Monday, November 21, 2011

What type of metrics we prepare in testing?

In testing there are two types of metrics.
  • Process metrics
  • Product metrics
Process Metric: A metric used to measure the characteristic of the methods,technique, and tools employed in developing,imlementing,and maintaining the software system.

Product Metric: Metric used to measure the characteristic of the documentation and code.

What is Entry Criteria & Exit Criteria.

Entry criteria:
  • All source codes are unit tested
  • All QA resource has enough functional knowledge
  • H/W and s/w are in place
  • Test plans and test cases are reviewed and signed off
Exit criteria:
  • No defect over a perod of time or testing effort
  • Planned deliverables are ready
  • High severity defects are fixed

STLC process

  • Test Initiation
  • Test Planning
  • Test Design
  • Test Execution
  • Test Reporting
  • Test Closure.

Wednesday, November 9, 2011

What is a Test Case?

  • A test case is a set of conditions or variables and inputs that are developed for a particular goal or objective to be achieved on a certain application to judge its capabilities or features.
  • A formal written test case comprises of three parts -
    • Information
    • Activity
    • Result

When we use update mode in QTP?

When QTP scripts are expected to execute on AUT which may have GUI changes, we can execute QTP scripts in Object Repositories update mode, so that Object Repositories proerties can be modified in the execution.

What is keyword view and Expert view in QTP?

  • Keyword View is an icon based view which shows test steps in tabular format. It also automatically generates documentation for the test steps. It is used by Non IT Person.
  • Expert View gives the corresponding VB Script statement for every test step in the Keyword view. It is used by IT expert person.

Types of object Repositories in QTP?

QTP Supports 2 types of Object Repository

1) Shared Object Repository (also called Global). It is preferable while dealing with dynamic objects which are called in multiple tests. The extension is ".tsr"

2) Per-Action Object Repository, (also called Local). It is used by default. The extension for Per-Action repository is ".mtr" .

Types of recording modes in QTP?

QTP supports 3 types of recording modes
  1. Normal Mode: It is the default recording mode and takes full advantage of QTP's Test Object Model. It recognizes objects regardless of their position on -screen. This is the preferred mode of recoding and is used for most of the automation activities. 
  2. Low-level recording mode: This mode records the exact x,y co-ordinates of your mouse operations. It is helpful in testing hashmaps. It is useful for recording objects not identified by normal mode of QTP. 
  3. Analog mode: This mode records exact mouse and keyboard "movements" you perform in relation to the screen / application window. This mode is useful for the operation such as drawing a picture, recording signature., drag and drop operations.

Friday, October 21, 2011

Test Case

What is a Test Case?
“A test case has components that describes an input, action or event and an expected response, to determine if a feature of an application is working correctly.”

Levels:
There are levels in which each test case will fall in order to avoid duplication efforts.
  • Level 1: In this level you will write the basic test cases from the available specification and user documentation. 
  • Level 2: This is the practical stage in which writing test cases depend on actual functional and system flow of the application. 
  • Level 3: This is the stage in which you will group some test cases and write a test procedure. Test procedure is nothing but a group of small test cases maximum of 10. 
  • Level 4: Automation of the project. This will minimize human interaction with system and thus QA can focus on current updated functionalities to test rather than remaining busy with regression testing.
So you can observe a systematic growth from no testable item to a Automation suit.

Why we write Test Cases?
The basic objective of writing test cases is to validate the testing coverage of the application. If you are working in any CMMi company then you will strictly follow test cases standards. So writing test cases brings some sort of standardization and minimizes the ad-hoc approach in testing.


How to write Test Cases?
there are some fields to write test cases
1. Test Objective
2. Pre-conditions
3. Test data
4. Data base statemnts(SQL/Mysql/any)
5. Test Steps
6. Expected Result
using these feilds u can write but main thing u should understand the Requirement i mean u should under stand the whole Application wat u r going to test then only u can come to know the how to write steps n all.

Validation Testing Types

If the testers are involved in the software product right from the very beginning, then validation testing in software testing starts right after a component of the system has been developed. The different types of software validation testing are:

  • Component Testing: Component testing is also known as unit testing. The aim of the tests carried out in this testing type is to search for defects in the software component. At the same time, it also verifies the functioning of the different software components, like modules, objects, classes, etc., which can be tested separately.
  • Integration Testing: This is an important part of the software validation model, where the interaction between the different interfaces of the components is tested. Along with the interaction between the different parts of the system, the interaction of the system with the computer operating system, file system, hardware and any other software system it might interact with is also tested.
  • System Testing: System testing, also known as functional and system testing is carried out when the entire software system is ready. The concern of this testing is to check the behavior of the whole system as defined by the scope of the project. The main concern of system testing is to verify the system against the specified requirements. While carrying out the tester is not concerned with the internals of the system, but checks if the system behaves as per expectations. 
  • Acceptance Testing: Here the tester especially has to literally think like the client and test the software with respect to user needs, requirements and business processes and determine, whether the software can be handed over to the client. At this stage, often a client representative is also a part of the testing team, so that the client has confidence in the system. There are different types of acceptance testing:
    • Operational Acceptance Testing
    • Compliance Acceptance Testing
    • Alpha Testing
    • Beta Testing
Often when validation testing interview questions are asked, they revolve around the different types of validation testing. The difference between verification and validation is also a common software validation testing question. Some organizations may use different terms for some of the terms given in the article above. As far as possible, I have tried to accept the alternate names as well.

Thursday, October 20, 2011

Difference between Verification & Validation?

Verifiaction:
  • Means are we doing right thing.i.e we have to check whether we are implementing right process.  
  • It is the examination of the process and checks r we building the product right? 
  • It involves reviews and meetings to evaluate documents,plans,code,requirement and specification.
  • This can be done with 
    • checklist,
    • Issues lists and 
    • Walkthroughs.
Validation:Means are we doing things right.i.e we have to check whether we have developed a software as per the client requirement.

Sunday, October 16, 2011

SAP Introduction

  • SAP is an ERP Software where SAP stands for Systems, Applications and Products in data processing. 
  • SAP was developed by German software company SAP AG in 1972 and the initial version was called SAP R/1
  • In 1979, SAP launched SAP R/2 and in 1981, 
  • New version called SAP R/3 was launched.
Advantages:
  • Integration
  • Efficiency
  • Cost reduction
  • Less personnel
  • Accuracy
Disadvantages:    
  • Expensive
  • Not very flexible  

SAP's solution includes a number of functional modules, which support transactions to execute key business processes, such as:

  • Financial Accounting (FI)
    • General Ledger (FI-GL)
    • Accounts Payable (FI-AP)
    • Accounts Receivable (FI-AR)
    • Bank Accounting (FI-BL)
    • Asset Accounting (FI-AA)
    • Funds Management (FI-FM)
    • Travel Management (FI-TV)
    • Special Purpose Ledger (FI-SL) (I am not sure this is really considered a module anymore)
     
  • Financial Supply Chain Management (FSCM)
    • Credit Management
    • Cash and Liquidity Management
    • Collections Management
    • Dispute Management
    • Treasury and Risk Management
     
  • Controlling (CO)
  • Materials Management (MM)
  • Sales and Distribution (SD)
  • Logistics Execution (LE)
  • Production Planning (PP)
  • Quality Management (QM)
  • Plant Maintenance (PM)
  • Project System (PS)
  • Human Resources (HR)
 

Wednesday, September 28, 2011

Q. What should be done after a bug is found?

1.Check whether it is valid before sending to dev team.
2.Check whether bug is duplicate
3.Communicate to dev team by sending following info:
  1. Bug id
  2. Bug name
  3. Severity and priority
  4. Steps to reproduce the bug
  5. Environment used

QTP
Quick Test Professional

Quick Test Professional (QTP) is an automated functional Graphical User Interface (GUI) testing tool that allows the automation of user actions on a web or client based computer application.



It is primarily used for functional regression test automation. QTP uses a scripting language built on top of VBScript to specify the test procedure, and to manipulate the objects and controls of the application under test.

Contents:
  • Testing Process
    • Create your test plan
    • Recording a session
    • Enhancing your test
    • Replay & Debug
    • Run your Tests
    • Analyzing the test results
    • Reporting defects
  • Test Object Model
  • Object Repositories
  • Checkpoints:
    • Standard checkpoint.
    • Image checkpoints.
    • Bitmap Checkpoint.
    • Table checkpoints.
    • Accessibility Checkpoint.
    • Text Checkpoint.
    • Page Checkpoint.
    • Database Checkpoint.
    • XML checkpoints. 

Features of QTP:
  • Ease of use.
  • Simple interface.
  • Presents the test case as a business workflow to the tester (simpler to understand).
  • Uses a real programming language (Microsoft’s VBScript) with numerous resources available.
  • QuickTest Pro is significantly easier for a non-technical person to adapt to and create working test cases, compared to WinRunner.
  • Data table integration better and easier to use than WinRunner.
  • Test Run Iterations/Data driving a test is easier and better implement with QuickTest.
  • Parameterization easier than WinRunner.
  • Can enhance existing QuickTest scripts without the “Application Under Test” being available; by using the ActiveScreen.
  • Can create and implement the Microsoft Object Model (Outlook objects, ADO objects, FileSystem objects, supports DOM, WSH, etc.).
  • Better object identification mechanism.
  • Numerous existing functions available for implementation – both from within QuickTest Pro and VBScript.
  • QTP supports .NET development environment
  • XML support
  • The Test Report is more robust in QuickTest compared to WinRunner.
  • Integrates with TestDirector and WinRunner (can kick off WinRunner scripts from QuickTest).
Drawbacks of QTP: As of QTP version 10

1) Huge Tests in QTP consume lots of memory and increase CPU utilization.
2) Since QTP stores results in HTML file (and not txt) the result folder sometimes becomes big.

Friday, July 22, 2011

Cyber security

Introduction
Cyber security standards are security standards which enable organizations to practice safe security techniques to minimize the number of successful cyber security attacks. These guides provide general outlines as well as specific techniques for implementing cyber security. For certain specific standards, cyber security certification by an accredited body can be obtained. There are many advantages to obtaining certification including the ability to get cyber security insurance.
Types of cyber security
As Internet usage continues to rise throughout the world, the threat of cyber crime also grows. While some of these crimes are relatively harmless and commonplace, others are very serious and carry with them felony charges. Here are a few of the more common forms of cyber crime.

Spam
The most common type of cyber crime is spam. While email spam laws are fairly new, there have been laws on the books regarding "unsolicited electronic communications" for many years.

Fraud
Credit fraud is another common form of cyber crime. Certain computer viruses can log keystrokes on your keyboard and send them to hackers, who can then take your Social Security number, credit card number and home address. This information will be used by the hacker for his own means.

Cyber Bullying
Harassment, or cyber bullying, is a growing problem among teenagers. Many countries in Europe and several states in the United States have laws to punish those who consistently harass somebody over the Internet.

Drug Trafficking
Believe it or not, drug trafficking is happening over the Internet. Many traffickers use encrypted email or password-protected message boards to arrange drug deals.

Cyberterrorism
There are many forms of cyberterrorism. Sometimes it's a rather smart hacker breaking into a government website, other times it's just a group of like-minded Internet users who crash a website by flooding it with traffic. No matter how harmless it may seem, it is still illegal.

Identity Theft
Identity theft can happen online when another person takes a person's Social Security number and/ or other personal information and uses it to pretend to be somebody else. Some ways that these individuals try to steal personal information are sending out "phishing" emails (emails that look like they are from a person's bank, place of business or legitimate organization), and ask for credit card information, Social Security numbers, and other identifying information. Most banks and credit card companies will never ask for such information via email. Beware of these popular tactics.

Credit Card Fraud
According to a Gartner survey of 100 retailers, credit card fraud is the No. 1 problem in e-commerce. Ninety-three percent of purchases that are made online use credit cards as a form of payment. Credit card fraud happens when others use someone else's credit card to make purchases online. Credit card numbers can be stolen with false online forms or emails. Some red flags of a purchase made with a stolen credit card include the shipping address being different from the billing address, requesting leaving orders at the door, and ordering expensive items or many items of the same product.

Cyber-Stalking
Cyber-stalking is when another individual harasses their victim by any means online such as constant emails and messaging. After several attempts at online pursuit, they will often attempt offline stalking as well. Most stalkers know who their victims are in real life. Often these involve ex-spouses, disgruntled co-workers or bosses, or perhaps someone who they may have gone on a few dates with. If you feel you have been a victim of cyber-stalking, contact your local police to file a complaint.

Software Piracy
With the growing popularity of computer-sharing programs such as Bear-Share, torrents and LimeWire, piracy is becoming a growing problem. People can download or "share" programs instead of purchasing them or getting a license for them. Any time a friend copies software, downloads software from a sharing website or program, or a business doesn't report the numbers of computers using software, it is a form of software piracy. Being convicted of software piracy often involves jail time and large fines.

Pornography
The Internet has introduced a growing number of pornography sites that sadly include children. Pornography is a growing crime among Internet users. According to Internet Filter Review, there are 4.2 million pornographic websites. Thirty-four percent of computer users have received unwanted pornographic material on the Internet. Eighty-nine percent of youth in Internet chat rooms have received sexual solicitations. The punishment for child pornography is different in each state. Some states only require that offenders be jailed for one year, while others can impose a 15-year term.

Why Is Cyber Security Important?
The increasing volume and sophistication of cyber security threats-including targeting phasing scams, data theft, and other online vulnerabilities-demand that we remain vigilant about securing our systems and information.
The average unprotected computer (i.e. does not have proper security controls in place) connected to the Internet can be compromised in moments. Thousands of infected web pages are being discovered every day. Hundreds of millions of records have been involved in data breaches. New attack methods are launched continuously. These are just a few examples of the threats facing us, and they highlight the importance of cyber security as a necessary approach to protecting data and systems.

Threats
There are many threats, some more serious than others. Some examples of how your computer and systems could be affected by a cyber security incident - whether because of improper cyber security controls, manmade or natural disasters, or malicious users wreaking havoc-include the following:

Denial-of-service
Refers to an attack that successfully prevents or impairs the authorized functionality of networks, systems or applications by exhausting resources. What impact could a denial-of-service have if it shut down a government agency's website, thereby preventing citizens from accessing information or completing transactions? What financial impact might a denial-of-service have on a business? What would the impact be on critical services such as emergency medical systems, police communications or air traffic control? Can some of these be unavailable for a week, a day, or even an hour?

Malaria, worms, and Trojan horses
These spread by email, instant messaging, malicious websites, and infected non-malicious websites. Some websites will automatically download the malaria without the user's knowledge or intervention. This is known as a "drive-by download." Other methods will require the users to click on a link or button.

Bonnets and zombies
A bonnet, short for robot network, is an aggregation of compromised computers that are connected to a central "controller." The compromised computers are often referred to as "zombies." These threats will continue to proliferate as the attack techniques evolve and become available to a broader audience, with less technical knowledge required to launch successful attacks. Bonnets designed to steal data are improving their encryption capabilities and thus becoming more difficult to detect.

"Shareware" - fake security software warnings
This type of scam can be particularly profitable for cyber criminals, as many users believe the pop-up warnings telling them their system is infected and are lured into downloading and paying for the special software to "protect" their system.

Social Network Attacks
Social networks can be major sources of attacks because of the volume of users and the amount of personal information that is posted. Users' inherent trust in their online friends is what makes these networks a prime target. For example, users may be prompted to follow a link on someone's page, which could bring users to a malicious website.

Wednesday, June 22, 2011

Off-Page Optimization (SEO)

Defined: Off-page optimisation (off-page SEO) is what can be done off the pages of a website to maximise its performance in the search engines for target keywords related to the on-page content and keywords in off-page direct-links.

Off-Page SEO Checklist:
  • Always start with keyword research, testing and selection 
  • Use Keywords in link anchor text
  • Obtain links from high ranking publisher sites
  • One-way inbound links (not link exchange or reciprocal links) 
  • Different keywords in your link-ads from the same site
  • Gradual link building technology (no growth spikes) 
  • Use relevant keywords near your inbound link (contextual relevance)
  • Deep linking (from multiple pages to multiple pages) 
  • Target a large list of keywords (5-500+)
  • Link from sites with a variety of LinkRanks 
  • Track all active keywords and refine strategy as required
  • Discontinue campaigns if ranking does not improve
  • Expect results in 1-2 months (Bing) 1-9 months (Google, Yahoo)
Avoid common off-page SEO mistakes:
  • Duplicate keywords in link avderts
  • Site-wide links causing link growth spikes
  • Using on-page SEOs to do the work of specialist off-page SEO's
  • Placing random links without keywords near your link adverts
Do not use off-page SEO spamming tactics such as:
  • Link farms (sites with 100+ outbound links per page)
  • Using irrelevant keywords in your link-ads
  • Garbage links
  • Link churning
  • Hidden inbound links

On-Page Optimisation (SEO)

This article was originally written in 2004 and since we’re in the process of migrating websites, we thought it would be a good idea to revisit our old content and see how things have changed. Read the original article followed by our updates for 2011.

Defined: On-page optimisation (on-page SEO) is what can be done on the pages of a website to maximise its performance in the search engines for target keywords related to the on-page content.

On-Page SEO Checklist:
  •  Always start with keyword selection, research and testing
  • Meta Description tag
  • ALT tags
  • H1 tags
  • URL structure
  • Internal linking strategy
  • Content
  • Keyword density
  • Site maps, both XML and user facing
  • Usability and accessibility
  • Track target keywords
  • Expect results in 6-12 months

Avoid common on-page SEO mistakes such as:
  • Duplicate content
  • URL variants of the same pages
  • Off-site images and content on-site
  • Duplicate title tags

Avoid spammy SEO tactics such as:
  • Hidden text
  • Hidden links
  • Keyword repetition
  • Doorway pages
  • Mirror pages
  • Cloaking

Wednesday, June 8, 2011

Pure virtual function

#include<iostream.h>
#include<conio.h>
class xyz
{
    protected:
        int a;
        public:
        xyz(){a=10;}
        virtual void display()=0;
};

class abc:public xyz
{
        int b;
        public:
        abc(){b=20;}
        void display()
        {
                cout<<"a="<<a<<"\n"<<"b="<<b;
        }
};

int main()
{
        clrscr();
        xyz *k;                  //no object is created
        abc s;
        //k->display();          //abnormal program termination
        k=&s;
        k->display();
        return 0;
}

Wednesday, May 4, 2011

Number Diamond/Brick

#include<stdio.h>
#include<conio.h>
void main()
{
    int n,i,j;
    clrscr();
    printf("enter a no.<=11 for generating the patter\n");
    scanf("%d",&n);
    printf("desired pattern is\n");

    for(i=1;i<=n;i++)
    {
        printf("\t");
       
        for(j=1;j<=n-i;j++)          //for blanks space
        printf("   ");

        for(j=n;j>=n+1-i;j--)        //for left upper half
        printf("%3d",j);

        for(j=n+2-i;j<=n;j++)        //for right upper half
        printf("%3d",j);

        printf("\n");
    }

    for(i=1;i<=n;i++)
    {
        printf("\t");
        
        for(j=1;j<=i;j++)             //for blanks space
        printf("   ");

        for(j=n;j>=i+1;j--)           //for left lower half
        printf("%3d",j);

        for(j=i+2;j<=n;j++)           //for right lower half
        printf("%3d",j);

        printf("\n");
    }
    getch();
}
 
output