.

Priority:

When bug should be fixed? Priority is generally set from P1 to P5. P1 as “fix the bug with highest priority” and P5 as ” Fix when time permits”.

Severity:

This describes the impact of the bug.

Types of Severity:

Blocker: No further testing work can be done.
Critical: Application crash, Loss of data.
Major: Major loss of function.
Minor: minor loss of function.
Trivial: Some UI enhancements.
Enhancement: Request for new feature or some enhancement in existing one.

Status:

When you are logging the bug in any bug tracking system then by default the bug status is ‘New’. Later on bug goes through various stages like Fixed, Verified, Reopen, Won’t Fix etc.

Assign To:

If you know which developer is responsible for that particular module in which bug occurred, then you can specify email address of that developer. Else keep it blank this will assign bug to module owner or Manger will assign bug to developer. Possibly add the manager email address in CC list.

URL:

The page url on which bug occurred.

Summary:

A brief summary of the bug mostly in 60 or below words. Make sure your summary is reflecting what the problem is and where it is.

Description:

A detailed description of bug. Use following fields for description field:

Reproduce steps: Clearly mention the steps to reproduce the bug.

Expected result: How application should behave on above mentioned steps.

Actual result: What is the actual result on running above steps i.e. the bug behavior.

These are the important steps in bug report. You can also add the “Report type” as one more field which will describe the bug type.

The report types are typically:

Coding error
Design error
New suggestion
Documentation issue
Hardware problem

What is URI? What is the main purpose of REST-based web services and what is its format?
URI stands for Uniform Resource Identifier. It is a string of characters designed for unambiguous identification of resources and extensibility via the URI scheme. The purpose of a URI is to locate a resource(s) on the server hosting of the web service.
A URI’s format is <protocol>://<service-name>/<ResourceType>/<ResourceID>.
What is payload in RESTFul Web services?
The “payload” is the data you are interested in transporting. This is differentiated from the things that wrap the data for transport like the HTTP/S Request/Response headers, authentication, etc.

What is the upper limit for a payload to pass in the POST method?
<GET> appends data to the service URL. But, its size shouldn’t exceed the maximum URL length. However, <POST> doesn’t have any such limit.

So, theoretically, a user can pass unlimited data as the payload to POST method. But, if we consider a real use case, then sending POST with large payload will consume more bandwidth. It’ll take more time and present performance challenges to your server. Hence, a user should take action accordingly.

What is the caching mechanism?
Caching is just the practice of storing data in temporarily and retrieving data from a high-performance store (usually memory) either explicitly or implicitly.

When a caching mechanism is in place, it helps improve delivery speed by storing a copy of the asset you requested and later accessing the cached copy instead of the original.

Software Testing Process

Below is a very basic software testing process.

1. Understand of business logic and analysis of requirements: In this phase consider the following:

Are the definitions and descriptions of the required functionalities precise?

Is there clear delineation between the system and its environment?

Can the requirements be realized in practice?

Can the requirements be tested effectively?

2. Test Planning: During this phase Test Strategy is defined and Test Bed is created. The plan should identify:-

Which aspects of the system should be tested.

The methods, techniques and tools to be used.

Personnel responsible for the testing.

Manual and Automation Testing

Defect Management and Risk Management etc.

3. Test Environment Setup: A different testing server is prepared where the application will be tested. It is an independent testing environment.

4. Test Design: Identify the test scenarios and prepare the test cases / scripts. Selection of test data is also done in this phase. If required, test designing is done with some automated tools like QTP or LoadRunner or with some other software testing tool. Designing framework, scripting, script integration, Review and approval will be undertaken in this phase.

5. Test Execution: Testers execute the test cases and report any errors found to the development team.

6. Defect Tracking: Raised defects are tracked using some tools like Test Director or Bug Host etc.

7. Test Reports: As soon as testing is completed, Test Lead or Manager generate metrics and make final reports for the whole testing effort.

Classification of Defects / Bugs
There are various ways in which we can classify. Below are some of the classifications:

Severity Wise:
Major: A defect, which will cause an observable product failure or departure from requirements.
Minor: A defect that will not cause a failure in execution of the product.
Fatal: A defect that will cause the system to crash or close abruptly or effect other applications.

Work product wise:
SSD: A defect from System Study document
FSD: A defect from Functional Specification document
ADS: A defect from Architectural Design Document
DDS: A defect from Detailed Design document
Source code: A defect from Source code
Test Plan/ Test Cases: A defect from Test Plan/ Test Cases
User Documentation: A defect from User manuals, Operating manuals

Type of Errors Wise:
Comments: Inadequate/ incorrect/ misleading or missing comments in the source code
Computational Error: Improper computation of the formulae / improper business validations in code.
Data error: Incorrect data population / update in database
Database Error: Error in the database schema/Design
Missing Design: Design features/approach missed/not documented in the design document and hence does not correspond to requirements
Inadequate or sub optimal Design: Design features/approach needs additional inputs for it to be completeDesign features described does not provide the best approach (optimal approach) towards the solution required
In correct Design: Wrong or inaccurate Design
Ambiguous Design: Design feature/approach is not clear to the reviewer. Also includes ambiguous use of words or unclear design features.
Boundary Conditions Neglected: Boundary conditions not addressed/incorrect
Interface Error: Internal or external to application interfacing error, Incorrect handling of passing parameters, Incorrect alignment, incorrect/misplaced fields/objects, un friendly window/screen positions
Logic Error: Missing or Inadequate or irrelevant or ambiguous functionality in source code
Message Error: Inadequate/ incorrect/ misleading or missing error messages in source code
Navigation Error: Navigation not coded correctly in source code
Performance Error: An error related to performance/optimality of the code
Missing Requirements: Implicit/Explicit requirements are missed/not documented during requirement phase
Inadequate Requirements: Requirement needs additional inputs for to be complete
Incorrect Requirements: Wrong or inaccurate requirements
Ambiguous Requirements: Requirement is not clear to the reviewer. Also includes ambiguous use of words – e.g. Like, such as, may be, could be, might etc.
Sequencing / Timing Error: Error due to incorrect/missing consideration to timeouts and improper/missing sequencing in source code.
Standards: Standards not followed like improper exception handling, use of E & D Formats and project related design/requirements/coding standards
System Error: Hardware and Operating System related error, Memory leak
Test Plan / Cases Error: Inadequate/ incorrect/ ambiguous or duplicate or missing - Test Plan/ Test Cases & Test Scripts, Incorrect/Incomplete test setup
Typographical Error: Spelling / Grammar mistake in documents/source code
Variable Declaration Error: Improper declaration / usage of variables, Type mismatch error in source code
You have an input field that accepts an integer. The valid input is a positive two-digit integer. Specify test cases according to equivalence partitioning and boundary value analysis testing techniques.
Quite often in QA, it is not feasible to test all the possible test cases for all scenarios. In the case of valid input being a positive two-digit integer, there are already 90 valid test cases, and there are many more invalid test cases. In such situations, we need a better way of choosing test cases, while making sure that all the scenarios are covered.

Equivalence partitioning testing is a software testing technique which partitions input test data in such a manner that, for a single input from the entire partition, the system under test would act the same. For the example in question, we can create four partitions:
Any positive two-digit integer: a number greater than 9 and smaller than 100 (valid input)
Any single-digit integer: a number greater than -10 and smaller than 10 (either positive or negative) (invalid input)
Any negative two-digit integer: a number smaller than -9 (invalid input)
Any three-digit integer: a number greater than 99 (invalid input)

Boundary value analysis testing is a software testing technique that uses the values of extremes or boundaries between partitions as inputs for test cases.

-10

-9
9

10
99

100

invalid

invalid

valid

invalid

Partition 1

Partition 2

Partition 3

Partition 4

From those four partitions and the boundaries between partitions, we can devise the following test cases:
Test cases for equivalence partitioning are: 42 (valid); -15, 2, and 107 (invalid)
Test cases for boundary value analysis are: 10 and 99 (valid); -10, -9, 9, and 100 (invalid)
What are exit criteria and how do you decide what they are?
Theoretically, for some products and cases, testing activities could take enormous amounts of resources, and could also be impossible or impractical. In order to have a proper QA process—one where we can conclude with certain confidence that the product is ready for users—we need to be able to tell when we are done with testing.

That is where we apply an exit criteria document, which lists the conditions that have to be met prior to the release of the product. Exit criteria are defined in the test planning phase and allow the QA managers and test engineers to build an effective and efficient QA process that will conform to the pre-set conditions, thus ensuring the system being built is meeting the requirements and is delivered on time.

Exit criteria can be comprised of: test case coverage, remaining issues by priority and/or severity, feature coverage, deadlines, business requirements, etc.

For example, a brief exit criteria list could be:
All test cases have been executed
95 percent of tests are passing
No high-priority and no high-severity issues are remaining
Any changes to user stories are documented

From the example, we can see that the exit criteria need to be strict, yet reasonable. It may not be realistic to expect that 100 percent of all tests will be passing all the time, but we must ensure that there are no critical fails that would cause the system to malfunction or the user to not be able to use the system in an expected manner.

Why use subnets?

-10	-9 9	10 99	100
invalid	invalid	valid	invalid
Partition 1	Partition 2	Partition 3	Partition 4

Subnets will enhance network security, make networks more efficient, enhance network performance, and create a speedier set of route maps for data.

How do you fire a process in the background?

./process-name &

How do you stop a process?

kill pid

kill -9 <pid>

How do you find out about all running processes?

ps -ag

How do you stop all the processes, except the shell window?

kill 0

How do you count words, lines and characters in a file?

How do you search for a string inside a given file?

grep string filename

How do you search for a string inside a directory?

grep string *

How do you search for a string in a directory with the subdirectories recursed?

grep -r string *

How do you remove recursively?

rm -rf

How do you find out your own username?

whoami

How do you test for file properties in shell scripts?

-s filename tells you if the file is not empty, -f filename tells you whether the argument is a file, and not a directory, -d filename tests if the argument is a directory, and not a file, -w filename tests for writeability, -r filename tests for readability, -x filename tests for executability

What is the command to find out users on the system?

who

What is the command to find out today's date?

date

Write test Cases for ATM

Given below are the various test cases for ATM.

Verify if the card reader is working correctly. A screen should ask you to insert the pin after inserting the valid card.
Verify if the cash dispenser is working as expected.
Verify if the receipt printer is working correctly. Which means it can print the data on the paper and the paper comes out properly.
Verify if the Screen buttons are working correctly. For touch screen: Verify if it is operational and working as per the expectations.
Verify if the text on the screen button is visible clearly.
Verify the font of the text on the screen buttons.
Verify each number button on the Keypad.
Verify the functionality of the Cancel button on the Keypad.
Verify the text color of the keypad buttons. The numbers should be visible clearly.
Verify the text color and font of the data on the screen. The user should be able to read it clearly.
Verify the language selection option. If the messages or data are displayed in the selected language.
Insert the card, the correct pin, and print the receipt for available balance.
Verify the receipt printing functionality after a valid transaction. Whether the printed data is correct or not.
Verify how much time the system takes to log out.
Verify the timeout session functionality.
Verify the deposit slot functionality depending on its capability (Cash or cheque or both) by inserting a valid cheque.
Verify using different cards (Cards of different banks).

Verifying the Message

Insert the card and an incorrect PIN to verify the message.
Verify the message when there is no cash in the ATM.
Verify the messages after a transaction.
Verify if a user will get a correct message if a card is inserted incorrectly.
Messages for each and every scenario should be verified.

Cash Withdrawal

Verify the cash withdrawal functionality by inserting some valid amount.
Verify if a user can perform only one cash withdrawal transaction per PIN insert.
Verify the different combinations of operation and check if there will be a power loss in the middle of the operation.

Negative Test cases

Verify the functionality by entering a wrong pin number for 3 or more times.
Verify the card reader functionality by inserting an expired card.
Verify the deposit slot functionality by inserting an invalid cheque.
Verify the cash withdrawal functionality by inserting invalid numbers like 10, 20, 50 etc.
Verify the cash withdrawal functionality by entering an amount greater than the per day limit,
Verify the cash withdrawal functionality by entering an amount greater than per transaction limit.
Verify the cash withdrawal functionality by entering an amount greater than the available balance in the account.

How to Run PowerShell as Administrator

C:\Program Files (x86)\FireEye\xagt> Start-Process powershell -Verb runAs

powershell Start-Process powershell -Verb runAs

PS C:\Program Files (x86)\FireEye\xagt> explorer.exe .\c.json

When you move the NIC cards from one PC to another PC, does the MAC address gets transferred as well?

Yes, that’s because MAC addresses are hard-wired into the NIC circuitry, not the PC. This also means that a PC can have a different MAC address when the NIC card was replace by another one.

What are Wireshark and IP Addresses?

Wireshark is a network monitor and analyzer. It works below the packet level, capturing individual frames and presenting them to the user for inspection. Using Wireshark, you can watch network traffic in real-time, and look inside to see what data is moving across the wire.

An IP address is a unique identifier used to route traffic on the network layer of the OSI model. If you think of your local network as a neighborhood, a network address is analogous to a house number. When you know the IP address of a host, it’s possible to access and interact with it.

Explain the benefits of VLANs.

VLANs allow the creation of collision domains by groups other than just physical location. Using VLANs, it is possible to establish networks by different means, such as by function, type of hardware, protocol, among others. This is a big advantage when compared to conventional LANs wherein collision domains are always tied to physical location.

Difference between STLC and SDLC?

STLC is software test life cycle it starts with

* Preparing the test strategy.

* Preparing the test plan.

* Creating the test environment.

* Writing the test cases.

* Creating test scripts.

* Executing the test scripts.

* Analyzing the results and reporting the bugs.

* Doing regression testing.

* Test exiting.

SDLC is software or system development life cycle, phases are...

* Project initiation.

* Requirement gathering and documenting.

* Designing.

* Coding and unit testing.

* Integration testing.

* System testing.

* Installation and acceptance testing. " Support or maintenance.

How Can I Tell If a Website Is Safe or ways to check a website is legit?

An unsafe website can spread malware, steal your information, send spam, and more. To protect yourself and your personal information, it’s important to know that a website takes your safety seriously

Look for the “S” in HTTPS

If HTTPS sounds familiar, it should – many URLs begin with “https” instead of just “http” to indicate that they are encrypted. This security is provided by an SSL certificate, which protects sensitive information entered into that site as it travels from the site to a server. Without an SSL certificate, that information is exposed and easily accessible by cybercriminals. It’s important to note that HTTPS isn’t the only thing a website can – or should do – to protect its visitors, but it’s a good sign that the website owner cares about your safety. Whether you’re logging in, making a payment, or just entering your email address, check that the URL starts with “https.”

So how do you know if a site uses HTTPS? Check for the padlock in your browser’s navigation bar. If you see it, you know the site you’re on is using a trusted SSL digital certificate — in other words, your connection is protected.

To view the digital certificate issued to the website, click on the padlock in the web address bar and select Certificate if using Google’s Chrome browser.

Double Check the Domain Name
Scammers will tend to create “similar” domain names to trick the user into thinking they are on a legit site, like Yah00.com or Amaz0b.net, making subtle changes that you may not even notice.

Look Up the Domain Age

It is easy to look up the age of a website domain. Verifying the age of a site helps provide you with confidence that it has been in business for an established amount of time. Scam and fake sites usually have a short lifespan as they are rooted out early and shut down by legitimate business site owners.

Use the Whois Lookup domain tracker (https://whois.domaintools.com/) to get information such as who is the domain name registered to, where they are, and how long the website has been active.

Verify the Website Privacy Policy

Data privacy laws and regulations require most websites to provide website visitors with policies and procedures on how their data is collected, used, protected, and stored. Most sites provide a web page or link to a document providing detailed information. Look for this information and read it carefully before providing any information or making any online purchases.

What is the Difference between su and su- ?

The little difference in both of these commends.

su --> just switch you to user mode (root) but didn't provide the complete user environment

su - ---> provide you the complete user environment and also direct jump to user home directory.

How to know linux os is 32 bit or 64 bit?

#uname -a

we get the information about os and Regarding CPU

#grep flags /proc/cpuinfo

if cpu is in

Long mode - 64 bit CPU

Real mode 16 bit CPU

Protected Mode is 32-bit CPU

What are the different parts of an IP address mean?

This section focuses on IPv4 addresses, which are presented in the form of four decimal numbers separated by periods, like 203.0.113.112. (IPv6 addresses are longer and use letters as well as numbers.)

Every IP address has two parts. The first part indicates which network the address belongs to. The second part specifies the device within that network. However, the length of the "first part" changes depending on the network's class.

Networks are categorized into different classes, labeled A through E. Class A networks can connect millions of devices. Class B networks and Class C networks are progressively smaller in size. (Class D and Class E networks are not commonly used.)

Let's break down how these classes affect IP address construction:

Class A network: Everything before the first period indicates the network, and everything after it specifies the device within that network. Using 203.0.113.112 as an example, the network is indicated by "203" and the device by "0.113.112."

Class B network: Everything before the second period indicates the network. Again using 203.0.113.112 as an example, "203.0" indicates the network and "113.112" indicates the device within that network.

Class C network: For Class C networks, everything before the third period indicates the network. Using the same example, "203.0.113" indicates the Class C network, and "112" indicates the device.

Write test cases for Gmail login page

Functional Test Cases:

	Test Scenario	*Test Steps*	*Expected Result*
1	Launch Gmail page	1. Launch https://www.gmail.com from the following devices. a. The web browser like Chrome, Mozilla, Safari, etc. b. From devices like tablets, mobile.	1. https://www.gmail.com should redirect to the Gmail Login page. 2. Sign in to continue to Gmail screen should be opened with the following attributes. a. Email or phone b. Forgot email c. Learn more d. Create account e. Next
2	Enter Email or Phone	1. Enter valid Email or phone number. a. Enter/Next. 2. Enter invalid Email or phone number. b. Enter/Next. 3. Leave Blank space in Email or phone number. c. Enter/Next	1. With step 1 and step 2, the user will be redirected to the next page with option. a. Enter your password. b. Forgot password. 2. With option 3 the user should get an error in the text box with message Enter an email or phone.
3	Enter Password	1. Enter valid Email or Phone number and try with following criteria: a. With valid password. b. With invalid password. c. With Blank password	1. With a valid password, it should get redirected to the Email page. 2. With an invalid password a message should be displayed, Wrong password. Try again or click Forgot password to reset it. 3. With blank password the password text box should throw and error and show the message Enter a password.
4	Forgot Email	1. Open the browser with https://www.gmail.com 2. Click Forgot Email	1. On clicking Forgot Email it should get redirected to the next page. a. with the text ‘Find your email, Enter your phone number or recovery email’. b. One Text box to enter the Phone number or email
5	Forgot Password	1. Enter valid Email or phone number. 2. Enter Forgot password	1. The user should get redirected to the next page Account Recovery page
6	Account Recovery	1. Enter the last password you remember using with this Google Account a. Enter the last password. b. Next 2. Try another way. 3. Open the Google app on:Google sent a notification to your . Open the Google app and tap Yes on the prompt to sign in. 4. Try another way. 5. Get a verification code:Google will send a verification code to a Registered email id for account recovery. 6. Get a verification code:Google will send a verification code to the registered phone number. In the form of a. Text b. Call 7. We need some time to review your request:Enter an email address where we can contact you later. 8. Try another way. 9. To help keep your account secure, Google needs to confirm this account belongs to you. To recover your account, try again to sign in and answer as many questions as you can. a. Try again	1. For step 1: a. With a valid password, the user should get directed to Create new passwordpage. b. With an invalid password, the user should get redirected to the next method of the Account recovery page. 2. For step 3: a. If the user successfully tap Yes, the user will get redirected to the Create new passwordpage. b. If the user is not successful in tapping Yes, The user will be redirected to the next method of Account recovery page. 3. For step 5: a. The user should get an email verification code in another email address the user has provided during profile creation for account recovery. i. With a valid verification code, the user will be redirected to the Create new passwordpage. ii. With invalid verification code, The user will be redirected to the next method of Account recovery page. 4. For step 6: a. The user will get a verification code sent to the user’s registered phone number. i. With a valid verification code, the user will be redirected to the Create new passwordpage. ii. With invalid verification code, The user will be redirected to the next method of Account recovery page. 5. For step 7: a. The user should be able to provide valid email id. 6. For step 8: The user should get a message. a. To help keep your account secure, Google needs to confirm this account belongs to you. To recover your account, try again to sign in and answer as many questions as you can. i. Try again
7	I don’t have my phone	1. Go to Forgot password Choose the account recovery method as send the password to the registered phone number. 3. Click on the link I don’t have my phone. 4. Click Next	1. On clicking I don’t have my phone, The user should be redirected to the next page. a. The security question they provided during the login process. i. With a valid answer, the user will be redirected to the Create new password page. ii. With the invalid answer, the user should be redirected to the next page. 1. with the message, We need some time to review your request. 2. Enter an email address where we can contact you later
8	Not your computer? Use Private Browsing windows to sign in. Learn More	1. Click on the link Learn More.	1. The user should be redirected to the next page showing. a. Help b. Center Community
9	Create an account	1. Click on Create account link. 2. Select from two options a. For Myself b. To manage my business	1. On selecting options from Create account, the user should get redirected to the next page. a. Create your Google Account to continue to Gmail. b. The user should get the option for Sign in instead.
10	Sign in instead	1. Click on create account. 2. Select from two options. a. For Myself b. To manage my business 3. Go to create your Google Account to continue to Gmail page. 4. Select Sign in instead	1. On clicking Sign in instead the user should be redirected to Sign into continue to the Gmail page.
11	Create your Google AccountFor Myself	1. Click on Create account. 2. Select the option For Myself from the dropdown list. 3. The following attributes should be filled with valid inputs: a. First name. i. Within the range of English alphabets. ii. No Blank space allowed. b. Last name i. Within the range of English alphabets. ii. No Blank space allowed. c. Choose Username available. i. you can use letters, numbers & periods. ii. Usernames cannot contain an ampersand (&), equals sign (=), underscore (_), apostrophe (‘), dash (-), plus sign (+), comma (,), brackets (<,>), or more than one period (.) in a row. d. Password i. Use 8 or more characters with a mix of letters, numbers & symbols. e. Confirm password 4. Hit Next	1. The user should get redirected to next page Create your Google Account to continue to Gmail. 2. With valid input provided by the user, the user should be redirected to the welcome page asking more details. 3. With the invalid input values, the text box should show an error message. 4. For the username available: a. The user can be redirected to the welcome page. b. Google should show suggestions for the available username.
12	Create your Google AccountTo manage my business	1. Click on Create account 2. Select the option For Myself from the dropdown list. 3. The following attributes should be filled with valid inputs: a. First name. i. Within the range of English alphabets. ii. No Blank space allowed. b. Last name i. Within the range of English alphabets. ii. No Blank space allowed. c. Choose Username available. i. you can use letters, numbers & periods. ii. Usernames cannot contain an ampersand (&), equals sign (=), underscore (_), apostrophe (‘), dash (-), plus sign (+), comma (,), brackets (<,>), or more than one period (.) in a row. d. Password i. Use 8 or more characters with a mix of letters, numbers & symbols. e. Confirm password 4. Hit Next	1. The user should get redirected to next page Create your Google Account to continue to Gmail. 2. With valid input provided by the user, the user should be redirected to the welcome page asking more details. 3. With the invalid input values, the text box should show an error message. 4. For the username available: a. The user can be redirected to the welcome page. b. Google should show suggestions for the available username.

Security Test Cases:

	*Test Scenario*	*Test Steps*	*Expected Results*
1	Password encryption	1. Open the dev tool in chrome, go to Gmail login page. 2. Enter user name password and click Sign in. 3. Check the API request and response	1. The request and response should not contain password in plaintext.
2	Open multiple tabs of gmail, logout from one.	1. Open Gmail and login. 2. Duplicate/open multiple tab of it. 3. Also open gmail page in new window. 4. Logout from any tab/window.	1. Account should get logged out from all the tabs and windows. 2. Try to perform any operation like composing new email or read an email etc. Page should get logged out.
3	No hint/suggestion in Password field	1. Login to a gmail account and log out. 2. Go to password enter password and click on password field.	1. No password hint or suggestion should appear.
4	Save password in browser	1. Login to Gmail account and save the password in the browser. 2. Logout from the account. 3. Try to login with same user id. 3. Password will be filled automatically.	1. Verify the password is not visible. 2. Verify the browser files, password should get saved in plain text.

Stress Test Cases:

	*Test Scenario*	*Test Steps*	*Expected Results*
1.	Open same account from 100 windows/tab/device	1. Login with same account from 100 windows/tab/device	1. The performance of operation should not be impacted. 2. User should be able to do operation like read/compose email from any window/tab/device.
2.	Login with different account at same time	1. Write a script to login with 100 different accounts at same time.	1. All the user should get logged in immediately. No delay should be observed.

What is Subnetting?

The goal of subnetting is to create a fast, efficient, and resilient computer network. As networks become larger and more complex, the traffic traveling through them needs more efficient routes. If all network traffic was traveling across the system at the same time using the same route, bottlenecks and congestion would occur resulting in sluggish and inefficient backlogs.

Creating a subnet allows you to limit the number of routers that network traffic has to pass through. An engineer will effectively create smaller mini-routes within a larger network to allow traffic to travel the shortest distance possible.

How does Subnetting work?

IP addresses help to identify the pieces of hardware connected to your network. To locate a particular device you would need to organize the IP addresses in a logical way. This is where subnetting excels as a tool to help you maintain efficiency across your network.

There could be hundreds of thousands of devices that are connected within a network. This means that the corresponding IP addresses can create a complex route that traffic has to travel. Subnetting limits the IP address usage to within a few devices. This allows an engineer to use subnetting to create sub-networks, sorting data so that it can travel without touching every part of the more complex routers. In order to do this, an engineer needs to match each IP address class to a subnet mask.

A subnet mask echoes an IP address, but it can only be utilized within an internal network. This mask helps to identify which part of the IP address relates to the network and which part relates to the host. This means that specific data is sent on particular routes according to its destination. A subnet mask creates the tool which enables a router to match an IP address with a sub-network.

Write test cases for GOOGLE WEB PAGE

SCOPE OF TESTING:

The page displayed on launching https://www.google.com

The search text box.

FUNCTIONAL TEST CASES:

*Test Scenario*	*Test Steps*	*Expected results*
1.	Launch Google home page	Launch https://www.google.com from the following devices. Web browsers like Chrome, Mozilla, Safari, etc. From devices like tablets, mobile. From windows os and Linux os	https://www.google.com should redirect to the Google home page.
2.	Enter a word in the search text box	Launch https://www.google.com from any web browser. Enter the text ‘Apple’ in the search text box. Click the Search button	1. On clicking the search button, it should redirect user to search results. 2. Search results should be relevant.
3.	Enter a sentence in the search text box	1. Launch https://www.google.com from any web browser. 2. Enter the text ‘what is an Apple’ in the search text box. 3. Click the Search button	1. On clicking the search button, it should redirect user to search results. 2.Search results should be relevant.
4.	Press Enter from the text box	1. Launch https://www.google.com from any web browser. 2. Enter the text ‘what is an Apple’ in the search text box. 3. Press the Enter key.	1. On pressing the Enter key, it should redirect the user to search results. 2. Search results should be relevant.
5.	Max length of search keyword	1. Launch https://www.google.com from any web browser. 2. Enter text ‘Johny Johny yes papa, eating sugar no papa, telling lies no papa, open your mouth hahaha ’ in the search text box. 3. Press the Enter key	1. On pressing the Enter key, it should redirect the user to search results. 2. Search results should be relevant.
6.	Invalid value in the search text box	1. Launch https://www.google.com from any web browser. 2. Enter text special characters ‘@#$%^’ in the search text box. 3. Press the Enter key	1. On pressing the Enter key, it should redirect the user to ‘did not match any documents’. 2. Search results should give the message Suggestions: a. Make sure that all words are spelled correctly. b. Try different keywords. c. Try more general keywords.
7.	Visibility of long search text	1. Launch https://www.google.com from any web browser. 2. Enter text ‘Johny Johny yes papa, eating sugar no papa, telling lies no papa, open your mouth hahaha ’ in the search text box.	1. The input text should start scrolling towards the right-hand side. 2. On pressing the Enter key, it should redirect the user to search results.
8.	Speech recognition	1. Launch https://www.google.com from any web browser. 2. Press the microphone icon in the Google text box. Start speaking valid input ‘what is an apple’. 3. Press the Enter key	1. On clicking the Enter button, it should redirect the user to search results. 2. Search results should be relevant.
9.	Don’t have a microphone?	1. Launch https://www.google.com from any web browser from a desktop system. 2. Press the microphone icon in the Google text box. 3. Start speaking valid input ‘what is an apple’	1. On clicking the Enter button, it should give a message ‘ Check your microphone and audio Level. 2. It should not provide any relevant results.
10.	Sign in/sign out	1. Launch https://www.google.com from any web browser from a desktop system. 2. Sign in with a google account. 3. Search ‘What is an apple’.Sign out. 4. Search ‘What is an apple’.	User should be able to search with and without sign in.
11.	Search history	1. Launch https://www.google.com from any web browser. 2. Enter the text ‘ what is an apple’. 3. Press the Enter key. 4. Enter text ‘ where is a statue of Liberty located’? 5. Press the Enter key 6. Enter the text ‘ what is current weather’? 7. Press the Enter key	1. On clicking the text box , all the previous inputs should appear in history category in settings. 2. All the previous inputs should appear in form of a drop-down list in Google text box.
12.	Search history with logging in.	1. Launch https://www.google.com from any web browser. 2. Login with a Google account. 3. Enter the text ‘ what is an apple’. 4. Press the Enter key 5. Log out and close the browser. 6. launch https://www.google.com from another browser. 7. Login with the same account. 8. Enter text ‘ where is a statue of Liberty located’? 9. Press the Enter key. 10. Enter text ‘ what is current weather’? 11. Press the Enter key	1. On clicking the text box , all the previous inputs should appear in history category in settings. 2. All the previous inputs should appear in form of a drop-down list in the Google text box.
13.	Language	1. Launch https://www.google.com from any web browser. 2. Click ‘Google offered in’	It should reflect the language preference a user has provided in settings.
14.	Country	1. Launch https://www.google.com from any web browser. 2. Country name should be there on the left bottom side of the Google Home page.	The user current location according to country name should reflect in left bottom side of Google Home page.
15.	I’m feeling lucky	1. Launch https://www.google.com from any web browser. 2. Enter the text ‘what is an Apple’ in the search text box. 3. Press the I’m Feeling Lucky key.	On clicking the I’m Feeling Lucky button, it should redirect the user to the first result, bypassing the search results page
16.	Different categories of search result	1. Launch https://www.google.com from any web browser. 2. Enter the text ‘what is an Apple’ in the search text box. 3. Press the Enter key.	1. On pressing the Enter key, it should redirect the user to search results. 2. User should be able to navigate between different categories located on top. a. All b. News c. Image d. Shopping e. More f. Settings g. Tools
17.	All the links on the Google home page	1. Launch https://www.google.com from any web browser. 2. Different links should be reflected on the Google Home page a. About b. Store c. Gmail d. Images e. Sign In f. Advertising g. Business h. How search works I. Privacy j. Terms k. Settings	On clicking the listed Hyperlinks, the user should be redirected to the given pages.
18.	Redirection to other Google page	1. Launch https://www.google.com from any web browser. 2. Click the option on the right top corner of the page. 3. Select any other product of Google like Google drive etc	On selecting other products like Google drive etc, page should be redirected to those products.
19.	Search in the URL text box in the browser	1. Open any web browser. 2. Type google.com 3. Press the spacebar 4. Write a text to search. 5. Press Enter	1. On pressing spacebar at step 3, search google should appear in URL text box. 2. On pressing Enter step 4, the web page should be redirected to a relevant search result on google.com

	*Test Scenarios*	*Test Steps*	*Expected Result*
1	Open multiple tabs/browsers	1. Open multiple tabs in a browser. 2. Launch https://www.google.com	The system should not crash.
2	Clicking the search button continuously	1. Create a script to hit the search button continuously. Let’s say 1 click per 500 ms. 2. Run the script on the Google search page.	The system should not crash.
3	Writing more than 500kb text in search box	1. Launch https://www.google.com 2. Construct a string of more size of 500 KB and copy-paste it in the search box. 3. Click the Search button.

	*Test Scenarios*	*Test Steps*	*Expected Result*
1	Automation detection	1. Launch http://www.google.com 2. Run a simple script to search a text recursively.	Google should detect this and should provide a captcha to enter.
2	http to https redirection	1. Launch http://www.google.com 2. Check the URL	1. http://www.google.com to get redirected to https://www.google.com 2. It should always have a valid certificate.
3	SQL Injection	1. Launch https://www.google.com 2. Write an SQL query in the search box. 3. Click the Search button.	Google should show results related to the SQL queries.
4	Sign in the request should be encrypted	1. Open the dev tool in the browser. 2. Launch https://www.google.com 3. Sign in with a Google account. 4. Verify the API request and response. 5. Sign out. 6. Verify the API request and response.	No sensitive should be transmitted without encryption.

What is the command to check wwn # in linux?

Emulex HBA Adaptor.

Find the WWPN.

Step1:

Confirm if the HBA is Emulex.

# lspci

......

0e:00.0 Fibre Channel: Emulex Corporation Zephyr LightPulse

Fibre Channel Host Adapter (rev 02)

17:00.0 Fibre Channel: Emulex Corporation Zephyr LightPulse

Fibre Channel Host Adapter (rev 02)

Step2:

# cd /sys/class/fc_host/

# ls -l

total 0

drwxr-xr-x 3 root root 0 Oct 14 20:57 host0

drwxr-xr-x 3 root root 0 Oct 14 20:57 host1

# cat port_name

0x10000000c97a37cf

What are different command to check ram, process and hdd of linux machine?

RAM : We will check RAM, Process as well as HDD by the root user...

RAM : #free

#cat /proc/meminfo

Process : ps -a -> It will show running process within all terminals..

Hard Disk : #fdisk -l

How to monitor ports in a linux machine, with single command?

nmap is not the default available command.we can use netstat netstat -nl, netstat

-nltp ,netstat -nulp

How many interfaces(ethernet cards) are working using single command?

#ifconfig -a

except loopback

If we transfer 100 files by ftp to remote server, how to know the files are successfully transfer or some file are not transferred?

After transferring the files look into the present working directory of the client

machine for the transferred files and cross check it.

else you can check the total number of files transferred to the client machine in

present working directory using this command

ls -l | wc -l

Test Scenarios on Bluetooth devices

Test Scenarios:
Verify that Bluetooth must be inbuilt in the headset.
Verify that Bluetooth headset must be wearable and comfortable for the user.
Verify that Bluetooth headset should have Power On / Off supply functionality with indicator.
Verify that Bluetooth headset should have battery charging point.
Verify that Bluetooth headset should have battery indicator to indicate Low Power, Full Power and battery is charging.
Verify the battery in mAh of the Bluetooth headset.
Verify the Stand by Time of Bluetooth headset on full charge.
Verify the Talktime of Bluetooth headset on full charge.
Verify the listening music or audio time of Bluetooth headset on full charge.
Verify the Charging time of Bluetooth headset from nil to full charge.

Functional Test Cases:

Verify the range of Bluetooth headset in highly covered condition.
Verify the range of Bluetooth headset in moderate covered condition.
Verify the range of Bluetooth headset in normal open condition.
Verify that Bluetooth headset is able to search by all other active devices within its range.
Verify that Bluetooth headset is able to search all the active devices if Power On and Not searched if Power Off.
Verify the Pair connection functionality of Bluetooth headset within its range.
Verify that the Bluetooth headset should be able to disconnect by user after the use.
Verify that Bluetooth headset is able or not to connect with multiple devices in a time.
Verify the Bluetooth connectivity of Bluetooth headset to another Bluetooth headset.
Verify the Bluetooth headset pairing with any smart phone (Android, iOS, Windows).
Verify the Bluetooth headset pairing with any normal phone bearing Bluetooth functionality.
Verify the Bluetooth headset pairing with smart watch, wireless audio and video devices like smart TV etc.
Verify the Bluetooth headset pairing with any smart phone, laptop etc bearing Bluetooth capability and Wifi functionality On.
Verify the interference effect in between Bluetooth and WiFi in Bluetooth headset.
Verify the interference effect in between Bluetooth and Infrared in Bluetooth headset.
Verify the voice quality of Bluetooth headset in pairing with any musical device like smartphone, laptop etc which is placed at the boundary of Bluetooth headset’s range.
Verify the voice quality of Bluetooth headset in pairing with any musical device like smartphone, laptop etc which is placed at the middle of Bluetooth headset’s range.
Verify the voice quality of Bluetooth headset in pairing with any musical device like smartphone, laptop etc which is placed at the very near of Bluetooth headset’s range.
Verify the voice quality of Bluetooth headset in pairing with any musical device like smartphone, laptop etc which is placed outside of the Bluetooth headset’s range.
Verify the voice quality of Bluetooth headset in pairing with any musical device like smartphone, laptop etc which is continuously changing its place from near to far and far to near.
Verify the Power draining of Bluetooth headset pairing with any movable Bluetooth device in its range from far to near, near to far or from out of range to in range frequently.
Verify the Voice quality of Bluetooth headset in Low battery charge and in High battery charge.
Verify the Connectivity and voice quality of Bluetooth headset with different version of Bluetooth device.
Verify that Bluetooth headset paired with a smartphone in its range and smartphone using wifi and /or Celular data to listen songs or playing video from internet.
Verify the Making calls functionality of Bluetooth headset.
Verify the Answering and disconnecting calls functionality of Bluetooth headset.
Verify the Voice quality and connectivity of Bluetooth headset while Answering calls.
Verify the Voice quality on other side of the call and connectivity of Bluetooth headset while Making calls.
Verify pairing, connectivity & voice quality of Bluetooth headset while listening the Radio from another Bluetooth device.
Verify voice commands functionality from Bluetooth headset to Phone and Smartphone if having voice command functionality in it.

Write the test cases for Uber cab search functionality

FUNCTIONAL TEST CASES:

Sl.No	Test Cases
1	Verify if the location is enabled on the mobile/tab, the pickup location should be automatically filled in.
2	Verify if the location is disabled on the mobile/tab, the app should ask to enter the pickup location.
3	Verify by default the booking time is taken as the current time.
4	Verify there is an option available to choose/schedule a ride for a later time.
5	Verify the user should not be able to choose a ride time later than 1 month.
6	Verify the app shows the suggestion of your previously visited or saved location for choosing the destination.
7	Verify the selection of destination works fine.
8	Verify that on selecting a destination, the map gets zoom out and shows the destination.
9	Verify that there is an option to search location.
10	Verify the selection of all the available types of vehicle class.
11	Verify the prices of the vehicle are displayed correctly.
12	Book a ride selecting pickup, destination, time, and vehicle class. The app should start looking for a cab and should show the estimated time to find a cab.
13	On a confirmed booking, the app should show the cab and driver details.
14	Verify the map shows the driver’s location and estimated time to arrive.
15	Verify the map gets updated with the location of the driver.
16	Verify there is an option to call/message the driver.
17	Verify the cancellation option is available once the booking is confirmed.
18	Verify on cancellation the current booking is aborted and cancellation charge is deducted if applicable.
19	Book a ride for a later time and verify at that time a cab is booked and prior to booking user gets the notification.

EDGE TEST CASES:

Sl.No	Test Cases
1	Verify at one time only one booking is allowed
2	Verify multiple bookings can be scheduled for different times.
3	Verify the behavior of network interruption while booking a cab.
4	Verify the driver canceling the booking.
5	Verify the behavior when a search of a cab is in progress and a phone comes in.

Test cases for Amazon payment

FUNCTIONAL TEST CASES:

	*Test Scenario*	*Test Steps*	*Expected Result*
1	Opening Cart	Go to cart in following devices. 1. Web application(Chrome, mozilla, IE) 2. Mobile(Android, IOS) 3. Tablet	The user should be able to see their item added in the shopping cart from any of the following devices. 1.Web Browser(Chrome, Mozilla, IE) 2. Mobile(Android, IOS) 3. Tablet
2	Shopping Cart Page	1. Go to cart in web application. 2. Click the button Proceed to Checkout.	1. The product should be visible in amazon cart. 2. There should be an option to choose This order contains a gift. 3. Proceed to Checkout should redirect to select a shipping address page.
3	Shipping address	1. Click select a shipping address page. 2. Choose a saved address. a. Edit b. Delete 3. Click Add a new address. 4. Choose Amazon Pickup point location. 5. Click Deliver to this address	1. The user should be able to see options for selecting a shipping address. a. The user can select a saved address . b. The user should get an option to add a new address.
4	Add a new address	1. Enter the Details a. Full Name b. Address Line 1 c. Address Line 2 d. City e. State/Province/Region f. Postal Code/ZIP g. Telephone number 2. Additional Address Details a. Weekend Delivery b. Security access code Click Deliver to this address	1. The details in step 1 are mandatory. 2. The inputs from step 2 should be optional. An address should get created with or without these inputs. 3. On clicking Deliver to this address, the address should get saved.
5	Choose an Amazon pickup point location	1. Click Search for a pickup point location near you. a. Search by Address b. Search by postal code c. Search by landmark. 2. Hit Search 3. Click Deliver to this address	1. The search button should show results if the input is valid by the following a. address b. postal code c.landmark. 2. The user should be able to see a list of all the pickup points available near to the address provided. 3. The user should be able to select the address of pickup and add Ship to this address button. 4. With Invalid input an error message should be displayed “No stores were found matching your criteria, please try different search criteria”
6	Choose gift options	1. Fill in the Gift Message. 2. Fill in the From (required) 3. Add ons 4. Save gift options. 5. Enter	1. Gift message max length should be 180 characters. 2. From field should be mandatory. 3. Payment price should be added. 4. Navigate to the choose your shipping options page.
7	Choose your shipping Options	1. Click on choose a delivery option. a. Free Prime Delivery b. Free shipping c. Shipping charges included. 2. Check the name of the product. a. Change quantities or delete. 3. Hit Enter. 4. Navigate to Edit Quantities page. 5. Select item and click Qty. 6. Select item and click Delete. 7. Select Continue.	1. The user should be able to choose one of the three shipping options. a. Free Prime Delivery b. Free shipping c. Shipping charges included. 2. User should be able to navigate to the next page. 3.Select payment method after selecting the shipping options. 3. On clicking Change quantities or delete button the user should be able to navigate to the Edit Quantities page. 4. On clicking Qty a dropdown list should get displayed. a. with numbers from 1- 10+ written b. Delete. 5. The user should be able to change the number of items in the dropdown list. 6. On selecting Continue the user should be able to navigate to the next page. 7. Select a payment method.On selecting Delete from dropdown list the user should be able to remove the item from the Edit Quantities page.
8	Select a payment method	1. Select a payment method. a. Your credit cards already saved in profile. b. Enter continue 2. More payment options a. Credit cards i. Add a new card b. Enter continue 3. Gift cards and promotional codes. a. Enter a gift card or promotional code. b. Apply 4. Enter continue	1. The user should be able to select the saved credit card 2. After enter continue the user should be able to navigate to the Review your order page. 3. The user should be able to click Add a new card. 4. The user should be able to click Enter a gift card or promotional code link. 5. A text box should pop up to enter the code. 6. The user should be able to navigate to Review your order on entering a valid promotional code.
9	Add a new card	1. Click add a new card Button. 2. Fill the details of the user a. Card number b. Name on the card c. Expiration date 3. Click on the options available a. Add your card b. Cancel	1. On clicking the button add a new card, a pop window should get opened. 2. The user should be able to fill their card details as a. Card number b. Name on the card c. Expiration date 3. On clicking Add you card the user should be able to see their card number (masked form , only last four digits visible) Select a payment method. 4. On clicking Cancel user should be able to return to the page Select a payment method.
10	Add Your card	1. Verify the card number with valid a. Within the range and length of the card number b. Outside the range and length of the card number. 2. Verify the name on the card a. It should be within the English alphabet range. 3. Verify the expiration date a. With a valid Expiration date b. With an invalid Expiration date c. With valid date format d. With invalid Date format 4. Click on the checkbox use as my default payment. 5. Click Add your card 6. Click Cancel	With valid inputs: 1. The card details should get saved in the profile. 2. User should be able to use it later while placing any order. 3. User should not be able see card number in future. it should show only last 4 digits. Fields validation: Step 1 – If the length is not in valid range, it should show error message. Step 2 – Name should always accept only alphabet. Step 3 – Invalid date format or invalid expiration date should not be accepted.
11	Payment Failure	1. Select a payment method. a. Select a blocked credit card 2. Enter continue and place the order	1. Order should get placed but user should get payment failure notification once bank confirms it. 2. Placed order should go on hold.
12	Gift cards and promotional codes	1. Click on Enter a gift card or promotional code. 2. Enter a valid code. 3. Apply 4. Enter an invalid code 5. Apply	1. The user should be able to add the valid code and be able to continue for the next step i.e Review your order. 2. The user should get an error message with invalid code ‘ There was a problem, the promotional code you entered is not recognized’.
13	Review your order	1. The page should display the details the user has already provided. a. Shipping address i. Change ii. Add delivery instructions b. Payment method i. Change c. Billing Address i. Change d. Gift cards and promotional codes. 2. Click Place your order.	1. The address provided in the shipping address should be visible on the page. 2. The user should be able to change the shipping address by clicking the button change. 3. The user should be able to check the payment method they already have provided in the select a payment method page. 4. The card details should be in the masked format, only the last four digits should be visible. 5. The user should be able to change the payment option. 6. The user should be able to see the Billing address they have already provided. 7. The user should be able to change the shipping address. 8. The user should be able to add the valid Gift cards and promotional codes. 9. The User should get an order confirmation message.

SECURITY TEST CASES:

	*Test Scenario*	*Test Steps*	*Expected Result*
1	API requests from the page	1. On click of button-like proceed to check, Make payment, etc capture the request and response of the APIs	1. API request and response should not have any sensitive data like username, password, credit card number, net banking id, cvv etc
2	Saved card number	1. Go to profile and open the saved payment method. 2. Or while on Payment page, verify the saved card appearing on the screen.	1. Saved card’s number and cvv should appear in plain text. 2. Verify the related API request and response
3	Adding new card	1. Add a new card. 2. Give a new card number in payment page and enable the checkbox save the card	1. While adding it should not ask for pin/password. 2. Verify the related API request and response
4	Log out and open the page again	1. From the payment page, logout from the amazon account and close the browser. 2. Open the amazon page again. 3. Log in and log out again. 4. Don’t close the window, Click back button	In step 2 and step 4 Amazon account should be logged out.
5	No autofill/hint in card details fields	1. Enter details for card in payment page, do not save or proceed with payment. 2. Click back button. 3. Come back again in payment page. 4. Click the empty fields of card details	Card details fields should not show any autofill or hint.
6	Sql injection	1. In the text field for entering address or payment details or gift message, try writing sql query.	The fields should show error as per their validation.
7	Too many failed payments	1. Log in to an account. 2. Go to cart and try 100 times failed payment for same item added in cart.
8	Hit the identified API call without amazon UI	1. Capture the proceed to checkout API call. 2. Replay the API call	No response should be received.

STRESS TEST CASES:

	*Test Scenario*	*Test Steps*	*Expected Results*
1	Proceed to checkout with 10K items.	1. Write a script to add 10 k items in cart. 2. Click proceed to checkout	1. There should be a limit on items addition in cart, nothing should prevent user from proceed to checkout.
2	Proceed to checkout with 10 K users	1. Set up 10 K users and at the same time go to cart and click checkout	1. System should not stuck for any user.

What are proxy servers and how do they protect computer networks?

Proxy servers primarily prevent external users who identifying the IP addresses of an internal network.
Without knowledge of the correct IP address, even the physical location of the network cannot be identified.
Proxy servers can make a network virtually invisible to external users.

What is DoS?
DoS, or Denial-of-Service attack, is an attempt to prevent users from being able to access the internet or any other network services.
Such attacks may come in different forms and are done by a group of perpetuators.
One common method of doing this is to overload the system server so it cannot anymore process legitimate traffic and will be forced to reset.

What protocols fall under the Application layer of the TCP/IP stack?
The following are the protocols under TCP/IP Application layer: FTP, TFTP, Telnet and SMTP.

What are MAC addresses?
MAC, or Media Access Control, uniquely identifies a device on the network.
It is also known as physical address or Ethernet address. A MAC address is made up of 6-byte parts.

What are gateways?
Gateways provide connectivity between two or more network segments.
It is usually a computer that runs the gateway software and provides translation services.
This translation is a key in allowing different systems to communicate on the network.

What protocol can be applied when you want to transfer files between different platforms, such between UNIX systems and Windows servers?
Use FTP (File Transfer Protocol) for file transfers between such different servers.
This is possible because FTP is platform independent.

What is ICMP?
ICMP is Internet Control Message Protocol.
It provides messaging and communication for protocols within the TCP/IP stack.
This is also the protocol that manages error messages that are used by network tools such as PING

Briefly describe NAT?
NAT is Network Address Translation.
This is a protocol that provides a way for multiple computers on a common network to share single connection to the Internet

What is a private IP address?
Private IP addresses are assigned for use on intranets.
These addresses are used for internal networks and are not routable on external public networks.
These ensures that no conflicts are present among internal networks while at the same time the same range of private IP addresses are reusable for multiple intranets since they do not “see” each other.

What is client/server?
Client/server is a type of network wherein one or more computers act as servers.Servers provide a centralized repository of resources such as printers and files.Clients refers to workstation that access the server.
The client-server model, or client-server architecture, is a distributed application framework dividing tasks between servers and clients, which either reside in the same system or communicate through a computer network or the Internet. The client relies on sending a request to another program in order to access a service made available by a server. The server runs one or more programs that share resources with and distribute work among clients.
The client server relationship communicates in a request–response messaging pattern and must adhere to a common communications protocol, which formally defines the rules, language, and dialog patterns to be used. Client-server communication typically adheres to the TCP/IP protocol suite.
TCP protocol maintains a connection until the client and server have completed the message exchange. TCP protocol determines the best way to distribute application data into packets that networks can deliver, transfers packets to and receives packets from the network, and manages flow control and retransmission of dropped or garbled packets. IP is a connectionless protocol in which each packet traveling through the Internet is an independent unit of data unrelated to any other data units.

What is Ping?
Ping is a utility program that allows you to check connectivity between network devices on the network.
You can ping a device by using its IP address or device name, such as a computer name

What is ipconfig?
Ipconfig is a utility program that is commonly used to identify the addresses information of a computer on a network.
It can show the physical address as well as the IP address.

What are firewalls?
Firewalls serve to protect an internal network from external attacks.
These external threats can be hackers who want to steal data or computer viruses that can wipe out data in an instant.
It also prevents other users from external networks from gaining access to the private network.
A firewall acts as a barrier or filter between your computer and another network such as the internet.
A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic like viruses and hackers.
How does a firewall work?
To start, a firewalled system analyzes network traffic based on rules. A firewall only welcomes those incoming connections that it has been configured to accept. It does this by allowing or blocking specific data packets — units of communication you send over digital networks — based on pre-established security rules.
A firewall works like a traffic guard at your computer’s entry point, or port. Only trusted sources, or IP addresses, are allowed in. IP addresses are important because they identify a computer or source, just like your postal address identifies where you live.
What is ARP ?
The main task of ARP or Address Resolution Protocol is to map a known IP address to a MAC layer address.
Address Resolution Protocol is one of the most important protocols of the network layer in the OSI model which helps in finding the MAC(Media Access Control) address given the IP address of the system i.e. the main duty of the ARP is to convert the 32-bit IP address(for IPv4) to 48-bit address i.e. the MAC address.
What is the use of a default gateway?
Default gateways are essentially routing systems that ensure the request is sent to the right destination, even if the sender and receiver use different network protocols.
The default gateway is the path used to pass information when the device doesn’t know where the destination is. More directly, a default gateway is a router that connects your host to remote network segments. It’s the exit point for all the packets in your network that have destinations outside your network.
Put simply, a default gateway is a node that enables a seamless connection between networks, allowing one machine to talk to another machine on a different network. It’s called a ‘default’ gateway because it is the first and default route taken unless another option is actively requested. The most common use for the default gateway is to gain access to a webpage, where the request will be sent via the gateway before going on to the internet. Another key use is connecting devices on one subnet with devices on another, with the default gateway acting as an intermediary.
What is DHCP?
DHCP stands for dynamic host configuration protocol and is a network protocol used on IP networks where a DHCP server automatically assigns an IP address and other information to each host on the network so they can communicate efficiently with other endpoints.
Dynamic Host Configuration Protocol (DHCP) is a network management protocol used to automate the process of configuring devices on IP networks, thus allowing them to use network services such as DNS, NTP, and any communication protocol based on UDP or TCP. A DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. DHCP is an enhancement of an older protocol called BOOTP.

What is DNS?
The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
The Domain Name System (or DNS) converts human readable domain names (like: www.google.com) into Internet Protocol (IP) addresses (like: 173.194.39.78).

How Does DNS Route Traffic To Your Web Application?
The following diagram gives an overview of how recursive and authoritative DNS services work together to route an end user to your website or application.

A user opens a web browser, enters www.example.com in the address bar, and presses Enter.
The request for www.example.com is routed to a DNS resolver, which is typically managed by the user's Internet service provider (ISP), such as a cable Internet provider, a DSL broadband provider, or a corporate network.
The DNS resolver for the ISP forwards the request for www.example.com to a DNS root name server.
The DNS resolver for the ISP forwards the request for www.example.com again, this time to one of the TLD name servers for .com domains. The name server for .com domains responds to the request with the names of the four Amazon Route 53 name servers that are associated with the example.com domain.
The DNS resolver for the ISP chooses an Amazon Route 53 name server and forwards the request for www.example.com to that name server.
The Amazon Route 53 name server looks in the example.com hosted zone for the www.example.com record, gets the associated value, such as the IP address for a web server, 192.0.2.44, and returns the IP address to the DNS resolver.
The DNS resolver for the ISP finally has the IP address that the user needs. The resolver returns that value to the web browser. The DNS resolver also caches (stores) the IP address for example.com for an amount of time that you specify so that it can respond more quickly the next time someone browses to example.com. For more information, see time to live (TTL).
The web browser sends a request for www.example.com to the IP address that it got from the DNS resolver. This is where your content is, for example, a web server running on an Amazon EC2 instance or an Amazon S3 bucket that's configured as a website endpoint.
The web server or other resource at 192.0.2.44 returns the web page for www.example.com to the web browser, and the web browser displays the page.

Give some examples of private network addresses?
10.0.0.0 with a subnet mask of 255.0.0.0
172.16.0.0 with subnet mask of 255.240.0.0
192.168.0.0 with subnet mask of 255.255.0.0

What is Regression testing?

Regression testing is a type of software testing used to determine whether new problems are the result of software changes. Before applying a change, a program is tested. After a change is applied, the program is retested in selected areas to detect whether the change created new bugs or issues, or if the actual change achieved its intended purpose.
Regression testing ensures that any change in the source code or program doesn’t affect the existing features of the software application. It is basically selecting test cases that are fully or partially executed before. So, basically this ensures with every new change or introduction of new codes, the old code still works.

When is Regression Testing Required?

Regression testing is required in the following scenarios.

When the code is modified according to the change of need in the requirement
When a new functionality is added
While fixing defects
While fixing performance issues

Regression testing involves testing the unchanged parts of an app again and again. It ensures that the previous functionality of an application is working as intended and the new feature that has been added doesn’t introduce any new bug or error. This is basically a process of verification.
Regression testing is started as soon as the programmer adds a new functionality to an application or fixes any bug. This is because of the dependency between the newly added and previous functionality. This testing/verification hold immense importance, especially when there are continuous changes or improvement in the application.

What are Regression Testing Best Practices

Formulate a policy on a regular basis for regression testing
Perform desired action and check expected response for correctness
Regression test must not be outdated and must be correct
Analyze defect escaping detection during the process
Should create a logical batch of test cases instead of having one large regression test
Test suites must be designed on the basis of 80/20 principle of management
Perform regression testing after every successful compile for smaller projects
Design regression testing based on the risk factors across the business
Identify application area with high risk of failure
Link regression testing with functional testing
Re-run successful functional test cases

Test Strategy

Test strategy is a document describing how the software will be tested. Generally, it is developed for all levels of testing. Test Lead / Test Manager write the Test Strategy and review the strategy with the project team

The inputs of Test Strategy can be:

Test Environment
Test Tool data
Project Schedule
Defined Software Testing Standards
Functional and technical requirements

An ideal Test Strategy must contain:

Required hardware and software components details including test tools
Roles and Responsibilities
Software Testing methodology
Limitations of the application

As per IEEE software engineering standards, the Test Strategy document should answer the following aspects:

1. Objective and scope of testing
What is the business objective of testing?
What are the quality goals to be met by the testing effort?
To what extent will each application be tested?
What external systems will not be tested?
What systems and components need to be tested?
2. Types of testing
Different phases of the testing that are required.
Different types of testing
Test Coverage
3. Testing approach
Definition of testing process life cycle
Creation of testing related templates, checklists and guidelines
Methodology for test development and execution
Specification of test environment setup
Planning for test execution cycles
4. Test Environment specification
Hardware and software requirements
Test data creation, database requirements and setup
Configuration management, maintenance of test bed and build management
5. Test Automation
Criteria and feasibility of test automation
Test tool identification
Test automation strategy (effort, timelines etc.)
6. Roles and Responsibilities / Escalation mechanism
Testing team organization and reporting structure
Different roles as a part of testing activities and their corresponding responsibilities
Who to escalate to and when?
7. Defect Management
Categorization of defects based on criticality and priority
Definition of a workflow or the disposition of defects
Techniques and tools for tracking of defects.
8. Communication and status reporting
Status meetings for communication of testing status
Format and content of different status reports
Periodicity of each status report
Distribution list for each report
9. Risks and mitigation plans
Identification of all testing related risks, their impact and exposure
Plan for mitigation and managing these risks
10. Configuration management
List of testing artefacts under version control
Tools and techniques for configuration management
11. Change management
Plan for managing requirement changes
Models for assessing impact of changes on testing
Process for keeping test artifacts in sync with development artifacts
12. Testing metrics
What metrics are to be collected? Do they match the strategic objectives?
What will be the techniques for collection of metrics?
What tools will be employed to gather and analyze metrics?
What process improvements are planned based on these metrics?

At the completion of this stage, testing team will be having following three documents:

Test Strategy
Test Plan
Test Cases

Test Specification

It is a detailed summary of what scenarios will be tested, how they will be tested, how often they will be tested, and so on and so forth, for a given feature.
Trying to include all Editor Features or all Window Management Features into one Test Specification would make it too large to effectively read.
However, a Test Plan is a collection of all test specifications for a given area. The Test Plan contains a high-level overview of what is tested for the given feature area.

Contents of a Test Specification:

Revision History - This section contain information like Who created the test specification? When was it created? When was the last time it was updated?

Feature Description – A brief description of what area is being tested.

What is tested? – An overview of what scenarios are tested.

What is not tested? - Are there any areas that are not being tested. There can be several reasons like... being covered by different people or any test limitations etc. If so, include this information as well.

Nightly Test Cases – A list of the test cases and high-level description of what is tested whenever a new build becomes available.

Breakout of Major Test Areas - It is the most interesting part of the test specification where testers arrange test cases according to what they are testing.

Specific Functionality Tests – Tests to verify the feature is working according to the design specification. This area also includes verifying error conditions.

Security tests – Any tests that are related to security.

Accessibility Tests – Any tests that are related to accessibility.

Performance Tests - This section includes verifying any performance requirements for your feature.

Localization / Globalization - tests to ensure you’re meeting your product’s Local and International requirements.

Please note that your Test Specification document should be in such a manner that should prioritize the test case easily like nightly test cases, weekly test cases and full test pass etc:

Nightly - Must run whenever a new build is available.
Weekly - Other major functionality tests run once every three or four builds.
Lower priority - Run once every major coding milestone.

Software Test Planning

The quality of Software Testing effort depends on the quality of quality of Software Testing Planning. Software Testing Planning is very critical and important part of Software Testing Process.

Below are some questions and suggestions for Software Test Planning:

- Have you planned for an overall testing schedule and the personnel required, and associated training requirements?

- Have the test team members been given assignments?

- Have you established test plans and test procedures for

1. Module testing

2. Integration testing

3. System testing

4. Acceptance testing

- Have you designed at least one black-box test case for each system function?

- Have you designed test cases for verifying quality objectives/factors (e.g. reliability, maintainability, etc.)?

- Have you designed test cases for verifying resource objectives?

- Have you defined test cases for performance tests, boundary tests, and usability tests?

- Have you designed test cases for stress tests (intentional attempts to break system)?

- Have you designed test cases with special input values (e.g. empty files)?

- Have you designed test cases with default input values?

- Have you described how traceability of testing to requirements is to be demonstrated (e.g. references to the specified functions and requirements)?

- Do all test cases agree with the specification of the function or requirement to be tested?

- Have you sufficiently considered error cases? Have you designed test cases for invalid and unexpected input conditions as well as valid conditions?

- Have you defined test cases for white-box-testing (structural tests)?

- Have you stated the level of coverage to be achieved by structural tests?

- Have you unambiguously provided test input data and expected test results or expected messages for each test case?

- Have you documented the purpose of and the capability demonstrated by each test case?

- Is it possible to meet and to measure all test objectives defined (e.g. test coverage)?

- Have you defined the test environment and tools needed for executing the software test?

- Have you described the hardware configuration an resources needed to implement the designed test cases?

- Have you described the software configuration needed to implement the designed test cases?

- Have you described the way in which tests are to be recorded?

- Have you defined criteria for evaluating the test results?

- Have you determined the criteria on which the completion of the test will be judged?

- Have you considered requirements for regression testing?

Software Testing Estimation Process

Software Testing estimation process is one of the most difficult and critical activity. When say that one project will be completed in a particular time at a particular cost, then it must happen. If it does not happen, it may result in peer's comments and senior management’s warnings to being fired depending on the reasons and seriousness of the failure.

Here are a few rules for effective software testing estimation:

- Estimation must be based on previous projects: All estimation should be based on previous projects.

- Estimation must be recorded: All decisions should be recorded. It is very important because if requirements change for any reason, the records would help the testing team to estimate again.

- Estimation shall be always based on the software requirements: All estimation should be based on what would be tested. The software requirements shall be read and understood by the testing team as well as development team. Without the testing participation, no serious estimation can be considered.

- Estimation must be verified. All estimation should be verified: Two spreadsheets can be created for recording the estimations. At the end, compare both the estimations. If the estimation has any deviation from the recorded ones, then a re-estimation should be made.

- Estimation must be supported by tools: Tools such as spreadsheet containing metrics calculates automatically the costs and duration for each testing phase. Also, a document containing sections such as: cost table, risks, and free notes should be created. Showing this document to customer can help the customer to decide which kind of test he needs.

- Estimation shall be based on expert judgment: The experienced resources can easily make estimate that how long it would take for testing.

Classify the requirements in the following categories:

Critical: The development team has little knowledge in how to implement it.
High: The development team has good knowledge in how to implement it but it is not an easy task.
Normal: The development team has good knowledge in how to implement.

What is Localization testing?

Localization testing contains the translation of the application user interface and adapting graphics for a particular culture/locale. The localization process can also include translating any help content associated with the application program into native language.

Things which are often altered during localization, such as the user interfaces and content files.

Below is a sample localization testing checklist:

- Spelling Rules

- Sorting Rules

- Upper and Lower case conversions

- Printers

- Size of Papers

- Operating System

- Key boards

- Text Filters

- Hot keys

- Mouse

- Date formats

- Measurements and Rulers

- Available memory

-Number formats

Test Automation Framework

Approach for Test Automation is used for building a strategy for automation starting from the Requirement phase till the deployment phase. Approach for automation begins with finding out the conditions and business rules given by the client and grouping similar conditions, business rules together as Test cases or Test Scenarios.

Steps involved in Approach for Test Automation are as follows:

Requirement gathering from the client
Understanding and Analyzing the Requirement
Grouping the requirement into Test cases
Preparing the Design for Automation
Building Scripts depending on the Design
Review of Scripts at Offshore Delivery to the Client

In good automation framework, the important things that should be followed are:

Following common coding structure for all the scripts
Consistent coding conventions
Use of Reusability for making code efficient and minimal
Efficient use of Object Repository
Use of Error and Exception handling Functions ,Use of Data table object, Environment variables for using data

Design steps of the approach for Test Automation:

Identification of Test Cases for Automation
Identification of Common Functionality
Coding Standards, Naming Conventions & Templates
Building the Re-Usable Library for example:

Application Login, Logout, Common Functionality Related code etc
Tool & Application Settings, Restoring, Object Repository, Recovery, House Keeping etc
General library containing String handling, Date handling, File Handling, Data Table handling
Error handling, Log Reporting, messaging etc

Script Development using Record & Play back
Deliver the script after Verification & Validation

Guidelines followed for identification of Test Cases for Automation

Tests that need to run once and those that need frequent human intervention are usually not worth the investment to automate and have not been considered for automation.
As Automated testing can be used to verify the performance of application paths that are used with a high degree of frequency when the software is running in full production e.g. creating customer records, Invoicing and other high volume activities where software failure would occur frequently have been considered.
Mission critical processes like core activities like sales order processing are prime candidates for automated testing and have been considered for automation.
Repetitive Testing.
Applications with Long Life span – Longer the application in production greater the benefits from automation.
Avoiding dynamic screens. Though possible to automate this increases the complexity of the script.
Avoiding screens where objects are created dynamically
Avoiding business scenarios where complex hardware is involved
Selecting a row in a table results in an additional challenge from. Some automation tools provide the facility to read each row in a table and for focusing on a specific row. If the numbers of rows were very high the execution time of the script would be high. This leads to performance issues of the recorded script. Hence, it is better to prove the business scenario wherein tables with row selections figure by identifying a fixed row number. This scenario is faced very frequently in enterprise applications as in pricing tables and leads to the complexity of the script and subsequently the effort.
Avoiding scenarios that require high degree of coding while automating so that script’s complexity is reduced and high maintainability of the script is ensured.

Write tests for the shopping cart and checkout flow in E-commerce

Below are some basic test scenarios related to the shopping cart and checkout pipeline which needs to be covered before release.

Shopping Cart:-

Add one item to the cart and verify.
Increase the quantity of the item from the cart and verify.
Add the same item multiple times and verify.
Add multiple items of different types and verify.
Remove some items from the cart and verify.
Remove all items from the cart and then verify.
Click on an item in the cart and verify that the user is redirected to the product detail page.
Check that the price of the cart is discounted when we apply a valid coupon.
Check that the price of the cart is not discounted when we apply an invalid coupon.
Add item(s) to the cart, close the browser and reopen the same site.
Add item(s) to the cart, close the browser and reopen the same site.
Verify the product QTY field when the product is out of stock.
Verify that the user is able to add a text note for all products.
Verify that the user is able to add any or all products to his wishlist by clicking on the wishlist link.
Verify that the user is able to mark his order as a gift.
Verify that the user is able to add any a gift message.
Verify that the user is redirected to the checkout page after clicking on the checkout button.
Verify the cart total when the exclusive tax is enabled from the admin end.
Verify the cart total when the inclusive tax is enabled from the admin end.

Checkout flow:-

Ensure that user can access the Checkout Page only after adding the product to the cart.
Ensure that Checkout Address Page consists of all the details of the product such as Name, Quantity, Amount, etc.
Ensure that only registered users are allowed to access the Checkout Address Page.
Ensure that Name, Street Address, City, State, Country, Postal code is the mandatory field in the Checkout Address page (Shipping Address).
Ensure that Name, Street Address, City, State, Country, Postal code is the mandatory field in the Checkout Address page (Billing Address).
Ensure that error message is displayed when the user enters invalid input in all the mandatory field in the checkout address page.
Ensure that Back to cart link is available so that user can modify the cart content if needed.
Ensure that user is redirected to Checkout payment page only after entering valid mandatory details in the checkout Address page.
Ensure that error message is displayed when the user leaves any one of the mandatory fields in the checkout Address page.
Ensure that Next Button and Cancel Button are available in the Checkout Address Page.
Check that a user is able to apply a valid coupon.
Check order price when the coupon is applied.
Verify the error message for the invalid coupon.
Check that user is able to make his order as a gift.
Ensure that the user is able to add any gift message.
Check order price when gift and wrapping charges are applicable.
Check the shipping price.
Check the shipping price tax.
Check the payment options.
Ensure that Name on Card, Card Number, Expiration date, CWW2 are mandatory fields in the Payment Page.
Ensure that error message is displayed when the user enters invalid input in all the mandatory field on the Payment Page.
Ensure that error message is displayed when the user leaves any one of the mandatory fields in the Payment Page.
Ensure that the user is redirected to the third party (Vender) page.
Ensure that the user is redirected to the third party (PayPal) page if he is going to pay through a third party payment gateway (PayPal).
Place an order where order total price is Zero (0).
Place an order where the total discount is more than the entire order.
Place an order by double clicking on the Submit Button.

What is your approach when requirements change continuously?

This question can be asked if you are interviewed for an agile QA position where requirements are likely to change frequently during development. Although a complete change in requirement is possible, most of the time, it is the technical details that are subject to change. e.g. the intent of the requirement or behaviour of the feature is the same but implementation details can change

A: Some possible answers can be:

Write generic test plans and test cases which focus on the intent of the requirement rather than its exact details
Work very closely with the product owners or business analysts to understand the scope of change so testing can be updated
Make sure the team understands the risks involved in changing requirements especially towards the end of sprint
If you’re going to automate this feature, it is best to wait until the feature is stable and requirements are finalized
Negotiate to see if the changes can be kept to a minimum and/or implement the changes in next sprint

What is Selenium?

Selenium is a set of tools that supports rapid development of test automation scripts for web

based applications. Selenium testing tools provides a rich set of testing functions specifically

designed to fulfil needs of testing of a web based application.

What are the main components of Selenium testing tools?

Selenium IDE, Selenium RC and Selenium Grid

What is Selenium IDE?

Selenium IDE is for building Selenium test cases. It operates as a Mozilla Firefox add on and

provides an easy to use interface for developing and running individual test cases or entire test suites. Selenium-IDE has a recording feature, which will keep account of user actions as they are performed and store them as a reusable script to play back.

What is the use of context menu in Selenium IDE?

It allows the user to pick from a list of assertions and verifications for the selected location.

Can tests recorded using Selenium IDE be run in other browsers?

Yes. Although Selenium IDE is a Firefox add on, however, tests created in it can also be run in

other browsers by using Selenium RC (Selenium Remote Control) and specifying the name of the test

suite in command line.

What are the advantage and features of Selenium IDE?

1. Intelligent field selection will use IDs, names, or XPath as needed

2. It is a record & playback tool and the script format can be written in various languages including

C#, Java, PERL, Python, PHP, HTML

3. Auto complete for all common Selenium commands

4. Debug and set breakpoints

5. Option to automatically assert the title of every page

6. Support for Selenium user-extensions.js file

What are the disadvantage of Selenium IDE tool?

1. Selenium IDE tool can only be used in Mozilla Firefox browser.

2. It is not playing multiple windows when we record it.

What is Selenium Grid?

Selenium Grid in the selenium testing suit allows the Selenium RC solution to scale for test suites that must be run in multiple environments. Selenium Grid can be used to run multiple instances of Selenium RC on various operating system and browser configurations.

How Selenium Grid works?

Selenium Grid sent the tests to the hub. Then tests are redirected to an available Selenium RC which launch the browser and run the test. Thus, it allows for running tests in parallel with the entire test suite.

What you say about the flexibility of Selenium test suite?

Selenium testing suite is highly flexible. There are multiple ways to add functionality to Selenium framework to customize test automation. As compared to other test automation tools, it is Selenium’s strongest characteristic. Selenium Remote Control support for multiple programming and scripting languages allows the test automation engineer to build any logic they need into their automated testing and to use a preferred programming or scripting language of one’s choice.Also, the Selenium testing suite is an open source project where code can be modified and enhancements can be submitted for contribution.

What test can Selenium do?

Selenium is basically used for the functional testing of web based applications. It can be used for testing in the continuous integration environment. It is also useful for agile testing

What is the cost of Selenium test suite?

Selenium test suite a set of open source software tool, it is free of cost.

What browsers are supported by Selenium Remote Control?

The test automation expert can use Firefox, IE 7/8, Safari and Opera browsers to run tests in

Selenium Remote Control.

What are the advantages and disadvantages of using Selenium as testing tool?

Advantages: Free, Simple and powerful DOM (document object model) level testing, can be used for continuous integration; great fit with Agile projects.

Disadvantages: Tricky setup; dreary errors diagnosis; can not test client server applications.

Write test cases to test cell phone

Touchscreen Test Cases

Check if the natural gestures work for swipe functions of phone.
Check if the touch gestures work for phone setting.
Check if the launch icons for software work with touchscreen.
Check if the idle applications can be removed from the queue.
Check if the idle applications are possible to open with touch.

Volume Buttons

Check if the top press on the button increases volume.
Check if the down press on the button decreases volume.
Check fi the pressing entire button opens up the volume bar.

Power Button

Check if the power button opens up menu for the restart, shutdown and other boot options.
Check if the power button pressing once locks the phone.
Check if the power button pressing turns off the light.
Check if the idle phone can be boot up by pressing power button.

Audio Point

Check if the radio of phone requires audio connector.
Check if the radio of phone can be enabled by connecting headphones.
Check if the audio point enables the headphone settings of the phone.
Check if the audio point is functional.

USB Power Point

Check if the USB plug accepts the wire for charging as per specification.
Check if the USB plug accepts the wire of different company but with same specification.
Check if the USB plug connection starts the charging.
Check if the plug doesn’t connect with the point of different specification.
Check the signal and network strength in different regions.
Check the performance of the internal memory.
Check the performance of the external memory card with the operating system.

Calling Test Cases

Check if the phone allows dial-pad for making call.
Check if the phone allows disconnect and connect option for the ringing phone.
Check if the phone allows connection from the contacts.
Check if the phone provides history for missed calls and called numbers.
Check if the location history is given in the call history or while on call.
Check the incoming call.
Check the outgoing call.

Additional Test Cases

Here are some of the generic test cases irrespective of the mobile operating system.

Check the phone operating system for usability.
Check the phone design for usability.
Check if the curve edges of the phone makes it easy to hold.
Check if the square edges are easy to handle.
Check the battery performance of the mobile.
Check the functionality of the additional keys if exist.
Check if the model of the phone is according to the requirements.
Check if the display works as expected ( or according to specifications)
Check if the manual instructions work on the mobile phone.
Check if the mobile dimensions are as per specifications.
Insert the SIM incorrectly and check the phone.
Don’t insert the SIM and see how the phone operates.
Check if the SIM can be inserted properly.
Check if the SD card can be inserted properly.
Check if the message sending function works.Verify that user can store contact details on the phone book directory
Verify that user can delete and update contact details in the phonebook directory
Verify that Call logs are maintained in the Call Logs
Verify that received and Sent SMSs are saved in mobile
Verify that user can silent the phone during an incoming call
Verify the auto-reject option can be applied and removed on particular numbers

Write Test Cases for Passwords

Password Reset

People reset their password when they don’t remember it. That’s the most obvious scenario you can think of while writing the test cases. People also need to reset the password when the app has some security issues. In such case the type of test cases you write would be different. However, password reset scenario needs to be part of any app that has intention of collecting the user data.

Does the app offers guidelines to reset the password?
Does the app offers two step authentication while resetting the password?
Does the reset password link has expiration time period or session limit?
Does the reset password form has password strength checker?
Does the reset password form rejects insecure password?
Does the reset password form offers password generator option?
Does the reset password form has any guidelines for the pattern of the input?

Password Encryption

Almost every secure web app needs to have encryption system. You should discuss the following scenarios while setting the requirement for the password field.

Does the system allow users to do md5 hashing?
Does the system does any form of encryption?
Does the system stores the password in plain text?
Does the system masks the password while typing?
Does the password storage in database is encrypted itself?
Does the encrypted easy to decrypt using known tools?
There are many other encryption features you can think of and the more complex field the harder encryption you need for the app.

Password Management

There are tools like Keepass and LastPass that offers to save the password on desktop or browser. And then such tools can be used to automate browser login. Tools like these require single master password and using that single password you can automate the login across multiple websites. So testing such password fields using automation tools is going to be different.

Does the app allows usage of password management tool?
Does the password management works properly with the app?
Does the password manager secure enough to store the password?

Password Guidelines

Each webapp should have some sort of guidelines on choice of password user should have for better security. So make sure you consider following test scenarios.

Does the app allow you to see the password length?

Does the app have some guidelines for password strength?

Does the app tells you which characters are allowed?

Does the app restricts you from checking the characters that are not allowed?

Does the app keeps the password field in asterisk?

Is there any form of guideline for forgot password link?

Write test Cases for OTP

The OTP(One time password) system works on both email and the SMS on mobile device

What are the limitations of OTP generation?
How much delay should be there for OTP message to arrive before requesting new OTP?
How much network delay should be considered for OTP expiry?
How long does OTP validity stays assuming addition of network delay?
Which session requires OTP authentication?
Does application requires OTP for login?
Does application requires OTP for transaction?
Is the code in OTP cases sensitive?
Is the content of OTP numeric only?
Does the OTP characters only?
Does the OTP alphanumeric?
Does the OTP accepts any other characters?
Does the OTP expiry time matches with that of timer on the website?
Does the OTP released on the server matches with the OTP received?
Does the OTP with character content has all capital case letters?
Does the OTP has mix characters in the SMS?
Does the OTP has all the small letters?
Does the OTP SMS content case sensitive?
Does the OTP SMS content case matters while typing on textfield?
Is there any documentation for the OTP SMS or message?
Does the OTP SMS or message usable only for single session?
Does the OTP system stands replay attacks?
Does the OTP system requires static password system or module?
Does the OTP system based on random number generation?
Are the numbers in OTP predictable?
Are the numbers in OTP pseudo-random?

Write test Cases for Account Deactivation

These days many webapps are offering the account removal feature for every user. Some webapps also offer personal data removal from the system. Some apps don’t offer the account deactivation for the user. In such case only the administrator can delete the user account and data.

Here are some questions that your quality assurance team should pay attention to.

Why are users interested in removing their profile?
Do users want to remove their personal data?
Does system allows them to remove their personal profile and data?
What information we are collecting from the users who are removing their profile?
Do we give them a choice to reactivate their profile?
Do the system retains data of user if they reactivate?

Below are some of the test cases for webapps that offer account deactivation feature

Does the system offer any form of email confirmations?
Does the user loses data after removal of the account?
Does the user gets back the data after reactivation?
Is the feature irreversible or permanent?
Does the account deactivation same as uninstalling or removing the app? (In case of android app)
Do other people get to access the profile after removal? (In case of social network)
Does the deactivation purges past data?
Is it possible to deactivate someone’s account by security leak?
Does the administrator or moderator has privillege to deactivate others account?
Does the deactivation feature requires two step authentication?
Does the deactivation feature requires password verification for action?
Does the deactivation feature asks for user intent behind action? (As in user is accidentally doing it or purposefully)
Is it possible to deactivate accidentally?
Is it possible to recover account if deleted accidentally?
Does the system offers confirmation after deactivation?
Does the system offers some confirmation before activation?
Does the system allows registering the user account with same name and email?
Does it require calling customer support to reactivate?
Does the system offers information about what happens after deactivation?
Does the support has FAQ on account deactivation?
Does the support handles account deactivation issues?
Does the data retention possible if security leak leads to account hacking?
Does the user get to permanently remove the personal information?
Does the account deactivation process checks for security leaks?
Does the account deactivation removes the username from the system?

Write Test Cases for Calculator

Test cases for the calculator depends on the type – scientific, simple calculator, financial calculator or some other specific calculator like programmable calculator.

Basic Operational Tests

Write the test cases based on the following functions and scenarios.

Check the calculator if it starts by on button. If it is software based calculator then check if it starts via specific means like from searching for calculator in search bar and then executing application. Or by accessing menu item in the Windows.
Check if the calculator window maximizes to certain window size.
Check the if the calculator closes when the close button is pressed or if the exit menu is clicked from file > exit option.
Check if the help document is accessed from Help > Documentation.
Check if the calculator allows copy and paste functionality.
Check if the calculator has any specific preferences.
Check if all the numbers are working ( 0 to 9)
Check if the arithmetic keys ( +, -, *, %, /) are working.
Check if the clear key is working.
Check if the brackets keys are working.
Check if the sum or equal key is working.
Check if the square and square root key is working.

Functionality Test Cases

Check the addition of two integer numbers.
Check the addition of two negative numbers.
Check the addition of one positive and one negative number.
Check the subtraction of two integer numbers.
Check the subtraction of two negative numbers.
Check the subtraction of one negative and one positive number.
Check the multiplication of two integer numbers.
Check the multiplication of two negative numbers.
Check the multiplication of one negative and one positive number.
Check the division of two integer numbers.
Check the division of two negative numbers.
Check the division of one positive number and one integer number.
Check the division of a number by zero.
Check the division of a number by negative number.
Check the division of zero by any number.
Check if the functionality using BODMAS/BIDMAS works as expected.

You can add few more tests in the scientific calculator.

Check if the sin, cos, tan and cos is operational using the keys.
Check if the x-1, x!,|x|,x^y and f(x) is operational and works as expected.
Check if the log key is operational and works as expected.
Check if the natural logarithm key i operational and works as expected.
Check if the factorial key is working as expected.
Check if the real and imaginary component keys are working as expected.
Check if the complex conjugate keys are working as expected.
Conversion Function Tests

Some of the advanced scientific calculator has the converter option. It does the conversion of angle, length, weight, area, volume, duration, currency, temperature. Make sure you write the test cases for the same.

Write test Cases for User Registration Form

Preconditions:

The zipcode needs to be a number.

The phone number is 10 digit and the area code needs to be min. 3 number and maximum 5 numbers.

If required fields are not filled or wrong data is inserted then jotform triggers error after submission of the form.

The test cases for the registration form are sorted per field as explained below.

Generic Form Field Tests

Check the behavior of form by not filling up any data into the form.
Check the by not filling up the required fields.
Check the behavior of form by adding random data in the text field.
Check the by not filling up the full name text field but by filling up rest of the other fields.
Check the behavior of form by filling other text fields except address text fields.
Check the form by filling other text fields except phone number text field.
Check the form by filling other text fields except email text field.

Testing Full Name Field

Check the Full name text field without Prefix.
Check the Full name text field without adding First name.
Check the Full name text field without adding Last name.
Check the Full name text field with special characters in Prefix.
Check the Full name text field with special characters in First name.
Check the Full name text field with special characters in Last name.
Check by adding numbers instead of string in the full name text field.

Testing Address Field

Check if all the text fields in the address field are mandatory or not.
Check if the second line of the street field can be kept blank.
Check the first line of the street text field in address by adding nothing into it.
Check the city text field by adding numbers into it.
Check the city text field by adding no data.
Check the state text field by adding no data.
Check the state text field by adding numbers into it.
Check the state text field by adding data more than the field limit.
Check the behavior of form by not selecting the country from the drop-down menu of the country field.
Check the behavior of the form by selecting wrong country to that of address field content.
Check the zipcode text field with string instead of numbers.
Check the zipcode text field with numbers shorter than required.
Check the zipcode text field with numbers larger than required for the specific state or place.

Testing Phone Number Field

Check the Phone text field with area code being string instead of numbers.
Check the Phone text field with phone number being string instead of numbers.
Check the Phone text field with both area code and phone number both being string instead of numbers.
Check the Phone text field with no data added.

Testing Email Field

Check the Email text field that has Email address without @ symbol.
Check the Email text field that has random string instead of real email.
Check the Email text field that has @ symbol written in words.
Check the Email text field that has missing dot in the email address.
Check the Email text field as “name@gmail”
Check the Email text field as “@gmail”
Check the Email text field as “name@gmail..com”
Check the Email text field as “name@192.168.1.1.0”
Check the Email text field as “name.. @gmail.com

Write Test Cases for File Transfer

Check if the file transfer application is initiated.
Check if the file transfer starts successfully.
Check if the file transfer modes – binary or ASCII are available.
Check if the file transfer permission is set to 644 on server.
Check if the file is added to the transfer queue successfully.
Check if the file transfer can be started without adding a file.
Check if the file transfer can be started by sending an empty file.
Check if the file with number as file name is accepted for file transfer.
Check if the file with maximum character is accepted for file transfer.
Check if the file without extension is accepted for file transfer.
Check if a file that exceeds maximum number of characters by 1 (max+1) can be sent.
Check if the file with 1 character or number is allowed to transfer.
Check if you can set the Unicode endian character set without selecting the type of file transfer like ASCII or binary.
Check if you can send the file successfully by setting the file transfer type as binary.
Check if the file is possible to be sent by selecting the type as ASCII.
Check if the file is possible to be sent where file has entire ASCII character set.
Check if the file is possible to be sent where the file has entire UTF-8 character set.
Check if the file is possible to be sent where the file has Unicode character set.
Check if the file transfer can be initiated at low upload speed such as 2Kbps or lower.
Check if the file transfer can be finished in specific duration at high upload speed such as 1mbps.
Check if the file transfer can be initiated and finished on 2G Edge network.
Check if the file transfer can be initiated and finished on 3G network.
Verify if the file transfer speed meet the specification of the test.
Check if it is possible to upload the file that exceeds the upload speed specification and allowed upload bandwidth limit.
Verify the time taken by the upload process by uploading multiple files under test.
You need to write the test steps for the above test cases. Just make sure that you are covering the important test steps that can pretty much be used for executing the above test cases. Read the below test steps to get the basic idea.

Test Steps to Verify File Transfer

Open the application and obtain the FTP credentials from server admin.
Navigate to the location directory.
Make sure connection for file transfer isn’t broken.
Verify the file transferred correctly.
Check if the upload progress-bar shows 100% status after file is uploaded and message is also shown in logs.
Check if the uploaded file doesn’t get appened to some new name after upload.
Check if the uploaded file doesn’t change with size.
Check if the uploaded files location is not changed.
Open the file.
Verify the contents of the file are not changed.

Write Test Cases for Checkbox

Here are some of the test cases for the checkboxes.

Check if the checkbox is selectable or not.
Check if the checkbox selection enables the specific element as selected by mouse pointer or keyboard selection.
Check if the checkbox is selected and pressing submit redirects to the option as per the choice made.
Check if the checkbox selection is properly recorded in database or for browser redirection.
Uncheck one checckbox and select another and click on submit and verify if different choice is considered in redirection.
Check if the checkbox alignment on the form page is proper or not.
Check if the label for the checkbox is properly aligned.
Check if the multiple checkboxes can be selected or not.
Check if the checkboxes selected one at a time or multiple at a time are as per the requirement of the application.
Check if the corresponding data is selected by the database based on the selection.
Check if the validation controls enabled or triggered if no user action is done on the choices.
Verify if the selection control is inactive when the page is loaded.
Verify if the initial focus of the checkbox is on the first checkbox.
Verify if the checboxes are placed in a order.
Verify the physical location of the checkboxes (X.Y Coordinates, Height, Lenght, Width).

Write Test Cases for Radio Button

Check if the radio control button gets selected using mouse cursor action or TAB keyboard key selection.
Check the alignment of the radio button control on the form.
Check if the multiple radio button on the form get selected or not.
Check the CSS style of the radio button is as per the specification.
Check the CSS size of the radio button is as per the specification.
Check the CSS color of the radio button is as per the specification.
Click the radio control button and see if the page gets redirected to the next page.
Dont click on the radio buttons and see if clicking on the submit button generates warning “to make a choice” is shown or not.
Click on ‘Yes’ radio button control and hit submit to see if it redirects to the specific page.
Click on ‘No’ radio button control and hit submit to see if it redirects to the specific page.
Check if the user response of Yes is saved in the right database column.
Check if the user responsse of No is saved in the right datbase column.
Check if the database gets updated with either radio control choice being made.

Write Test Cases for File Upload

Set the file size required for the webapp. Make sure file upload module recognizes the limits of file size.
If you allow only specific set of files then whitelist those file types.
Depending on the programming language, set the content type for the files being uploaded.
File upload module should have the file type recognizer functionality built into it.
File upload feature should remove the special characters within the textarea field if provided.
Accept alphanumeric content in the file names.
Accept characters and alphanumeric content in names.
Don’t accept the file types that leads to SQL injection.
Include server level file scan.
Don’t accept empty files with extension that leads to SQL injection.
Restrict file name typing instead offer file browsing dialog box to upload button.
Authorize the file upload and transfer to only registered accounts if required.
Make sure server side checks for the file size limits.
Create new copy of the same uploaded file to avoid overwriting.

Here are some security options to check while testing the application.

Upload black listed files and try executing.
Upload executable file and execute on server.
Upload HTML file with XSS script embedded into it.
Upload virus file and measure the response.
Upload files consistently without any wait period (denial of service check).
Try to upload file as a guest user or anonymous user.

These are some of the basic options to check when it comes to security testing of the file upload module.

Typical File Upload feature on file upload sites like Dropbox or Google Drive.

Here are some of the test cases and scenarios that you should consider while manual testing the module.

Is the uploader limited to single file or the multiple file?
Is the uploader drag and drop type?
Does the uploader requires browsing to file using browse button?
Does the uploader depends on any third party plugin?
Is the uploader custom built or makes use of existing framework?
Does the uploader supports drag and drop from tablet app?
Does the uploader gets affected by third party plugins or API if it is dependent on their services?
Does the uploader has any third party API security issues?
Does the uploader includes progress bar to show estimated time left for file upload?
Does the file uploader displays file size uploaded?
Does the file uploader has any file size requirements?
What are the minimum file size requirements of file uploader?
Does the file size has any limits?
Can you upload the file size outside the limitations of the uploader?
What are the maximum file size accepted in the uploader?
Does the uploader accepts image files in the format – jpg, gif, png?
Does the uploader accepts document formats – pdf, doc, txt, xlsx?
Does the uploader has any other specific application format requirement?
Does the uploader has any specific file format blacklisted for security reasons?
What are the some of the file formats white listed by the uploader?
Does the system allows cancelling the upload?
Does the system allow cancelling multiple uploads?
Does the uploader open browse for file dialog box when clicked on button?
Does the uploader shows “success” message after upload?
Does the uploader shows error message if failed?
How does the uploader behaves if the no file is uploaded?
How does the uploader respond if some files in multi upload fail?
What message does it display if the files failed to write on server space?
What message is displayed if the chosen file only gets partially uploaded?
What message is shown if the file exceeds maximum file size?

Write Test Cases for Logout

Few things to consider while testing logout feature are – security, accessibility and HTTPS support. Thesse are the things that most of the modern webapps require for safe and accessible usage.

Accessibility

Is the logout link or button easy to use?
Does the link or button recognizable?
Is the link or button easy to find?
Is the link or button for logout accessible for all users?

Security Logs

Check the logs for the login and logout session.
Check if the logs contain multiple IPs for single ID at the same time.
Check if the logs contain denial of service attack for the login or logout.
Check if the unauthorized IP makes request for the logout.
Check if the log has the suspicious activity.

HTTPS Logout Page

Most of the member areas are secured with HTTPS. However we have to test the code in both production and on the release server. So we have to check whether the https remains on both sign in and sign out page. Like sign in page it has to be encrypted as well. The HTTPS certificate has to be genuine and should be easy to verify. It should not be expired while using the the sign in or sign out. Make sure the security service provider for the HTTPS certification is genuine and supports 128 bit SSL connection.

Here are some of the test cases and scenarios for the logout functionality.

Make sure app allows single sign off from all the devices.
Make sure app let’s you sign off for multiple accounts.
Does the app clears cookies after sign off?
Does the app clears the session for the user after sign off?
Does the app remembers the username after signoff?
Does the app takes more time for signoff at different connection speeds?
Is the sign off link easy to find?
Is the sign off link or button easy to click?
Is the sign off link or button positioned as per specification?
Is the sign off button or link readable?
Does the power outage retains the session if not signed off?
Does the sign off functionality requires face recognition or finger print (in case of desktop app)?
Does the sign off page redirects to the page where it allows login?
Does the sign off page allows redirection to the home page?
Is sign off page going to remove the window or tab automatically? (If it’s bank account sign off link)
Does the sign off button or link works on all devices?
Is sign off button or link broken after clicked?

Write Test Cases for SMS

Short text messaging app is found in almost every type of phone. Regardless of the type of phone – smartphone or classic. The functionalities offered by the phone are quite common. Some smartphones and their platform differ slightly from one function to another. However, the core functionality remains the same.

The more questions you ask the more you learn how to write better test cases.

Is the phone classic or Smartphone?
Does the SIM card – prepaid or post-paid?
Does SIM card has enough balance to send the SMS?
Does the SIM card allow MMS?
Does the phone has a way to verify the SMS being sent?

Here are the test cases for the SMS application.

Send the SMS to the invalid phone number and verify if it shows error or success message.
Send the SMS to the valid phone number and verify if the message gets sent.
Send the SMS to the valid phone number and verify if the receiver able to open it.
Send the SMS to the valid phone number and verify if the receiver can read the contents of it.
Check the SMS text editor character limit.
Check the SMS text editor for dictionary support.
Check the SMS editor for the auto-correct option.
Check the SMS editor for template support option.
Check the SMS editor for the language support.
Check if the SMS editor for the typo checker.
Does the SMS text accept emoticons in text format or image format?
Does the SMS app get notification as sending failed?
Does the SMS app gets notification if the message reaches?
Does the SMS app support multiple language to type and view on the screen?
Does the SMS app keep the written text as a draft if the network is not available?
Does the SMS app allow sending a text to multiple people?
Check the method to delete the SMS.
Check the method to forward the SMS.
Check the method to send SMS to more than one person.
Check the method to set SMS as read.
Check the method to set SMS as unread.
Check if the SMS app allows deleting multiple messages.
Check if the SMS app allows the deletion of all messages at the same time.
Check if the SMS content is allowed to be blank.
Check if the SMS content is allowed to add more than the character limit in editor.
Check if the SMS content is allowed to adds exactly as the character limit in editor.
Check if the SMS editor opens default with English content.
Check if the SMS editor opens default with multiple language support.
Check if the SMS app shows the time of the SMS.
Check if the SMS app shows the phone number of the sender.
Check if the SMS app shows the short content of the SMS in the notification.

Write Test Cases for Bank Transactions

Test Steps for Bank Transaction

Go to the bank website login page.
Input username and password.
Go to money transfer page.
Add the beneficiary to whom you want to transfer money.
Check the details of bank account and person. Verify if they are correct.
Select the specific money transfer method from NEFT/RTGS or SWIFT transfer options.
Select the beneficiary name, funds and then submit the details.
Verify the amount and other details on verification page.
Click submit for final action of fund transfer.

Test Cases for Online Bank Money Transfer

Verify the bank website URL.
Verify if the bank website URL has HTTPS on the address bar and in the URL.
Verify if the bank website login page does not appear forged.
Verify if the bank login page has username and password.
Verify the username and password are being accepted or not.
Verify if the SMS authentication is triggered after login.
Verify if the user is redirected to the dashboard after passing all authentication processes.
Verify if the user has access to the online money transfer feature.
Check if the user can transfer funds option is available during specific time period (9 am to 5pm).
Check if the fund transfer option shows notice for off-business hours transaction.
Verify if the user can add the beneficiary.
Verify if the beneficiary details can be verified.
Verify if the fund transfer option allows NEFT or RTGS option for nationalized money transfers.
Verify if the fund transfer page asks for beneficiary name, IFSC code, bank name and fund amount and purpose of transfer.
Verify if the fund transfer page asks for PAN number if the amount of funds gets over 50k.
Check if the fund transfer page has an 2-step authentication before you finalize transfer.
Check if the inter bank fund transfer happens instantly or not.
Check if the amount of time it takes for the funds transferred between the in-business hours.
Check if the amount of time it takes for the funds transferred between the off-business hours.
Check if the amount transferred notification is sent to sender and receiver.
Check if the amount gets transferred to the exact person mentioned in the beneficiary.

Mention what is the difference between Scrum and Agile?

Scrum: In the scrum, a sprint is a basic unit of development. Each sprint is followed by a planning meeting, where the tasks for the sprint are identified and estimated. During each sprint, the team creates finished portion of a product
Agile: In Agile, each iteration involves a team working through a full software development cycle, including planning, design, coding, requirement analysis, unit testing, and acceptance testing when a product is demonstrated to stakeholders

Test Cases for Cross Browser Testing

Some of the common browsers include – Chrome, Firefox, Opera, Safari, Edge and UCBrowser. Your client should know how many browsers they wish to support

Does the website loads on browser?
Does the elements (such as buttons, forms, menu) visible?
Does the elements clickable on page?
Does the content of the page visible on all devices?
Does the webpage require specific browser version?
Does the webpage takes longer time to load on browser?

Device Platform

Depending on how you wish to test, you’d be categorizing the mobile app or the websites performance on specific device platform. You have platform such as Linux, Windows, Mac, Android and few others. Your test scope depends on the device platform that clients wishes to target.

Does this website or app opens on tablet?
Does this website opens on smartphone?
Does this website responds to the specific resolution?
Does this website opens on Windows platform?
Does this website opens on Apple iOS?
What are some of the other device platform that supported by website?

CSS Support

A large part of the cross browser testing revolves around CSS. This is what makes and breaks the app or website in any device. So most of the things that you’re going to test would be around this element. You have plenty of tests to be done in order to validate the performance of your website. Here are some of the questions that you can have in test scenario.

What CSS Version is used?
What CSS Version is supported by browser?
What CSS rendering engine is under usage?
Does CSS throws error?
Does CSS Minification affects rendering?
Does CSS minification causes more errors?
Does CSS contains code for responsive layout?
Does CSS makes calls to external image sources?
Does CSS makes calls to external font sources?
Does the size of CSS reducing the page speed?
Does the CSS rendering affecting loading of certain elements?
These are some of the common questions that you should create scenario on and make tests accordingly.

Javascript

Apart from CSS and HTML, you are likely to have javascript elements. These elements often don’t render properly on the mobile device. And for that you have to create some test scenarios too. And your test should consider the scenarios where such usage of the javascript is taken into consideration. Here are some of the test scenarios that you can take into consideration.

Does Javascript elements position properly?
Does javascript library used is compliant with W3C standard?
Does javascript library slowing down the website or app?
Does the javascript library increases the file size of total website rendering?
Does the JS library used affects the resolution of the device?

Tables

Almost every website these days makes use of tables of some sort that contains the data. The tables on the pages could be – CSS Table or HTML Table. In case of the dynamic data using AJAX or jquery, you’d find that such tables are worth testing.

Does the tables work in responsive layout?
Does the tables render properly for viewing on specific resolution?
Does the data appears correctly in the respective tables?
Does the HTML table respond to the responsive layout?
Does the CSS table breaks in responsive layout?
Does the dynamic data appears properly in the responsive layout?

Network

Often ignored point while testing the websites. Most of the website render differently if the connection speed is low. They render the items with small size first before rendering bigger sized elements. And you can write test cases of those conditions for your network tests.

Does the website loads partially under slow connection?
Does the website render at all on slow connection?
Does the website misses important elements while completely rendering on slow connection?
Does the content delivery network (CDN) affects rendering of webpage?
Does ISP speed affects rendering of page across browser?
Does the browser responds well for slow connection?

Test Cases for Slow Website

By slow website we mean a website which is harder to access on normal internet speed. We take a look at various scenarios under which the test cases can be derived.

Network

Here are some of the possible test cases for checking network :

Open new browser tab and point to another URL. Check if that URL is quickly accessible.
Open alternative browser. Check if websites are opening in that.
Check if the website is accessible using proxy connection.
Check if the website is accessible using VPN network with different IP.
Check if the website is accessible using mobile network connection.
Check if the cable is connected with the desktop for network.
Check if the Wifi router is on and sending data.
Check if the PING commands returns the data properly.
Check if the torrent connection is slowing the network down.
Check if there are too many connections creating load on server.
Check if the system itself is slow to use.
Check if there is network congestion within home network.
Check if any server policy changes are affecting other computers.
Check if local system policies on the system are affecting the computers.
Check name-servers of the domain are reachable or not.
Check if the hosting company servers are online or offline.

Browser

Disable all the extensions (add-ons) and access the website.
Disable proxies or VPN and try to access the website.
Enable proxies extensions and try to access the website.
Try to open alternative website in new tab.
Try to open same website in incognito mode.
Clear browser history and try to access the website.
Use proxy to access the website.
Use alternative browsers to access website.
Use portable browser with custom settings to access the websites.

Driver

Check Windows system scan to see if any driver is corrupted.
Check if the network driver is missing or not in Device manager.
Check network tools if any driver or file is missing to connect the network.
Check if the Wifi module driver tries to connect to other connection types apart from existing connection.
Check if any module restricts driver from connecting to the network.

Security

Check if any virus or security leak stops you from connecting to network.
Check if any specific website has been added into firewall block.
Check if the internet security settings are corrupted or not.
Check if the website is accessible under Google DNS or OpenDNS.
Check if the spyware has affected the browser.
Scan the system and browser for security issues and repeat the website opening steps.

Test Cases for Calendar App

Before we head down to the test cases and scenarios, let’s first discuss what calendar app should do?

Calendar app is meant to show the current date as highlighted.
Calender app should open to default month.

Here are some of the test cases for Calendar App.

Does this calendar app shows current date?
Does this calendar app shows current month?
How the previous dates are highlighted or shadowed?
Does the date in past or future allows editing for notes?
Does the calendar app allows adding option of tasks?
Does the calendar app allows displaying current year?
Does the app allows navigation for previous months of the year?
Does the calendar app allows settings for the UI colors?
Does the calendar shows any religious significance of the date?
Does the calendar shows any historical significance of the date?
Does the calendar follows your timezone?
Does the calendar defaults to China or US timezone?
Does the calendar app has columns for each day to sort dates?
Does the calendar has any way to highlight the current date?
Does the calendar app has visibility for the current holidays?
Does the calendar app has option to customize it?
Does the calendar app allows user to add horoscope option?
Does the calendar app allows storing the birthday?
Does this calendar app allows you to store events?
Does this calendar app allows you to store anniversary?
Does this calendar app allows you to store countdown?
Does this calendar app allows you to sync with Mi account?
Does this calendar app allows you to sync with Google account?
Does this calendar app allows you to check panchang (hindu star-sign significance)?
Does this calendar app allows you to retain data if you move to another device?

What is Negative Testing?

Negative testing is performed to ensure that the product or application under test does NOT fail when an unexpected input is given. The purpose of Negative testing is to break the system and to verify the application response during unintentional inputs.

Negative Testing Characteristics:

Negative Testing is carried out to spot the faults that can result in significant failures.
Negative Testing is performed to expose the software weakness and potential for exploitation.
It is carried out to show data corruption or security breaches.

Negative Testing Techniques:

The following are the negative testing techniques adopted during software testing:

Embed Single Quote on URL when it tries to query the database.
Skip the Required Data Entry and try to proceed.
Verify each Field Type Test.
Enter large values to test the size of the fields.
Verify the numeric boundary and numeric size test.
Verify the Date Format and its validity.
Verify the web session and check for the performances.

What is Load Testing ?

Load testing is performance testing technique using which the response of the system is measured under various load conditions. The load testing is performed for normal and peak load conditions.

Load Testing Approach:

Evaluate performance acceptance criteria
Identify critical scenarios
Design workload Model
Identify the target load levels
Design the tests
Execute Tests
Analyze the Results

Objectives of Load Testing:

Response time
Throughput
Resource utilization
Maximum user load
Business-related metrics

What is Gorilla Testing?

Gorilla Testing is a testing technique in which testers, sometimes developers also join hands with testers to test a particular module thoroughly in all aspects.
Gorilla Testing, a technique in which repetitive Manual Testing process, which a tester would have done several times before, is done again to test the robustness of the system.

What is an API Testing?

The API Testing is performed for the system, which has a collection of API that ought to be tested. During Testing, a test of following things is looked at.

Exploring boundary conditions and ensuring that the test harness varies parameters of the API calls in ways that verify functionality and expose failures.
Generating more value added parameter combinations to verify the calls with two or more parameters.
Verifying the behaviour of the API which is considering the external environment conditions such as files, peripheral devices, and so forth.
Verifying the Sequence of API calls and check if the API's produce useful results from successive calls.

Common Tests performed on API's

Return Value based on input condition - The return value from the API's are checked based on the input condition.
Verify if the API's does not return anything.
Verify if the API triggers some other event or calls another API. The Events output should be tracked and verified.
Verify if the API is updating any data structure.

What is Sanity Testing?

Sanity testing, a software testing technique performed by the test team for some basic tests. The aim of basic test is to be conducted whenever a new build is received for testing. The terminologies such as Smoke Test or Build Verification Test or Basic Acceptance Test or Sanity Test are interchangeably used, however, each one of them is used under a slightly different scenario.

Sanity test is usually unscripted, helps to identify the dependent missing functionalities. It is used to determine if the section of the application is still working after a minor change.
Sanity testing can be narrow and deep. Sanity test is a narrow regression test that focuses on one or a few areas of functionality.

What is Smoke Testing?

Smoke Testing is a testing technique that is inspired from hardware testing, which checks for the smoke from the hardware components once the hardware's power is switched on. Similarly in Software testing context, smoke testing refers to testing the basic functionality of the build.

If the Test fails, build is declared as unstable and it is NOT tested anymore until the smoke test of the build passes.

Smoke Testing - Features:

Identifying the business critical functionalities that a product must satisfy.
Designing and executing the basic functionalities of the application.
Ensuring that the smoke test passes each and every build in order to proceed with the testing.
Smoke Tests enables uncovering obvious errors which saves time and effort of test team.
Smoke Tests can be manual or automated.

What is Soak Testing?

Soak Testing also known as Endurance Testing is performed to determine if the application under test can sustain the continuous loads.

Soak testing, non-functional testing involves examining the system if it can withstand a huge load for a longer period of time and there by measuring the system's reaction parameters.

Issues found - Soak Testing:

Serious memory leaks that would eventually result in application or Operating System crash
Failure to close connections between the layers of the system could stall some or all modules of the system.
Failure to close database connections under some conditions might result in the complete system crash.
Gradual degradation of response time of the system as the application becomes less efficient as a result of prolonged test.

What is Stress Testing?

Stress testing a Non-Functional testing technique that is performed as part of performance testing. During stress testing, the system is monitored after subjecting the system to overload to ensure that the system can sustain the stress.

The recovery of the system from such phase (after stress) is very critical as it is highly likely to happen in production environment.

Reasons for conducting Stress Testing:

It allows the test team to monitor system performance during failures.
To verify if the system has saved the data before crashing or NOT.
To verify if the system prints meaning error messages while crashing or did it print some random exceptions.
To verify if unexpected failures do not cause security issues.

Stress Testing - Scenarios:

Monitor the system behaviour when maximum number of users logged in at the same time.
All users performing the critical operations at the same time.
All users Accessing the same file at the same time.
Hardware issues such as database server down or some of the servers in a server park crashed.

What Is An SSL Certificate?

Internet is the place where all the users share a lot of their personal information in various ways, such as signing into a website, purchasing any product, creating free accounts, etc. But, are all these personal information safe. Not when a website is not encrypted. And, here comes the SSL (Secure Socket Layers). It issues a unique certificate to each website that provides encryption technology to secure the information shared through that particular website.

Sponsored by many companies including Facebook, Google, Mozilla, Internet Research Group has come up with a free SSL certificate solution that is known as Let’s Encrypt. It is the best free SSL certificate that is issued for general public.

Benefits of SSL Certificate

SSL certificate helps to protect sensitive information such as passwords, bank account details, card numbers, login credentials, etc.
SSL certificates boost a website’s authentication.
According to Google’s 2014 update, having an SSL certificate will boost your website’s ranking.
Having an SSL certificate increases trust and your visitors feel more secure while browsing through your website.

What is a Test Plan?

Test planning, the most important activity to ensure that there is initially a list of tasks and milestones in a baseline plan to track the progress of the project. It also defines the size of the test effort.

It is the main document often called as master test plan or a project test plan and usually developed during the early phase of the project.

Test Plan Identifiers:

1.Test plan identifier - Unique identifying reference.

2.Introduction - A brief introduction about the project and to the document.

3.Test items A test item is a software item that is the application under test.

4.Features to be tested A feature that needs to tested on the testware.

5.Features not to be tested Identify the features and the reasons for not including as part of testing.

6.Approach Details about the overall approach to testing.

7.Item pass/fail criteria Documented whether a software item has passed or failed its test.

8.Test deliverables The deliverables that are delivered as part of the testing process, such as test plans, test specifications and test summary reports.

9.Testing tasks All tasks for planning and executing the testing.

10.Environmental needs Defining the environmental requirements such as hardware, software, OS, network configurations, tools required.

11.Responsibilities Lists the roles and responsibilities of the team members.

12.Staffing and training needs Captures the actual staffing requirements and any specific skills and training requirements.

13.Schedule States the important project delivery dates and key milestones.

14.Risks and Mitigation High-level project risks and assumptions and a mitigating plan for each identified risk.

15.Approvals Captures all approvers of the document, their titles and the sign off date.

Test Planning Activities:

To determine the scope and the risks that need to be tested and that are NOT to be tested.
Documenting Test Strategy.
Making sure that the testing activities have been included.
Deciding Entry and Exit criteria.
Evaluating the test estimate.
Planning when and how to test and deciding how the test results will be evaluated, and defining test exit criterion.
The Test artefacts delivered as part of test execution.
Defining the management information, including the metrics required and defect resolution and risk issues.
Ensuring that the test documentation generates repeatable test assets.

What is White Box Testing?

White box testing is a testing technique, that examines the program structure and derives test data from the program logic/code. The other names of glass box testing are clear box testing, open box testing, logic driven testing or path driven testing or structural testing.

White Box Testing Techniques:

Statement Coverage - This technique is aimed at exercising all programming statements with minimal tests.
Branch Coverage - This technique is running a series of tests to ensure that all branches are tested at least once.
Path Coverage - This technique corresponds to testing all possible paths which means that each statement and branch is covered.

Advantages of White Box Testing:

Forces test developer to reason carefully about implementation.
Reveals errors in "hidden" code.
Spots the Dead Code or other issues with respect to best programming practices.

Disadvantages of White Box Testing:

Expensive as one has to spend both time and money to perform white box testing.
Every possibility that few lines of code are missed accidentally.
In-depth knowledge about the programming language is necessary to perform white box testing.

Explain the different types of specification-based test design techniques?

Specification-based test design techniques are also referred to as black-box testing. It involves testing based on the specification of the system under test without knowing its internal architecture. The different types of specification-based test design or black box testing techniques are-

Equivalence partitioning – Grouping test data into logical groups or equivalence classes with the assumption that all the data items lying in the classes will have the same effect on the application.
Boundary value analysis – Testing using the boundary values of the equivalence classes taken as the test input.
Decision tables – Testing using decision tables showing the application’s behavior based on a different combination of input values.
Cause-effect graph – Testing using a graphical representation of the result or outcome and all the factors that affect the outcome.
State transition testing – Testing based on the state machine model.
Use case testing – Testing carried out using use cases.

What is boundary value analysis?

Boundary value analysis is a software testing technique for designing test cases wherein the boundary values of the classes of the equivalence class partitioning are taken as input to the test cases e.g. if the test data lies in the range of 0-100, the boundary value analysis will include test data – 0,1, 99, 100.

What is decision table testing?

Decision table testing is a type of specification-based test design technique or black-box testing technique in which testing is carried out using decision tables showing the application’s behavior based on different combinations of input values.

Decision tables are particularly helpful in designing test cases for complex business scenarios involving verification of application with multiple combinations of input.

What is a cause-effect graph?

A cause-effect graph testing is a black-box test design technique in which graphical representation of input i.e. cause and output i.e. effect is used for test designing. This technique uses different notations representing AND, OR, NOT, etc relations between the input conditions leading to output.

What is state transition testing?

State transition testing is a black box test design technique based on a state machine model. State transition testing is based on the concept that a system can be defined as a collection of multiple states and the transition from one state to another happens because of some event.

What is the use case testing?

A use case testing is a black-box testing approach in which testing is carried out using use cases. A use case scenario is seen as an interaction between the application and actors(users). These use cases are used for depicting requirements and hence can also serve as a basis for acceptance testing.

Explain equivalence class partitioning.

Equivalence class partitioning is a specification-based black-box testing technique. In equivalence class partitioning, a set of input data that defines different test conditions are partitioned into logically similar groups such that using even a single test data from the group for testing can be considered as similar to using all the other data in that group.

For example, for testing a Square program (a program that prints the square of a number), the equivalence classes can be-

Set of Negative numbers, whole numbers, decimal numbers, set of large numbers, etc.

What are some attributes of a test case?

A test case can have the following attributes-

Test CaseId – A unique identifier of the test case.
Test Summary – One-liner summary of the test case.
Description – Detailed description of the test case.
Prerequisite or pre-condition – A set of prerequisites that must be followed before executing the test steps.
Test Steps – Detailed steps for performing the test case.
Expected result – The expected result in order to pass the test.
Actual result – The actual result after executing the test steps.
Test Result – Pass/Fail status of the test execution.
Automation Status – Identifier of automation – whether the application is automated or not.
Date – The test execution date.
Executed by – Name of the person executing the test case.

What is a Test case?

A test case is used to test the conformance of an application with its requirement specifications. It is a set of conditions with pre-requisites, input values and expected results in a documented form

What is Boundary Testing?

Boundary value analysis is a type of black box or specification based testing technique in which tests are performed using the boundary values.

Example:

An exam has a pass boundary at 50 percent, merit at 75 percent and distinction at 85 percent. The Valid Boundary values for this scenario will be as follows:

49, 50 - for pass

74, 75 - for merit

84, 85 - for distinction

Boundary values are validated against both the valid boundaries and invalid boundaries.

The Invalid Boundary Cases for the above example can be given as follows:

0 - for lower limit boundary value

101 - for upper limit boundary value

Give an example of Low priority-Low severity, Low priority-High severity, High priority-Low severity, High priority-High severity defects.

Below are the examples for different combinations of priority and severity

1) Low priority-Low severity

A spelling mistake in a page not frequently navigated by users.
A spelling mistake on the page of the site which is not frequently visited.
The color of any text that does not match with the theme of the website.

2) Low priority-High severity

Application crashing in some very corner case.If the application is crashing on passing very large input for processing (which is very rarely done).
There are some buttons on the website which are overlapping.
Although clickable, are creating a fuss.

3) High priority-Low severity

Slight change in logo color or spelling mistake in the company name.
The logo of the company’s welcome page is distorted.
The action buttons are not visually appealing or the information on the page appears hazy.

4) High priority-High severity

Issue with login functionality.
The products added to the cart of an e-commerce website are not visible on the payment page.
The login button of the application is not working.

Describe the difference between API testing and UI testing

API testing enables the communication between the two separate software systems, where one system implementing an API contains functions or subroutines that may be executed by another software system.
UI testing is mainly about testing the graphical interface, for example: how users interact with application, testing application elements like fonts, images, layouts etc. In other words, UI testing focuses more on look and feel of an application.

Which principles need to be considered when creating an API test design?

Setup: Create objects, start services, and initialize the data
Execution: Steps to apply API or the scenario, including logging
Verification: Oracles to evaluate the result of the execution
Reporting: Pass, failed or blocked
Clean up: Pre-test state

Describe your understanding about RESTful web service?

RESTful web service is one of the two types of website besides SOAP. RESTful web services use the HTTP methods to implement the concept of REST architecture. A RESTful web service usually defines a URI, Uniform Resource Identifier a service, provides resource representation like JSON and a set of HTTP methods.

REST contains some major characteristics:

The SERVER has no status (or session data) because REST is stateless. With a well-applied REST API, the server could be restarted between two calls, since all data is transferred to the server
Web service uses POST method primarily to perform operations, while REST uses GET for accessing resources.

What is the sequence to write a test case?

A test case should have these four things:

1. Test case name

2. Description of the test case

3. Steps, description of the actions that need to be performed

4. Expected Results, describe expected outcomes so as to compare results

What are some common API errors?

In the list of API interview questions, this seems to be more advanced question. Here are some suggested answers:

- Missing module errors

- Documentation errors

- Parameter validation errors

- Some other standard error expectations: if the result is not so predicted then the occurrence of errors can be seen and for the same warnings are specified in the form of a message. There can be one or more warnings within an individual module.

How many types of API testing?

There is no exact number for this API testing interview question, but you can list out the nine main categories below as it almost covers the API testing:

- Validation Testing

- Functional Testing

- UI testing

- Load testing

- Runtime/ Error Detection

- Security testing

- Penetration testing

- Fuzz testing

- Interoperability and WS Compliance testing

What is the difference between error and exception?

The basic difference between the error and exception are:

An error cannot be handled but we can handle the exception
Error terminates the java session but exception won't
Most of the errors are system-related but exceptions are related to the user code.
StackOverFlow is an example of an error, NullPonterException is an example of an exception.

What is the difference between Verification and Validation?
Following are the major differences between verification and validation-

#	Verification	Validation
1.	Verification is the process of evaluating the different artifacts as well as the process of software development. This is done in order to ensure that the product being developed will comply with the standards.	Validation is the process of validating that the developed software product conforms to the specified business requirements.
2.	It is a static process of analyzing the documents and not the actual end product.	It involves dynamic testing of a software product by running it.
3.	Verification is a process-oriented approach.	Validation is a product-oriented approach.
4.	Answers the question – “Are we building the product right?”	Answers the question – “Are we building the right product?”
5.	Errors found during verification require lesser cost/resources to get fixed as compared to be found during the validation phase.	Errors found during validation require more cost/resources. Later the error is discovered higher is the cost to fix it.

What is Test Coverage?

It is a metric that measures the amount of testing performed on software while executing the test cases. Test coverage for any software can be calculated as the percentage of the number of test areas or coverage items covered with respect to the total number of test areas.

The higher the test coverage, the more the part of the software gets covered by test cases and hence, the more effective will be the testing.

What is code coverage?

Code coverage is the measure of the amount of code covered by the test scripts. It gives the idea of the part of the application covered by the test suite.

What are the different levels of testing?

Ans. Testing can be performed at different levels during the development process. Performing testing activities at multiple levels helps in the early identification of bugs. The different levels of testing are –

Unit Testing - In this level of testing, individual units of the system are tested. It is performed by the developers at the code level.
Integration Testing - In this level of testing, individual components of the system are tested together. It is performed by the internal testers.
System Testing - In this level of testing, the whole system is tested against the requirements. It is performed by the internal testers.
Acceptance Testing - This is the final level of testing before the product is released in the market. It is conducted by clients’ representatives i.e. business users and/or end-users of the system.

Test Cases/scenarios for the Download Functionality

Verify that download link or button should be available.
Verify that download link or button should be clickable.
Verify that download link start to download the file or navigate to the other URL or Page.
Verify that location for saving the file should ask after clicking on the link or button to download.
Verify that save location should have enough storage space available for downloading the file.
Verify that downloaded file size should be same, which was showing before download.
Verify that the downloaded file and its name should be same as shown before download.
Verify that the downloaded file should be saved at the predefined location.
Verify that the file should be Pause while downloading.
Verify that the file should be Resume the downloading.
Verify that the file can be Stop or Cancel the downloading.
Verify that file should be available for download where the downloadable link addressed.
Verify that the estimated time of download should be display.
Verify that downloading status should be display while downloading as for example, 40 MB downloaded and 60 MB remaining.
Verify that the file should be accessible or not while downloading from the storage location.
Verify that the file should remain or not if downloading Pause.
Verify that the file should remain or not if downloading Cancel.
Verify that if any specific requirement needed to download then it should be displayed before downloading start or with the downloadable link or button.
Verify that download still continue if the internet speed is very slow.
Verify that downloading should be Stop if internet connection lost.
Verify that downloading should be resumed automatically if internet connection lost then again found the internet connection.
Verify that File download display Downloading failed if Internet connection lost for more time like 4 minutes to 5 minutes.
Verify that File download can resume its download if that file status is downloading failed.
Verify that no any subfile or data lost or file corrupt while using Pause and Resume functionality of downloading.
Verify that no any subfile or data lost or file corrupt while using Downloading failed to Resume functionality of download.
Verify the Functionality of Multiple files downloads simultaneously.
Verify that any video file is able or not to play while downloading that file.
Verify the Downloading speed separately and collectively of Multiple files download simultaneously.
Verify the Downloading status should be displayed separately or/and collectively of Multiple files download simultaneously.
Verify that try Delete the file which is displaying in predefined location while downloading and check the system response.
Verify that try to send the file to any external storage which is displaying in predefined location while downloading and check the system response.

What is unit testing?

Unit testing is the first level of testing and it involves testing individual modules of the software. It is usually performed by developers.

What is integration testing?

Integration testing is performed after unit testing. In integration testing, we test the group of related modules. It aims at finding interfacing issues between the modules.

What is system testing?

System testing is the level of testing where the complete software is tested as a whole. The conformance of the application with its business requirements is checked in system testing.

What is acceptance testing?

Acceptance testing is testing performed by the potential end-user or customers to check if the software conforms to the business requirements and can be accepted for use.

What are the different types of integration testing?

The different type of integration testing is-

Big bang Integration Testing – In big bang integration testing, testing starts only after all the modules are integrated.
Top-down Integration Testing – In top-down integration, testing/integration starts from top modules to lower-level modules.
Bottom-up Integration Testing – In bottom-up integration, testing starts from lower-level modules to higher-level modules up in the hierarchy.
Hybrid Integration Testing – Hybrid integration testing is the combination of both Top-down and bottom-up integration testing. In this approach, the integration starts from the middle layer and testing is carried out in both the direction

What is a stub?

Ans. In the case of top-down integration testing, many times lower-level modules are not developed while beginning testing/integration with top-level modules. In those cases, Stubs or dummy modules are used that simulate the working of modules by providing a hard-coded or expected output based on the input values.

What is a driver?

Ans. In the case of bottom-up integration testing, drivers are used to simulating the working of top-level modules in order to test the related modules lower in the hierarchy.

What is UAT Testing?

UAT testing is the last phase of the testing lifecycle. Its main focus is to validate that software is working in accordance with business requirements. It also ensures that the application is user-friendly and can handle complex scenarios at its best before releasing the product to real-world users.
UAT stands for User Acceptance Testing. It is a type of testing where clients or end-users test the software application. It is carried out to validate the quality of the developed system i.e. whether the system is developed according to the requirements communicated by the stakeholders.

What is End-To-End Testing?

End-to-End testing is a type of testing where the entire application undergoes testing, to test each functionality of the software is working as expected and there is no loophole remaining in it. It ensures that the application is user-friendly and meets the business requirements.

HTTP Protocol:

Whenever you enter any URL in the address bar of your browser, the browser translates that URL into a request message according to the specified protocol and then sends it to the server.

There are many predefined HTTP methods that can be used while sending HTTP requests.

Most common HTTP methods:

GET :asks the server to retrieve a resource. You can think of a resource as some data or file on the server
POST : asks the server to create a new resource
PUT: asks the server to update a resource
DELETE: asks the server to delete a resource
PATCH: used to update a portion of an already existing resource

Then there are two different categorisation of HTTP methods:

Safe: Safe methods are those that can be cached and prefetched without any repercussions to the resource. This means that there is no change expected in the resource by the client. So, GET is safe, while PUT, POST, DELETE PATCH are not.
Idempotent: An idempotent HTTP method is one that if called many times will provide the same outcome. It does not matter if the method is called only once or multiple times. The result will always be the same. GET, PUT, DELETE methods are idempotent.

The response from the server is accompanied by a status code. This status code is important as it tells the client how to interpret the server response. Here are some of the common status codes –

1XX – informational
2XX – success
3XX – redirection
4XX – client error
5XX – server error

Some of the common HTTP status are:

201 (CREATED)
200 (OK)
401 (UNAUTHORIZED)
403 (FORBIDDEN)
400 (BAD_REQUEST)
404 (NOT_FOUND)

What is the difference between Assert and Verify commands in test automation?

There is a lot of similarity between the two commands. Both check if the codes conditions are true. The difference is what happens next.

When an assert command fails it will stop executing code and the test will pause.
When a verify command fails it will plow ahead and execute the rest of the code.

HTTPS

Hypertext Transfer Protocol Secure (HTTPS) is an application layer protocol used for secure communication over an insecure computer network, for example over the Internet. It is a secure version of HTTP; it uses the Transport Layer Security (TLS) protocol to encrypt the traffic between the client and the web server.
HTTPS creates a secure channel for two hosts to communicate over an insecure network (most commonly the Internet). Since HTTP sends all data in clear text, HTTPS can be used instead to encrypt sensitive information, for example usernames and passwords. Because HTTPS requires more resource than HTTP, it is usually used only to protect sensitive information (e.g. login credentials or credit card numbers), but many websites today use HTTPS for the entire site. For example, Google uses HTTPS by default on its global search pages.
HTTPS URLs begin with https, as in https://gmail.com. The whole HTTPS encryption process happens in the background and is transparent to the user. In Firefox, a lock icon appears left of the URL, indicating that the requested website is using HTTPS

What is NAT?

NAT (Network Address Translation) is a process of changing the source and destination IP addresses and ports. The main goal of NAT is to limit the number of public IP addresses a company needs and to hide private network address ranges. The NAT process is usually done by routers or firewalls.
NAT allows a host without a public, globally unique IPv4 address to communicate with other hosts on the Internet. The hosts might be using private addresses or even addresses assigned to another organization, which helps reduce the need for public IPv4 addresses.

Telnet

Telnet is an application protocol that allows a user to communicate with a remote device. A user on a client machine can use a software (known as a Telnet client) to access a command-line interface of another, remote machine that is running a Telnet server program.
Telnet is often used by network administrators to access and manage remote devices. A network administrator can access the device by telnetting to the IP address or hostname of a remote device. The network administrator will then be presented with a virtual terminal that can interact with the remote host.
Telnet sends all data in clear-text, including usernames and passwords! SSH is commonly used today instead of Telnet. Telnet is only used if SSH is not available on the device

SSH

The Secure Shell (SSH) protocol enables a user to access a remote device and manage it. The key difference between Telnet and SSH is that SSH uses encryption. All data transmitted over a network (including usernames and passwords) is encrypted and secure from eavesdropping. SSH employs public key cryptography for the encryption.
A user on a client machine can use a software (an SSH client) to establish a connection to an SSH server running on a remote machine. Once the connection has been established, the user can execute commands on the remote device

File Transfer Protocol (FTP)

File Transfer Protocol (FTP) is a network protocol used to transfer files between machines on a TCP/IP network. FTP employs a client-server architecture; the client has an FTP client installed and establishes a connection to an FTP server running on a remote machine. After the connection has been established and the user is successfully authenticated, the data transfer phase can begin. Note that, although FTP does support user authentication, all data is sent in clear text, including usernames and passwords.

Network Time Protocol (NTP)

Network Time Protocol (NTP) is an application layer protocol used for clock synchronization between hosts on a TCP/IP network. The goal of NTP is to ensure that all computers on a network agree on the time, since even a small difference can create problems. For example, if there is more than 5 minutes difference on your host and the Active Directory domain controller, you will not be able to login into your AD domain.
NTP uses a client-server architecture; one host is configured as the NTP server and all other hosts on the network are configured as NTP clients

Simple Network Management Protocol (SNMP)

Simple Network Management Protocol (SNMP) is an application layer protocol that is used for network device management. This protocol can collects and manipulate valuable network information from switches, routers, servers, printers, and other network-attached devices.

An SNMP-managed network consists of two components:

Network management station (NMS) – the software which runs on the administrative computer. This software gathers SNMP data by requiring the devices on the network to disclose certain information. Devices can also inform the NMS about problems they are experiencing by sending an SNMP alert (called a trap).
Agent – the software which runs on managed devices and reports information via SNMP to the NMS.

Can GET request to be used instead of PUT to create a resource?

The PUT or POST method should not be used to create a resource. You can use the GET operation which has view-only rights.

What are the core components of an HTTP request?

An HTTP request contains five key elements:

An action showing HTTP methods like GET, PUT, POST, DELETE.
Uniform Resource Identifier (URI), which is the identifier for the resource on the server.
HTTP Version, which indicates HTTP version, for example-HTTP v1.1.
Request Header, which carries metadata (as key-value pairs) for the HTTP Request message. Metadata could be a client (or browser) type, format supported by the client, format of a message body format, cache settings, and so on.
Request Body, which indicates the message content or resource representation.

What is messaging in RESTful Web services?

RESTful web services use the HTTP protocol as a communication tool between the client and the server. The technique that when the client sends a message in the form of an HTTP Request, the server sends back the HTTP reply is called Messaging. These messages comprise message data and metadata, that is, information on the message itself.

What are some key characteristics of REST?

Key characteristics of REST are likely asked in a Web API Testing interview. So please get the answer ready in your mind with these 2 ones:

REST is stateless, therefore the SERVER has no status (or session data)

With a well-applied REST API, the server could be restarted between two calls, since all data is transferred to the server

Web service uses POST method primarily to perform operations, while REST uses GET for accessing resources.

Which protocol is used by RESTful Web services?

RESTful web services use the HTTP protocol as a medium of communication between the client and the server.

What is the most popular way to represent a resource in REST?

REST uses different representations to define a resource like text, JSON, and XML.

XML and JSON are the most popular representations of resources.

What is REST?

REST is an architectural style for developing web services which exploit the ubiquity of HTTP protocol and uses the HTTP method to define actions. It revolves around resource where every component being a resource that can be accessed through a shared interface using standard HTTP methods.

In REST architecture, a REST Server provides access to resources and REST client accesses and makes these resources available. Here, each resource is identified by URIs or global IDs, and REST uses multiple ways to represent a resource, such as text, JSON, and XML. XML and JSON are nowadays the most popular representations of resources.

Types of automated API testing

API test automation is not limited to functional testing only. Having written your own test automation framework and test scripts, you can conduct other types of tests, the most typical of which are:

Load testing: to find out how well the remote service handles a large number of concurrent requests and whether it is capable or sending responses back to your application in a timely manner.
Security testing: to check the API for security vulnerabilities by sending special requests aimed at compromising its operation or securing access to confidential data or unauthorized areas (penetration testing). Security testing also covers areas like user authentication, data encryption and user access control.

There is a test automation running and fails 14%, say 1/7 times? How you will debug? There is no code change or test code change.

Threading issues.
Memory issues: (memory leaks of java objects or connections can be the reason)
Look at the failures in the logs, in general, it will be the health of the server to be checked, if the server performance is slow(timeout errors, ObjectNotFound Exceptions), if there is an OutOfMemoryException is thrown in one of the test case or even outside this testSuite, need to be cleaned out.
if the test data is intact
else check if test data is still relevant
if servers are responding in desired turnaround time
check logs for similar kind of errors
check if application was up ,the whole time
check if machines are behaving slower due to continuos runs and memory leaks

How to find which option will work best on your project?

Conditions favorable for Manual Testing-

Exploratory testing – Such testing involves the knowledge, skill set, experience, innovation, intuition and creativity of the tester.
Usability testing – If you need to measure the efficiency, user-friendly behavior, and comfort offered by the software to the users, usability testing should be performed by engineers.
Ad-hoc testing – This is completely a spontaneous method of testing performed by experts. In this testing type, ideology and understanding behavior of the tester is the only key factor.

Conditions favorable for Automated QA testing –

Regression testing – Due to frequent changes in code and the ability to run the regressions in precise way, you need automated testing approach.
Performance testing – Where there is a requirement of simulating the thousands of concurrent users, users will require automation to do it.
Repeated execution – For repeated execution, automated QA testing is a better option.
Load testing – To complete the testing in efficient way in the case of load testing, automated testing works best.

How is monkey testing different from Adhoc testing?

Ans. In the case of Adhoc testing although there are no predefined or documented test cases still testers have an understanding of the application. While in the case of monkey testing testers don’t have any understanding of the application.

What is exploratory testing?

Ans. Exploratory testing is a type of testing in which new test cases are added and updated while exploring the system or executing test cases. Unlike scripted testing, test design and execution go parallelly in exploratory testing.

What is volume testing?

Ans. Volume testing is a type of performance testing in which the performance of the application is evaluated with a large amount of data. It checks the scalability of the application and helps in the identification of a bottleneck with a high volume of data.

What is spike testing?

Ans. Spike testing is a type of performance testing in which the application’s performance is measured while suddenly increasing the number of active users during the load test.

What is compatibility testing?

Ans. Compatibility testing is validating software to see how compatible the software is with a particular environment – operating system, platform, or hardware.

What is configuration testing?

Ans. Configuration testing is the type of testing used to evaluate the configurational requirements of the software along with the effect of changing the required configuration.

What is globalization testing?

Ans. Globalization testing is a type of testing in which application is evaluated for its functioning across the world in different cultures, languages, locales, and countries.

What is penetration testing?

Ans. Penetration testing or pen testing is a type of security testing in which application is evaluated(safely exploited) for different kinds of vulnerabilities that any hacker could exploit.

What is robustness testing?

Ans. Robustness testing is a type of testing that is performed to find the robustness of the application i.e. the ability of the system to behave gracefully in case of erroneous test steps and test input.

What is concurrency testing?

Ans. Concurrency testing is a multi-user testing in which an application is evaluated by analyzing the application’s behavior with concurrent users accessing the same functionality.

What is backend testing?

Ans. Backend testing is a type of testing that involves testing the backend of the system which comprises testing the databases and the APIs in the application.

What is risk analysis?

Ans. Risk analysis is the analysis of the risk identified and assigning an appropriate risk level to the defect based on its impact over the application.

What is the difference between regression and retesting?

Ans. Regression testing involves testing the application to verify that a new code change doesn’t affect the other parts of the application. Whereas, in retesting, we verify if the fixed issue is resolved or not.

What is the difference between black-box and white-box testing?

Ans. Black-box testing is a type of testing in which the internal architecture of the code is not required for testing. It is usually applicable for system and acceptance testing.

Whereas white-box testing requires internal design and implementation knowledge of the application being tested. It is usually applicable for Unit and Integration testing.

What is the difference between smoke and sanity testing?

Ans. The difference between smoke and sanity testing is-

Smoke testing is a type of testing in which all major functionalities of the application are tested before carrying out exhaustive testing. Whereas, sanity testing is a subset of regression testing which is carried out when there is some minor fix in the application in a new build.

In smoke testing, shallow-wide testing is carried out while in Sanity, narrow-deep testing (for a particular functionality) is done.

The smoke tests are usually documented or are automated. Whereas, the sanity tests are generally not documented or unscripted.

What is the difference between Release and Build?

Ans. A build is an executable file provided by the developers to the testing team for testing the application. It undergoes various iterations of fixing and testing until the application works as expected. Once the application becomes stable and ready for the end-users, it’s released in the market.

Whereas, a release is an installable software provided to the end-users after it gets certified by the testing team. During the release of any software to the client, release notes are attached to it that includes a number of defects still open, covered user stories, change-requirements, and version of the release.

The Selenium script runs in Chrome but not in IE. What can be done?

HTML DOM rendering and CSSOM construction differs from one browser to the next. So, there may be multiple reasons for a script not working on IE. One can attempt to troubleshoot the problem by:

1. Using the updated Selenium IE Driver

2. Verifying that the IE driver and working environment are compatible

3. Configuring the IE driver with the setProperty method and by importing dependencies

4. Setting the same value for the ‘Enable Protected Mode’ option for all zones from the Security tab

5. Turning off the internet security settings in IE when running the script

6.Using CSS Selectors to minimise exceptions

7. Setting a registry entry

8. Avoiding declaring the driver instance as static for running scripts on browsers parallelly

9. Using the latest Selenium jars

10. Enabling Javascript on the IE browser

11. Using JavaScriptExecutor instead of native click when clicking elements

TCP and UDP ports

A port is a 16-bit number used to identify specific applications and services. TCP and UDP specify the source and destination port numbers in their packet headers and that information, along with the source and destination IP addresses and the transport protocol (TCP or UDP), enables applications running on hosts on a TCP/IP network to communicate.

Applications that provide a service (such as FTP or and HTTP servers) open a port on the local computer and listen for connection requests. A client can request the service by pointing the request to the application’s IP address and port. A client can use any locally unused port number for communication.

Port numbers are from 0 to 65535. The first 1024 ports are reserved for use by certain privileged services:

Is there any difference between PUT and POST operations?

PUT and POST operation are quite similar, except the terms of the result generated by them. PUT operation is idempotent, so you can cache the response while the responses to POST operation are not cacheable, and if you retry the request N times, you will end up having N resources with N different URIs created on server.

In a Web API Testing interview, you should give a specific example for PUT and POST operations to make crystal clear to the interviewer. Below is an example:

Scenario: Let’s say we are designing a network application. Let’s list down few URIs and their purpose to get to know when to use POST and when to use PUT operations.

GET /device-management/devices : Get all devices

POST /device-management/devices : Create a new device

GET /device-management/devices/{id} : Get the device information identified by “id”

PUT /device-management/devices/{id} : Update the device information identified by “id”

DELETE /device-management/devices/{id} : Delete device by “id”

Difference between manual and automation testing?

What is Static Testing?

Static testing is a kind of testing for reviewing the work products or documentation that are being created throughout the entire project. It allows reviewing the specifications, business requirements, documentation, processes and functional requirements in the initial phase of testing.

So that the testers involved in it can understand the requirements in more detail before starting the testing lifecycle which intends to help in delivering the quality product.

What is Dynamic Testing?

Testing performed by executing or running the application under test either manually or using automation.

Difference between Agile and Waterfall

Waterfall	Agile
The waterfall methodology is sequential and linear.	Agile methodology is incremental and iterative.
Requirements have to be frozen at the beginning of SDLC.	Requirements are expected to change and changes are incorporated at any point.
The working model of software is delivered at the later phases of SDLC.	The working model is delivered during the initial phases and successive iteration of the model is delivered to the client for feedback.
It is difficult to scale-up projects based on waterfall methodology.	Scaling up of products is easy because of the iterative approach.
Customers or end-user doesn’t have a say after the requirements are frozen during the initial phases. They only get to know the product once it is built completely.	Frequent customer interaction and feedbacks are involved in agile methodology.
Waterfall requires formalized documentations.	In agile documentation is often neglected and a working prototype serves as the basis for customer evaluation and feedback.
Testing is performed once the software is built.	Continuous testing is performed during each iteration.

Difference between Use Case and Test Case

A Use Case is used to define the system that how to use the system for performing a specific task. and A Test Case is defined as a group of test inputs, execution condition, and expected results which further lead to developing a particular test objective.

Comparison parameter	Use Case	Test case
Definition	A sequential actions which is use to describe the interaction among the role and system to maintain a specified objective,	A Group of test inputs, conditions and variables by which the charcaterstics of the software is defined.
Goal	To reach the last operation follow all sequential operation	validating the software as it is working fine or not.
Iteration	it follows different paths	it follows single test case is tested at a time
Dependency	it is dependent on the requirements	it is dependent over the use case
Requirement	Documents and research is required	Test inputs scripts and each test scripts complete one step
Completion	complete all step once	The testing is done again and again then finish.
Interaction	User	Results
Working	it is working as following the step by step function ability of the software.

Test Cases for Chat application:

Some of the Positive and Non-Functional Test Cases/Scenarios of Chat Application/Functionality whether it is a web application or mobile application are:

Verify there is a minimum of two Users who should be available for the chat.
Verify there are a minimum of two devices (Desktop, Laptop, Phones, etc) that should be available.
Verify that the Chat application has been installed on two devices at least.
Verify that the Chat application should be a launch or evoke.
Verify that any Medium like the Internet, Wi-Fi, Bluetooth, Public Switched Telephone Network, W-Lan Network, Lan Network, etc. should be available for the Chat functionality.
Verify that Users are able to send requests to other Users for a chat or not.
Verify that how many words or characters can be sent at a time.
Verify that the Status (Active, Inactive, Invisible, etc.) of the User is changing or not.
Verify that the User is able to create an Account in the Chat application or not.
Verify that the User is able to Login in to a Chat application or not.
Verify that the User is able to Login in into a system simultaneously with two or more different IDs or not.
Verify that the User is able to send messages to other offline Users.
Verify that the User is able to see the time of comment in Chat or not.
Verify that the User is able to send special characters in Chat or not.
Verify that “is it a Forum or Contact us Chat functionality where any user can leave a message or not?”
Verify that the User is able to set its profile pic which is visible to other users or not.
Verify that Users are able to accept requests from other Users for chat or not.
Verify that Users are able to Add or Remove other Users from their Chat list or not.
Verify that Users are able to create a Chat group or not.
Verify that Users are able to Chat with their group or not.
Verify that Users are able to see current Chat/discussion in the group.
Verify that Users are able to see the Chat history of the group or not.
Verify that Users are able to join current Chat/discussion in their group.
Verify that Multiple Users can do a Chat or discussion in their group simultaneously and every Chat should be visible to every member of the group.
Verify that Chat application or functionality saves their Chat history or removes after the session expires/ Chat application close.
Verify that name of the User should be displaying to others in the Chat application while chatting with other Users or groups.
Verify that whenever any member joins or leave the Chat/discussion then it should be notified in the group and is visible to every member of the group.
Verify that the User is able to edit or delete its Chat or not.
Verify that the User is able to share images, videos, documents, etc or not.
Verify that the User is able to share hyperlinked URLs, Emails, or not.
Verify that Profanity filter has been used in the Chat application/functionality or not.
Verify that is there any size limit of files if any file (Video, Image, Documents, etc.) is uploading and sharing through the Chat application/functionality.
Verify that the User is able to Chat in any language to the Users if that language is locally identified and registered by the governing body or not.
Verify that the User is able to Chat in any language to the Users if that language is globally identified or not.
Verify that the User is able to translate the Chats of other users in any desired language or not.
Verify that Chat application is able to display that which device has been used to send a message or not.
Verify that the Chat application is able to display that whether comments or comments have been seen by the respective User or not.
Verify that the user is chatting with only original Users not any bot.
Verify that the User is able to send any emoticons or not.
Verify that the User is able to use Copy and Paste functionality in Chat functionality or not.
Verify that the User is able to chat with two or more different devices with one ID at a time to another user or in a group.
Verify that “Does a User is able to login in two different devices at a time or not?”
Verify that “How much time is it taking to send a message from one user to another?”
Verify that “How much time is it taking to send a message in a group?”
Verify that “How much time is it taking to send a message from one User to another if the internet is weak?”
Verify that “How long a chat can be saved?”

What are the tools of performance testing?

Some popular commercial testing tools are:

LoadRunner(HP): This testing tool contains a wide array of application environments, platforms, and databases. It is typically suitable for web applications and others.

QA load(Compuware): This tool is used for load testing of web, database and char-based systems.
WebLoad(RadView): It is used to compare running tests with test metrics.
Rational Performance Tester (IBM): It allows finding out the presence and cause of bottlenecks.
Silk Performer (Borland): This testing tool lets you predict the behavior of the e-business environment.

How is ‘Build’ different from ‘Release’?

Build is an executable file which refers to that part of an application which is handed over to a tester to test the implemented functionality of the application along with some bug fixes. The build can be rejected by the testing team if it does not pass the critical checklist which contains the major functionality of the application.

There can be multiple builds in the testing cycle of an application.

The release refers to the software application which is no longer in the testing phase and after completion of testing and development, the application is handed over to the client. One release has several builds associated with it.

Enlist some Bug status along with its description?

Enlisted below are few bug statuses along with their descriptions:

New: When the defect or bug is logged for the first time it is said as New.

Assigned: After the tester has logged a bug, his bug is being reviewed by the tester lead and then it is assigned to the corresponding developer team.

Open: Tester logs a bug in the Open state and it remains in the open state until the developer has performed some task on that bug.

Resolved/Fixed: When a developer has resolved the bug, i.e. now the application is producing the desired output for a particular issue, then the developer changes its status to resolved/fixed.

Verified/Closed: When a developer has changed the status to resolved/fixed then the tester now tests the issue at its end and if it’s fixed then he changes the status of the bug to ‘Verified/Close’.

Reopen: If a tester is able to reproduce the bug again i.e. the bug still exists even after fixing by the developer, it’s status is marked as reopen.

Not a bug/Invalid: A bug can be marked as invalid or not a bug by the developer when the reported issue is as per the functionality but is logged due to misinterpretation.

Deferred: Usually when the bug is of minimal priority for the release and if there is lack of time, in that case, those minimal priority bugs are deferred to the next release.

Cannot Reproduce: If the developer is unable to reproduce the bug at its end by following the steps as mentioned in the issue

What is known as Data-driven testing?

Data-driven testing is the methodology where a series of test script containing test cases are executed repeatedly using data sources like Excel spreadsheet, XML file, CSV file, SQL database for input values and the actual output is compared to the expected one in the verification process.

For Example, Test studio is used for data-driven testing.

Some advantages of data-driven testing are:

Reusability.
Repeatability.
Test data separation from test logic.
The number of test cases is reduced.

Test Cases and Scenarios for drop down

Verify that the Drop down is Clickable or Not .
Verify that the When Click on drop down then the Dropdown list Showing or Not .
Check the design of the drop-down and verify the alignment of drop down with other web element in all browser .
Check that the drop-down accommodates the longest text within its boundary.
Check that the drop-down can be scrolled down on clicking the down arrow.
Check the title of drop down is as per SRS .
Check that the default item is getting displayed on drop down when the user first visits the page.
Check that if select the drop down by down arrow key then all items are getting listed in its expected order.
Check the spelling, font and style of the text inside the drop-down are as per SRS.
Check that on clicking the categories on dropdown, the page displays the corresponding items.
Check that the selected category on drop down list is getting highlighted on selecting the item.
Check that how much time taking the drop down in loading the items under each category.
Verify that the User able to Select the Drop down by "tab" key form the keyboard.
verify that If the list (of items) of this drop-down is controlled by some other selection (say in another drop-down or check-box, radio-button) then Check the correctness of the items in this drop-down.
verify that If the selection in this drop-down is controlling some other control (say, enabling/disabling etc) then check the proper action.
Check that on pressing an alphabet on the keyboard, categories in drop down starting with that alphabet is getting highlighted.
Check that the user is able to select the categories/items from the drop down list by pressing the down key on the keyboard.

Write test cases for facebook image upload functionality

Firstly, check the Image upload path.
Test the Image Upload feature with image files of different extensions like PNG, BMP, JPEG, etc.
Test with the image whose names contain space or some special characters.
Upload a duplicate name image.
Test that if a user can see the uploaded images.
Check image upload with image size greater than the maximum allowed size. The proper message should be displayed.
Check image upload feature with file types other than images like txt, doc, excel, pdf, etc.
Test with the images of specific width and height if specified are accepted otherwise rejected.
There should be a progress bar for large size images.
Test for the cancel button functionality is working in between while uploading the image.
Check the file selection dialogue shows only supported files listed.
Check multiple images upload functionality.
test for the image quality after upload. The quality of the image should not be changed after uploading the image.
Alignment of Profile photo upload frame.
If the Upload button is clicked without uploading the photo then an error occurs or not.
What are the accepted file types for photo upload?
Verify the size of the photo upload.
Refresh the page during photo upload.
Clicking on the upload button post upload.
Clicking on the Cancel button during upload.
The photo is correctly aligned after upload.
Tools like crop, beautify, etc, are working fine after upload.
Firstly, check the Image upload path.
Test the Image Upload feature with image files of different extensions like PNG, BMP, JPEG, etc.
Test with the image whose names contain space or some special characters.
Upload a duplicate name image.
http://5.To test that if a user can see the uploaded images.
Check image upload with image size greater than the maximum allowed size. The proper message should be displayed.
Check image upload feature with file types other than images like txt, doc, excel, pdf, etc.
Test with the images of specific width and height if specified are accepted otherwise rejected.
There should be a progress bar for large size images.
Test for the cancel button functionality is working in between while uploading the image.
Check the file selection dialogue shows only supported files listed.
Check multiple images upload functionality.
Test for the image quality after upload. The quality of the image should not be changed after uploading the image.
Upload a proper photo with right dimensions resolution etc.
Try to see if you can get away by not uploading anything
upload all kinds of picture file formats ex: .jpg, .tiff, .bmp
upload non picture files like .txt, .xls
upload files that are too large
upload files that are very small in size
While you are at it, try to retrieve as many error messages possible and see if they are appropriate and if they suggest any solution
keep uploading pictures and see if the previous picture gets replaced
While you are at it, see if you get appropriate error messages, and see if the app quits gracefully in the event of a crash (ex: it gives a message on the lines of “app has stopped responding” etc. instead of simply vanishing
keep tapping on the upload button several times continuously to see what happens
See if proper upload guidelines are mentioned for the pic upload ex: size, resolution, naming what is inappropriate, etc.
See if the upload is mentioned properly
What are the choices for the upload of your drive, cloud (which ones?)
How much time does it take for a picture upload to take place
Simulate a slow/flaky network condition and test n
Use a proxy and try to replace the uploaded picture using a man in the middle
Test the phrase upload is correctly aligned with the upload button.
Verify, a window is opened once this upload button is clicked.
Make sure, cancel button works during the upload process.
Test, only the particular file types can be uploaded. For example doc or pdf, or image files like jpeg, bmp, png etc
Verify uploaded file cannot exceed a certain size. For example, uploaded file cannot exceed 2 MB size.
Make sure, multiple file upload is working properly if the application under test (AUT) demands such scenario.
Test timeout function is working properly. For Ex: upload should be canceled automatically after, say 5 minutes.
Verify, the progress of upload function is working properly.
Make sure file upload process can resume, in case of network connectivity problem. (Once the problem is rectified)
Test empty upload is not working.
Verify multiple uploads of the same file is not allowed.
Make sure a new copy of the uploaded file is created to avoid overwriting.
Test drag and drop file options to upload is working properly besides the traditional way of uploading.
If AUT warrants, verify the number of files uploaded does not exceed the storage limit. Useful for cloud bases storage platforms like Dropbox.
Once the file is uploaded or error in uploading, proper redirection happens to a web page or part of an application.
try from various Desktop OS & mobile OS
Try to upload a video instead of pic
while uploading of photos disconnect internet, check if any of the pic got loaded
while pics are getting uploaded, check them from another tab,, if its effects profile etc
Logout from other tab
from other tab try to change the name of the album
delete the album from other tab
Upload image which have a very long name.
Take a text file and change its extension to supported image format (i.e. jpeg) and try to upload.
Try to upload same image file at the same time.
Upload the file using different browsers.

Radio Button Test Case

Check if the radio control button gets selected using mouse cursor action or TAB keyboard key selection.

Check the alignment of the radio button control on the form.

Check if the multiple radio button on the form gets selected or not.

Check the CSS style of the radio button is as per the specification.

Check the CSS size of the radio button is as per the specification.

Check the CSS colour of the radio button is as per the specification.

Click the radio control button and see if the page gets redirected to the next page.

Don’t click on the radio buttons and see if clicking on the submit button generates a warning “to make a choice” is shown or not.

Click on ‘Yes’ radio button control and hit submit to see if it redirects to the specific page.

Click on ‘No’ radio button control and hit submit to see if it redirects to the specific page.

Check if the user response of Yes is saved in the right database column.

Check if the user response of No is saved in the right database column.

Check if the database gets updated with either radio control choice being made.

Test Case For Pendrive

Check whether the pen drive can connect with the system.
Check whether the LED is available in the pen drive.
Check whether the LED works properly.
Check whether the size of the pen drive is compact.
Check the memory of the pen drive.
Check whether the pen drive stores all format files.
Check that the written data can be retrieved.
Check that the data written to the pen drive should not be corrupted.
Check whether the pen drive memory can be erasable and Reusable.
Data gets stored (i.e., write to)in pen drive from a magnetic drive like HDD, Optical drives like CD-ROM, and other storage devices.
Written data can be retrieved (read back operation)
The device can be detected across its interface. Say, if the pen drive is a USB device, it is detected in a USB drive.
The detected pen drive reflects the correct capacity it claims.
Data written to or read from the pen drive should not be corrupted.
The pen drive can be formatted correctly should be able to host the file system with which it is formatted.
Validate whether the USB connector is available.
Validate whether the Pendrive handle is available.
Validate whether the Pendrive can connect with the system.
Validate whether the pendrive’s required memory is available. [For Ex: Pendrive storage space is 2GB or 4GB or 8GB.]
Validate whether the LED of the Pendrive is available.
Validate whether the LED is working fine.
Validate whether all format files can store.
Validate whether the size of the pen drive is small.
Validate whether the write-protected switch is available or not.
After inserting the Pendrive, validate whether the Pendrive icon is displayed in “My Computer”.
Validate whether the Pendrive satisfies the configuration details.
Verify that the Pendrive opens without any error or warning when you click on Start, Select My Computer, right-click on “Removable drive” and open.
Verify that the appropriate warning message is displayed with action “Format the Drive” to be performed by the user, when you click on Start, Select My Computer and Right-click on drive and Format the Drive.
Verify that the A separate pop-up will be opened to display the Available and Used space on the Drive when you click on Start, Select My Computer and, Right-click on “Removable drive” and Select Properties.
Verify that the pendrive’s required memory is available, as said. [For Ex: Pendrive storage space is 2GB or 4GB or 8GB.]
Verify that the LED of the pen drive is available.
Verify that the LED is working fine.
Verify that files can be stored in all different formats.
Verify that the write-protected switch is available or not.
Verify that the Pendrive icon is displayed in “My Computer” after you connect it with a laptop or desktop.
Verify that data can be written to a Pendrive using a magnetic drive, ex. HDD, Optical drive ex. CD-ROM etc.
Verify that data can be retrieved from the Pendrive.
Verify that Pendrive is detected correctly. If it is a USB device, it is detected as a USB drive.
Verify that the Pendrive shows the correct data storage capacity.
Verify that data written to or read from the pen drive is in proper format and is not corrupted.
Please verify that the pen drive can be formatted and hosts the file system correctly, with which it is formatted.
Verify if the Pendrive stores the correct amount of data as it says. For example, the Pendrive capacity is 2GB, and you try to save 4GB data in it. It should give the correct error message.
Facebook Notification Test Scenarios
Verify that users receive different notifications on facebook ‘Notifications’ icon.
Verify that users receive different notifications on email or cell phone based on the settings chosen when not logged in to Facebook.
Verify that users receive a notification when their friend request gets approved.
Verify that users receive a notification when they get a friend request.
Verify that users receive a notification when they get tagged by someone on posts or comments.
Verify that users receive a notification when they get comments, like or reactions on their posts.
Verify that users receive notification when someone posts on their timeline.

Friends and their Timelines Test Cases for Facebook
Verify that the user can search for friends in facebook’s ‘Find friends’ search functionality.
Verify that users can send a friend requests to any user by visiting their page.
Verify that the user can navigate through their Friend’s friend and send a friend requests to them.
Verify that the user can approve or decline received friend request.
Verify that the user can unfriend any existing friend.
Verify that users can see the timeline of their friends.
Verify that users can post text in their friend’s timeline.
Verify that users can post images in their timeline and the same gets displayed to their friends.
Verify that users can post links with or without preview in their friend’s timeline.
Verify that users can tag friends in their posts on a friend’s timeline.
Verify that users can see all the posts in their friend’s timeline.
Verify that users can see comments, likes, and reactions in the posts present in their friend’s timeline.
Verify that users can post comments, like and react to the posts present in their friend’s timeline.

User Timeline Test Cases for Facebook
Verify that user can set profile pic uploaded from his or her computer.
Verify that user can set profile pic uploaded from mobile.
Verify that uer can set profile pic from photos present on his facbook account’s photo section.
Verify that user can set profile from webcam or mobile camera.
Verify that user can set cover pic uploaded from his or her computer.
Verify that user can set cover pic uploaded from mobile.
Verify that user can set cover pic from photos present on his facbook account’s photo section.
Verify that user can set cover from webcam or mobile camera.
Verify that uploading image of unsupported type should lead to error message.
Verify that uploading image of size exceeding maximum allowed size should lead to error message.
Verify that uploading image of size less than the allowed minimum size should lead to error message.
Verify that uploading image of larger dimension than permitted should lead to error message.
Verify that uploading image of smaller dimension than permitted should lead to error message.
Verify that change in profile pic should get reflected in each post/comment of the user’s timeline.
Verify that user can add/edit their account information displayed to other users.
Verify that users can post text in their timeline and the same gets displyed to their friends.
Verify that users can post images in their timeline and the same gets displyed to their friends.
Verify that users can post links with or without preview in their timeline and the same gets displayed to their friends.
Verify that user can tag friends in their posts.
Verify that users can see the all the post in their timeline.
Verify that users can see comments, likes and reactions in the posts present in their timeline.
Verify that users can post comments, like and react to the posts present in their timeline.

What are the different Test Techniques used in Functional testing?

There are two different test techniques that are used in functional testing.

They can be defined as below: Requirement based testing: This form of functional testing is performed prioritizing the requirements on the basis of risk criteria. This also assures that all the critical test paths have been included in the testing process.

Business process-based testing: This form of functional testing is performed from the business process perspective. The scenarios include knowledge of business processes for performing testing

What is Equivalence Partitioning?

Equivalence partitioning also known as equivalence class partitioning is a form of black-box testing where input data is being divided into data classes. This process is done in order to reduce the number of test cases, but still covering the maximum requirement.

Equivalence partitioning technique is applied where input data values can be divided into ranges. The range of the input values is defined in such a way that only one condition from each range partition is to be tested assuming that all the other conditions of the same partition will behave the same for the software.

For Example: To identify the rate of interest as per the balance in the account, we can identify the range of balance amount in the account that earns a different rate of interest.

When do we perform Smoke testing?

Smoke testing is performed on the application after receiving the build. Tester usually tests for the critical path and not the functionality in deep to make sure, whether the build is to be accepted for further testing or to be rejected in case of broken application.

A smoke checklist usually contains the critical path of the application without which an application is blocked.

What types of software testing are available?

Be sure to cover the main types of testing, including:

Performance
Unit
Shakeout
Functional
Smoke
Alpha and Beta
White box and Black box
System
Stress and load
Integration and regression

How should validation activities be handled?

When performing validation activities, a third party should conduct validation and verification. An independent validation should be performed and internal staff members not connected to the projects should be assigned validation-related tasks.

What is Exploratory Testing and when should it be performed?

The definition of Exploratory Testing is “simultaneous test design and execution” against an application. This means that the tester uses her domain knowledge and testing experience to predict where and under what conditions the system might behave unexpectedly. As the tester starts exploring the system, new test design ideas are thought of on the fly and executed against the software under test.

On an exploratory testing session, the tester executes a chain of actions against the system, each action depends on the result of the previous action, hence the outcome of the result of the actions could influence what the tester does next, therefore the test sessions are not identical.

This is in contrast to Scripted Testing where tests are designed beforehand using the requirements or design documents, usually before the system is ready and execute those exact same steps against the system in another time.

Exploratory Testing is usually performed as the product is evolving (agile) or as a final check before the software is released. It is a complementary activity to automated regression testing.

How much testing is enough?

There is no definitive answer to this question. Testing is not absolute and has no limits. However, we can use risk metrics (risk-based testing) to identify the likely scenarios that can cause the most harm or the sections of the software that is mostly used so that we focus our time and effort to the sections that are most important.

Testing should provide enough information about the status or health of an application, so the stakeholders can make an informed decision on whether to release the software or spend more time on testing.

What is your approach when requirements change continuously?

This question can be asked if you are interviewed for an agile QA position where requirements are likely to change frequently during development. Although a complete change in requirement is possible, most of the time, it is the technical details that are subject to change. e.g. the intent of the requirement or behavior of the feature is the same but implementation details can change

Some possible answers can be: Write generic test plans and test cases which focus on the intent of the requirement rather than its exact details

Work very closely with the product owners or business analysts to understand the scope of change so testing can be updated

Make sure the team understands the risks involved in changing requirements especially towards the end of the sprint

If you’re going to automate this feature, it is best to wait until the feature is stable and requirements are finalized

Negotiate to see if the changes can be kept to a minimum and/or implement the changes in the next sprint.

What is Cross-browser testing?

Answer: Cross Browser Testing is a type of non-functional test which helps us ensure that our website or web application works as expected in various web browsers. We could do Cross Browser Testing on different browsers both manual and automated way. To do Cross Browser Testing manually, we (Software Testers) create tests for each browser and execute it manually on each browser. To do it in an automated way, we could create Selenium tests with multiple conditional statements that execute test cases based on specified browser type. Every browser displays a website in their own style. We usually cannot have all the browsers on one machine. Each browser is designed by a different vendor. So each browser has its own features to showcase its unique presence. While testing a website, we need to ensure that our website is appearing the same across all the browsers. To do this we need to have all the browsers. Fortunately, there are some tools to perform cross-browser testing without testing individually in a manual way.

What Is Agile Testing And Why Is It Important?

Agile testing is a software testing process which evaluates software from the customer point of view. And it is important because this does not require Dev to complete coding for starting QA. Instead, the coding and testing both go hand in hand. However, it may require continuous customer interaction.

When not to use Agile?

Before using Agile methodology, you must ask following questions
Is functionality split-able
Is customer available
Are requirements flexible
Is it really time constrained
Is team skilled enough

What Is The Difference Between Functional Requirement And Non-Functional Requirement?

The functional requirement specifies how a product should run whereas a non-functional requirement represents how it should be.

Functional Requirements.
Authentication
Business rules
Historical Data
Legal and Regulatory Requirements
External Interfaces
Non-Functional Requirements.
Performance
Reliability
Security
Recovery
Data Integrity
Usability

What Is Smoke Testing And What Is Sanity?

Smoke testing confirms the basic functionality works for a product. It requires you to identify the most basic test cases for execution.

Sanity testing, on the other hand, ensures that the product runs without any logical errors. For example, if we are testing a calculator app; we may multiply a number by 3 and check whether the sum of the digits of the answer is divisible by 3.

What do you understand by usability testing?

Usability testing – It is a testing methodology for the ease of customers. Here the end customers are asked to use the software to evaluate if the product is up to the mark and is easy to use. This puts forth the customer’s perception too. It is recommended to use the prototype or mock-up software during the initial stages so as to finalize the customer point of view of usability. The customer is provided with this prototype before the development begins. This helps in confirming that things are being processed keeping user’s point of view in mind.

What Is Build Verification Testing, Bvt?

Answer: Build Verification Testing is a group of tests that execute on every new build of products for verification in which the build is testable prior to the release of build into the hands of the test team. The mainstream functionality of the application software is tested using BVT. BVT lets the developers know if any serious problems exist with the build. They save the test team time and frustration by avoiding the test of an unstable build.

What is Endurance Testing?

In this type of testing, we test the application’s behavior in contrast to the load and stress put on over application for a long period of time.

How would you Test a Service Oriented Architecture (SOA) Web Application?

The testing of web applications that communicate with a web service can be broken down into two parts:

Testing of the Web Service in isolation. Each web service has one or more functions which can be tested by sending appropriate requests and analyzing the response and verifying correct data is returned in the response. We can use tools such as SoapUI to test a Soap Service or Rest Client to test a RESTful web service.

Integration Testing of Web Service with the Front End. The integration testing is also important as it can highlight issues with data in the request and display of the response.

The reason for this separation is to be able to identify issues in the web service much quicker and easier to debug.

What Types of Testing is Specifically Important for Web Testing?

This is also an important Software Testing interview question for web application testing roles. Note, this question is asking about the types of testing.

Although you would do functional testing, usability testing, accessibility testing, etc, these are all also applicable to desktop application testing. The question is asking specifically for web testing.

Two types of testing which are very important for testing web applications are Performance Testing and Security Testing. The difference between a web application and desktop application is that web applications are open to the world, with potentially many users accessing the application simultaneously at various times, so load testing and stress testing are important.

Web applications are also vulnerable to all forms of attacks, mostly DDOS, so security testing is also very important to consider when testing web applications.

How many types of API testing are there?

There is no exact number for this API testing interview question, but you can list out the nine main categories below, as they almost cover all the API testing types:

Validation Testing
Functional Testing
UI testing
Load testing
Runtime/ Error Detection
Security testing
Penetration testing
Fuzz testing
Interoperability and WS Compliance testing

Is Automation Testing A Complete Replacement For Manual Software Testing?

No. Proper automation requires as little intervention from humans as possible since the tools used are built to run tests once they’re set up. As convenient as this might be, it should not be a complete replacement for manual testing – only for repetitive tasks like load testing, where thousands of virtual users are required. Engineers should not automate things like test scripts if those scripts can only be expected to run occasionally, nor should they automate code reviews, or bug testing for new builds of software that might require human interaction to detect specific issues. Large-scale, repetitive tasks are a better fit for automation.

Explain Load Testing On Websites.?

Answer: To access a website, a user sends a “request” to that website’s server, and the server sends back a response in the form of the website you want to access. To load test a website, quality assurance engineers and automation engineers just need to multiply the number of responses sent to simulate different traffic loads. The web server’s response to the influx of virtual users can then be measured. This is used to determine performance issues and server capacity.

Explain How Qtp Identifies Objects?

For each object class that QTP identifies, it has a set of properties stored. These include mandatory properties, which is essentially a description of any given object, which checks if it’s a child or parent object as well. Next, are the assistive properties, which QTP resorts to only if the mandatory properties are insufficient at identifying the object. If all else fails, QTP resorts, finally, to its ordinal identifier.

Give the types of framework used in software automation testing?
Four types of framework are used:
Data driven automation framework
Keyword driven automati4on framework
Modular automation framework
Hybrid automation framework

What Are The Pre-requisites To Start Automation Testing?

The first step is to segregate the different test cases that are to be automated, followed by preparing test data as per the needs of the test cases. Reusable functions need to be written which are frequently used in those test cases. Later test scripts are prepared by using reusable functions and apply loops and conditions wherever necessary.

In a nutshell, the following are the pre-requisites for starting automation testing:

Build should always be stable

Get the functionalities to repeat

Filtering the automated test cases

What Are The Differences Between Open Source Tools, Vendor Tools, And In-house Tools?

Open source tools are free to use frameworks and applications. Engineers build the tool and have the source code available for free on the internet for other engineers to use. Vendor tools are developed by companies that come with licenses to use, and often cost money. Because they are developed by an outside source, technical support is often available for use. Example vendor tools include WinRunner, SilkTest, Rational Robot, QA Director, QTP, LR, QC, RFT, and RPT. An in-house tool is a tool that a company builds for its own use, rather than purchasing vendor tools or using open source tools.

Does The Selenium Ide Have Any Drawbacks?

Answer: The Selenium IDE lacks conditional statements, logging and reporting functionality, loops, database testing, and it can not handle exceptions or automatically re-run tests that have failed. It also can’t take screenshots. Another downside is that it’s Firefox only. If the Selenium IDE is used in the Firefox browser’s side-bar, then the quality engineer can’t use it to record any actions undertaken by a user in a separate window.

What Is The Selenium Ide And What Is It Used For?

Answer: The Selenium IDE is an add-on for Firefox that includes numerous features for quality assurance and engineers to record and playback browser-based actions, such as typing and mouse clicks. Some of these particular features are: debugging functions, record/playback ability, user add-on capability. Users can speed up and slow down executions with the use of a built-in slider. They can also use the Selenium IDE as a side-bar, or as a separate pop-up window.

What Are The Different Types Of Scripting Techniques For Automation Testing?

Test automation scripting techniques include key and data-driven techniques, shared, structured, and linear.

Check out this course on software testing basics for a more in-depth look at the fundamentals of quality engineering and automation.

What and why is API testing?

This is normally the very first and the most basic question that an interviewer will ask before any other SOAP API questions or REST API testing interview questions.

API testing is a kind of software testing that focuses on deciding whether the built APIs meet expectations about the functionality, performance, security, and reliability for an application.

API testing provides a lot of benefits, particularly in four main aspects:

Test for core functionality

Time effective

Language-independent

Easy integration with GUI

Explain Boundary Value Analysis?

Boundary value analysis method checks the boundary values of Equivalence class partitions. Boundary value analysis is basically a testing technique which identifies the errors at the boundaries rather than within the range values.

For Example, An input field can allow a minimum of 8 characters and maximum 12 characters then 8-12 is considered as the valid range and <7 and >13 are considered as the invalid range. Accordingly, the test cases are written for valid partition value, exact boundary value, and invalid partition value.

Explain the difference between Severity and Priority.

Answer: Defect Severity is defined by the level or the degree of impact by the defect on the application under test. Higher the severity of the defect, the more is the impact on the application.

Following are the 4 classes in which a defect severity is categorized:

Critical

Major

Medium

Low

Defect priority defines the order in which the defect should be resolved first i.e. the higher the priority of the defect implies that the application is unusable or stuck at some point and the defect should be resolved as soon as possible.

Following are the 3 classes in which a defect priority is defined:

High

Medium

Low

For any Web Application, what are the possible login features that should be tested?

Enlisted below are the possible scenarios that can be performed to fully test the login feature of any application:

Check the input fields i.e. Username and password with both valid and invalid values.

Try entering valid email id with an incorrect password and also enter an invalid email and valid password. Check for the proper error message displayed.

Enter valid credentials and get logged in to the application. Close and reopen the browser to check if still logged in.

Enter the application after logging in and then again navigate back to the login page to check whether the user is asked again to log in or not.

Sign in from one browser and open the application from another browser to verify whether you are logged into another browser also or not.

Change password after logging into the application and then try to login with that old password.

There are few other possible scenarios as well which can be tested.

What is Adhoc Testing?

Answer: Adhoc testing, usually known as random testing is a form of testing which does not follow any test case or requirement of the application. Adhoc testing is basically an unplanned activity where any part of the application is randomly checked to find defects.

In such cases, the defects encountered are very difficult to reproduce as no planned test cases are followed. Adhoc testing is usually performed when there is a limited time to perform elaborative testing.

Explain Accessibility testing and its importance in the present scenario.

Accessibility testing is a form of usability testing where testing is performed to ensure that the application can be easily handled by people with disabilities like hearing, color blindness, low visibility, etc. In today’s scenario, the web has acquired a major place in our life in the form of e-commerce sites, e-learning, e-payments, etc.

Thus in order to grow better in life, everyone should be able to be a part of technology especially people with some disabilities.

Enlisted below are a few types of software which help and assist people with disabilities to use technology:

Speech recognition software

Screen reader software

Screen magnification software

Special keyboard

List out the roles of Quality Assurance engineer?

A software quality assurance engineer usually involves the following tasks.

QA Team is responsible to monitor the entire development process.

They are responsible to track the outcomes of each phase of SDLC and adjust them to meet the expectation.

They are responsible to read and understand the required documents.

Analyze test requirements, and design and execute tests.

Develop test cases and prioritize testing activities.

Record problems and issues in accordance with the project’s problem and issue management plans.

Work with the application team and/or client to resolve any issues that arise in the testing process.

Carry out regression testing every time when changes are made to the code to fix defects.

Have to interact with the clients to better understand the product requirements.

Participate in walkthroughs of testing procedures.

What is a Test Plan and what does it include?

Answer: Test plan document is a document which contains the plan for all the testing activities to be done to deliver a quality product. The Test Plan document is derived from the Product Description, SRS, or Use Case documents for all future activities of the project. It is usually prepared by the Test Lead or Test Manager and the focus of the document is to describe what to test, what not to test, how to test when to test and who will do what test. Also, it includes the environment and tools needed, resource allocation, test technique to be followed, risks and contingencies plan. A test plan is a dynamic document and we should always keep it up-to-date. Test plan document guides us on how the testing activity should go on. The success of the testing project completely depends on the Test Plan.

What is a Test case template?

Answer: A test case template is a document comes under one of the test artifacts, which allows testers to develop the test cases for a particular test scenario in order to verify whether the features of an application are working as intended or not. Test cases are the set of positive and negative executable steps of a test scenario which has a set of pre-conditions, test data, expected result, post-conditions, and actual results. Most of the companies are using test case management tools such as Quality Center (HP QC), JIRA, etc., and some of the companies still using excel sheets to write test cases.

What are the key components of a bug report?

A bug report is aka defect report, it conveys the detailed information (such as environment details, steps to reproduce, etc.,) about the bug to the developers. It allows developers to replicate the bug easily. The key components of a bug report are Defect Id, title of the defect, Reporter Name, Defect Report Date, Reporter designation, Project name, Release Version, Environment details, Priority of the bug, Severity of the bug, Status of the bug, Defect Description, Steps to reproduce the bug, Expected result, Actual result, Attachments if any and Defect closed date.

What are bug leakage and bug release?

Bug Leakage: A bug which is actually missed by the testing team while testing and the build was released to the Production. If now that bug (which was missed by the testing team) was found by the end-user or customer then we call it as Bug Leakage.

Bug release: Releasing the software to the Production with some known bugs then we call it as Bug Release. These known bugs should be included in the release note. In another case, releasing the software to the testing team with some known bugs whose severity and priority is low. These bugs can be removed before releasing to production.

Tell me some key points to consider while writing a bug report.

i. Reproduce the bug 2-3 times.

ii. Use some keywords related to your bug and search in the Defect Tracking Tool.

iii. Check-in similar modules.

iv. Report the problem immediately.

v. Write detailed steps to reproduce the bug.

vi. Write a good defect summary. Watch your language in the process of writing the bug report, your words should not offend people. Never use capital letter whilst explaining the issue.

vii. Advisable to Illustrate the issue by using proper screenshots.

viii. Proofread your bug report twice or thrice before posting it.

What is the difference between build and release?

Answer: Build: A build is a version of the software. Every build has a number for identification purpose. The build is a pre-release version of a Release. The build is given to the testing team by developers to test the application locally. Build numbers are incremental.

Release: A release is the distribution of the final version of an application to the customer by a software development team.

Why Is It Impossible To Test A Program Completely?

Here are the two principal reasons that make it impossible to test a program entirely.

Software specifications can be subjective and can lead to different interpretations.

A software program may require too many inputs, too many outputs, and too many path combinations to test.

What Is The Difference Between Coupling And Cohesion?

The difference between coupling and cohesion is as follows:

Cohesion is the degree which measures the dependency of the software component that combines related functionality into a single unit whereas coupling represents the binding of related functionality into a different unit.

Cohesion deals with the functionality that relates to different process within a single module whereas coupling deals with how much one module is dependent on the other modules within the product.

It is a good practice to increase the cohesion between the software whereas coupling is discouraged

Why Does Software Have Bugs?

Miscommunication.

Programming errors.

Timeline pressures.

Change in requirements.

Software complexity.

What Is Globalization Testing?

Answer: Globalization testing concentrates on detecting the potential problems in the product design that could spoil globalization. It certifies that the code can handle the desired international support without breaking any functionality. And also, it ensures that there would be no data loss and display problems.

How can we test for drastic (severe) memory leakages?

Answer: By using Endurance testing, we can achieve it. Endurance testing is a non-functional type of software testing. It checks for memory leakage or other related problems that may occur over an extended period of time. Another name for this testing is Soak testing.

Which testing model is best as per your understanding, and why?

Tailored models are considered the best out of all as they consist of all the best features of the Waterfall, Iterative, and other testing models. The tailored model can easily fit into real-life projects. They are also considered the most productive.

But if the case is that it’s a pure testing project, then in such case, the V model is the best model

What Are The Different Types Of Software Testing?

Following is the list of various testing types used by manual testers.

Unit testing
Integration testing
Regression testing
Shakeout testing
Smoke testing
Functional testing
Performance testing
Load testing
stress testing
Endurance testing
White box and Black box testing
Alpha and Beta testing
System testing

What is concurrent user hits in load testing?

When the multiple users, without any time difference, hits on a same event of the application under the load test is called a concurrent user hit. The concurrency point is added so that multiple Virtual User can work on a single event of the application. By adding concurrency point, the virtual users will wait for the other Virtual users which are running the scripts, if they reach early. When all the users reached to the concurrency point, only then they start hitting the requests.

What is the need for Performance testing?

Performance testing is needed to verify the below:

- Response time of application for the intended number of users

- Maximum load resisting capacity of application.

- Capacity of application to handling the number of transactions.

- Stability of application under expected and unexpected user load.

- Ensuring that users have proper response time on production

What is the reason behind performing automated load testing?

Following drawbacks of manual Load Testing that leads to Automation load testing:

- Difficult to measure the performance of the application accurately.

- Difficult to do synchronization between the users.

- Number of real time users are required to involve in Performance Testing

- Difficult to analyze and identify the results & bottlenecks.

- Increases the infrastructure cost

What are the exiting and entering criteria in the performance testing?

We can start the performance testing of application during the design. After the execution of the performance testing, we collected the results and analyzed them to improve the performance. The performance tuning processed will be performed throughout the application development life cycle. Performance tuning is performed which is based on factors like release time of application and user requirements of application stability, reliability and scalability under load, stress and performance tolerance criteria. In some projects the end criteria is defined based on the client performance requirements defined for each section of the application. When product reaches to the expected level then that can be considered as the end criteria for performance testing.

How do you identify the performance bottlenecks situations?

Performance Bottlenecks can identify by monitoring the application against load and stress condition. To find bottleneck situation in performance testing we use Load Runner because provides different types of monitors like run-time monitor, web resource monitor, network delay monitor, firewall monitor, database server monitor, ERP server resources monitor and Java performance monitor. These monitors can help to us to determine the condition which causes increased response time of the application. The measurements of performance of the application are based on response time, throughput, hits per sec, network delay graphs, etc.

What is throughput in Performance Testing?

Throughput in Performance testing is the amount of data sent by the server in responds to the client request in a given period of time or it is the number of units of work that can be handled per unit of time. The throughput is measured in terms of requests per second, calls per day, hits per second, reports per year, etc. In most of the cases, the throughput is calculated in bits per seconds. Higher the throughput value, higher the performance of the application It is includes the client side statistics.

What are the different types of usability testing?
The different types of usability testing are the different tools, techniques and aspects being tested under usability testing. The different types of usability testing are as
- Validation Testing
- Summative Test
- Verification Test
- Exploratory test
- Benchmark testing
- A/B testing
- Accessibility testing
- Compatibility testing
- Eye tracking test
- Beta testing
- Website usability testing
- Mobile usability testing

Is Usability testing a functional testing?
Yes, usability testing can be functional testing if we validate the functioning of the application against the functional requirements only.

But, usability testing focuses on customer experience and ease with which they can learn and use the application.

Hence, though usability testing is not functional testing but can be used as functional testing if desired.

What is the difference between usability testing and user acceptance testing?
The difference between usability testing and user acceptance testing is as

- usability testing focuses on ease of learning and usage of the software application whereas user acceptance testing focuses on meeting user requirements as outlined by user before development.
- usability testing has a scope of user experience and performance by users whereas user acceptance testing is specific functional testing as per defined requirements
- usability testing involves end users and user acceptance testing involves QA team

What is the difference between usability and user experience?
The difference between usability and user experience, is as

- usability focuses on effectiveness, efficiency and learnability whereas, user experience focuses on satisfaction, enjoyment and pleasure.

- usability is about ease of use/ intuitiveness and ease of learning whereas, user experience is about appealing and fun to use

-usability is minimizing steps to do a task whereas, user experience is about making an emotional connect with user

- usability testing focuses on what and how user do, whereas user experience testing focuses on what user feel

What is Treejack testing?
Treejack testing is a technique, used as a part of usability testing to check how easily a topic is found usually on a website. Treejack testing checks the website structure or website tree.

Is UAT functional testing?
UAT functional testing expands to User Acceptance Testing. UAT is the test done by end user before accepting the software and changing to the new software. UAT is done after all other types of tests have been done like unit / integration / system, etc.

UAT functional testing focuses on testing functional aspects of the software application against the listed requirements.

What is sanity and smoke testing?
Sanity and smoke testing are types of software testing which are applied on software build but in different stage of software development.

Sanity testing is done at later stage of software development, when the software build is stable and checks software for new features being added, and bugs have been resolved.

Smoke testing is done in earlier stages of software development when the software build has many errors, to detect the correct working of crucial functionality.

What is the difference between baseline and benchmark testing?

The differences between baseline and benchmark testing are:

Baseline testing is the process of running a set of tests to capture performance information. This information can be used as a point of reference when in future changes are made to the application where as Benchmarking is the process of comparing your system performance against an industry standard that is given by some other organization.

Example: We can run baseline test of an application, collect and analyze results, and then modify several indexes on a SQL Server database and run the same test again, using the previous results to determine whether or not the new results were better, worse, or about the same.

Explain the different between HTTP and HTTPS?

The differences between HTTP and HTTPS are following:

- Hypertext Transfer Protocol is a protocol for information to be passed back and forth between web servers and clients. Https is refers to the combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) transport mechanism.

- HTTP use port number 80 whereas HTTPS use port number 443.

- HTTP can support the client asking for a particular file to be sent only if it has been updated after a certain date and time whereas Hypertext Transfer Protocol over Secure Socket Layer is built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server.

Why is usability testing important?
Usability testing is important as it can spot issues in
usability of the software application
making the software application more effective and efficient in usage
ease of learning by existing and new users
garner quick adaptation by the end user

What are the common bugs in web testing?

In Web based testing following bugs are very common:

- Issues in navigation of application

- Usability

- Cosmetic Issues and GUI Issues

- Functional Issues

- Performance issues - How time it takes to display the page to the user.

- Load - How much load an application can handle at any point in time.

- Stress - At how much load application will crash.

- Flow of data - Information which is entered by user is stored in correct format.

- If proper static information is not displayed along with text fields to enter data.

- Links are broken, default focus is not set in forms, tab key not working, all key board short cuts are not fully functional

While testing a website, which are the different configurations which will have to be considered?

These configurations may demand for change in strategy of the webpage. The most important factors that need consideration are following:

Hardware platform: some user may use the Mac platform, some may use Linux, while others may use Microsoft platform.

Browsers: browser and their versions also change the layout of the web page. Along with the browser versions, the different Plug-Ins also has to be taken into consideration. The resolution of the monitor also with color depth and text size is some of the other configurations.

Define the roles in Scrum?

There are mainly three roles that a Scrum team have:

Project Owner – who has the responsibility of managing product backlog. Works with end users and customers and provide proper requirement to the team to build the proper product.
Scrum Master – who works with scrum team to make sure each sprint gets complete on time. Scrum master ensure proper work flow to the team.
Scrum Team – Each member in the team should be self-organized, dedicated and responsible for high quality of the work.

Explain Velocity in Agile?
Velocity is a metric that is calculated by addition of all efforts estimates associated with user stories completed in a iteration. It predicts how much work Agile can complete in a sprint and how much time will require to complete a project.

Explain the difference between traditional Waterfall modeland Agile testing?

Agile testing is done parallel to the development activity whereas in traditional waterfall model testing is done at the end of the development.

As done in parallel, agile testing is done on small features whereas in waterfall model testing is done on whole application.

Explain Pair Programming and its benefits?
Pair programming is a technique in which two programmer works as team in which one programmer writes code and other one reviews that code. They both can switch their roles.
Benefits:
Improved code quality: As second partner reviews the code simultaneously, it reduces the chances of mistake.
Knowledge transfer is easy: One experience partner can teach other partner about the techniques and codes.

What is re-factoring?
Modification of the code without changing its functionality to improve the performance is called re-factoring.

How do you deal when requirements change frequently?

This question is to test the analytical capability of the candidate. Answer can be-

Work with PO to understand the exact requirement to update test cases. Also understand the risk in changing the requirement. Apart from this one should be able to write generic test plan and test cases. Don’t go for the automation until requirements are finalized.

What qualities should a good Agile tester have?
Agile tester should be able to understand the requirements quickly.
Agile tester should know Agile concepts and principals.
As requirements keep changing, he should understand the risk involve in it.
Agile tester should be able to prioritize the work based on the requirements.
Communication is must for a Agile tester as it requires a lot of communication with developers and business associates.

What is difference between Epic, User stories & Tasks?
User Stories:User Stories defines the actual business requirement. Generally created by Business owner.

Task: To accomplish the business requirements development team create tasks.

Epic: A group of related user stories is called an Epic.

What is a Task board in Agile?
Task board is dash board which shows progress of the project. It contains:
User Story: which has the actual business requirement.
To Do: Tasks that can be worked on.
In Progress: Tasks in progress.
To Verify: Tasks pending for verification or testing
Done: Completed tasks.

What is Test Driven Development (TDD)?
It is Test-first development technique in which we add a test first before we write a complete production code. Next we run the test and based on the result refactor the code to fulfill the test requirement.

How QA can add a value to an agile team?
QA can provide a value addition by thinking differently about the various scenarios to test a story. They can provide quick feedback to the developers whether new functionality is working fine or not.

What is Scrum ban?
It is a software development model which is combination of scrum and kanban. Scrumban is considered for maintenance projects in which there are frequent changes or unexpected user stories. It can reduce the minimum completion time for user stories.

What is Spike?
There may be some technical issues or design problem in the project which needs to be resolved first. To provide the solution of these problem “Spikes” are created. Spikes are of two types- Functional and Technical.

What is importance of daily stand up meeting?

Daily stand up meeting is essential for any team in which-
Team discuss about how much work has been completed.
What are the plans to resolve technical issues.
What steps need to done to complete the projects etc.

How the velocity of sprint is measured?

If capacity is measured as a percentage of a 40 hours weeks then completed story points * team capacity

If capacity is measured in man hours then Completed story points / team capacity

What are the two key factors when working as a QA in an Agile team?

QA can add a lot of value to an agile team because of the different mindset. Testers can and should think about the different possible scenarios to test a story. However the most important asset that they can bring is:

To prevent defect. QA should advocate best practices along the way to prevent defects from entering the system in the first place.
To provide fast feedback. It is important for developers to know if the new functionality works as expected and if regression tests pass, and they need that feedback quite quickly. QA should provide the results of the tests to developers as soon as possible.

Mention in detail what are the role’s of Scrum Master?

Scrum Master key responsibilities involves

Understand the requirements and turn them into working software
Monitoring and Tracking
Reporting and Communication
Process Check Master
Quality Master
Resolve Impediments
Resolve Conflicts
Shield the team and performance feedback
Lead all the meetings and resolve obstacles

Mention what should a burndown chart should highlight?

The burn-down chart shows the remaining work to complete before the timebox (iteration) ends.

What is a browser cache, and why is it important?

caching means placing something in storage (usually in secret) on the chance that it may come in useful later (e.g. a weapons cache). A browser or Web cache does exactly that, except with program and website assets. When you visit a website, your browser takes pieces of the page and stores them on your computer's hard drive. Some of the assets your browser will store are:

Images - logos, pictures, backgrounds, etc.
HTML
CSS
JavaScript

What are COOKIES

Cookies are a certain amount of information that is created by a server when a user visits a web page, and it’s saved on a user’s PC in the form of a separate document.

Cookies mainly store identification information, user data, features, and settings that have been chosen while interacting with a page and also, other similar service data.

If cookies are supported by a browser, then every next request will make all information transfer from a user to a server. What’s the use of all these data?

Identification info is commonly used by a server to:

Gather and analyze the statistic;
Track session proceeding (we’ll talk about this term further);
Authenticate a user (otherwise, you will need to write a login and a password every time);
Personalize the settings chosen by a client at all requests (for example, products’ language or certain settings in a shopping cart).

From a technical view, cookies are text documents of a small size. The maximum size of a cookie file is 4096 bytes.

The cookie document comprises the following things:

Its name;
Value (data, transferred to a server and must be processed during the request);
The domain that belongs to this cookie and that receives it;
URL-path in the space of this domainб where a certain cookie is valid for it;
Expiration date. Cookies are saved only for a certain time range, that is established for every cookie separately. It may be a certain day, time or session value in the case when cookies are saved until the end of a current session;
HTTP (it’s assigned only in the case when cookies will be used only by HTTP);
Security (it’s cookie transfer only through secure HTTPS);
Size of cookie documents in bytes.

What is SESSION

Web servers have one important feature that is expressed in a way that they can’t recognize where requests come from every time (from the same browser or from the different one).

This happens because HTTP protocol doesn’t allow tracking the course of such states and therefore, to support permanent connection with a user.

Every request is processed separately, apart from the previous ones.

This issue may be resolved by a browser session – a way of tracking the requests from one browser, that is able to save some variables while moving between the pages of a web product.

When a session starts, a server creates a document where the client’s data, his/her actions ad events that happened during one session are created. This can be website viewing, actions with page content, transaction making, and so on.

A new session can’t start until the previous one ends.

The previous session will end only in the case if one of the following actions will be performed (it depends on settings):

A browser will be closed;
If a user hasn’t done any actions for a certain amount of time;
At established time of a day (for example, in the evening or at night).

What is CACHE

It’s a well-known fact that a website should be rapidly loaded so that we can work well on the net.

An increase in a page response time can make a user simply close it and move to another one, more optimized. Therefore, a developer shouldn’t afford this.

The overall complexity of the situation is that after every page update, a server transfers a browser quite a big amount of information. And this obviously has a negative impact on website speed. Cache has been created to resolve this issue and optimize web software.

For example, your Internet network works more slowly than a computer. With the help of a cache, a browser saves certain amount of data on a client’s local PC.

As a result, if there is a need in the second loading of the same information, the necessary data will be simply loaded from PC memory, not connecting to the net.

And the page will naturally be loaded much faster in such a case.

What is commonly saved in the cache? Pages of the same website usually have the same design, and therefore, there are website elements that are duplicated on different web pages.

To not transfer the same capture during each transfer, it’s locally saved to cache files and is loaded from a user’s hard drive, not through a server, after updating.

Besides logos, text messages, video files, and sound can be also cached.

Browser cache has a limited size. Its maximum size can be set. When cache memory is full, the data that were not used for a longer time, are deleted, thereby providing the space for new parts.

After analyzing such terms as “session”, “cache” and “cookies”, let’s move to their direct usage.

A common user will be able to switch on/off, edit or delete cookies, clear cache, and find the data on his/her PC.

HOW TO CLEAR THE CACHE ON A PC?

First, you should pay attention to the browser you are using.

It’s important to remember that cache of the same web product is located in different directory files C:\Users\Admin\AppData\Local\ in different browsers.

If you can’t find such a folder on your PC, you need just to activate hidden files showing in the Settings.

Every browser creates its file folder with a cache in this directory.

Let’s talk about the most popular browsers:

Internet Explorer

– C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\

– C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\

Google Chrome

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Cache

Safari

~/Library/Caches/com.apple.Safari/

Mozilla Firefox

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\zxcvb5678.default\cache2\entries

Opera

C:\Users\Admin\AppData\Local\Opera Software\Opera Stable\Cache.

You can delete the entire information from a website, clear cache, and cookies directly in a browser.

You can use a special function that can be activated in the Settings.

Every browser has its process of doing this, so let’s analyze the process of cache clearing more thoroughly:

Safari. “Develop” – “Empty cache” (develop’s menu must be active in the application’s settings;

Google Chrome. “Settings” – “More tools” – “Clear browsing data” – “Cached images and files” – “Clear data”;

Opera. “Settings” – “Privacy and Security” – “Clear browsing data” – “Clear browsing data”.

Internet Explorer. “Tools” – “Safety” – “Delete browsing history” – Temporary Internet files and website files – “Delete”;

Mozilla Firefox. “Options” – “Privacy & Security” – “Cookies and site data” – “Clear data” – “Clear”.

You can also use another method to clear cache, not using its Settings. It’s hotkeys: Ctrl+Shift+Del – for multiple browsers and ⌥(Option)+⌘(Command)+E – for Safari on Mac.

What is LOGICAL BUG

Logical Bug is a kind of bug that makes the application work incorrectly. It doesn’t lead to crashes. This kind of bugs is difficult to find.

What is BREADTH TESTING

Breadth Testing is kind of top-down testing. In this kind of testing a group of tests that validates the functionality of the application, but doesn’t test its used features. All the modules are refined at the same level of control here.

What is BASIS PATH TESTING

Basis Path Testing is a kind of white box testing which is used to write test cases and examine all possible paths of test performing at least once. This kind of testing guarantees full branch coverage. It’s widely used and learned.

TESTING LIFE-CYCLE (STLC)

As a rule, the testing process is carried out during all phases of software development life-cycle (SDLC). All modern software development life-cycle models are followed during SDLC.

Testing Life-Cycle defines the stages in testing a software app. However, it is not just a single activity, but the set of activities performed methodologically to help to certify software products. SDLC consists of these activities.

There is no fixed STLC Standard. It can be changed depending on:

Software development life-cycle.
Leadership whishes.

Do you need software application testing service? Are you looking for the reputable testing providers? You are a catch! Today is your day – whatever you want – top-notch QA consulting or on-site/offshore software testing services! Do not worry about the price – it will be reasonable but the quality of the work will nicely surprise you.

STLC STAGES:

General planning and requirements analysis. It is important at least to get answers to such questions as: what should we test; how much work is expected; what challenges will we face during the work; etc.
Entry criteria. You formulate or specify entry criteria to determine when it is possible or necessary to start software testing process; suspension criteria to suspend a test activity entirely or partially and exit criteria, necessary to decide whether to stop or resume the testing work.
Testing strategy. Senior QA manager determines costs and effort estimates for the project and prepares the Test Plan for all types of testing.
Test case development. Tests cases are designed, developed, verified and reworked. Also, this phase involves the creation, review and rework of test data.
Environment setup. It is done simultaneously with test case development phase. It determines the hardware and software conditions under which a product is tested.
Test execution.
Test cycle closure.

What is SERVER SIDE TESTING

It is a type of software testing for server-based applications and also can be applied to examine test controllers and servlets. Server side testing uses Java or JSP programming languages.

What is SYNTAX BUG

Syntax Bug is an error in the system code of the application. It’s a small grammatical mistake, can be in one symbol. Compiler provides information about such bugs when the code is compiled, the developer can fix them quickly.

What is TEST SUITE

A group of test cases combined together, usually for some particular application. Tests in a Test Suite are usually performed one by one. They have pass/fail result.

What is UI TESTING

UI Testing is a technique that checks the application on defects using Graphical user interface. It’s performed through the use of test cases. It verifies data Integrity, navigations, the object states, etc.

Wearable Fitness Device Fitbit’s Test Scenarios

Test Scenarios on Fitbit:

Verify On and Off feature in Fitbit device.
Verify battery charging functionality in Fitbit device.
Verify that Fitbit device should be comfortable and user-friendly wearable device.
Verify water proof feature of Fitbit device.
Verify the Battery status indicator feature of Fitbit device.
Verify standby battery life Fitbit device.
Verify regular use battery life of Fitbit device.
Verify battery charge life while using GPS.
Verify Heart rate tracking feature while walking, running, sitting, exercising, sleeping, laughing, tension etc. of Fitbit device if battery Full charge.
Verify Heart rate tracking feature while walking, running, sitting, exercising, sleeping, laughing, tension etc. of Fitbit device if battery Low charge.
Verify Blood Pressure rate monitering feature while walking, running, sitting, exercising, sleeping, laughing, tension etc. of Fitbit device if battery Full charge.
Verify Blood Pressure rate monitering feature while walking, running, sitting, exercising, sleeping, laughing, tension etc. of Fitbit device if battery Full charge.
Verify walking Steps monitoring feature of Fitbit device while waving hands.
Verify walking Steps monitoring feature of Fitbit device on treadmill while hands on handrest instead of waving.
Verify the floor climb up & down monitor feature of Fitbit device by stairs.
Verify the floor climb up & down monitor feature of Fitbit device by lift.
Verify the walking distance monitor feature of Fitbit device.
Verify the running distance monitor feature of Fitbit device.
Verify the Burning calorie monitor feature of Fitbit device while walking, running, exercising and daily routine.
Verify sleeping routine monitor feature of Fitbit device.
Verify active routine monitor feature of Fitbit device.
Verify Clock feature of Fitbit device.
Verify digital display of Fitbit device.
Verify the compatibility of Fitbit device with smart phones (Android, iOS, Windows) of different versions of OS.
Verify the compatibility of Fitbit device with Desktop and Laptop of different version of OS.
Verify the wireless syncing of Fitbit to other devices.
Verify the availability of internet facility in Fitbit device.
Verify the caller ID feature in Fitbit device.
Verify the Text or message notification feature in Fitbit device.
Verify the Music player and control feature in Fitbit device.
Verify the Camera and Camcorder feature in Fitbit device.
Verify the Video and audio feature in Fitbit device.
Verify Clock and Tracker set and reset feature in Fitbit device.
Verify the social media feature in Fitbit device.
Verify GPS feature in Fitbit device.

Test Cases for Media Player in Mobile

Test Cases / Scenarios:

Verify that Media Player should be installed in Mobile.
Verify that Media Player should support the Mobile OS.
Verify that Media Player should evoke effortlessly with one action.
Verify that Media Player should be close effortlessly.
Verify that Media Player should have controllers like Play, Pause, Next, Previous, Stop, Close, Volume increase and decrease button, Contrast increase, and decrease button.
Verify that Media Player should be able to work and display in both Portrait and Landscape view.
Verify that Media Player should maintain its consistency of controllers in both Portrait and Landscape view.
Verify that Media Player should be able to run Video file of any format like avi, mkv etc.
Verify that Media Player should be able to run Audio file of any format like mp3, wav etc.
Verify that Media Player is able or not able to run Video file of any quality like 3GP, MP4, Low Definition, High Definition, 144p, 240p, 360p, 480p, 720p, 1080p etc.
Verify that Media Player is able or not able to run Audio file of any quality, bit rate, bandwidth.
Verify that Media Player is able or not able to change the Aspect ratio.
Verify that Media Player is able or not able to change the Crop.
Verify that Media Player is able or not able to update from the internet.
Verify that Media Player should be able to run the Audio or Video files from SD / Memory Card.
Verify that Media Player should be able to run the Audio or Video files from Phone Memory / Internal Memory.
Verify that Media Player is able or not able to run the Audio or Video files from internet.
Verify that Media Player should continue to run the Video file if Media Player go to backgrounds or minimizes.
Verify that Media Player should continue to run the Audio file if Media Player go to backgrounds or minimizes.
Verify that Media Player should be able to Stop or Minimize if pressing Back button one or two times.
Verify that Media Player should have Media Library files.
Verify that Media files in Media Player’s Media Library should be shuffle, Add, Remove Media files.
Verify that Media files in Media Player’s Media Library should be Add Media files.
Verify that Media files in Media Player’s Media Library should be Remove Media files.
Verify that Audio and Video files both can be Add, Shuffle and Remove from Media Library of Media Player.
Verify that Video files of different quality and size should work correctly on Play- Pause-Play action, that image of videos should not be break, voice should not be break, lag or lead with the video.
Verify that Audio files of different quality and size should work correctly on Play- Pause-Play action, that audio should not be break, lag or lead.
Verify that Media Player is able to keep on run or not any Video or Audio file if tap on the Back button and minimize the app.
Verify that Media Player is able to resume playing if any paused Video or Audio file in app in minimizes condition then evoke.
Verify that two Video files can able to run in two different Media Players simultaneously in a device.
Verify that one Video and one Audio file can able to run in two different Media Players simultaneously in a device.
Verify that one Video and one Audio file can able to run in two different Media Players simultaneously in a device.

Explain what is performance testing?

Performance testing is done for quality assurance. It involves testing software application to make sure that the software is working well under their expected workload.

Mention different types of performance testing?

Load testing

Stress testing

Endurance testing

Spike testing

Volume testing

Scalability testing

List out what are the common performance problem does user face?

Longer loading time

Poor response time

Poor Scalability

Bottlenecking (coding errors or hardware issues)

List out some common performance bottlenecks?

Some common performance bottlenecks include

CPU Utilization
Memory Utilization
Networking Utilization
S limitation
Disk Usage

List out some of the performance testing tool?

HP Loader
HTTP Load
Proxy Sniffer
Rational Performance Tester
JMeter
Borland Silk Performer

Mention what all thing involves in Performance Testing Process?

Right testing environment: Figure out the physical test environment before carry performance testing, like hardware, software and network configuration
Identify the performance acceptance criteria: It contains constraints and goals for throughput, response times and resource allocation
Plan and design Performance tests: Define how usage is likely to vary among end users, and find key scenarios to test for all possible use cases
Test environment configuration: Before the execution, prepare the testing environment and arranges tools, other resources, etc.
Test design implementation: According to your test design, create a performance test
Run the tests: Execute and monitor the tests
Analyze, tune and retest: Analyze, consolidate and share test results. After that, fine tune and test again to see if there is any enhancement in performance. Stop the test, if CPU is causing bottlenecking.

Explain what is Endurance Testing and Spike Testing?

Endurance Testing: It is one type of performance testing where the testing is conducted to evaluate the behavior of the system when a significant workload is given continuously
Spike Testing: It is also a type of performance testing that is performed to analyze the behavior of the system when the load is increased substantially.

Explain what are the common mistakes done in Performance Testing?

The common mistakes done in Performance Testing are

Direct jump to multi-user tests
Test results not validated
Unknown workload details
Too small run durations
Lacking long duration sustainability test
Confusion on definition of concurrent users
Data not populated sufficiently
Significant difference between test and production environment
Network bandwidth not simulated
Underestimating performance testing schedules
Incorrect extrapolation of pilots
Inappropriate base-lining of configurations

Mention what is the difference between the benchmark testing and baseline testing?

Benchmark Testing: It is the method of comparing performance of your system performance against an industry standard that is set by other organization
Baseline Testing: It is the procedure of running a set of tests to capture performance information. When future change is made in the application, this information is used as a reference

List out some of the parameters considered for performance testing?

Memory usage
Processor usage
Bandwidth
Memory pages
Network output queue length
Response time
CPU interruption per second
Committed memory
Thread counts
Top waits, etc.

List out the factors you must consider before selecting performance tools?

Customer preference tool
Availability of license within customer machine
Availability of test environment
Additional protocol support
License cost
Efficiency of tool
User options for testing
Vendor support

What is Web dispatcher?

The Web Dispatcher is the entry point for all external HTTP requests and the interface between all HTTP clients and the Server system. The Web Dispatcher can work as load balancer for incoming requests which are distributed among all available application servers.

The Dispatcher helps realize an environment i.e both fast and dynamic. It works as a part of a static HTML server, with the aim of :

Storing as much of the site content as is possible, in the form of static website.
Accessing the layout as little as possible.

For caching, the Dispatcher module uses the Web server's ability to serve static content. The Dispatcher places the cached documents in the document root of the Web server.

What is the difference between dispatcher and webserver?

Dispatcher is just a web server plugin - written by Adobe. You can deploy dispatcher in different web servers like Apache Web Server, Microsoft IIS, Sun Web Server. One of the flexibilities of static web servers is that their features cab be improved and customised by the 3rd party plugins like Dispatcher.

An HTTP web server provides more robust features - primarily stores, processes and delivers web pages to clients. From Wikipedia -> A web server is a computer system that processes requests via HTTP, the basic network protocol used to distribute information on the World Wide Web. For example, when you go to google.com in your web browser, you're ultimately contacting the web server that hosts this website so that you can communicate with it to request web pages. It provides a whole host of features in terms of performance, protocols and security. This is a very generic explanation. Check out the wiki page for more info.

How does the Dispatcher perform caching?

The Dispatcher uses the web server's ability to serve static content. The Dispatcher stores cached documents in the web server’s document root. The Dispatcher has two primary methods for updating the cache content when changes are made to the website.

Content Updates remove the pages that have changed, as well as files that are directly associated with them.
Auto-Invalidation automatically invalidates those parts of the cache that may be out of date after an update. For example, it effectively flags relevant pages as being out of date, without deleting anything.

What are the requests not cached by dispatcher?

By default the following requests are not cached by dispatcher

Request that do not return http code 200
Requests with suffixes
Requests with request parameter(i.e ?)
Programatically: send http header
response.setHeader("Dispatcher", "no-cache")

How does the Dispatcher return documents?

We can define whether the Dispatcher caches a document by using the Dispatcher configuration file, dispatcher.any. The Dispatcher checks the request against the list of cacheable documents. If the document is not in this list, the Dispatcher requests the document from the AEM instance. The Dispatcher always requests the document directly from the AEM instance in the following cases:

If the HTTP method is not GET. Other common methods are POST for form data and HEAD for the HTTP header.
If the request URI contains a question mark "?". This usually indicates a dynamic page, such as a search result, which does not need to be cached.
The file extension is missing. The web server needs the extension to determine the document type (the MIME-type).
The authentication header is set (this can be configured).

The Dispatcher stores cached files on the web server as if they were part of a static website. If a user requests a cached document, the Dispatcher checks whether the document exists in the web server's file system. If so, the Dispatcher returns the documents. If not, the Dispatcher requests the document from the AEM instance.

Imagine someone maliciously duplicated every file on your computer, and completely randomized their names and locations on your hard drive. Discuss an efficient way to clean up your drive of all these duplicates.

use md5sum

Sort extra large file 10GB which contains single word in each line, within 4GB RAM

1) split 10GB file into 4 chunks (read row by row until I fill about 2.5 Gb of memory)
2) sort each chunk in memory using quicksort (because it does not consume additional memory)
3) write every chunk back to the disk
4) using merge sort algorithm to merge data back to single sorted array reading from chunks by pieces and writing it simultaneously to the disk into the destination file.

What is the difference between application server and web server?

Web Server

A web server accepts and fulfills requests from clients for static content (i.e., HTML pages, files, images, and videos) from a website. Web servers handle HTTP requests and responses only.iIt s a computer system that stores, processes, and delivers web pages to clients. The client is almost always a web browser or a mobile application. Depending on the setup, a web server can store one or more websites.

This type of server only delivers static HTML content, such as:

Documents
Images
Videos
Fonts

Most Popular Web Servers

1) Nginx

Nginx is an open-source web server that can also act as a reverse proxy, email proxy, and load balancer.

2) Apache HTTP Server

The Apache HTTP server (also known only as Apache) is a free, open-source web server. Apache is a part of the LAMP stack, a software stack that powers around 40% of all websites on the Internet.

3) Microsoft IIS

Microsoft IIS (Internet Information Services) is a free web server software package for Windows Server. IIS only runs on Windows operating systems.

4) Jetty

Jetty is an open-source project that provides an HTTP server, HTTP client, and a javax.servlet container. While primarily a web server, Jetty can also facilitate machine-to-machine communication.

5) LiteSpeed

LiteSpeed is a web server with excellent performance and scalability properties. LiteSpeed offers a wide range of features and has an easy-to-use web admin console.

Application server

An application server exposes business logic to the clients, which generates dynamic content. It is a software framework that transforms data to provide the specialized functionality offered by a business, service, or application. Application servers enhance the interactive parts of a website that can appear differently depending on the context of the request.

Most Popular Application Servers

1) Apache Tomcat

Apache Tomcat is an open-source app server often used in conjunction with Apache HTTPD.

Tomcat can execute Java Servlets, deliver pages with JavaServer Page code, and serve Java EE (Java Enterprise Edition) apps.

2) Oracle WebLogic

Oracle WebLogic Server is an application server for deploying distributed apps using Java EE standards. WebLogic is fully integrated with Oracle’s product and cloud service portfolio.

3) Glassfish

Glassfish is an open-source Java EE application server that supports Java Servlets and Enterprise JavaBeans (EJB). Glassfish can also function as a web server.

4) JBoss

JBoss application server is an open-source platform for building, deploying, and hosting Java applications. JBoss operates across platforms, and you can use it on any operating system that supports Java

Mention what is the difference between performance testing and functional testing?

Functional Testing	Performance Testing
To verify the accuracy of the software with definite inputs against expected output, functional testing is done. This testing can be done manually or automated One user performs all the operations Customer, Tester and Development involvement is required Production sized test environment is not necessary, and H/W requirements are minimal	To validate the behavior of the system at various load conditions performance testing is done. It gives the best result if automated Several user performs desired operations Customer, Tester, Developer, DBA and N/W management team Requires close to production test environment and several H/W facilities to populate the load

Ok-Guru

Search This Blog

Wednesday, March 24, 2021