FUNCTIONALITY TESTING

1. GATHER ALL THESE DOCUMENTS:

 BRD
 SRS
 UC
 Di

2. Start making Test Scenarios (test lead) & Test Cases (tester)
3. PRIOROTIZE Requirements:
If there are 100 requirements
 50 Critical (Most important functionality to the business)
 40 Medium
 10 Cosmetic (like font, logo etc.)

BASIC FACTORS YOU APPLY TO PRIORITIZE REQUIREMENTS

1. Any requirement related to DATABASE is critical

2. Security
3. Functionality (directly used to perform the business of the client)
4.

Test Scenario = Scene/Incident in a Movie

Test Cases = Sequential Actions

What is Functionality Testing?

 Performed by Testing Team after detailed reviews of business

requirements, functional requirements, use cases, design document, and
architectural document.
 Based on these documents Test Scenarios and Test Cases are created and
executed to check if the application code meets the requirements.
 Testing is performed on the priority of the requirement (if BA doesn’t do
this tester needs to do it)
 Do the following Functional Testing after you do the Sanity or Smoke Testing:

a) Security Testing

Application
Example: Online Banking
Server
http://www.tdonline.com Request will be stamped with
Certificate #

A lock sign will appear & http://

will change to https:// (won’t see
this until you login)

2 Companies who can make Site

Secure are VERISIGN & E-Trust
(Certificate #)

a) Login & Password: When username and password are submitted

this information gets send to the LDAP Server which only verifies
if this is a valid user account and returns a confirmation. A
connection is made and Session id and Session cookies are
created.

b) Encryption: Convert the normal language into a machine language

like 56 bit, 128 bit, 256 bit (what we put in will be broken into bits
 and goes to the TD’s Application Server. This needs to be checked
with the Network Administrator. Give him the time stamp and
ask for xml file in the application server. Check to see if you don’t
see a normal language then it’s encrypted.

c) Security Certificate/Penetrating Testing: Here you need to check

if cookies are being created.

Cookies: Temporary Storage Memory in the Browser (CASHE)

Persistent Cookies: stores non sensitive information

Session Cookie: temporary stored in the internet browser (just a

notepad) and is wiped out after you log out. When http: 
https:// this cookie is established.

Check to see if Session Cookie is stored in the browser after you

logout than it’s a defect.

Req Certificate #

Application Server Firewall Details are Stored here

d) Firewall – checks to see and block unauthorized entry into you
database. These are stored in the PROXY SERVER because if firewall is
stored in the application server it will take too long.

 Security Testing is performed in part of Functionality Testing.

 Any request is converted into XML files (previously it was Flat
Files)
 XML files use Tags which makes it faster, this data is encrypted
 Encryption needs to be checked with the network administrator
 When we press submit ask the developer for the XML file in the
application server, give the time, if you don’t see a normal
language it’s encrypted.
 Go to your computer and see if session cookie is there b/c if it’s
there it’s a defect.