UNIT IV ADVANCED TESTING CONCEPTS

Performance Testing: Load Testing, Stress Testing, Volume Testing, Fail-Over Testing,
Recovery Testing, Configuration Testing, Compatibility Testing, Usability Testing, Testing
the Documentation, Security testing, Testing in the Agile Environment, Testing Web and
Mobile Applications.

PERFORMANCE TESTING:
Performance Testing is a type of software testing that ensures software applications perform
properly under their expected workload. It is a testing technique carried out to determine
system performance in terms of sensitivity, reactivity, and stability under a particular
workload.

Types of Performance testing :

1.Load testing
2.Stress testing
3.Volume testing
4. Fail Over testing
5.Recovery testing
6.Configuration testing
7.Compatibility testing
8.Usability Testing
1.LOAD TESTING

Load testing is a type of Performance Testing that determines the performance of a system,
software product, or software application under real-life-based load conditions.

What is Load Testing?

Load testing determines the behavior of the application when multiple users use it at the same
time. It is the response of the system measured under varying load conditions.
1. The load testing is carried out for normal and extreme load conditions.
2. Load testing is a type of performance testing that simulates a real-world load on a system or
application to see how it performs under stress.
3. The goal of load testing is to identify bottlenecks and determine the maximum number of
users or transactions the system can handle.
4. It is an important aspect of software testing as it helps ensure that the system can handle the
expected usage levels and identify any potential issues before the system is deployed to
production.
Load Testing Techniques
1. Stress testing: Testing the system’s ability to handle a high load above normal usage levels
2. Spike testing: Testing the system’s ability to handle sudden spikes in traffic
3. Soak testing: Testing the system’s ability to handle a sustained load over a prolonged
period of time
4. Tools for Performance Testing: Make use of specialized load testing tools like Locust,
Gatling, JMeter, LoadRunner, and Apache Benchmark. These tools assist in gathering
performance measurements and simulating a large number of users.
5. Specify the Test Objectives: Clearly state what your load test’s goals are. Recognize the
required response times, transaction volumes and expected user behavior.
6. Determine Crucial Situations: Determine the essential user scenarios that correspond to
common usage patterns. A variety of actions, including user logins, searches, form
submissions and other significant interactions, should be covered by these scenarios.
Objectives of Load Testing:
1. Evaluation of Scalability: Assess the system’s ability to handle growing user and
transaction demands. Find the point at which the system begins to function badly.
2. Planning for Capacity: Describe the system’s ability to accommodate anticipated future
increases in the number of users, transactions and volume of data. Making well-informed
decisions regarding infrastructure upgrades is made easier by this.
3. Determine bottlenecks: Identify and localize bottlenecks in the application or
infrastructure’s performance. Finding the places where the system’s performance can suffer
under load is part of this.
4. Analysis of Response Time: For crucial transactions and user interactions, track and
evaluate response times. Make that the system responds to changes in load with reasonable
response times.
5. Finding Memory Leaks: Find and fix memory leaks that may eventually cause a decline
in performance. Make sure the programme doesn’t use up too many resources when it’s
running.
Load Testing Process

1. Test Environment Setup: Firstly create a dedicated test environment setup for performing
the load testing. It ensures that testing would be done in a proper way.
2. Load Test Scenario: In second step load test scenarios are created. Then load testing
transactions are determined for an application and data is prepared for each transaction.
3. Test Scenario Execution: Load test scenarios that were created in previous step are now
executed. Different measurements and metrices are gathered to collect the information.
4. Test Result Analysis: Results of the testing performed is analyzed and various
recommendations are made.
5. Re-test: If the test is failed then the test is performed again in order to get the result in
correct way.
Load Testing Tools:

 Apache Jmeter
 Load Ninja
 NeoLoad
 WebLoad
 HP Performance Tester
 Load View
 Load UI Pro
 2.STRESS TESTING

Stress Testing is a software testing technique that determines the robustness of software by
testing beyond the limits of normal operation. Stress testing is particularly important for
critical software but is used for all types of software.

Stress testing emphasizes robustness, availability, and error handling under a heavy load rather
than what is correct behavior under normal situations.

Characteristics of Stress Testing

1. Identification of Risk: Stress testing’s main objective is to locate and evaluate a system’s
possible hazards and weaknesses.
2. Quantitative and Qualitative Analysis: While numerical data are crucial, it’s also critical
to comprehend the qualitative characteristics of the system’s response and potential weak
points.
3. Variable Parameters: Stress testing includes changing variables including interest rates,
market conditions, transaction volumes and outside influences that could have an impact on
the system.
4. Cross-Functional Involvement: Many departments within an organization must work
together and participate in stress testing. This cross-functional strategy makes sure that the
stress testing procedure benefits from a variety of viewpoints and specialties.
5. Open and Honest Communication: Stress testing necessitates open and honest
communication regarding the goal, approach, and outcomes of the testing procedure.
Need for Stress Testing
 To accommodate the sudden surges in traffic: It is important to perform stress testing to
accommodate abnormal traffic spikes. For example, when there is a sale announcement on
the e-commerce website there is a sudden increase in traffic. Failure to accommodate such
needs may lead to a loss of revenue and reputation.
 Display error messages in stress conditions: Stress testing is important to check whether
the system is capable to display appropriate error messages when the system is under stress
conditions.
 The system works under abnormal conditions: Stress testing checks whether the system
can continue to function in abnormal conditions.
 Prepared for stress conditions: Stress testing helps to make sure there are sufficient
contingency plans in case of sudden failure due to stress conditions. It is better to be
prepared for extreme conditions by executing stress testing.
Purpose of Stress Testing
 Analyze the behavior of the application after failure: The purpose of stress testing is to
analyze the behavior of the application after failure and the software should display the
appropriate error messages while it is under extreme conditions.
 System recovers after failure: Stress testing aims to make sure that there are plans for
recovering the system to the working state so that the system recovers after failure.
 Uncover Hardware issues: Stress testing helps to uncover hardware issues and data
corruption issues.
 Uncover Security Weakness: Stress testing helps to uncover the security vulnerabilities
that may enter into the system during the constant peak load and compromise the system.
 Ensures data integrity: Stress testing helps to determine the application’s data integrity
throughout the extreme load, which means that the data should be in a dependable state
even after a failure.
Stress Testing Process
The stress testing process is divided into 5 steps:
. Planning the stress test
This step involves gathering the system data, analyzing the system, and defining the stress test
goals.
 Gathering System Data : For a web application, collect details about server specifications,
database configurations, network bandwidth, and current traffic patterns.
 Analyzing the System : Evaluate how the web application performs during peak traffic
times, such as during a sales event. Identify any existing issues like slow page loads or
database timeouts.
 Defining Stress Test Goals : Set goals such as ensuring the application can handle a traffic
spike of 10,000 users per minute without crashing and maintaining response times below 2
seconds.
2. Create Automation Scripts
This step involves creating the stress testing automation scripts and generating the test data for
the stress test scenarios.
 Developing Stress Testing Scripts : Use tools like Apache JMeter or LoadRunner to
create scripts that simulate user actions such as logging in, browsing products, and making
purchases.
 Generating Test Data : Create datasets that include various user profiles, product
inventories, and transaction records to ensure the test is realistic and comprehensive.
3. Script Execution
This step involves running the stress test automation scripts and storing the stress test results.
 Analyzing Test Data : Review the logs to identify performance trends. Look for any
significant slowdowns or failures as the load increases.
 Identifying Bottlenecks : If the application slows down significantly at 5,000 users,
investigate the server logs to determine if the issue is related to database queries, server
CPU limits, or network bandwidth.
4. Result Analysis
This phase involves analyzing stress test results and identifying the bottlenecks.
 Running the Stress Test Scripts : Execute the scripts in a test environment that mirrors
the production setup. Gradually increase the number of simulated users to observe how the
system handles the load.
 Storing Test Results : Use logging tools to capture performance data such as server
response times, error rates, and resource utilization metrics.
5. Tweaking and Optimization
This step involves fine-tuning the system and optimizing the code with the goal meet the
desired benchmarks.
 Fine-Tuning the System : Based on the findings, optimize database queries, increase
server CPU capacity, or enhance network configurations.
 Optimizing for Desired Benchmarks : Retest the application to ensure it now handles
10,000 users per minute with response times below 2 seconds.
Types of Stress Testing
Here are the following Types of Stress Testing

1. Server-client Stress Testing

Server-client stress testing also known as distributed stress testing is carried out across all
clients from the server.
Also known as Distributed Stress Testing , this type involves testing the performance and
robustness of a server by simulating multiple clients. The aim is to assess how well the server
can handle numerous simultaneous requests from different clients.
2.Product Stress Testing
Product stress testing concentrates on discovering defects related to data locking and blocking,
network issues, and performance congestion in a software product.
Product Stress Testing focuses on identifying issues related to data locking, network
problems, and performance bottlenecks within a specific software product.
3. Transactional Stress Testing
Transaction stress testing is performed on one or more transactions between two or more
applications. It is carried out for fine-tuning and optimizing the system.
Transactional Stress Testing is performed on transactions between two or more applications.
This type of testing aims to optimize and fine-tune the system by simulating high volumes of
transaction loads.
4. Systematic Stress Testing
Systematic stress testing is integrated testing that is used to perform tests across multiple
systems running on the same server. It is used to discover defects where one application data
blocks another application.
Systematic Stress Testing involves integrated testing across multiple systems running on the
same server. This approach helps identify defects where one application’s data processing
might interfere with another application on the same server.
5. Analytical Stress Testing
Analytical or exploratory stress testing is performed to test the system with abnormal
parameters or conditions that are unlikely to happen in a real scenario. It is carried out to find
defects in unusual scenarios like a large number of users logged at the same time or a database
going offline when it is accessed from a website.
Stress Testing Tools
1. Jmeter : Apache JMeter is a stress testing tool is an open-source, pure Java-based software
that is used to stress test websites. It is an Apache project and can be used for load testing
for analyzing and measuring the performance of a variety of services.
2. LoadNinja: LoadNinja is a stress testing tool developed by SmartBear that enables users to
develop codeless load tests, substitutes load emulators with actual browsers, and helps to
achieve high speed and efficiency with browser-based metrics.
3. WebLoad: WebLoad is a stress testing tool that combines performance, stability, and
integrity as a single process for the verification of mobile and web applications.
4. Neoload: Neoload is a powerful performance testing tool that simulates large numbers of
users and analyzes the server’s behavior. It is designed for both mobile and web
applications. Neoload supports API testing and integrates with different CI/ CD
applications.
5. SmartMeter: SmartMeter is a user-friendly tool that helps to create simple tests without
coding. It has a graphical user interface and has no necessary plugins. This tool
automatically generates advanced test reports with complete and detailed test results.
Advantages of Stress Testing
 Determines the behavior of the system: Stress testing determines the behavior of the
system after failure and ensures that the system recovers quickly.
 Ensure failure does not cause security issues: Stress testing ensures that system failure
doesn’t cause security issues.
 Makes system function in every situation: Stress testing makes the system work in
normal as well as abnormal conditions in an appropriate way.
 Improving Decision Making: Decision-making processes can benefit from the insightful
information that stress testing offers.
 Increasing Stakeholder confidence: Providing clear information about the outcomes of
stress tests helps boost stakeholder confidence. Organizations that show a proactive
approach to risk management are valued by investors, customers, and other stakeholders,
since it cultivates credibility and confidence.
Disadvantages of Stress Testing
1. Manual stress testing is complicated: The manual process of stress testing takes a longer
time to complete and it is a complicated process.
2. Good scripting knowledge required: Good scripting knowledge for implementing the
script test cases for the particular tool is required.
3. Need for external resources: There is a need for external resources to implement stress
testing. It leads to an extra amount of resources and time.
4. Constantly licensed tool: In the case of a licensed stress testing tool, it charges more than
the average amount of cost.
5. Additional tool required in case of open-source stress testing tool: In the case of some
open-source tools, there is a need for a load testing tool additionally for setting up the stress
testing environment.
6. Improper test script implementation results in wastage: If proper stress scripts or test
cases are not implemented then there will be a chance of failure of some resources and
wastage of time.

3.Volume Testing

Volume Testing is a type of software testing which is carried out to test a software application
with a certain amount of data. The amount used in volume testing could be a database size or it
could also be the size of an interface file that is the subject of volume testing.

Characteristics of Volume Testing

Following are the characteristics of the Volume Testing:
 Performance of the software decline as passing of the time as there is huge amount of data
overtime.
 Basically the test data is created by test data generator.
 Only small amount of data is tested during development phase.
 The test data need to be logically correct.
 The test data is used to assess the performance of the system.
Objectives of Volume Testing
The objectives of volume testing is:
 To recognize the problems that may be created with large amount of data.
 To check The system’s performance by increasing the volume of data in the database.
 To find the point at which the stability of the system reduces.
 To identify the capacity of the system or application.
Volume Testing Attributes
Following are the important attributes that are checked during the volume testing:
 System’s Response Time: During the volume testing, the response time of the system or
the application is tested. It is also tested whether the system responses within the finite time
or not. If the response time is large then the system is redesigned.
 Data Loss: During the volume testing, it is also tested that there is no data loss. If there is
data loss some key information might be missing.
 Data Storage: During the volume testing, it is also tested that the data is stored correctly or
not. If the data is not stored correctly then it is restored accordingly in proper place.
 Data Overwriting: In volume testing, it is tested that whether the data is overwritten
without giving prior information to the developer. If it so then developer is notified.
Volume Testing is a type of Performance Testing.
Advantages of Volume Testing
 Volume testing is helpful in saving maintenance cost that will be spent on application
maintenance.
 Volume testing is also helpful in a rapid start for scalability plans.
 Volume testing also helps in early identification of bottlenecks.
 Volume testing ensures that the system is capable of real world usage.
Disadvantages of Volume Testing
 More number of skilled resources are needed to carry out this testing.
 It is sometimes difficult to prepare test cases with respect to the number of volume of data
to be tested.
 It is a time consuming technique since it requires lot of time to decide the number of
volume of data and test scenarios.
 It is a bit costly as compared to another testing technique.
 It is not possible to have the exact break down of memory used in the real world
application.
Volume Testing Tools:

#1)DbFit:
This is an open-source tool that supports test-driven development.
DbFit testing framework is written on top of Fitness, the tests are written using tables and can be
executed using any Java IDE or CI tool.
#2) HammerDb:
HammerDb is also an open-source tool that can be automated, multi-threaded, and even allows
run-time scripting. It can work with SQL, Oracle, MYSQL, etc.
#3) JdbcSlim:
JdbcSlim commands can be easily integrated into Slim Fitness and it supports all the databases
which have a JDBC driver. The focus is on keeping the configuration, test data, and SQL queries
separate.
#4) NoSQLMap:
This is an open-source Python tool that is designed to automatically inject attacks and disrupt the
DB configurations to analyze the threat. It works only for MongoDB.
#5) Ruby-PLSQL-spec:
The PLSQL can be unit tested using Ruby as Oracle is available as an open-source
tool. This basically uses two libraries: Ruby-PLSQLand Rspec.

4. FAIL –OVER TESTING

Failover testing is a technique that validates if a system can allocate extra resources and back
up all the information and operations when a system fails abruptly due to some reason. This
test determines the ability of a system to handle critical failures and handle extra servers. So,
the testing is independent of the physical hardware component of a server.
It is preferred that testing should be performed by servers. Active-active and active-
passive standby are the two most common configurations.
Considerable Factors Before Performing Failover Testing :
1. The budget has to be the first thing to be taken into consideration before thinking about
performing the Failover test.
2. The budget is connected to the frameworks that might crash or break down under
pressure/load.
3. Always keep in mind how much time it will take to fix all the issues caused by the failure
of the system.
4. Note down the most likely failures and organize the outcomes according to how much harm
is caused by the failure.
Considerable Factors While Performing Failover Testing
1. Keep a plan of measures to be taken after performing a test.
2. Focus on the execution of the test plan.
3. Set up a benchmark so that performance requirements can be achieved.
4. Prepare a report concerning issue requirements and/or requirements of the asset.
Working of Failover testing:

1. Consider the factors: Before performing failover testing like budget, time, team,
technology, etc.
2. Analysis on failover reasons and design solutions: Determine probable failure situations
that the system might experience. Examine the causes of failover, including software bugs,
hardware malfunctions, network problems, etc. It provides fixes for any flaws or
vulnerabilities found in the failover procedure.
3. Testing failover scenarios: It develops extensive test cases to replicate various failover
scenarios. This covers both unplanned failovers (system or component failures) and
scheduled failovers (maintenance). Test cases ought to address many facets of failover,
such as load balancing, user impact, network rerouting, and data synchronization.
4. Executing the test plan: To reduce the impact on production systems, carry out the
failover test plan in a controlled setting. Keep an eye on how the system behaves during
failover to make sure it satisfies the recovery point and recovery time objectives (RPO and
RTO, respectively).
5. Detailed report on failover: Keep a record of the failover testing findings, including any
problems you ran across, how long it took to failover and how it affected customers or
services. Assess problems according to their severity and offer suggestions for
improvements.
6. Necessary actions based on the report: Distribute the report on the failover test to all
pertinent parties, such as project managers, developers, and system
administrators. Determine what needs to be done and prioritize it based on the report’s
conclusions. This might involve fixing found flaws in the system, updating failover
setups or improving the documentation.
Benefits of Failover Testing:
1. Determines Vulnerabilities and Weaknesses: Failover testing helps in locating holes and
vulnerabilities in the system by simulating different failure scenarios. Organizations can
address any problems before they have an impact on production settings by taking a
proactive approach.
2. Verifies Redundancy Procedures: Redundancy mechanisms are frequently incorporated
into systems to improve reliability. In order to make sure that these systems such as
redundant servers, databases, or network paths, work flawlessly in the event of a
breakdown, failover testing verifies their efficacy.
3. Improving the User Experience: Consumers anticipate consistent and dependable service
availability. By reducing interruptions and ensuring service availability even in the face of
unanticipated circumstances, failover testing contributes to the provision of a positive user
experience.
4. Encourages Compliance: Failover testing supports organizations in demonstrating
compliance with these rules by ensuring that systems can recover within prescribed times.
5. Encourages Continuous Improvement: Organizations that regularly test their systems
can learn from each test cycle, fix problems found and upgrade their failover procedures to
meet changing business needs and technological advancements.

Examples of Failover Testing:

1. Banking and Financial applications
2. Telecom applications
3. Visa applications
4. Trading applications
5. Emergency service business applications
6. Government applications
7. Defense service-related applications

5. RECOVERY TESTING

What is Recovery Testing?

Recovery Testing is a type of software testing that checks how well an application can recover
from crashes, failures, or other unexpected issues. It involves intentionally causing problems in
the software to see if it can quickly and effectively return to normal operation. This helps
ensure the software is reliable and can handle unexpected situations without losing data or
functionality.
A system or software should be recovery tested for failures like:
 Power supply failure
 The external server is unreachable
 Wireless network signal loss
 Physical conditions
 The external device not responding
 The external device is not responding as expected, etc.
Steps to be performed before executing a Recovery Test
A tester must ensure that the following steps are performed before carrying out the Recovery
testing procedure :

1. Recovery Analysis – It is important to analyze the system’s ability to allocate extra

resources like servers or additional CPUs. This would help to better understand the
recovery-related changes that can impact the working of the system. Also, each of the
possible failures, their possible impact, their severity, and how to perform them should be
studied.
2. Test Plan preparation – Designing the test cases keeping in mind the environment and
results obtained in recovery analysis.
3. Test environment preparation – Designing the test environment according to the
recovery analysis results.
4. Maintaining Back-up – Information related to the software, like various states of the
software and database should be backed up. Also, if the data is important, then the backing
up of the data at multiple locations is important.
5. Recovery personnel Allocation – For the recovery testing process, it is important to
allocate recovery personnel who are aware and educated enough for the recovery testing
being conducted.
6. Documentation – This step emphasizes on documenting all the steps performed before and
during the recovery testing so that the system can be analyzed for its performance in case
of a failure.
Example of Recovery Testing
 Example 1: When a system is receiving some data over a network for processing purposes,
we can stimulate software failure by unplugging the system power. After a while, we can
plug in the system again and test its ability to recover and continue receiving the data from
where it stopped.
Types of Recovery Testing
 Database Recovery Testing: Evaluate the system’s capacity to recover from corrupted or
malfunctioning databases. In order to test how well the system can restore the database to a
consistent and useful condition, it involves intentionally destroying or damaging it.
 Load and Stress Recovery Testing: Determine how effectively the system bounces back
from variables that affect performance, including heavy loads or stressful situations. It
helps in determining if the system is capable of handling higher loads and in the event that
it cannot, how soon it will resume normal operation after the load is dropped.
 Crash Recovery Testing: Determine how well the system bounces back from a hardware
or software failure. To make sure the system can resume regular operations without losing
data, it can involve unexpected shutdowns, abrupt power failures or a sudden halt of
services.
 Security Recovery Testing: Examine the system’s resilience to security lapses, illegal
access, and other security-related events by conducting security recovery testing. It
guarantees that the system can recover from security breaches and helps discover
loopholes in the security procedures, reducing the impact of any unauthorized access.
 Data Recovery Testing: Evaluate the system’s capacity to restore data following an
unplanned disruption or failure. To make sure that data backups, restoration procedures and
recovery mechanisms are efficient and dependable, this might involve planned data loss
scenarios.
 Environment Recovery Testing: Examine the software’s ability to adjust to changes in
dependencies or configurations in the environment. It guarantees that in the event of
modifications to the underlying structure or environmental circumstances, the system can
recover and go on operating as anticipated.
Advantages of Recovery Testing
 Improves the quality of the system by eliminating the potential flaws in the system so
that the system works as expected.
 Recovery testing is also referred to as Disaster Recovery Testing.
 Risk elimination is possible as the potential flaws are detected and removed from the
system.
 Improved performance as faults are removed, and the system becomes more reliable and
performs better in case a failure occurs.
 Ensures Reliability: Confirms that the software can recover from crashes or failures,
making it more reliable for users.
 Identifies Weaknesses: Helps uncover potential weaknesses or vulnerabilities in the
system that could lead to failures.
 Enhances User Experience: Ensures a smooth user experience by minimizing downtime
and data loss during unexpected events.
 Improves System Stability: Contributes to overall system stability by ensuring it can
handle and recover from disruptions.
Disadvantages of Recovery Testing:
 Time-Consuming: Simulating failures and ensuring proper recovery can be a lengthy
process, especially for complex systems.
 Resource-Intensive: Requires significant computational and human resources to create and
manage various failure scenarios.
 Complexity: Developing effective recovery test cases can be complicated, as it involves
understanding potential failure points and designing appropriate recovery strategies.
 Costly: Due to the need for specialized tools and resources, recovery testing can be
expensive to implement and maintain.Why do we do recovery testing?
 Risk of Data Loss: If not properly managed, testing failures could result in actual data loss
or corruption, affecting the integrity of the system.
 False Sense of Security: If not comprehensive, recovery testing might miss certain failure
scenarios, leading to a false sense of confidence in the software’s robustness.
 6.CONFIGURATION TESTING

Configuration Testing is the process of testing the system under each configuration of
the supported software and hardware. Here, the different configurations of hardware and
software mean the multiple operating system versions, various browsers, various supported
drivers, distinct memory sizes, different hard drive types, various types of CPU, etc.
The various configurations are Win XP, Win 7 32/64 bit, Win 8 32/64 bit, Win 10, etc.
1. Database Configuration: Oracle, DB2, MySQL, MSSQL Server, Sybase etc.
2. Browser Configuration: IE 8, IE 9, FF 16.0, Chrome, Microsoft Edge etc.
Objectives of Configuration Testing:
1. Adaptability to Different Configurations: Check that the program’s basic features work
consistently and dependably in all configurations. Testing the behavior of the program with
different setups and settings is part of this process.
2. Evaluation of Stability: Examine the software’s stability under various configurations.
Find and fix any configuration-specific problems that might be causing crashes, unstable
systems or strange behavior.
3. Testing the User Experience: Assess the value and consistency of the user experience
across various setups. Make that the graphical user interface (GUI) of the software adjusts
to various screen sizes, resolutions and display settings.
4. Security Throughout Configurations: To make sure that sensitive data is kept safe, test
the software’s security features in various setups. Determine and fix any vulnerabilities that
might be configuration-specific.
5. Compatibility of Networks: Examine the software’s behavior with various network
setups. Evaluate its compatibility with various network types, speeds and latency.
6. Data Compatibility: Check if the programme can manage a range of data configurations,
such as those from diverse sources, databases and file formats.
Configuration Testing Process:

Types of Configuration Testing:

Configuration testing is of 2 types:
1. Software Configuration Testing: Software configuration testing is done over the
Application Under Test with various operating system versions and various browser
versions etc. It is a time-consuming testing as it takes long time to install and uninstall the
various software which are to be used for testing.
2. Hardware Configuration Testing: Hardware configuration testing is typically
performed in labs where physical machines are used with various hardware connected
to them. When a build is released, the software is installed in all the physical machines
 to which the hardware is attached and the test is carried out on each and every machine
to confirm that the application is working fine.

Configuration Testing can also be classified into following 2 types:

1. Client level testing: Client level testing is associated with the usability and functionality
testing. This testing is done from the point of view of its direct interest of the users.
2. Server level Testing: Server level testing is carried out to determine the communication
between the software and the external environment when it is planned to be integrated after
the release.
7.COMPATIBILITY TESTING

What is Compatibility testing?

Compatibility testing is software testing that comes under the non-functional testing category,
and it is performed on an application to check its compatibility (running capability) on
different platforms/environments.
This testing is done only when the application becomes stable. This means simply this
compatibility test aims to check the developed software application functionality on various
software, hardware platforms, networks and browsers, etc. This compatibility testing is very
important in product production and implementation point of view as it is performed to avoid
future issues regarding compatibility.
Types of Compatibility Testing
Several examples of compatibility testing are given below.
1. Software:
 Testing the compatibility of an application with an Operating System like Linux, Mac,
Windows
 Testing compatibility on databases like Oracle SQL server, and MongoDB server.
 Testing compatibility on different devices like mobile phones, and computers.
Types based on Version Testing:
There are two types of compatibility testing based on version testing
1. Forward compatibility testing: When the behavior and compatibility of software or
hardware are checked with its newer version then it is called forward compatibility testing.
2. Backward compatibility testing: When the behavior and compatibility of software or
hardware are checked with its older version then it is called backward compatibility testing.
2. Hardware:
Checking compatibility with a particular size of
 RAM
 ROM
 Hard Disk
 Memory Cards
 Processor
 Graphics Card
3. Smartphones:
Checking compatibility with different mobile platforms like android, iOS etc.
4.Network:
Checking compatibility with different :
 Bandwidth
 Operating speed
 Capacity
Along with this there are other types of compatibility testing are also performed such as
browser compatibility to check software compatibility with different browsers like Google
Chrome, Internet Explorer etc. device compatibility, version of the software and others.
So for now we have known the uses of compatibility in different fields. Now the question rises
is HOW TO PERFORM A COMPATIBILITY TEST?
How to perform Compatibility testing?
Testing the application in a same environment but having different versions. For example, to
test compatibility of Facebook application in your android mobile. First check for the
compatibility with Android 9.0 and then with Android 10.0 for the same version of Facebook
App.
Testing the application in a same versions but having different environment. For example, to
test compatibility of Facebook application in your android mobile. First check for the
compatibility with a Facebook application of lower version with a Android 10.0(or your
choice) and then with a Facebook application of higher version with a same version of
Android.
Why compatibility testing is important?
1. It ensures complete customer satisfaction.
2. It provides service across multiple platforms.
3. Identifying bugs during development process.
Compatibility testing defects
1. Variety of user interface.
2. Changes with respect to font size.
3. Alignment issues.
4. Issues related to existence of broken frames.
5. Issues related to overlapping of content.

8.USABILITY TESTING

Usability Testing in software testing is a type of testing, that is done from an end
user’s perspective to determine if the system is easily usable. Usability testing is generally the
practice of testing how easy a design is to use on a group of representative users. Several tests
are performed on a product before deploying it. You need to collect qualitative and quantitative
data and satisfy customers’ needs with the product. A proper final report is made mentioning
the changes required in the product (software).
Usability testing involves evaluating the functionality of a website, app, or digital product by
observing real users as they navigate through it.
Types of Usability Testing
here are some common types of usability testing explained simply:
1. Remote Usability Testing: Participants use a product or website from their own location
while researchers observe and gather feedback remotely. It’s convenient and allows testing
with diverse users without geographical constraints.
2. Moderated Usability Testing: A researcher guides participants through tasks, observes
their interactions, and collects feedback in real-time. It’s helpful for understanding user
behavior and thoughts as they navigate through the product.
3. Unmoderated Usability Testing: Participants complete tasks independently, without
direct guidance from a researcher. They usually record their screen and verbalize their
thoughts while interacting with the product. It’s efficient for gathering feedback from a
large number of users quickly.
4. Comparative Usability Testing: This involves testing multiple versions of a product or
interface to determine which performs better in terms of usability. It helps in making
informed design decisions by identifying strengths and weaknesses of each version.
5. Think-Aloud Testing: Participants verbalize their thoughts and actions as they interact
with the product. This provides insights into their decision-making process and helps
identify usability issues that might not be obvious otherwise.
6. A/B Testing: Also known as split testing, it involves presenting users with two (or more)
versions of a product or interface and measuring which one performs better based on
predefined metrics such as conversion rate or user engagement.
7. Guerrilla Usability Testing: Conducted informally in public spaces or online
communities, often with minimal planning and resources. It’s useful for gathering quick
feedback from a diverse range of users in a natural setting.
Techniques and Methods of Usability Testing
There are various types of usability testing that when performed lead to efficient software. But
few of them which are the most widely used have been discussed here.
1. Guerilla Testing
It is a type of testing where testers wander to public places and ask random users about the
prototype. Also, a thank gift is offered to the users as a gesture of token. It is the best way to
perform usability testing during the early phases of the product development process. Users
mostly spare 5–10 minutes and give instant feedback on the product. Also, the cost is
comparatively low as you don’t need to hire participants. It is also known as corridor or
hallway testing.
2. Usability Lab
Usability lab testing is conducted in a lab environment where moderators (who ask for
feedback on the product) hire participants and ask them to take a survey on the product. This
test is performed on a tablet/desktop. The participant count can be 8-10 which is a bit costlier
than guerrilla testing as you need to hire participants, arrange a place, and conduct testing.
3. Screen or Video Recording
Screen or video recording kind of testing is in which a screen is recorded as per the user’s
action (navigation and usage of the product). This testing describes how the user’s mind runs
while using a product. This kind of testing involves the participation of almost 10 users for 15
minutes. It helps in describing the issues users may face while interacting with the product.
Generally, there are two studies in usability testing –
1. Moderated – the Moderator guides the participant for the changes required in the product
(software)
2. Unmoderated – There’s no moderator (no human guidance), participants gets a set of
questions on which he/she has to work.
While performing usability testing, all kinds of biases (be it friendly bias, social bias, etc.)
by the participants are avoided to have honest feedback on the product so as to improve
its durability.
Factors Affecting Cost of Usability Testing
The testing cost will depend on the following factors:
1. No. of participants for testing.
2. Number of Days which you need for testing.
3. which type of testing.
4. the size of the team used for testing.

Phases of Usability Testing

There are five phases in usability testing which are followed by the system when
usability testing is performed. These are given below:
 1.Prepare your product or design to test: The first phase of usability testing is
choosing a product and then making it ready for usability testing.

2.Find your participants: The second phase of usability testing is finding an employee
who is helping you with performing usability testing.

3. Write a test plan: This is the third phase of usability testing. The plan is one of the
first steps in each round of usability testing is to develop a plan for the test.

4. Take on the role of the moderator: This is the fourth phase of usability testing and
here the moderator plays a vital role that involves building a partnership with the participant.

5. Present your findings/ final report: This phase generally involves combining your
results into an overall score and presenting it meaningfully to your audience.

9. TESTING THE DOCUMENTATION

Testing documents are prepared at different stages. These documents are discussed as follows.
1. Before Testing:
Since testing begins with the generation of the test cases. The following documents are
required for reference –
 SRS document – Functional Requirements document.
 Test Policy document – It means the product must be tested far before release.
 Test Strategy document – It mentions detailed aspects of test the team, responsibility
matrix, and rights/responsibilities of the test manager and test engineer.
 Traceability Matrix document – This is SDLC document, that is related to the
requirements-gathering process. As new requirements come, they are added to this matrix.
They can be traced forward and backward. These matrices help testers know the source of
the requirement.
2. During Testing:
While testing is started and is being done, the following documents may be required.
 Test Case document – It contains the list of to-be tests. It includes various testing
like Unit test plan, Integration test plan, System test plan and Acceptance test plan.
 Test description – It is a detailed description of all test cases and procedures for executing
them.
 Test case report – It contains a test case report resulting from the test.
 Test logs – It contains test logs for every test case report.
3. After Testing:
After testing, only the test summary remains which is a collective analysis of all test reports
and logs. The software is released under the version control system if it is ready to launch. It
summarizes and concludes whether the software is ready to launch.
10. SECURITY TESTING

Security Testing is a type of Software Testing that uncovers vulnerabilities in the system and
determines that the data and resources of the system are protected from possible intruders. It
ensures that the software system and application are free from any threats or risks that can
cause a loss.

The goal of Security Testing

The goal of security testing is to:
 To identify the threats in the system.
 To measure the potential vulnerabilities of the system.
 To help in detecting every possible security risk in the system.
 To help developers fix security problems through coding.
 The goal of security testing is to identify vulnerabilities and potential threats in a system or
application and to ensure that the system is protected against unauthorized access, data
breaches, and other security-related issues. The main objectives of security testing are to:
Principle of Security Testing
Below are the six basic principles of security testing:
 Confidentiality
 Integrity
 Authentication
 Authorization
 Availability
 Non-repudiation
Major Focus Areas in Security Testing
 Network Security
 System Software Security
 Client-side Application Security
 Server-side Application Security
 Authentication and Authorization: Testing the system’s ability to properly authenticate
and authorize users and devices. This includes testing the strength and effectiveness of
passwords, usernames, and other forms of authentication, as well as testing the system’s
access controls and permission mechanisms.
 Network and Infrastructure Security: Testing the security of the system’s network and
infrastructure, including firewalls, routers, and other network devices. This includes testing
the system’s ability to defend against common network attacks such as denial of service
(DoS) and man-in-the-middle (MitM) attacks.
 Database Security: Testing the security of the system’s databases, including testing for
SQL injection, cross-site scripting, and other types of attacks.
 Application Security: Testing the security of the system’s applications, including testing
for cross-site scripting, injection attacks, and other types of vulnerabilities.
 Data Security: Testing the security of the system’s data, including testing for data
encryption, data integrity, and data leakage.
 Compliance: Testing the system’s compliance with relevant security standards and
regulations, such as HIPAA, PCI DSS, and SOC2.
 Cloud Security: Testing the security of cloud-
Types of Security Testing
1. Vulnerability Scanning: Vulnerability scanning is performed with the help of automated
software to scan a system to detect known vulnerability patterns.
2. Security Scanning: Security scanning is the identification of network and system
weaknesses. Later on, it provides solutions for reducing these defects or risks. Security
scanning can be carried out in both manual and automated ways.
3. Penetration Testing: Penetration testing is the simulation of the attack from a malicious
hacker. It includes an analysis of a particular system to examine for potential vulnerabilities
from a malicious hacker who attempts to hack the system.
4. Risk Assessment: In risk assessment testing security risks observed in the organization are
analyzed. Risks are classified into three categories i.e., low, medium, and high. This testing
endorses controls and measures to minimize the risk.
5. Security Auditing: Security auditing is an internal inspection of applications and operating
systems for security defects. An audit can also be carried out via line-by-line checking of
code.
6. Ethical Hacking: Ethical hacking is different from malicious hacking. The purpose of
ethical hacking is to expose security flaws in the organization’s system.
7. Posture Assessment: It combines security scanning, ethical hacking, and risk assessments
to provide an overall security posture of an
8. Application security testing: Application security testing is a type of testing that focuses
on identifying vulnerabilities in the application itself. It includes testing the application’s
code, configuration, and dependencies to identify any potential vulnerabilities.
9. Network security testing: Network security testing is a type of testing that focuses on
identifying vulnerabilities in the network infrastructure. It includes testing firewalls,
routers, and other network devices to identify potential vulnerabilities.
10. Social engineering testing: Social engineering testing is a type of testing that simulates
phishing, baiting, and other types of social engineering attacks to identify vulnerabilities in
the system’s human element.
11. Tools such as Nessus, OpenVAS, and Metasploit can be used to automate and simplify the
process of security testing.
Advantages of Security Testing
1. Identifying vulnerabilities: Security testing helps identify vulnerabilities in the system
that could be exploited by attackers, such as weak passwords, unpatched software, and
misconfigured systems.
2. Improving system security: Security testing helps improve the overall security of the
system by identifying and fixing vulnerabilities and potential threats.
3. Ensuring compliance: Security testing helps ensure that the system meets relevant
security standards and regulations, such as HIPAA, PCI DSS, and SOC2.
4. Reducing risk: By identifying and fixing vulnerabilities and potential threats before the
system is deployed to production, security testing helps reduce the risk of a security
incident occurring in a production environment.
5. Improving incident response: Security testing helps organizations understand the
potential risks and vulnerabilities that they face, enabling them to prepare for and respond
to potential security incidents.
Disadvantages of Security Testing
1. Resource-intensive: Security testing can be resource-intensive, requiring significant
hardware and software resources to simulate different types of attacks.
2. Complexity: Security testing can be complex, requiring specialized knowledge and
expertise to set up and execute effectively.
3. Limited testing scope: Security testing may not be able to identify all types of
vulnerabilities and threats.
4. False positives and negatives: Security testing may produce false positives or false
negatives, which can lead to confusion and wasted effort.
5. Time-consuming: Security testing can be time-consuming, especially if the system is large
and complex.
6. Difficulty in simulating real-world attacks: It’s difficult to simulate real-world attacks,
and it’s hard to predict how attackers will interact with the system.

11.TESTING INE THE AGILE ENVIRONMENT

 Agile Testing is a type of software testing that follows the principles of agile
software development to test the software application. All members of the
project team along with the special experts and testers are involved in agile
testing.
 Agile testing is not a separate phase and it is carried out with all the
development phases i.e. requirements, design and coding, and test case
generation.
  Agile testing takes place simultaneously throughout the Development Life
Cycle. Agile Testing has shorter time frames called iterations or loops. This
methodology is also called the delivery-driven approach because it provides a
better prediction on the workable products in less duration time.

Features of Agile Testing

Some of the key features of agile software testing are:
 Simplistic approach: In agile testing, testers perform only the necessary tests but at the
same time do not leave behind any essential tests. This approach delivers a product that is
simple and provides value.
 Continuous improvement: In agile testing, agile testers depend mainly on feedback and
self-learning for improvement and they perform their activities efficiently continuously.
 Self-organized: Agile testers are highly efficient and tend to solve problems by bringing
teams together to resolve them.
 Testers enjoy work: In agile testing, testers enjoy their work and thus will be able to
deliver a product with the greatest value to the consumer.
 Encourage Constant communication: In agile testing, efficient communication channels
are set up with all the stakeholders of the project to reduce errors and miscommunications.
 Constant feedback: Agile testers need to constantly provide feedback to the developers if
necessary.
Agile Testing Principles
 Shortening feedback iteration: In Agile Testing, the testing team gets to know the
product development and its quality for each and every iteration. Thus continuous feedback
minimizes the feedback response time and the fixing cost is also reduced.
 Testing is performed alongside Agile testing is not a different phase. It is performed
alongside the development phase. It ensures that the features implemented during that
iteration are actually done. Testing is not kept pending for a later phase.
 Involvement of all members: Agile testing involves each and every member of the
development team and the testing team. It includes various developers and experts.
 Documentation is weightless: In place of global test documentation, agile testers use
reusable checklists to suggest tests and focus on the essence of the test rather than the
incidental details. Lightweight documentation tools are used.
 Clean code: The defects that are detected are fixed within the same iteration. This ensures
clean code at any stage of development.
 Constant response: Agile testing helps to deliver responses or feedback on an ongoing
basis. Thus, the product can meet the business needs.
 Customer satisfaction: In agile testing, customers are exposed to the product throughout
the development process. Throughout the development process, the customer can modify
the requirements, and update the requirements and the tests can also be changed as per the
changed requirements.
 Test-driven: In agile testing, the testing needs to be conducted alongside the development
process to shorten the development time. But testing is implemented after the
implementation or when the software is developed in the traditional process.
Agile Testing Methodologies
Some of the agile testing methodologies are:
1. Test-Driven Development (TDD): TDD is the software development process relying on
creating unit test cases before developing the actual code of the software. It is an iterative
approach that combines 3 operations, programming, creation of unit tests, and refactoring.
2. Behavior Driven Development (BDD): BDD is agile software testing that aims to
document and develop the application around the user behavior a user expects to
 experience when interacting with the application. It encourages collaboration among the
developer, quality experts, and customer representatives.
3. Exploratory Testing: In exploratory testing, the tester has the freedom to explore the code
and create effective and efficient software. It helps to discover the unknown risks and
explore each aspect of the software functionality.
4. Acceptance Test-Driven Development (ATDD): ATDD is a collaborative process where
customer representatives, developers, and testers come together to discuss the
requirements, and potential pitfalls and thus reduce the chance of errors before coding
begins.
5. Extreme Programming (XP): Extreme programming is a customer-oriented methodology
that helps to deliver a good quality product that meets customer expectations and
requirements.
6. Session-Based Testing: It is a structured and time-based approach that involves the
progress of exploratory testing in multiple sessions. This involves uninterrupted testing
sessions that are time-boxed with a duration varying from 45 to 90 minutes. During the
session, the tester creates a document called a charter document that includes various
information about their testing.
7. Dynamic Software Development Method (DSDM): DSDM is an agile project delivery
framework that provides a framework for building and maintaining systems. It can be used
by users, developers, and testers.
8. Crystal Methodologies: This methodology focuses on people and their interactions when
working on the project instead of processes and tools. The suitability of the crystal method
depends on three dimensions, team size, criticality, and priority of the project.
Agile Testing Strategies
1. Iteration 0
It is the first stage of the testing process and the initial setup is performed in this stage. The
testing environment is set in this iteration.
 This stage involves executing the preliminary setup tasks such as finding people for testing,
preparing the usability testing lab, preparing resources, etc.
 The business case for the project, boundary situations, and project scope are verified.
 Important requirements and use cases are summarized.
 Initial project and cost valuation are planned.
 Risks are identified.
 Outline one or more candidate designs for the project.
2. Construction Iteration
It is the second phase of the testing process. It is the major phase of the testing and most of the
work is performed in this phase. It is a set of iterations to build an increment of the solution.
This process is divided into two types of testing:
 Confirmatory testing: This type of testing concentrates on verifying that the system meets
the stakeholder’s requirements as described to the team to date and is performed by the
team. It is further divided into 2 types of testing:
o Agile acceptance testing: It is the combination of acceptance testing and
functional testing. It can be executed by the development team and the
stakeholders.
o Developer testing: It is the combination of unit testing and integration testing
and verifies both the application code and database schema.
 Investigative testing: Investigative testing detects the problems that are skipped or ignored
during confirmatory testing. In this type of testing, the tester determines the potential
problems in the form of defect stories. It focuses on issues like integration testing, load
testing, security testing, and stress testing.
3. Release End Game
This phase is also known as the transition phase. This phase includes the full system testing
and the acceptance testing. To finish the testing stage, the product is tested more relentlessly
while it is in construction iterations. In this phase, testers work on the defect stories. This phase
involves activities like:
 Training end-users.
 Support people and operational people.
 Marketing of the product release.
 Back-up and restoration.
 Finalization of the system and user documentation.
4. Production
It is the last phase of agile testing. The product is finalized in this stage after the removal of all
defects and issues raised.

Agile Testing Life Cycle

The agile testing life cycle has 5 different phases:
1. Impact Assessment: This is the first phase of the agile testing life cycle also known as the
feedback phase where the inputs and responses are collected from the users and
stakeholders. This phase supports the test engineers to set the objective for the next phase
in the cycle.
2. Agile Testing Planning: In this phase, the developers, customers, test engineers, and
stakeholders team up to plan the testing process schedules, regular meetings, and
deliverables.
3. Release Readiness: This is the third phase in the agile testing lifecycle where the test
engineers review the features which have been created entirely and test if the features are
ready to go live or not and the features that need to be sent again to the previous
development phase.
4. Daily Scrums: This phase involves the daily morning meetings to check on testing and
determine the objectives for the day. The goals are set daily to enable test engineers to
understand the status of testing.
5. Test Agility Review: This is the last phase of the agile testing lifecycle that includes
weekly meetings with the stakeholders to evaluate and assess the progress against the
goals.
Agile Test Plan
An agile test plan includes types of testing done in that iteration like test data requirements,
test environments, and test results. In agile testing, a test plan is written and updated for every
release. The test plan includes the following:
 Test Scope.
 Testing instruments.
 Data and settings are to be used for the test.
 Approaches and strategies used to test.
 Skills required to test.
 New functionalities are being tested.
 Levels or Types of testing based on the complexity of the features.
 Resourcing.
 Deliverables and Milestones.
 Infrastructure Consideration.
 Load or Performance Testing.
 Mitigation or Risks Plan.

12. TESTING MOBILE AND WEB APPLICATIONS

Mobile App Testing:

Mobile app testing refers to process of testing application software simply for
controlling and handling mobile devices. It is used to test mobile app for its
functionality, usability, compatibility, etc.
Web App Testing:
Web app testing refers to process of testing application software hosted on web to
ensure quality, functionality, usability, etc. It is also known as web testing or website
testing.
Difference between Mobile App Testing and Web App Testing
S.
No.
Mobile App Testing Web App Testing

1. These are software programs that are These are software programs that are used
S.
No.
Mobile App Testing Web App Testing

used on mobile devices. on computer.

Web applications are developed for shorter

Mobile applications are developed for
2. range of users as compared to
broader range of users.
mobile applications.

New applications can be downloaded

3. Applications will be updated on website.
from app store.

It is not easy to create responsive design

It is easy to code relative design for large
4. for small screen devices such as mobile
screen devices such as desktop and laptop.
devices, tablets.

Mobile storage capacity is less than

desktop or laptop when it comes to
Desktop or laptop has larger storage
5. downloading apps and multimedia
capacity as compare to mobile.
therefore, sometime it becomes difficult
to test mobile apps.

Mobile apps sometimes do not require

any internet connection but speed Web app generally requires internet
6.
matters, quality of connection matters, connection to perform any task.
speed of LTE connection, etc.

It is quite complex and complicated to

test mobile apps because of different It is easy and simple to test web applications
7.
mobile devices having different and because of functionality of desktop.
greater number of functionalities.
S.
No.
Mobile App Testing Web App Testing

Testing team have to check

performance of mobile devices on fully
8. charged devices and low charged There is no such of problem of battery life.
devices because application that drains
battery life gets deleted soon.

One has to consider different screen

size, different OEM’s (original One does not consider such things in web
9.
equipment manufacturer), storage app testing.
capacity, etc., in mobile app testing.

Testing team has to focus on interaction

Testing team does not need on interaction of
of mobile devices with user’s moves,
web devices with user’s move, direction of
10. voice and environment, eye moves, etc.,
user’s attentions, eye moves, etc. as it offers
as it offers variety of options to perform
less variety of options to perform operations.
operations.

The following are the tools or The following are the tools or Frameworks
Frameworks for Mobile App Testing- for Web App Testing-

11.  Appium  Selenium, the most popular one among

 Espresso all other commercial tools.
 XCUITest  WebLOAD
 Xamarin  Acunetix
 Robotium and more.  Netsparker and more.

Tablets, peripheral devices like

Mouse, webcams, game controllers,
smartwatches, fitness trackers, and even
12. keyboards, and other peripheral devices are
medical devices like heart pacemakers
tested.
may need to undergo testing.