testing Online Quiz - 47
Description: testing Online Quiz - 47 | |
Number of Questions: 20 | |
Created by: Aliensbrain Bot | |
Tags: testing |
Select Security Testing tools
-
TamperIE
-
CookieMonitor
-
SQL Profiler
-
All the above
Select the correct script for testing SQL injection threat (Select more than one)
-
CUST001' AND ‘1’=’1
-
CUST1001' DROP TABLE OrderDetail --
-
CUST1001’ OR 1 = 1--
-
All the above
-
Penetration testing
-
Vulnerability Testing
-
Risk Assessment
-
All the above
-
None of the above
Select security Testing Objectives
-
Confidentiality
-
Integrity
-
Availability
-
Functionality Testing
-
All the above
Cross Site Scripting can be executed from (select more than one)
-
Java Script
-
VB Script
-
SQL Server Management Studio
-
Web service
-
ActiveX
-
Flash
Cross Site Scripting can be used to
-
Steal cookies
-
Hijack accounts
-
Execute Flash/ActiveX contents
-
Force user to download s/w
-
All the above
‘X’ has given a data on a person age, which should be between 1 to 99. Using BVA which is the appropriate one
-
0,1,2,99
-
1, 99, 100, 98
-
0, 1, 99, 100
-
–1, 0, 1, 99
AI Explanation
To answer this question, we need to understand the concept of Boundary Value Analysis (BVA). BVA is a testing technique that focuses on the boundaries or extreme values of input data. The idea is to test the system's behavior at the edges of the input domain.
In this case, the valid age range is between 1 and 99. So, we need to select values that represent the lower and upper boundaries, as well as values just outside of these boundaries.
Let's go through each option to determine which one is appropriate:
Option A) 0, 1, 2, 99 - This option includes 0 as a value, which is outside the valid range of 1 to 99. Therefore, this option is incorrect.
Option B) 1, 99, 100, 98 - This option includes 100 as a value, which is outside the valid range of 1 to 99. Therefore, this option is incorrect.
Option C) 0, 1, 99, 100 - This option includes values 0 and 100, which are just outside the valid range of 1 to 99. Additionally, it includes values 1 and 99, which represent the lower and upper boundaries of the valid range. Therefore, this option is correct.
Option D) –1, 0, 1, 99 - This option includes -1 as a value, which is outside the valid range of 1 to 99. Therefore, this option is incorrect.
The correct answer is Option C) 0, 1, 99, 100. This option includes values just outside the valid range, as well as values representing the lower and upper boundaries of the valid range. Hence, it is the appropriate option for Boundary Value Analysis in this case.
Which is not a Component testing
-
Check the memory leaks
-
Check the robustness
-
Check the branch coverage
-
Check the decision tables
AI Explanation
To answer this question, you need to understand component testing. Component testing is a level of testing that focuses on testing individual components or modules of a software system.
Let's go through each option to understand why it is correct or incorrect:
Option A) Check the memory leaks - This option is a component testing activity. Component testing involves checking for memory leaks in the individual components or modules of a software system.
Option B) Check the robustness - This option is a component testing activity. Component testing involves checking the robustness of individual components or modules.
Option C) Check the branch coverage - This option is a component testing activity. Component testing involves checking the branch coverage of individual components or modules.
Option D) Check the decision tables - This option is not a component testing activity. Decision tables are used in other types of testing, such as functional testing or integration testing, to test the logic and decision-making capabilities of a system.
The correct answer is D. This option is not a component testing activity because decision tables are not specifically associated with component testing.
Contract and regulation testing is a part of
-
System testing
-
Acceptance testing
-
Integration testing
-
Smoke testing
AI Explanation
To answer this question, we need to understand the different types of testing in software development.
A. System testing - System testing is performed to evaluate the system's compliance with the specified requirements. It focuses on testing the entire system as a whole. Contract and regulation testing is not specifically related to system testing.
B. Acceptance testing - Acceptance testing is conducted to determine whether a system meets the acceptance criteria and to obtain customer approval for the system. Contract and regulation testing is often a part of acceptance testing as it ensures that the system adheres to the contractual obligations and regulatory requirements.
C. Integration testing - Integration testing is performed to verify the interaction between different components or modules of a system. It ensures that these components work together as expected. Contract and regulation testing is not directly related to integration testing.
D. Smoke testing - Smoke testing is a preliminary testing process that checks the basic functionalities of the system to ensure that it is stable and ready for further testing. Contract and regulation testing is not specifically associated with smoke testing.
Based on the above explanations:
Option A) System testing - This option is incorrect because contract and regulation testing is not specifically related to system testing.
Option B) Acceptance testing - This option is correct because contract and regulation testing is a part of acceptance testing to ensure compliance with contractual obligations and regulatory requirements.
Option C) Integration testing - This option is incorrect because contract and regulation testing is not directly related to integration testing.
Option D) Smoke testing - This option is incorrect because contract and regulation testing is not specifically associated with smoke testing.
The correct answer is B) Acceptance testing. This option is correct because contract and regulation testing is a part of acceptance testing to ensure compliance with contractual obligations and regulatory requirements.
Maintenance releases and technical assistance centers are examples of which of the following costs of quality?
-
External failure
-
Internal failure
-
Appraisal
-
Prevention
AI Explanation
To answer this question, you need to understand the different categories of costs of quality.
Option A) External failure - This option is correct because maintenance releases and technical assistance centers are examples of costs incurred when a product or service fails after it has been delivered to the customer. These costs are associated with external failures, which include customer complaints, product recalls, warranty claims, and repairs.
Option B) Internal failure - This option is incorrect because internal failure costs are incurred when a product or service fails before it is delivered to the customer. Examples of internal failure costs include rework, scrap, and retesting.
Option C) Appraisal - This option is incorrect because appraisal costs are incurred to evaluate the quality of products or services. Examples of appraisal costs include inspections, testing, and quality audits.
Option D) Prevention - This option is incorrect because prevention costs are incurred to prevent defects from occurring in the first place. Examples of prevention costs include employee training, process improvement initiatives, and quality planning.
The correct answer is A) External failure. Maintenance releases and technical assistance centers are examples of costs incurred after a product or service has been delivered to the customer, indicating external failure.
One person has been dominating the current software process improvement meeting. Which of the following techniques should the facilitator use to bring other team members into the discussion?
-
Confront the person and ask that other team members be allowed to express their opinions.
-
Wait for the person to pause, acknowledge the person’ s opinion, and ask for someone else’ s opinion.
-
Switch the topic to an issue about which the person does not have a strong opinion.
-
Express an opinion that differs from the person’ s opinion in order to encourage others to express their ideas.
A project that is in the implementation phase is six weeks behind schedule. The delivery date for the product is four months away. The project is not allowed to slip the delivery date or compromise on the quality standards established for this product. Which of the following actions would bring this project back on schedule?
-
Eliminate some of the requirements that have not yet been implemented.
-
Add more engineers to the project to make up for lost work.
-
Ask the current developers to work overtime until the lost work is recovered.
-
Hire more software quality assurance personnel.
AI Explanation
To answer this question, let's go through each option to understand why it is correct or incorrect:
Option A) Eliminate some of the requirements that have not yet been implemented - This option is correct because by eliminating some of the requirements that have not yet been implemented, the project can save time and focus on completing the essential requirements. This can help bring the project back on schedule without compromising on the quality standards established for the product.
Option B) Add more engineers to the project to make up for lost work - This option is incorrect because adding more engineers to the project may increase productivity in the short term, but it may also lead to issues such as communication gaps, coordination challenges, and increased complexity. Additionally, it may not address the underlying reasons for the delay.
Option C) Ask the current developers to work overtime until the lost work is recovered - This option is incorrect because asking the current developers to work overtime may lead to burnout, decreased productivity, and potential quality issues. Overtime work should be used sparingly and only as a short-term solution.
Option D) Hire more software quality assurance personnel - This option is incorrect because hiring more software quality assurance personnel may help improve the quality of the product, but it will not directly address the delay in the implementation phase.
The correct answer is A) Eliminate some of the requirements that have not yet been implemented. This option is correct because it allows the project to prioritize essential requirements and save time, bringing the project back on schedule without compromising on quality standards.
-
Tools and techniques
-
Procedures and standards
-
Processes and walkthroughs
-
Reviews and update
___________ technique can be used to achieve input and output coverage
-
Boundary value analysis
-
Equivalence partitioning
-
Decision table testing
-
State transition testing
AI Explanation
To answer this question, you need to understand different techniques used in software testing to achieve input and output coverage.
Option A) Boundary value analysis - This technique involves testing the values at the boundaries or limits of the input. It helps in identifying errors that occur at the edges of input domains. While boundary value analysis can help achieve input coverage, it does not specifically focus on output coverage.
Option B) Equivalence partitioning - This technique involves dividing the input data into different equivalence classes, where each class represents a unique behavior or outcome. By selecting a representative input from each class, you can achieve input coverage. Equivalence partitioning is commonly used to achieve input coverage.
Option C) Decision table testing - This technique involves creating a table that represents different combinations of inputs and their corresponding outputs. It helps in testing complex business rules or logic. While decision table testing can help achieve output coverage, it does not specifically focus on input coverage.
Option D) State transition testing - This technique is used to test the behavior of a system based on different states and transitions between those states. While state transition testing can help achieve input and output coverage, it is more focused on testing the transitions between states rather than covering all possible inputs and outputs.
The correct answer is Option B) Equivalence partitioning. This technique is specifically used to achieve input coverage by dividing the input data into different equivalence classes and selecting representative inputs from each class.
Purpose of test design technique is
-
Identifying test conditions only, not Identifying test cases
-
Not Identifying test conditions, Identifying test cases only
-
Identifying test conditions and Identifying test cases
-
Identifying test conditions or Identifying test cases
AI Explanation
To answer this question, you need to understand the purpose of test design techniques. Let's go through each option to understand why it is correct or incorrect:
Option A) Identifying test conditions only, not identifying test cases - This option is incorrect because test design techniques are used to identify both test conditions and test cases. Test conditions are the factors or variables that need to be tested, while test cases are the specific instances or scenarios that are designed to test those conditions.
Option B) Not identifying test conditions, identifying test cases only - This option is incorrect for the same reason as Option A. Test design techniques are used to identify both test conditions and test cases.
Option C) Identifying test conditions and identifying test cases - This option is correct because the purpose of test design techniques is to identify both test conditions and test cases. Test conditions are identified to ensure that all relevant factors are considered and tested, while test cases are designed to cover different scenarios and combinations of conditions.
Option D) Identifying test conditions or identifying test cases - This option is incorrect because the purpose of test design techniques is to identify both test conditions and test cases, not just one or the other.
The correct answer is C) Identifying test conditions and identifying test cases. This option is correct because test design techniques are used to identify both the factors to be tested (test conditions) and the specific instances or scenarios to test those factors (test cases).
What is the main purpose of Informal review
-
Inexpensive way to get some benefit
-
Find defects
-
Learning, gaining understanding, effect finding
-
Discuss, make decisions, solve technical problems
AI Explanation
To answer this question, you need to understand the main purpose of an informal review.
Option A) Inexpensive way to get some benefit - This option is correct because informal reviews are a cost-effective way to obtain some benefits. Informal reviews are less formal and less structured compared to formal reviews, which makes them quicker and easier to conduct. They can provide some benefits, such as finding defects, improving quality, and gaining understanding, without requiring a significant investment of time and resources.
Option B) Find defects - This option is incorrect because finding defects is one of the potential benefits of informal reviews, but it is not the main purpose. Informal reviews can help in identifying defects, but they also serve other purposes.
Option C) Learning, gaining understanding, effect finding - This option is incorrect because learning, gaining understanding, and effect finding are indeed some of the potential benefits of informal reviews, but they are not the main purpose. Informal reviews can provide opportunities for learning and gaining understanding, but they serve a broader purpose.
Option D) Discuss, make decisions, solve technical problems - This option is incorrect because discussing, making decisions, and solving technical problems are activities that can take place during informal reviews, but they are not the main purpose. Informal reviews are primarily focused on obtaining some benefit in a cost-effective manner.
The correct answer is A) Inexpensive way to get some benefit. This option is correct because the main purpose of informal reviews is to obtain some benefits in a cost-effective way.
Who is responsible for document all the issues, problems and open point that were identified during the review meeting
-
Moderator
-
Scribe
-
Reviewers
-
Author
AI Explanation
To answer this question, we need to understand the roles and responsibilities of individuals involved in a review meeting.
Option A) Moderator - The moderator is responsible for managing the review meeting, ensuring that it stays on track, and facilitating discussions. The moderator does not typically document the issues, problems, and open points identified during the meeting.
Option B) Scribe - The scribe is responsible for documenting all the issues, problems, and open points that were identified during the review meeting. The scribe takes notes and records the discussions and decisions made during the meeting.
Option C) Reviewers - Reviewers participate in the review meeting and provide their input and feedback on the document being reviewed. While they may contribute to identifying issues, problems, and open points, they are not specifically responsible for documenting them.
Option D) Author - The author is the person who created the document being reviewed. They may attend the review meeting to clarify any questions or provide additional information, but they are not responsible for documenting the issues, problems, and open points.
The correct answer is B) Scribe. The scribe is responsible for documenting all the issues, problems, and open points that were identified during the review meeting.
What is the purpose of test completion criteria in a test plan:
-
To ensure that the test case specification is complete
-
To set the criteria used in generating test inputs
-
To know when test planning is complete
-
To plan when to stop testing
AI Explanation
To answer this question, let's go through each option to understand why it is correct or incorrect:
Option A) To ensure that the test case specification is complete - This option is incorrect because the purpose of test completion criteria is not to ensure the completeness of the test case specification. Test completion criteria are used to determine when to stop testing, not to evaluate the completeness of the test case specification.
Option B) To set the criteria used in generating test inputs - This option is incorrect because the purpose of test completion criteria is not to set the criteria for generating test inputs. Test completion criteria are used to determine when to stop testing, not to set the criteria for generating test inputs.
Option C) To know when test planning is complete - This option is incorrect because the purpose of test completion criteria is not to determine when test planning is complete. Test completion criteria are used to determine when to stop testing, not to assess the completion of test planning.
Option D) To plan when to stop testing - This option is correct because the purpose of test completion criteria is to establish the conditions or criteria that indicate when testing should be stopped. Test completion criteria help in determining when sufficient testing has been conducted and when additional testing is no longer necessary.
The correct answer is D. This option is correct because test completion criteria are used to plan when to stop testing based on specific conditions or criteria that indicate that sufficient testing has been performed.
Which of the following is the main purpose of the integration strategy for integration testing in the small?
-
To ensure that the test case specification is complete
-
To set the criteria used in generating test inputs
-
To know when test planning is complete
-
To plan when to stop testing
AI Explanation
To answer this question, you need to understand the main purpose of the integration strategy for integration testing in the small. Let's go through each option to understand why it is correct or incorrect:
Option A) To ensure that the test case specification is complete - This option is incorrect because ensuring the completeness of the test case specification is not the main purpose of the integration strategy. While it is important to have a complete test case specification, it is not the primary goal of the integration strategy.
Option B) To set the criteria used in generating test inputs - This option is incorrect because setting the criteria used in generating test inputs is not the main purpose of the integration strategy. While it is important to have criteria for generating test inputs, it is not the primary goal of the integration strategy.
Option C) To know when test planning is complete - This option is incorrect because knowing when test planning is complete is not the main purpose of the integration strategy. Test planning is a separate activity that is completed before the integration strategy is developed.
Option D) To plan when to stop testing - This option is correct because the main purpose of the integration strategy for integration testing in the small is to plan when to stop testing. The integration strategy helps determine the scope of integration testing and the criteria for completing the testing process. It helps define when the integration testing has been sufficiently executed and when it can be considered complete.
The correct answer is Option D. This option is correct because the main purpose of the integration strategy for integration testing in the small is to plan when to stop testing.
Which of the following is NOT part of configuration management:
-
Status accounting of configuration items
-
Auditing conformance to ISO9001
-
Identification of test versions
-
Record of changes to documentation over time
To answer this question, the user needs to understand the concept of configuration management, which is the process of identifying, organizing, and controlling the changes made to software, hardware, or any other system throughout its lifecycle.
A. Status accounting of configuration items: This is a part of configuration management, which involves tracking the status of various configuration items and their version history.
B. Auditing conformance to ISO9001: This is not a part of configuration management. ISO9001 is a quality management standard that focuses on ensuring consistent quality of products and services. While configuration management is an important aspect of quality management, auditing to ISO9001 is not directly related to it.
C. Identification of test versions: This is a part of configuration management, which involves tracking the different versions of software or hardware throughout the testing phase.
D. Record of changes to documentation over time: This is a part of configuration management, which involves tracking the changes made to the documentation of the system throughout its lifecycle.
Therefore, the answer is:
The Answer is: B