You can count on well-written requirements, but you can’t count on an adequate contribution of the stakeholders to the quality risk analysis. You have to mitigate the insufficient contribution of the stakeholders because the risk-based testing approach shall minimize the product risks. Your test team has one expert tester in security testing.

Which of the following test activities would you expect to be the less important in this context?

K4 3 credits

Reveal Solution Hide Solution

Consider an information system of a Pay-Tv company based on a SOA architecture.

The integrated system currently consists of three core systems:

– a CRM (Customer Relationship Management) system

– a BRM (Billing and Revenue Management) system

– a CAS (Conditional Access System) system all of them communicating with SOA Middleware.

You have been asked to manage the testing activities for the integration of two additional off-the-shelf systems from two different vendors: a SMS (Short Message Service) server and an IVR (Interactive Voice Response) system.

Assume that there is a high likelihood that the two off-the-shelf systems will be low-quality and that you have a clear proof that the testing performed by the two vendors on their systems has been unsystematic and unprofessional. This obviously leads to higher quality risk for the overall integrated system.

You are the Test Manager of this project. Your main goal is to plan for testing activities to mitigate this risk.

Which of the following answers best describes the test activities (assuming it is possible to perform all of them) you should plan for?

K4 3 credits

Reveal Solution Hide Solution

Assume you are working on a CAS (Conditional Access System) for Pay-TV that allows the access, selection and transfer of services and media to authorized users. Authorized users can choose their services through different channels: Web Customer Portal, IVR (Interactive Voice Response), Call Centre and SMS. The system uses a Smart Card to receive and decrypt the broadcasted encrypted control words which allow decrypting pay-per-view TV. Every authorized user must have a Smart Card and a Set-Top Box to view the contents.

The following is an excerpt from the product risk analysis document:

Both likelihood and impact have been rated on the following scale: (1 C Very low, 2 C Low, 3 C Medium, 4 C High, 5 C Very High).

The required test environment and code have been delivered. All test cases for each

identified product risk item have been written and are ready to be executed. The Database used to contain the Smart Cards is empty and so only new Smart Cards can be used during test execution.

A Smart Card can only be activated if it has been previously pre-activated. This means the post-conditions for the execution of the test cases to test the pre-activation of the Smart Card are the pre-conditions for activation of the Smart Card.

Which of the following statements represents the most effective contribution of the stakeholders to the completion of the failure mode analysis table?

K4 3 credits

Reveal Solution Hide Solution

Assume you are the Test Manager for a new software release of an e-commerce application.

The server farm consists of six servers providing different capabilities. Each capability is provided through a set of web services.

The requirements specification document contains several SLAs

(Service Level Agreements) like the following:

SLA-001: 99.5 percent of all transactions shall have a response time less than five seconds under a load of up-to 5000 concurrent users

The main objective is to assure that all the SLAs specified in the requirements specification document will be met before system release. You decide to apply a risk-based testing strategy and an early risk analysis confirms that performance is high risk. You can count on a well-written requirements specification and on a model of the system behavior under various load levels produced by the system architect.

Which of the following test activities would you expect to be the less important ones to achieve the test objectives in this scenario?

K4 3 credits

Reveal Solution Hide Solution

Assume that you are the Test Manager for a small banking application development project.

You have decided to adopt a risk-based testing strategy and 5 product risks (R1, R2, R3, R4, and R5) have been identified during the quality risk analysis.

The following table shows the risk level associated to these product risks (higher numbers mean higher risk):

55 test cases have been designed and implemented to cover all these 5 product risks. The coverage is described in a traceability matrix.

This is the test execution status table, after the after the first week of test execution:

About 56% of the planned test cases have been successfully executed.

Assume that no additional product risks have been identified during the first week of test execution.

Which of the following answers would you expect to best describe the residual risks associated with the identified product risks, at the end of the first week of test execution? K3 2 credits

Reveal Solution Hide Solution

During the follow-up phase the following conditions are checked:

X1. The code has been completely reviewed

X2. All the identified defects have been correctly fixed and the modified code has been compiled successfully and run through all the static analyzers used by the project without warnings and errors

X3. The modified code is available under the configuration management system with a new version number for the specified CI

If these conditions are fulfilled then the review process terminates.

Which of the following characteristics of a formal review is missing in this description? K2 1 credit

Reveal Solution Hide Solution

Assume that you are the Test Manager for a small insurance application development project.

You have decided to adopt a risk-based testing strategy: 5 product risks (R1, R2, R3, R4, R5) have been identified and their levels of risk have been assessed. 10 test cases (T1, …, T10) have been designed to cover all the product risks.

The following table shows the risk level and the test cases associated to the identified product risks (higher risk level means higher risk):

You are not confident with the assessment of the risk level and you suspect that it will be possible to find high-priority bugs in low-risk areas.

Furthermore the period for test execution is very short. Your goal is to test all the product risks in a risk-based way, while assuring that each product risk gets at least some amount of testing.

Which of the following answers describes the best test execution schedule in this scenario? K3 2 credits

Reveal Solution Hide Solution

Assume that the following test cases have been executed at the end of the first week of test execution: TC-001, TC-002 and TC-007. All these tests are ‘passes’.

What is the MINIMUM number of the remaining test cases that must be successfully executed to fulfill the EX1 exit criteria? K3 2 credits

Reveal Solution Hide Solution

The following are the requirements identified as “critical”:

REQ-SEL-001. The user shall be able to combine all the three products with all the four durations to define an item to purchase

REQ-SEL-002. The user shall be able to add a maximum of six different items to the shopping cart

REQ-PUR-001. The user shall be able to purchase all the items in the shopping cart using

a credit voucher

REQ-PUR-002. The user shall be able to purchase all the items in the shopping cart using the available credit already charged on the smartcard

REQ-PUR-003. The user shall be able to purchase all the items in the shopping cart using all the accepted credit cards (Visa, MasterCard and Great Wall Card)

REG-LOGO-001. The user shall be able to logout (by clicking the logout button) from both the “select” and “purchase” pages going back to the “browse” page (anonymous navigation)

Moreover the following quality risk item has been identified as “critical”:

QR-P1. The web customer portal might not be able to provide the expected response time (less than 10 sec) for the purchase transactions under a load of up-to 1000 concurrent users

Test analysis for system testing has just begun and the following test conditions have been identifieD.

TC-SEL-01. Test the combinations of products and durations to define an item to purchase

TC-SEL-02. Test the maximum number of items, which can be added to the shopping cart

TC-PUR-01. Test the purchase of an item

TC-PUR-02. Test the purchase of an item with the credit charged on the smartcard

What is the MINIMUM number of test conditions that must be added to fulfill both the EXCR1 and EXCR2 exit criteria?

K3 2 credits

Reveal Solution Hide Solution

You are the Test Manager for a project to develop a web customer portal of a Pay-TV company that allows customers (with a smartcard and a set-top box) to purchase digital contents.

In the "select" page the system displays a dialogue where the customer can select the items (digital contents) he/she is interested in. In this page he/she can add one or more items to a shopping cart. An item consists of a product and a duration.

There are three types of products: Movie, sport and premium (movie and sport).

There are four possible durations: 1 months, 2 months, winter (from the beginning of January to end of March) and summer (from the beginning of July to end of September).

All the combinations of products and durations are allowed to define an item. Thus there are twelve possible items. A maximum of six different items can be added to the shopping cart at a time.

When the customer decides to check out he/she goes to the "purchase" page where he/she can pay the total amount of the shopping cart in three different ways:

– using a credit voucher

– using a credit already charged on the smartcard

– using a credit card (accepted credit cards are. Visa, MasterCard and Great Wall Card)

The customer can logout from both the “select” and “purchase” pages. In this case no purchase is made.

You decide to apply a blended risk-based and reactive testing strategy and the following is a subset of the exit criteria for system testing:

EXCR1- Each “critical” quality risk item must be covered by at least one test condition

EXCR2- Each “critical” requirement must be covered by at least one test condition

You are following a risk-based testing strategy. The test execution time is very limited.

Assume that all the product risk items require more or less the same level of test effort.

Which of the following answers describes the best execution schedule in this scenario?

K3 3 credits

Reveal Solution Hide Solution