You can count on well-written requirements, but you can’t count on an adequate contribution of the stakeholders to the quality risk analysis. You have to mitigate the insufficient contribution of the stakeholders because the risk-based testing approach shall minimize the product risks. Your test team has one expert tester in security testing.
Which of the following test activities would you expect to be the less important in this context?
K4 3 credits
- A . Extract from the defect tracking system of the previous project all the security defects and failures, and classify them to support design and execution of specific tests
- B . Automate all functional and non-functional system tests
- C . Apply systematic and exploratory testing for integration and system test
- D . Perform exploratory testing sessions with adequate charters covering security aspects
Consider an information system of a Pay-Tv company based on a SOA architecture.
The integrated system currently consists of three core systems:
– a CRM (Customer Relationship Management) system
– a BRM (Billing and Revenue Management) system
– a CAS (Conditional Access System) system all of them communicating with SOA Middleware.
You have been asked to manage the testing activities for the integration of two additional off-the-shelf systems from two different vendors: a SMS (Short Message Service) server and an IVR (Interactive Voice Response) system.
Assume that there is a high likelihood that the two off-the-shelf systems will be low-quality and that you have a clear proof that the testing performed by the two vendors on their systems has been unsystematic and unprofessional. This obviously leads to higher quality risk for the overall integrated system.
You are the Test Manager of this project. Your main goal is to plan for testing activities to mitigate this risk.
Which of the following answers best describes the test activities (assuming it is possible to perform all of them) you should plan for?
K4 3 credits
- A . You should plan for an informal and minimal acceptance test of the two off-the-shelf systems and then a single end-to-end test of the overall integrated system
- B . You should directly plan for a single end-to-end test focused on end-to-end tests of the overall integrated system without an acceptance test of the two off-the-shelf systems
- C . You should plan for two levels: a system integration test and an end-to-end test of the overall integrated system
- D . You should plan for adequate re-testing of both the systems followed by a system integration test and an end-to-end test of the overall integrated system
Assume you are working on a CAS (Conditional Access System) for Pay-TV that allows the access, selection and transfer of services and media to authorized users. Authorized users can choose their services through different channels: Web Customer Portal, IVR (Interactive Voice Response), Call Centre and SMS. The system uses a Smart Card to receive and decrypt the broadcasted encrypted control words which allow decrypting pay-per-view TV. Every authorized user must have a Smart Card and a Set-Top Box to view the contents.
The following is an excerpt from the product risk analysis document:
Both likelihood and impact have been rated on the following scale: (1 C Very low, 2 C Low, 3 C Medium, 4 C High, 5 C Very High).
The required test environment and code have been delivered. All test cases for each
identified product risk item have been written and are ready to be executed. The Database used to contain the Smart Cards is empty and so only new Smart Cards can be used during test execution.
A Smart Card can only be activated if it has been previously pre-activated. This means the post-conditions for the execution of the test cases to test the pre-activation of the Smart Card are the pre-conditions for activation of the Smart Card.
Which of the following statements represents the most effective contribution of the stakeholders to the completion of the failure mode analysis table?
K4 3 credits
- A . The aircraft pilot and the customer representative should contribute to assess the detection. The chief software engineer, the system architect and the expert tester should contribute to assess the priority.
- B . The aircraft pilot and the customer representative should contribute to assess the priority. The chief software engineer, the system architect and the expert tester should contribute to assess the detection.
- C . The system architect and the chief software engineer should contribute to assess the priority. The expert tester is the only one who should contribute to assess the detection.
- D . The aircraft pilot is the only one qualified to contribute to assess the priority and thus should be assigned this task. The customer representative should contribute to assess the detection.
Assume you are the Test Manager for a new software release of an e-commerce application.
The server farm consists of six servers providing different capabilities. Each capability is provided through a set of web services.
The requirements specification document contains several SLAs
(Service Level Agreements) like the following:
SLA-001: 99.5 percent of all transactions shall have a response time less than five seconds under a load of up-to 5000 concurrent users
The main objective is to assure that all the SLAs specified in the requirements specification document will be met before system release. You decide to apply a risk-based testing strategy and an early risk analysis confirms that performance is high risk. You can count on a well-written requirements specification and on a model of the system behavior under various load levels produced by the system architect.
Which of the following test activities would you expect to be the less important ones to achieve the test objectives in this scenario?
K4 3 credits
- A . Perform unit performance testing for each single web service
- B . Monitor the SLAs after the system has been released into the production environment
- C . Perform system performance testing, consisting of several performance testing sessions, to verify if all the SLAs have been met
- D . Perform static performance testing by reviewing the architectural model of the system under various load levels
Assume that you are the Test Manager for a small banking application development project.
You have decided to adopt a risk-based testing strategy and 5 product risks (R1, R2, R3, R4, and R5) have been identified during the quality risk analysis.
The following table shows the risk level associated to these product risks (higher numbers mean higher risk):
55 test cases have been designed and implemented to cover all these 5 product risks. The coverage is described in a traceability matrix.
This is the test execution status table, after the after the first week of test execution:
About 56% of the planned test cases have been successfully executed.
Assume that no additional product risks have been identified during the first week of test execution.
Which of the following answers would you expect to best describe the residual risks associated with the identified product risks, at the end of the first week of test execution? K3 2 credits
- A . Since R3 is the only risk for which all test cases have passed, the risk has been reduced
by 20% - B . The test execution status table indicates that the risk has been reduced by 56%
- C . The residual risk level can’t be determined, because it requires that all the test cases have been executed
- D . The test execution table doesn’t give an indication of the risk level of the open defects and the test cases that failed or are not run yet
During the follow-up phase the following conditions are checked:
X1. The code has been completely reviewed
X2. All the identified defects have been correctly fixed and the modified code has been compiled successfully and run through all the static analyzers used by the project without warnings and errors
X3. The modified code is available under the configuration management system with a new version number for the specified CI
If these conditions are fulfilled then the review process terminates.
Which of the following characteristics of a formal review is missing in this description? K2 1 credit
- A . Defined entry and exit criteria
- B . Checklists to be used by the reviewers
- C . Deliverables such as reports, evaluation sheets or other review summary sheets
- D . Metrics for reporting on the review effectiveness, efficiency, and progress
Assume that you are the Test Manager for a small insurance application development project.
You have decided to adopt a risk-based testing strategy: 5 product risks (R1, R2, R3, R4, R5) have been identified and their levels of risk have been assessed. 10 test cases (T1, …, T10) have been designed to cover all the product risks.
The following table shows the risk level and the test cases associated to the identified product risks (higher risk level means higher risk):
You are not confident with the assessment of the risk level and you suspect that it will be possible to find high-priority bugs in low-risk areas.
Furthermore the period for test execution is very short. Your goal is to test all the product risks in a risk-based way, while assuring that each product risk gets at least some amount of testing.
Which of the following answers describes the best test execution schedule in this scenario? K3 2 credits
- A . T1, T2, T3, T4, T5, T6, T7, T8, T9, T10
- B . T1, T3, T5, T7, T9, T2, T4, T6, T8, T10
- C . T10, T9, T8, T7, T6, T5, T4, T3, T2, T1
- D . T10, T8, T6, T4, T2, T9, T7, T5, T3, T1
Assume that the following test cases have been executed at the end of the first week of test execution: TC-001, TC-002 and TC-007. All these tests are ‘passes’.
What is the MINIMUM number of the remaining test cases that must be successfully executed to fulfill the EX1 exit criteria? K3 2 credits
- A . 4
- B . 5
- C . 6
- D . 7
The following are the requirements identified as “critical”:
REQ-SEL-001. The user shall be able to combine all the three products with all the four durations to define an item to purchase
REQ-SEL-002. The user shall be able to add a maximum of six different items to the shopping cart
REQ-PUR-001. The user shall be able to purchase all the items in the shopping cart using
a credit voucher
REQ-PUR-002. The user shall be able to purchase all the items in the shopping cart using the available credit already charged on the smartcard
REQ-PUR-003. The user shall be able to purchase all the items in the shopping cart using all the accepted credit cards (Visa, MasterCard and Great Wall Card)
REG-LOGO-001. The user shall be able to logout (by clicking the logout button) from both the “select” and “purchase” pages going back to the “browse” page (anonymous navigation)
Moreover the following quality risk item has been identified as “critical”:
QR-P1. The web customer portal might not be able to provide the expected response time (less than 10 sec) for the purchase transactions under a load of up-to 1000 concurrent users
Test analysis for system testing has just begun and the following test conditions have been identifieD.
TC-SEL-01. Test the combinations of products and durations to define an item to purchase
TC-SEL-02. Test the maximum number of items, which can be added to the shopping cart
TC-PUR-01. Test the purchase of an item
TC-PUR-02. Test the purchase of an item with the credit charged on the smartcard
What is the MINIMUM number of test conditions that must be added to fulfill both the EXCR1 and EXCR2 exit criteria?
K3 2 credits
- A . 1
- B . 2
- C . 3
- D . 4
You are the Test Manager for a project to develop a web customer portal of a Pay-TV company that allows customers (with a smartcard and a set-top box) to purchase digital contents.
In the "select" page the system displays a dialogue where the customer can select the items (digital contents) he/she is interested in. In this page he/she can add one or more items to a shopping cart. An item consists of a product and a duration.
There are three types of products: Movie, sport and premium (movie and sport).
There are four possible durations: 1 months, 2 months, winter (from the beginning of January to end of March) and summer (from the beginning of July to end of September).
All the combinations of products and durations are allowed to define an item. Thus there are twelve possible items. A maximum of six different items can be added to the shopping cart at a time.
When the customer decides to check out he/she goes to the "purchase" page where he/she can pay the total amount of the shopping cart in three different ways:
– using a credit voucher
– using a credit already charged on the smartcard
– using a credit card (accepted credit cards are. Visa, MasterCard and Great Wall Card)
The customer can logout from both the “select” and “purchase” pages. In this case no purchase is made.
You decide to apply a blended risk-based and reactive testing strategy and the following is a subset of the exit criteria for system testing:
EXCR1- Each “critical” quality risk item must be covered by at least one test condition
EXCR2- Each “critical” requirement must be covered by at least one test condition
You are following a risk-based testing strategy. The test execution time is very limited.
Assume that all the product risk items require more or less the same level of test effort.
Which of the following answers describes the best execution schedule in this scenario?
K3 3 credits
- A . 1- Test the acceptance of transactions coming from the IVR channel
2- Test the correct charge of the Smart Card with the required contents
3- Test the correct pre-activation of the Smart Card
4- Test the correct activation of the Smart Card - B . 1- Test the correct pre-activation of the Smart Card
2- Test the correct charge of the Smart Card with the required contents
3- Test the correct activation of the Smart Card
4-Test the acceptance of transactions coming from the IVR channel - C . 1- Test the correct activation of the Smart Card
2- Test the correct pre-activation of the Smart Card
3- Test the correct charge of the Smart Card with the required contents
4- Test the acceptance of transactions coming from the IVR channel - D . 1- Test the correct pre-activation of the Smart Card
2- Test the correct activation of the Smart Card
3- Test the correct charge of the Smart Card with the required contents
4- Test the acceptance of transactions coming from the IVR channel
You are the Test Manager for a project to develop a client-server application that allows wine vendors to order custom-assorted packages of wines of several winemakers to sell special packages in their wine shops.
You decide to apply a blended risk-based and reactive testing strategy. Below the exit criteria for the system testing.
EXCR1- Each “critical” quality risk item must be covered by at least one test condition
EXCR2- Each “critical” requirement must be covered by at least one test condition
The following are the “critical” requirements of the application:
REQ-SEL-1. The application shall allow the user to order only one package at a time
REQ-SEL-2. The application shall allow the user to select between four different packages (2-bottles, 6-bottles, 12-bottles, 15-bottles)
REQ-SEL-3. The application shall allow the user to order a package containing at least 1 bottle and no more bottles than the package size. No error messages shall be displayed if the user selects a valid number of bottles (at least 1 bottle and no more than the package size)
REQ-SEL-4. The application shall display an error message “Invalid number of bottles” if an invalid number of bottles is selected by the user (zero bottles or a number higher than the package size)
REQ-PAY-1. The application shall allow the user to pay with the three accepted credit cards (Visa, MasterCard, American Express)
REQ-PAY-2. The application shall display an error message “Invalid credit card” if invalid credit card data are given by the user
The following is the unique “critical” quality risk item that has been identified:
CR-RSK-1. The GUI of the application might accept non-integer values for the input field designed to get the number of bottles from the user
Test analysis for system testing has just begun and the following test conditions have been identified.
TC-SEL-2. Test the selection of the package sizes
TC-SEL-4. Test wrong numbers of bottles for an order
TC-CR-RSK-1. Test the accepted values from the input field designed to get the number of bottles from the user
What is the MINIMUM number of test conditions that must be added to fulfill both the EXCR1 and EXCR2 exit criteria? K3 2 credits
- A . 4
- B . 3
- C . 2
- D . 1
The following are the exit criteria described in the test plan of a software product:
EX1. The test suite for the product must ensure that at least each quality risk item is covered by at least one test case (a quality risk item can be covered by more test cases).
EX2. All test cases in the test suite must be run during the execution phase.
EX3. Defects are classified into two categories: “C” (critical defect) and “NC” (non-critical defect). No known C defects shall exist in the product at the end of the test execution phase.
Which of the following information is useless when the specified exit criteria is evaluated?
K2 1 credit
- A . A traceability matrix showing the relationships between the product risk items and the test cases
- B . A list of all the open defects with the associated classification information extracted from the defect tracking system
- C . A chart, showing the trend in the lag time from defect reporting to resolution, extracted from the defect tracking system
- D . The execution status of all the test cases extracted from the test management tool
Which of the following statements describing the consequences of specifying test conditions at a detailed level is NOT true? K2 1 credit
- A . In an environment where the test basis is continuously changing, it is recommended to
specify test conditions at a detailed level in order to achieve a better maintainability - B . The specification of test conditions at a detailed level can be effective when no formal requirements or other development work products are available
- C . The specification of test conditions at a detailed level can require the implementation of an adequate level of formality across the team
- D . For system testing, the specification of test conditions at a detailed level, carried out early in the project as soon as the test basis is established, can contribute to defect prevention
Which of the following is an example of the test closure activity indicated as "lessons learned"?
K2 1 credit
- A . Archive all the test results of the acceptance testing phase
- B . Deliver a list of the open defects of a software product released into production to the service desk team
- C . Participate in a meeting at the end of a project aimed at better managing the events and problems of future projects
- D . Deliver an automated regression test suite, used during the system test phase of a software product released into production, to the team responsible for maintenance testing
You are the Test Manager for a project to develop a client-server application that allows wine vendors to order custom-assorted packages of wines of several winemakers to sell special packages in their wine shops.
You decide to apply a blended risk-based and reactive testing strategy. Below the exit criteria for the system testing.
EXCR1- Each “critical” quality risk item must be covered by at least one test condition
EXCR2- Each “critical” requirement must be covered by at least one test condition
The following are the “critical” requirements of the application:
REQ-SEL-1. The application shall allow the user to order only one package at a time
REQ-SEL-2. The application shall allow the user to select between four different packages (2-bottles, 6-bottles, 12-bottles, 15-bottles)
REQ-SEL-3. The application shall allow the user to order a package containing at least 1 bottle and no more bottles than the package size. No error messages shall be displayed if the user selects a valid number of bottles (at least 1 bottle and no more than the package size)
REQ-SEL-4. The application shall display an error message “Invalid number of bottles” if an invalid number of bottles is selected by the user (zero bottles or a number higher than the package size)
REQ-PAY-1. The application shall allow the user to pay with the three accepted credit cards (Visa, MasterCard, American Express)
REQ-PAY-2. The application shall display an error message “Invalid credit card” if invalid credit card data are given by the user
QUSTION NO: 11
The following is the unique “critical” quality risk item that has been identified:
CR-RSK-1. The GUI of the application might accept non-integer values for the input field designed to get the number of bottles from the user
Test analysis for system testing has just begun and the following test conditions have been identifieD.
TC-SEL-2. Test the selection of the package sizes
TC-SEL-4. Test wrong numbers of bottles for an order
TC-CR-RSK-1. Test the accepted values from the input field designed to get the number of bottles from the user
Assume that you have used traceability to determine the logical test cases that cover all the requirements and the single risk item identified in that scenario.
Which of the following is a positive logical test that is complete and correct, and covers the REQ-SEL-4 requirement?
K3 2 credits
- A . Select a 6-bottles package, then try to insert 5 bottles; verify that no error messages are displayed
- B . Select a 6-bottles package, then try to insert 7 bottles; verify that no error messages are displayed
- C . Select a 6-bottles package, then try to insert 7 bottles; verify that the "Invalid number of bottles" message is displayed
- D . Select a 6-bottles package, then try to insert 7 bottles
Which of the following statements best describes an appropriate approach for managing exploratory testing? Number of correct responses: 1 K2 1 credit
- A . Define very detailed mission statements, which allow testing work to be broken into sessions of up to 10 minutes duration in which testing is guided by these mission statements
- B . Break the testing work in 30 to 120 minutes sessions and use properly defined mission statements consisting of two or three sentences to guide testing during these sessions
- C . Define very generic charters to drive exploratory testing sessions of 2 days where testers are completely free to decide what to test
- D . Exploratory testing should not be managed because such testing is inherently unmanageable and not measurable
The following chart plots the cumulative number of defects opened against the cumulative number of defects closed during system testing of a software product.
Which of the following statements is true? K2 1 credit
- A . The chart indicates that you have plenty of problems left to find
- B . The chart can be used to reveal test progress problems
- C . The chart seems to indicate that the defect management process is not working well
- D . The chart seems to indicate that the defect management process is working well
Which of the following statements, about the test reporting activities for a project adopting an iterative lifecycle model with very short iterations (e.g. two weeks iterations), is correct?
K2 1 credit
- A . Test reporting activities can’t be influenced by the use of an iterative lifecycle model with short iterations
- B . Test reporting activities are not important for projects adopting an iterative lifecycle model with short iterations
- C . Test reporting activities are less important for projects adopting an iterative life cycle model with short iterations. They should be performed at the end of the last iteration
- D . Test reporting activities are still important with an iterative lifecycle. The reports can be
used to conduct post-iteration review sessions before starting with the next iteration
You are the Test Manager on a project following an iterative life-cycle model. The project should consist of nine iterations of one month duration each. It is planned to develop the most important features to have a stable core of the application in the first three iterations and to add the additional features in the last six iterations.
At the beginning of the first iteration, only a draft version of the requirements specification document for the core features is available. Assume that during each of the first three iterations, the chosen features are fully completed and unit tested.
Which of the following statements is true in this context? K4 3 credits
- A . The system test phase should start when all the requirements are frozen
- B . You should allocate a large effort for system testing during the first three iterations
- C . You should allocate all the effort for the system test phase only in the last iteration
- D . You should apply the same test strategy as used in a sequential life cycle model
Which of the following statements describing how identified product quality risks should be mitigated and managed, is true? K2 1 credit
- A . The extent of re-testing and regression testing activities should be based on the risk level
- B . The identification of new risks, the re-assessment of the level of existing risks and the evaluation of the effectiveness of risk mitigation activities should only occur at the very beginning of a project
- C . Risk mitigation of product quality risks can be effective only after starting test execution
- D . The priority of the development and execution of tests should not be based on the risk level but only on the likelihood