T.Y.B.B.A./B.C.

A
CA 602 : SOFTWARE TESTING
(2019 Pattern) (Semester - VI)

Time: 2½ Hours] [Max. Marks : 70

Instructions to the candidates:
1) All questions are compulsory.
2) Figures to right indicate full marks.
3) Neat diagram must be drawn wherever necessary.

Q1) Attempt any eight of the following. (Out of ten) [8×2=16]

a) What is Software Testing?
Ans: Software Testing is a method to assess the functionality of the software program. The
process checks whether the actual software matches the expected requirements and
ensures the software is bug-free. The purpose of software testing is to identify the errors,
faults, or missing requirements in contrast to actual requirements. It mainly aims at
measuring the specification, functionality, and performance of a software program or
application.
b) What is Static testing?
Ans: Static testing is a software testing method that examines a program -- along with any
associated documents -- but does not require the program to be executed.
It is a method which is performed to check the defects in software without actually
executing the code of the software application.
c) State the advantages of manual testing.
Ans: Manual testing is a type of software testing in which test cases are executed manually
by a tester without using any automated tools. The purpose of Manual Testing is to identify
the bugs, issues, and defects in the software application
d) What are formulae for calculating cyclomatic complexity?

Ans: The cyclomatic complexity of a code section is the quantitative measure of the
number of linearly independent path in it. It is a software metric used to indicate the
complexity of a program. It is computed using the Control Flow Graph of the program.
The nodes in the graph indicate the smallest group of commands of a program, and a
directed edge in it connects the two nodes i.e. if the second command might
immediately follow the first command.

e) What is Gray-box testing?

Ans: Graybox testing is a software testing method to test the software application with
partial knowledge of the internal working structure. It is a combination of black box and
white box testing because it involves access to internal coding to design test cases as white
box testing and testing practices are done at functionality level as black box testing.
f) Define validation testing?
Ans: Validation is the process of checking whether the software product is up to the mark or
in other words product has high-level requirements. It is the process of checking the
 validation of the product i.e. it checks what we are developing is the right product. it is a
validation of actual and expected products. Validation is simply known as Dynamic Testing.

g) What is Debugging?
Ans: Debugging is the process of finding and fixing errors or bugs in the source code of any
software. When software does not work as expected, computer programmers study the
code to determine why any errors occurred. They use debugging tools to run the software in
a controlled environment, check the code step by step, and analyze and fix the issue.
h) Explain terms - Error, Fault and Failure?
Ans: Error is a situation that happens when the Development team or the developer fails to
understand a requirement definition and hence that misunderstanding gets translated into
buggy code. This situation is referred to as an Error and is mainly a term coined by the
developers.
Sometimes due to certain factors such as Lack of resources or not following proper steps
Fault occurs in software which means that the logic was not incorporated to handle the
errors in the application. This is an undesirable situation, but it mainly happens due to
invalid documented steps or a lack of data definitions.
Failure is the accumulation of several defects that ultimately lead to Software failure and
results in the loss of information in critical modules thereby making the system
unresponsive. Generally, such situations happen very rarely because before releasing a
product all possible scenarios and test cases for the code are simulated. Failure is detected
by end-users once they face a particular issue in the software.
i) Define regression testing.

Ans: Regression Testing is the process of testing the modified parts of the code and the
parts that might get affected due to the modifications to ensure that no new errors have
been introduced in the software after the modifications have been made. Regression
means the return of something and in the software field, it refers to the return of a bug.

j) What is software metric?

Ans: A software metric is a measure of software characteristics which are measurable or
countable. Software metrics are valuable for many reasons, including measuring software
performance, planning work items, measuring productivity, and many other uses.

Within the software development process, many metrics are that are all connected.
Software metrics are similar to the four functions of management: Planning,
Organization, Control, or Improvement.

Q2) Attempt any four of the following. (Out of five) [4×4=16]

a) Write difference between verification and validation.

Verification Validation
It includes checking documents, design, It includes testing and validating the actual
codes and programs. product.
Verification is the static testing. Validation is the dynamic testing.
 Verification Validation
It does not include the execution of the
It includes the execution of the code.
code.
Methods used in verification are reviews, Methods used in validation are Black Box
walkthroughs, inspections and desk- Testing, White Box Testing and non-functional
checking. testing.
It checks whether the software meets the
It checks whether the software conforms to
requirements and expectations of a customer or
specifications or not.
not.
It can find the bugs in the early stage of the It can only find the bugs that could not be found
development. by the verification process.
The goal of verification is application and
The goal of validation is an actual product.
software architecture and specification.
Validation is executed on software code with
Quality assurance team does verification.
the help of testing team.
It comes before validation. It comes after verification.
It consists of checking of documents/files It consists of execution of program and is
and is performed by human. performed by computer.
Verification refers to the set of activities Validation refers to the set of activities that
that ensure software correctly implements ensure that the software that has been built is
the specific function. traceable to customer requirements.
After a valid and complete specification the
Validation begins as soon as project starts.
verification starts.
Verification is for prevention of errors. Validation is for detection of errors.
Verification is also termed as white box
Validation can be termed as black box testing or
testing or static testing as work product
dynamic testing as work product is executed.
goes through reviews.

b) Explain software testing life cycle with diagram

Ans:

Requirement Phase Testing also known as Requirement Analysis in which test team studies
the requirements from a testing point of view to identify testable requirements and the QA
team may interact with various stakeholders to understand requirements in detail.
Requirements could be either functional or non-functional. Automation feasibility for the
testing project is also done in this stage.

Activities in Requirement Phase Testing

 Identify types of tests to be performed.

 Gather details about testing priorities and focus.
 Prepare Requirement Traceability Matrix (RTM)
 Identify test environment details where testing is supposed to be carried out.
 Automation feasibility analysis (if required).

Test Planning in STLC is a phase in which a Senior QA manager determines the test plan
strategy along with efforts and cost estimates for the project. Moreover, the resources, test
environment, test limitations and the testing schedule are also determined. The Test Plan gets
prepared and finalized in the same phase.

Test Planning Activities

 Preparation of test plan/strategy document for various types of testing

 Test tool selection
 Test effort estimation
 Resource planning and determining roles and responsibilities.
 Training requirement

The Test Case Development Phase involves the creation, verification and rework of test
cases & test scripts after the test plan is ready. Initially, the Test data is identified then created
and reviewed and then reworked based on the preconditions. Then the QA team starts the
development process of test cases for individual units.

Test Case Development Activities

 Create test cases, automation scripts (if applicable)

 Review and baseline test cases and scripts
 Create test data (If Test Environment is available)

Test Environment Setup decides the software and hardware conditions under which a work
product is tested. It is one of the critical aspects of the testing process and can be done in
parallel with the Test Case Development Phase. Test team may not be involved in this
activity if the development team provides the test environment. The test team is required to
do a readiness check (smoke testing) of the given environment.

Test Environment Setup Activities

 Understand the required architecture, environment set-up and prepare hardware and
software requirement list for the Test Environment.
 Setup test Environment and test data

Test Execution Phase is carried out by the testers in which testing of the software build is
done based on test plans and test cases prepared. The process consists of test script execution,
test script maintenance and bug reporting. If bugs are reported then it is reverted back to
development team for correction and retesting will be performed.

Test Execution Activities

 Execute tests as per plan

 Document test results, and log defects for failed cases
 Map defects to test cases in RTM
 Retest the Defect fixes
 Track the defects to closure

Test Cycle Closure phase is completion of test execution which involves several activities
like test completion reporting, collection of test completion matrices and test results. Testing
team members meet, discuss and analyze testing artifacts to identify strategies that have to be
implemented in future, taking lessons from current test cycle. The idea is to remove process
bottlenecks for future test cycles.

Test Cycle Closure Activities

 Evaluate cycle completion criteria based on Time, Test coverage, Cost,Software,

Critical Business Objectives, Quality
 Prepare test metrics based on the above parameters.
 Document the learning out of the project
 Prepare Test closure report
 Qualitative and quantitative reporting of quality of the work product to the customer.
 Test result analysis to find out the defect distribution by type and severity.

c) Explain Boundary - Value analysis in details.

For doing boundary value analysis only boundary values will be taken like minimum value
x(min), x(min-1),x(max+1) and x(max).This means we will check our software working by
giving these values. We will not take values in-between them.
Example 1
Consider a software application that requires users to enter the age. Applications may
contain specific minimum and maximum age restrictions. The restriction is to enter the
age between 18 to 30 years. If the user enters values above 30 or below 18, the
application may not work as expected. In this scenario, you can use BVA to test your
application by choosing values equal to, above, or below the age limit.

Invalid case Valid case Invalid case

11.12.13.,14,15,16,17 21,22,23,24,25,26,27,28,29 31,32,33,34,35,36,37,38,39

d) Explain Acceptance testing in details.

Acceptance testing is formal testing based on user requirements and function processing. It
determines whether the software is conforming specified requirements and user
requirements or not. It is conducted as a kind of Black Box testing where the number of
required users involved testing the acceptance level of the system. It is the fourth and last
level of software testing. User acceptance testing (UAT) is a type of testing, which is done by
the customer before accepting the final product. Generally, UAT is done by the customer
 (domain expert) for their satisfaction, and check whether the application is working
according to given business scenarios, real-time scenarios.

e) Explain Test Case Design along with example.

Ans: The test design phase aims to create test scenarios and test cases that can be run on
the application being tested (AUT). The test execution step executes the test cases
completed during the test design phase.

Q3) Attempt any four of the following. (Out of five) [4×4=16]

a) Explain any four testing principles in detail.

 Testing shows the presence of defects: The goal of software testing is to make the
software fail. Software testing reduces the presence of defects. Software testing talks
about the presence of defects and doesn’t talk about the absence of defects. Software
testing can ensure that defects are present but it can not prove that software is defect-
free. Even multiple testing can never ensure that software is 100% bug-free. Testing
can reduce the number of defects but not remove all defects.

 Exhaustive testing is not possible: It is the process of testing the functionality of the
software in all possible inputs (valid or invalid) and pre-conditions is known as
exhaustive testing. Exhaustive testing is impossible means the software can never test
at every test case. It can test only some test cases and assume that the software is
correct and it will produce the correct output in every test case. If the software will
test every test case then it will take more cost, effort, etc., which is impractical.

 Early Testing: To find the defect in the software, early test activity shall be started.
The defect detected in the early phases of SDLC will be very less expensive. For
better performance of software, software testing will start at the initial phase i.e.
testing will perform at the requirement analysis phase.

 Defect clustering: In a project, a small number of modules can contain most of the
defects. The Pareto Principle for software testing states that 80% of software defects
come from 20% of modules.

 Pesticide paradox: Repeating the same test cases, again and again, will not find new
bugs. So it is necessary to review the test cases and add or update test cases to find
new bugs.

 Testing is context-dependent: The testing approach depends on the context of the

software developed. Different types of software need to perform different types of
testing. For example, The testing of the e-commerce site is different from the testing
of the Android application.

 Absence of errors fallacy: If a built software is 99% bug-free but does not follow the
user requirement then it is unusable. It is not only necessary that software is 99% bug-
free but it is also mandatory to fulfill all the customer requirements.
  Testing Is a Risk-Based Activity: Testing efforts should be prioritized according to
the risks associated with different features or functionalities. Focus testing on areas
that are critical to the success of the application.

 Testing Cannot Prove Software Correctness: Testing demonstrates the presence of

defects but cannot prove that the software is entirely correct. It provides confidence in
the software’s behavior within the scope of the tests performed.

 Absence-of-Error Fallacy: The absence of detected defects does not proof that the
software is error-free. It implies that the testing process has not found any issues
within the defined scope and constraints.

 Automated Testing Complements Manual Testing: Combining Both automated

and manual testing allows for more comprehensive test coverage.

 Testing Is Iterative: Testing is an iterative process that continues throughout the

software development life cycle.

b) Explain white box testing and its techniques.

white box testing can use the following techniques:

 Statement Coverage: Statement coverage testing ensures that every line of code
within an application is tested by at least one test case. Statement coverage testing can
help to identify if portions of the code are unused or unreachable, which can be
caused by programming errors, updates, etc. Identifying this dead code enables
developers to fix incorrect conditional statements or remove redundant code to
improve application performance and security.
 Branch Coverage: Conditional statements create branches within an application’s
execution code as different inputs can follow different execution paths. Branch
coverage testing ensures that every branch within an application is covered by unit
testing. This ensures that even little-used code paths are properly validated.
 Path Coverage: An execution path describes the sequence of instructions that can be
executed from when an application starts to where it terminates. Path coverage testing
ensures that every execution path through an application is covered by use cases. This
can help to ensure that all execution paths are functional, efficient, and necessary.

c) Explain Sandwich and Big-Bang approach of Integration testing.

Sandwich testing is a type of testing that consist of two parts,they are Top-down
approach and Bottom-up approach.It combines the advantages of both Bottom-up
testing and Top-down testing at a time.Bottom-up testing starts from middle layer
and goes upward to the top layer where as Top-down testing starts from middle
layer and goes downward. Big-bang approach is followed for the middle layer. From
this layer bottom-up approach goes upwards and top-down approach goes
downwards.
 Big bang integration testing is a testing approach where all components or modules
are integrated and tested as a single unit. This is done after all modules have been
completed and before any system-level testing is performed. This is in contrast to
incremental integration testing, in which components are tested one at a time or in
small groups. This approach is typically used when there is a tight deadline for
delivering the software product, and all development teams are working in parallel
on their respective components.
For example, consider a simple system with three modules A, B, and C. Module A
has been tested and found to be working correctly. The same is true for modules B
and C. To test the system as a whole, all three modules are integrated and tested
together.
d) Explain load and Smoke testing in detail.

Load testing determines the behavior of the application when multiple users use it at the same
time. It is the response of the system measured under varying load conditions.

1. The load testing is carried out for normal and extreme load conditions.

2. Load testing is a type of performance testing that simulates a real-world load on a

system or application to see how it performs under stress.

3. The goal of load testing is to identify bottlenecks and determine the maximum
number of users or transactions the system can handle.

4. It is an important aspect of software testing as it helps ensure that the system can
handle the expected usage levels and identify any potential issues before the system is
deployed to production.

Ans: Smoke Testing is a software testing process that

determines whether the deployed software build is stable or
not. Smoke testing is a confirmation for QA team to proceed
with further software testing. It consists of a minimal set of
tests run on each build to test software functionalities.
Smoke testing is also known as “Build Verification Testing” or
“Confidence Testing.”
In simple terms, smoke tests means verifying the important
features are working and there are no showstoppers in the
build that is under testing. It is a mini and rapid regression
test of major functionality. It is a simple test that shows the
product is ready for testing. This helps determine if the build
is flawed as to make any further testing a waste of time and
resources.
a) Write difference between Static and Dynam ic testing.
Static Testing
It is performed in the early stage of the
software development.
In static testing whole code is not
executed.
Static testing prevents the defects.
Static testing is performed before code
deployment.
Static testing is less costly.
Static Testing involves checklist for testing Dynamic Testing involves test
process.
It includes walkthroughs, code review,
inspection etc.
It generally takes shorter time.
It can discover variety of bugs.
Static Testing may complete 100%
statement coverage in comparably less
time.
Example: Verification
Dynamic Testing
It is performed at the later stage
of the software development.
In dynamic testing whole code is
executed.
Dynamic testing finds and fixes the
defects.
Dynamic testing is performed
after code deployment.
Dynamic testing is highly costly.
cases for testing process.
It involves functional and
nonfunctional testing.
It usually takes longer time as
it involves running several test
cases.
It expose the bugs that are
explorable through execution
hence discover only limited type
of bugs.
While dynamic testing only
achieves less than 50% statement
coverage.
Example: Validation
Q4) Attempt any four of the following. (Out of five) [4×4=16]
a) Explain test case design for the login process.

Features to be
Test Cases
Tested
1. Test that the email is present.
2. The email field should accept valid email addresses.
3. The email field should not accept invalid email addresses.
Email field 4. The email field should display an error message when an invalid
email address is entered.
5. The email field should be case-insensitive.

1. Test that the password field is present.

2. Test that the password field is masked.
3. Test that a username field may allow for alphanumeric characters.
4. Test that the password field may require only numbers or letters.
5. Make sure that the password field is present and that it is labeled
correctly.
6. Test that the password field accepts input.
7. Ensure that the password field masks input so that it is not visible as
Password
plain text.
8. Confirm that the password field has the correct level of security by
testing for minimum length and character type requirements.
9. Verify that the password field does not auto-fill when using a
password manager.
10. Test that the password field correctly validates input when
submitting the form.

1. Test that the user is able to login with the correct credentials.
2. Test that the email and password fields are mandatory.
3. Test that the user is redirected to the correct page after login.
4. Enter all invalid details in the login form and check if the user is
Login Form able to log in successfully.
5. Test that the user can see a forgot password link on the login page.
6. Try to log in with an already existing username and check if the
user is able to log in successfully.

Error message Test that the user receives an error message if the login details are incorrect.

b) Stub and Driver concept in Unit testing.

1. Stubs :
Stubs are developed by software developers to use them in place of modules, if the respective
modules aren’t developed, missing in developing stage, or are unavailable currently while
Top-down testing of modules. A Stub simulates module which has all the capabilities of the
unavailable module. Stubs are used when the lower-level modules are needed but are
unavailable currently.
Stubs are divided into four basic categories based on what they do :

 Shows the traced messages,

 Shows the displayed message if any,
 Returns the corresponding values that are utilized by modules,
 Returns the value of the chosen parameters(arguments) that were used by the testing
modules.

2. Drivers :
Drivers serve the same purpose as stubs, but drivers are used in Bottom-up integration testing
and are also more complex than stubs. Drivers are also used when some modules are missing
and unavailable at time of testing of a specific module because of some unavoidable reasons,
to act in absence of required module. Drivers are used when high-level modules are missing
and can also be used when lower-level modules are missing.

c) Explain GUI testing in details.

Graphical User Interface Testing (GUI) Testing is the process for ensuring proper functionality of the
graphical user interface (GUI) for a specific application. GUI testing generally evaluates a design of
elements such as layout, colors and also fonts, font sizes, labels, text boxes, text formatting,
captions, buttons, lists, icons, links, and content. GUI testing processes may be either manual or
automatic and are often performed by third-party companies, rather than developers or end users.

GUI Testing basically involves

1. Testing the size, position, width, height of the elements.

2. Testing of the error messages that are getting displayed.

3. Testing the different sections of the screen.

4. Testing of the font whether it is readable or not.

5. Testing of the screen in different resolutions with the help of zooming in and zooming out
like 640 x 480, 600×800, etc.

6. Testing the alignment of the texts and other elements like icons, buttons, etc. are in proper
place or not.

7. Testing the colors of the fonts.

8. Testing the colors of the error messages, warning messages.

9. 9.Testing whether the image has good clarity or not.

10. 10.Testing the alignment of the images.

11. 11.Testing of the spelling.

12. 12.The user must not get frustrated while using the system interface.

13. 13.Testing whether the interface is attractive or not.

14. 14.Testing of the scrollbars according to the size of the page if any.
 15. 15.Testing of the disabled fields if any.

16. 16.Testing of the size of the images.

17. 17.Testing of the headings whether it is properly aligned or not.

18. 18.Testing of the color of the hyperlink.

e) What is difference between client/server and web-based testing?

Ans: CLIENT / SERVER TESTING

This type of testing is usually done for 2 tier applications (usually developed for LAN). Here
we will be having front-end and backend. The application launched on front-end will be
having forms and reports which will be monitoring and manipulating data.

E.g: applications developed in VB, VC++, Core Java, C, C++, D2K, PowerBuilder etc.

The backend for these applications would be MS Access, SQL Server, Oracle, Sybase,
Mysql, Quadbase

The tests performed on these types of applications would be

 User interface testing

 Manual support testing
 Functionality testing
 Compatibility testing & configuration testing

Intersyste WEB TESTING

This is done for 3 tier applications (developed for Internet / intranet / xtranet). Here we will
be having Browser, web server and DB server. The applications accessible in browser would
be developed in HTML, DHTML, XML, JavaScript etc. (We can monitor through these
applications). Applications for the web server would be developed in Java, ASP, JSP,
VBScript, JavaScript, Perl, Cold Fusion, PHP etc. (All the manipulations are done on the web
server with the help of these programs developed).

The DBserver would be having oracle, sql server, sybase, mysql etc. (All data is stored in the
database available on the DB server).

The tests performed on these types of applications would be

 User interface testing

 Functionality testing
 Security testing
 Browser compatibility testing
 Load / stress testing
 Interoperability testing/intersystem testing
 Storage and data volume testing
e) How to calculate the cyclomatic complexity of a code? Explain with

example.

The cyclomatic complexity of a code section is the quantitative measure of the number of
linearly independent paths in it. It is a software metric used to indicate the complexity of a
program. It is computed using the Control Flow Graph of the program. The nodes in the graph
indicate the smallest group of commands of a program, and a directed edge in it connects the
two nodes i.e. if the second command might immediately follow the first command.

For example, if the source code contains no control flow statement then its cyclomatic
complexity will be 1, and the source code contains a single path in it. Similarly, if the source
code contains one if condition then cyclomatic complexity will be 2 because there will be two
paths one for true and the other for false.

cyclomatic complexity M would be defined as,

M = E – N + 2P where E = the number of edges in the control flow graph

N = the number of nodes in the control flow graph
P = the number of connected components

Let a section of code as such:

A = 10
IF B > C THEN
A = B
ELSE
A = C
ENDIF
Print A
Print B
Print C

Q5) Write a short note on any two of the following. (Out of three) [2×3=6]
a) Testing for Real - Time System.

Ans: A real-time system means that the system is subjected to real-time, i.e., the response
should be guaranteed within a specified timing constraint or the system should meet the
specified deadline. For example flight control systems, real-time monitors, etc.

Types of real-time systems based on timing constraints:

1. Hard real-time system: This type of system can never miss its deadline. Missing the
deadline may have disastrous consequences. The usefulness of results produced by a
hard real-time system decreases abruptly and may become negative if tardiness
increases. Tardiness means how late a real-time system completes its task with respect
to its deadline. Example: Flight controller system.
2. Soft real-time system: This type of system can miss its deadline occasionally with
some acceptably low probability. Missing the deadline have no disastrous
consequences. The usefulness of results produced by a soft real-time system decreases
gradually with an increase in tardiness. Example: Telephone switches.
 3. Firm Real-Time Systems: These are systems that lie between hard and soft real-time
systems. In firm real-time systems, missing a deadline is tolerable, but the usefulness
of the output decreases with time. Examples of firm real-time systems include online
trading systems, online auction systems, and reservation systems.

b) Stub and Driver concept in unit testing.

c) Load Runner

LoadRunner is a Performance Testing tool which was pioneered by Mercury in 1999.

LoadRunner was later acquired by HPE in 2006. In 2016, LoadRunner was acquired by
MicroFocus.

LoadRunner supports various development tools, technologies and communication protocols.

In fact, this is the only tool in market which supports such a large number of protocols to
conduct Performance Testing. Performance Test Results produced by LoadRunner software
are used as a benchmark against other tools