Category: Interview Questions & Answers

Interview Questions for Ethical Hacking

In case you’re searching for Ethical Hacking Interview Questions and answers for Experienced or Fresher’s, you are at the correct place. The Ethical Hacking advertise is relied upon to develop to more than $5 billion by 2020, from just $180 million, as per Ethical Hacking industry gauges. In this way, despite everything you have the chance to push forward in your vocation in Ethical Hacking Development.

What is Ethical Hacking?

Answer: Ethical hacking is the process of intruding a network or a system to identify the threats or vulnerabilities present in them. This process enables us to fix the weaker areas of the systems or network in order to protect them from persons who try to attack them.

What is a Sniffing attack?

Answer: Sniffing is a procedure used by hackers to monitor and capture all the network packets with the help of sniffing tools. For example, this process is similar to tapping a phone call and listening to the ongoing conversation.

What the various sniffing tools available?

Answer: There are many sniffing tools available, all have their own features of gathering information and analyzing traffic. Some of the commonly used tools are listed below:

Wireshark
WinDump
Ettercap
Dsniff
EtherApe
MSN Sniffer

What is Phishing?

Answer: Phishing involves a process of contacting the target user by email, phone or text message and gathering sensitive information like credit card details, passwords, etc.

What is a firewall?

Answer: A firewall is a network security system that allows or blocks network traffic as per predetermined security rules. These are placed on the boundary of trusted and untrusted networks.

What is the difference between encryption and hashing?

Answer. Hashing is used to validate the integrity of the content, while encryption ensures data confidentiality and security. Encryption is a two-way function that includes encryption and decryption, while hashing is a one-way function that changes a plain text to a unique digest that is irreversible.

What is the difference between IP address and Mac address?

Answer: IP address: For every device, an IP address is assigned. The IP address is a number allocated to a connection of a network.
MAC address: A MAC address is a unique serial number assigned to every network interface on every device.
The major difference is MAC address uniquely identifies a device that wants to take part in a network while the IP address uniquely defines a connection of a network with an interface of a device

What is SQL injection?

Answer: Sql injections is a web hacking technique used to destroy a database. It executes malicious SQL statements and controls a database server behind a web application. Hackers make use of these statements to bypass the security measures of the application.

Why hackers use a keylogger?

Answer: Keylogger is a basic tool used by software companies to troubleshoot and check if there are any technical problems on their network or systems. But, hackers use these keyloggers to track the keystrokes of the user and gain access to their sensitive information.

What is Cryptojacking?

Answer: Malicious crypto mining or Cryptojacking is a type of online threat which uses the machine resources to mine forms of digital money known as cryptocurrency. This process can be carried out on a mobile device or on a computer.

Explain what is Network Sniffing?

A network sniffer monitors data flowing over computer network links. By allowing you to capture and view the packet level data on your network, sniffer tool can help you to locate network problems. Sniffers can be used for both stealing information off a network and also for legitimate network management.

What is Mac Flooding?

Mac Flooding is a technique where the security of given network switch is compromised. In Mac flooding the hacker or attacker floods the switch with large number of frames, then what a switch can handle. This make switch behaving as a hub and transmits all packets at all the ports. Taking the advantage of this the attacker will try to send his packet inside the network to steal the sensitive information.

Explain what is Pharming and Defacement?

Pharming: In this technique the attacker compromises the DNS ( Domain Name System) servers or on the user computer so that traffic is directed to a malicious site
Defacement: In this technique the attacker replaces the organization website with a different page. It contains the hackers name, images and may even include messages and background music

What do you mean by exploitation?

Answer. Exploitation is a part of programmed software or script that allows hackers to gain control over the targeted system/network and exploit its vulnerabilities. Mostly hackers use scanners like OpenVAS, Nessus, etc., to find these vulnerabilities.

What is defacement?

Answer. Defacement is an attack in which the hacker changes the visual appearance of a web page or website. The attacker replaces the firm’s site with the alternate page or sometimes opposite to the text of the website.

What is MIB?

Answer: Management Information Base(MIB) is a group of network objects which are manageable. These objects are a logical form of Physical networking components which are Simple Network Management Protocol(SNMP) Enabled. MIB’s store information about software versions, available storage disk space, IP address or port number.

What is ARP poisoning?

Answer. ARP (Address Resolution Protocol) poisoning is also known as ARP spoofing or ARP Poison routing. It is a form of attack where the attacker changes the MAC (Media Access Control) address and attacks the ethernet LAN network by changing the target computer’s ARP cache with forged requests and reply packets.

What is a Script kiddie?

Answer: A script kiddie is someone who lacks basic skills of programming knowledge and makes use of a simple software to perform an attack on a computer.

Explain what is NTP?

To synchronize clocks of networked computers, NTP (Network Time Protocol) is used. For its primary means of communication UDP port 123 is used. Over the public internet NTP can maintain time to within 10 milliseconds.

What is a Bot?

Answer: A bot is a script/program/software created to attack faster than humans.

Interview Questions & Answers

Interview Questions for Data Science

In this Data Science Interview Questions blog, we are going to introduce you to the most frequently asked questions on Data Science, Analytics and Machine Learning interviews. This article is the perfect guide for you to learn all the concepts required to clear a Data Science interview. To get in-depth knowledge on Data Science.
Before moving ahead, you may go through the recording of Data Science Interview Questions where our instructor has shared his experience and expertise that will help you to crack any Data Science.

What is Data Science?

Data Science is a blend of various tools, algorithms, and machine learning principles with the goal to discover hidden patterns from the raw data.

What is Selection Bias?

Selection bias is a kind of error that occurs when the researcher decides who is going to be studied. It is usually associated with research where the selection of participants isn’t random. It is sometimes referred to as the selection effect. It is the distortion of statistical analysis, resulting from the method of collecting samples. If the selection bias is not taken into account, then some conclusions of the study may not be accurate.

What are the different kernels functions in SVM?

There are four types of kernels in SVM.

Linear Kernel
Polynomial kernel
Radial basis kernel
Sigmoid kernel

What is pruning in Decision Tree?

When we remove sub-nodes of a decision node, this process is called pruning or opposite process of splitting.

Python or R – Which one would you prefer for text analytics?

The best possible answer for this would be Python because it has Pandas library that provides easy to use data structures and high performance data analysis tools.

What are Recommender Systems?

A subclass of information filtering systems that are meant to predict the preferences or ratings that a user would give to a product. Recommender systems are widely used in movies, news, research articles, products, social tags, music, etc.

What is Linear Regression?

Linear regression is a statistical technique where the score of a variable Y is predicted from the score of a second variable X. X is referred to as the predictor variable and Y as the criterion variable.

What is the difference between machine learning and deep learning?

Machine learning:
Machine learning is a field of computer science that gives computers the ability to learn without being explicitly programmed. Machine learning can be categorised in following three categories.

Supervised machine learning,
Unsupervised machine learning,
Reinforcement learning

Deep learning:
Deep Learning is a sub field of machine learning concerned with algorithms inspired by the structure and function of the brain called artificial neural networks.

What is TF/IDF vectorization ?

tf–idf is short for term frequency–inverse document frequency, is a numerical statistic that is intended to reflect how important a word is to a document in a collection or corpus. It is often used as a weighting factor in information retrieval and text mining. The tf-idf value increases proportionally to the number of times a word appears in the document, but is offset by the frequency of the word in the corpus, which helps to adjust for the fact that some words appear more frequently in general.

Do gradient descent methods always converge to same point?

No, they do not because in some cases it reaches a local minima or a local optima point. You don’t reach the global optima point. It depends on the data and starting conditions.

What is an Eigenvalue and Eigenvector?

Eigenvectors are used for understanding linear transformations. In data analysis, we usually calculate the eigenvectors for a correlation or covariance matrix. Eigenvectors are the directions along which a particular linear transformation acts by flipping, compressing or stretching. Eigenvalue can be referred to as the strength of the transformation in the direction of eigenvector or the factor by which the compression occurs.

What is ‘Naive’ in a Naive Bayes ?

The Naive Bayes Algorithm is based on the Bayes Theorem. Bayes’ theorem describes the probability of an event, based on prior knowledge of conditions that might be related to the event.

What is Systematic Sampling?

Systematic sampling is a statistical technique where elements are selected from an ordered sampling frame. In systematic sampling, the list is progressed in a circular manner so once you reach the end of the list, it is progressed from the top again. The best example of systematic sampling is equal probability method.

Explain cross-validation.

Cross-validation is a model validation technique for evaluating how the outcomes of statistical analysis will generalize to an Independent dataset. Mainly used in backgrounds where the objective is forecast and one wants to estimate how accurately a model will accomplish in practice.
The goal of cross-validation is to term a data set to test the model in the training phase (i.e. validation data set) in order to limit problems like overfitting and get an insight on how the model will generalize to an independent data set.

What is the Supervised Learning?

Supervised learning is the machine learning task of inferring a function from labeled training data. The training data consist of a set of training examples.
Algorithms: Support Vector Machines, Regression, Naive Bayes, Decision Trees, K-nearest Neighbor Algorithm and Neural Networks

Interview Questions & Answers

PHP Interview Questions Answers 2016

PHP Interview Questions Answers 2015 – 2016- As per my experience good interviewers hardly plan to ask any particular question during your interview, normally questions start with some basic concept of the subject and later they continue based on further discussion and what you answer −

What is PHP?

PHP is a recursive acronym for "PHP: Hypertext Preprocessor". PHP is a server side scripting language that is embedded in HTML. It is used to manage dynamic content, databases, session tracking, even build entire e-commerce sites. (more…)

Interview Questions & Answers

Core Java Interview Questions Answers 2016

What do you mean by Access Modifier?

Java provides access modifiers to set access levels for classes, variables, methods and constructors. A member has package or default accessibility when no accessibility modifier is specified.

What is protected access modifier?

Variables, methods and constructors which are declared protected in a superclass can be accessed only by the subclasses in other package or any class within the package of the protected members’ class. (more…)

Interview Questions & Answers

100 Top Hibernate Interview Questions Answers 2016

1. What’s Hibernate?
Hibernate is a popular framework of Java which allows an efficient Object Relational mapping using configuration files in XML format. After java objects mapping to database tables, database is used and handled using Java objects without writing complex database queries. (more…)

Interview Questions & Answers

Top 100 Node.js Interview Questions & Answers

1) What is node.js?
Node.js is a Server side scripting which is used to build scalable programs. Its multiple advantages over other server side languages, the prominent being non-blocking I/O. (more…)

Interview Questions & Answers

LoadRunner Interview Questions and Answers 2016

What are the types of Performance Testing?

Performance Testing is performed to evaluate application performance under some load and stress condition. It is generally measured in terms of response time for the user activity. It is designed to test the whole performance of the system at high load and stress condition.
Types of Performance Testing:
– Load: analogous to volume testing and determine how application deal with large task.
– Stress: examine application behavior under peak bursts of activity.
– Capacity: measure overall capacity and determine at what time response time become unacceptable.

What are tools of performance testing?

Following are some popular commercial testing tools are:
– LoadRunner(HP): this for web and other application. It provides a variety of application environments, platforms and database. Number of server monitors to evaluate the performance measurement of each component and tracking of bottlenecks.
– QAload(Compuware): used for load testing of web, database and char-based system.
– WebLoad(RadView): it allows comparing of running test vs. test metrics.
– Rational Performance Tester (IBM): used to identify presence and cause of system performance bottlenecks.
– Silk Performer (Borland): allow prediction of behavior of e-business environment before it is deployed, regardless of size and complexity.

What are the components of Load Runner?

Load Runner contains the following components:
– Virtual User Generator: captures end-user business process and creates an automated performance testing scripts, known as Vuser script.
– Controller: organizes drives, manages and monitor the load test.
– Load generators: creates the load by running Vusers.
– Analysis: helps to view, dissect and compare the performance results.
– Launcher: provides a single point of access for all of the LoadRunner components.

How to Configuring Load Runner Monitors?

Configuring Load Runner Monitors
1. Go to run tab of controller window.
2. Select the corresponding monitor.
3. Drag and drop the monitor into any graphs.
4. Right click on graph and select add measurements.
5. Click on ADD and enter the machine name of the Web/App/DBserver
6. Click on ADD and select the required performance counter to be measured during the scenario.
7. Click on OK.

What is Vusers?

– Vuser: In LoadRunner virtual user are used to perform the task which is executed by the human on the application. Vuser perform the action of human working with application. When workstations allow only one single human user to work, Many Vusers can concurrently work on a single workstation.
– Vuser Scripts: It is the script which contain s all the details of the work performed by the Vuser to complete the specific task. Each Vuser executes a Vuser script when we run a scenario. Vuser script contains the function that measure and record the performance of the application or application components.

Explain LoadRunner Testing process.

We can easily create and run load test scenario by following below process:
– Planning test: a thorough test plan is required for successful load testing.
– Creating Vuser Script: script contain task performed by each Vuser or multiple Vuser.
– Creating the Scenario: Scenario describes event that occur during a testing session. It includes list of machine on which Vuser run, list of script that Vuser run and no of Vuser.
– Running the Scenario: emulate load on server by instructing multiple Vusers to perform task.
– Monitoring Scenario: By executing LR online run-time, transaction resources, database resources and firewall resources can be monitors.
– Analyzing results: Graphs and reports are used to analyze the performance of application.

Why VUGen is used in LR?

The Virtual User Generator (VUGen) enables to develop Vuser scripts for a variety of application types and communication protocols. It is used to record and run the scripts. Running scripts form VUGen is useful when debugging. It tells how Vuser scripts will run when executed as a part of scenario. While recording a Vuser scripts it generates functions those action which is performed during the recording session. VUGen inserts these generated functions into VUGen editor to create a basic Vuser Script.

(more…)

Interview Questions & Answers

Software Testing Interview Questions Answers

Software Testing Interview Questions Answers 2016 – Here you can find latest software interview questions list…

Define performance and stress testing.

Performance Testing: Performance Testing is performed to evaluate application performance under some load and stress condition. It is generally measured in terms of response time for the user activity. It is designed to test the whole performance of the system at high load and stress condition.
Stress testing: It involves imposing the database with heavy loads. Such as, large numbers of users access the data from the same table and that table contains large number of records.

What is Endurance Testing?

Endurance testing: in this testing we test application behavior against the load and stress applies over application for a long duration of time. The goal of this testing are:
– To determine the how the application is going to responds for high load and stress conditions in the real scenario.
– To ensure that the response times in highly load and stress conditions are within the user’s requirement of response time.
– Checks for memory leaks or other problems that may occur with prolonged execution.

What is End-to-End testing?

In End-to-End Testing we take the application from the starting phase of the development cycle till the ending of the development cycle. We can simple say that it comes into play when we take requirement from the customer till the end of the delivery of the application. The purposes of End-to-End testing are:
– Validates the software requirements and checks it is integrated with external interfaces.
– Testing application in real world environment scenario.
– It involves testing of interaction between application and database.
– Executed after functional and system testing.
– End-to-End testing is also called Chain Testing.

What is Gorilla Testing?

A test technique that involves testing with various ranges of valid and invalid inputs a particular module or component functionality extensively. In Gorilla testing test case and test data are not required. It uses random data and test cases to perform testing of application. The purpose of Gorilla testing is to examine the capability of single module functionality by applying heavy load and stress to it. And determine how much load and stress it can tolerate without getting crashed.

Why we need Localization Testing?

Localization testing mainly deals with the functionality of application and GUI of the application. The purposes of using Localization testing are following:
– Mainly deal with internationalization and localization aspects of software.
– Evaluate how successfully the language is interpreted into a specific language.
– Translate GUI of application so that it can adapt to a particular region language and interface.

What is Metric?

Metric is a standard of measurement. Software metrics uses the statistical method for explaining the structure of the application. The software metric tells us the measurable things like number of bugs per lines of code. We can take the help of software metrics to make the decision regarding the application development. The test metrics is derived from raw test data because what cannot be measured cannot be managed. Software metric also helps the Project Management team to manage the project like schedule for development of each phase.

Explain Monkey testing.

Monkey testing is a type of Black Box Testing used mostly at the Unit Level. In this tester enter the data in any format and check the software is not crashing. In this testing we use Smart monkey and Dumb monkey.
Smart monkeys are used for load and stress testing, they will help in finding the bugs. They are very expensive to develop.
Dumb monkey are important for basic testing. They help in finding those bugs which are having high severity. Dumb monkey are less expensive as compare to Smart monkeys.
Example: In phone number filed Symbols are entered.

What is Negative Testing?

Negative Testing is performed to find the situation when the software crashed. It is a negative approach, in this tester try to put efforts to find the negative aspects of the application. Negative testing ensures that application can handle the invalid input, incorrect data and incorrect user response. For example, when user enters the alphabetical data in a numeric field, then error message should be display saying “Incorrect data type, please enter a number”.

What are the typical problems in web testing?

The following problem may arise in web testing:
– Functionality problems
– User Interface related problems
– Performance related problems
– Database related problems
– OS compatibility problems
– Browser compatibility problems
– Security related problems
– Load related problem
– Navigation problem

Write the test scenarios for testing a web site?

First we have to assume that Graphical User Interface (GUI) objects and elements of a website together is One Test Scenario. Then, we have to check all the links and buttons. Then we have to check all forms are working properly or not. Prepare Test Scenarios of the forms of a webpage. We can identify 4 different types of Test Scenarios of a form:
– Check the form with valid data in all the fields.
– Check the form with invalid data which violate the validations of fields in the form.
– Check the form by leaving some mandatory fields in the form.
– Check the form with existing record details.

While testing a website, which are the different configurations which will have to be considered?

These configurations may demand for change in strategy of the webpage. The most important factors that need consideration are following:
Hardware platform: some user may use the Mac platform, some may use Linux, while others may use Microsoft platform.
Browsers: browser and their versions also change the layout of the web page. Along with the browser versions, the different Plug-Ins also has to be taken into consideration. The resolution of the monitor also with color depth and text size is some of the other configurations.

What is the difference between authentication and authorization in web testing?

The differences between authentication and authorization are:
– Authentication is the process with which the system identifies the user whereas authorization is the process after the authentication process.
– The authentication is used to ensure that the user is indeed a user, who he claims to be whereas in authorization system will decide whether a particular task can be performed by the user.
– There are different types of authentications, which can be used like password based authentication, device based authentication whereas in authorization there are two types read only, and read write both.

Explain the different between HTTP and HTTPS?

The differences between HTTP and HTTPS are following:
– Hypertext Transfer Protocol is a protocol for information to be passed back and forth between web servers and clients. Https is refers to the combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) transport mechanism.
– HTTP use port number 80 whereas HTTPS use port number 443.
– HTTP can support the client asking for a particular file to be sent only if it has been updated after a certain date and time whereas Hypertext Transfer Protocol over Secure Socket Layer is built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server.

What is the difference between the static and dynamic website?

The differences between Static and Dynamic website are following:
– A static website contains Web pages with fixed content where as in Dynamic web site content of the web page change with respect to time.
– Static website are easy to create and don’t require any database design but in case of dynamic website it require good knowledge to develop the website with programming and database knowledge.
– In static website user cannot communicate with other and same information will be displayed to each user where as in dynamic website user may communicate with each other.

How do you perform testing on web based application using QTP?

We can do the performance testing using QTP by adding the web add-in in the QTP at the startup of the QTP. Now to make URL of the website available to the QTP we have to type the URL of the site. So that while running QTP will open the application and do the testing.

What is Cross Site Scripting?

Cross Site Scripting is a thread in the dynamic website. It is also known as XSS. Cross site scripting occurs when a web application gathers malicious data from a user. The data is collected in the hyperlink form which contains malicious content within it. It allows malicious code to be inserted into the web page. The web page can be a simple HTML code or a client side script. When the malicious code is inserted in page and clicked by some user, the malicious code becomes a part of the web request of the user. This request can also execute on the user’s computer and steal information.

What type of security testing you performed?

To perform the security testing tester try to attack the system. This is the best way to determine the lope hole in the security area of the application. Most of the systems use encryption technique to store passwords. In this we have to try to get access to the system by using different combinations of passwords. Another common example of security testing is to find if the system is vulnerable to SQL injection attacks. While performing the security testing, tester cannot do any changes in any of the following:
– Configuration of the application or the server
– Services running on the server
– Existing user or customer data hosted by the application

What are steps you will perform for securing a new web server?

Some of the important steps to be carried out for securing the web server are following:
– Minimize rights.
– Update permissions.
– Delete default data and scripts.
– Make use of software firewall.
– Enable and make use of IIS logging.
– Regular backup.

What is usability testing in web testing?

Usability testing perform with reference to the end user. In usability testing we find how easily end user can access the application. In terms of websites and software applications, usability is defined as the ease at which a person with no programming knowledge can use the software to complete the desired task.
Usability is comprised of following:
– Learnability is how easy it is for a new user to accomplish tasks the first time they visit your website.
– Memorability is how easy it is for someone to come back to using your website after they haven’t used it for a period of time.
– Efficiency is how quickly users can complete tasks on your site after they are familiar with its use.

What is difference between web based testing and windows based testing?

Web based testing is concerned with the following:
– Broken Links in the web pages.
– Performance of web like response time.
– Graphical User Interface
– Text on the page
Where as in Windows based testing we look for :
– Functionality
– Integration

What are the common bugs in web testing?

In Web based testing following bugs are very common:
– Issues in navigation of application
– Usability
– Cosmetic Issues and GUI Issues
– Functional Issues
– Performance issues – How time it takes to display the page to the user.
– Load – How much load an application can handle at any point in time.
– Stress – At how much load application will crash.
– Flow of data – Information which is entered by user is stored in correct format.
– If proper static information is not displayed along with text fields to enter data.
– Links are broken, default focus is not set in forms, tab key not working, all key board short cuts are not fully functional

What is the difference b/w desktop application testing and web testing?

Desktop Testing – Desktop application testing is standalone testing, it is independent of the other application which are executing on the different machines. In this application testing, tester need not worry about number of user.
Web testing – Web testing is related to client server. Web testing needs to have many testing’s like Usability, GUI, Load Testing, Performance Testing.

What is field validation in web testing?

Field validation is used to ensure that only correct data is entered into the field. We can select validation options to make sure that only correct format data can be entered into a field correctly. When validation options are selected, we can use the FileMaker Pro to displays a message when user enter data in incorrectly format. For example, you can set an option to require that users enter a value in a field. The field validations check the format of the data. To ensure this we perform the validation testing in the website. Like the email field must contain the data in email@domain.com format.

What is focus testing in website?

Focus testing is used to test that when we open a webpage the cursor automatically blink on the particular field. Like in the case of Gmail login page. When we open the Gmail login page the cursor automatically blinks on the username filed. This is the Focus testing in website.

Explain some web testing tools.

Some of the webs testing tools are discussed below:
– JMeter (load and performance tester): JMeter is a Java desktop application which is used to create the load test environment and measure performance of the application during load test. It can be used for examine the performance of static and dynamic website.
– Selenium (Web app testing tool ): Selenium is a contains several application like Selenium IDE, Selenium Remote Control and Selenium Grid to examine and evaluate the web application.

What is website testing?

Website testing is a type of software testing which deal with the testing of the website. Website testing is performing on website to check the functionality, performance, usability, database related issues and browser related issues. To perform this testing we have so many tools like JMeter, Selenium, QTP etc.

What is Path Testing?

Path testing is a testing in which tester ensure that every path of the application should be executed at least once. In this testing, all paths in the program source code are tested at least once. Tester can use the control flow graph to perform this type of testing.

What is Performance Testing?

Performance Testing is focused on verifying the system performance requirements like response time, Transactional throughput and number of concurrent users. It is used to accurately measure the End-to-End performance of a system. It identifies the loop holes in Architectural Design which helps to tune the application.
It includes the following:
– Emulating ‘n’ number of users interacting with the system using minimal hardware.
– Measuring End-User’s Response time.
– Repeating the load consistently.
– Monitoring the system components under controlled load.
– Providing robust analysis and reporting engines.

What is the difference between baseline and benchmark testing?

The difference between baseline and benchmark testing are:
– Baseline testing is the process of running a set of tests to capture performance information whereas Benchmarking is the process of comparing application performance with respect to industry standard that is given by some other organization.
– Baseline testing use the information collected to made the change in the application to improve performance and capabilities of the application whereas benchmark information where our application stands with respect to others.
– Baseline compares present performance of application with its own previous performance where as benchmark compares our application performance with other companies application’s performance.

What is test driver and test stub?

– The Stub is called from the software component to be tested. It is used in top down approach.
– The driver calls a component to be tested. It is used in bottom up approach.
– Both test stub and test driver are dummy software components.
We need test stub and test driver because of following reason:
– Suppose we want to test the interface between modules A and B and we have developed only module A. So we cannot test module A but if a dummy module is prepare, using that we can test module A.
– Now module B cannot send or receive data from module A directly so, in these cases we have to transfer data from one module to another module by some external features. This external feature used is called Driver.

What is Agile Testing?

Agile Testing means to quickly validation of the client’s requirements and make the application of high quality user interface. When the build is released to the testing team, testing of the application is started to find the bugs. As a Tester, we need to focus on the customer or end user requirements. We put the efforts to deliver the quality product in spite of short time frame which will further help in reducing the cost of development and test feedbacks will be implemented in the code which will avoid the defects coming from the end user.

Explain bug life cycle.

Bug Life Cycle:
– When a tester finds a bug .The bug is assigned NEW or OPEN with status,
– The bug is assigned to development project manager who will analyze the bug .He will check whether it is a valid defect. If not valid bus is rejected, now status is REJECTED.
– If not, next the defect is checked whether it is in scope. When bug is not part of the current release .Such defects are POSTPONED
– Now, Tester checks whether similar defect was raised earlier. If yes defect is assigned a status DUPLICATE
– When bug is assigned to developer. During this stage bug is assigned a status IN-PROGRESS
– Once bug is fixed. Defect is assigned a status FIXED
– Next the tester will re-test the code. In case the test case passes the defect is CLOSED
– If test case fails again the bug is RE-OPENED and assigned to the developer. That’s all to Bug Life Cycle.

What is Matching Defects?

Matching Defects helps us to remove the locking of same defect in the bug in the application. While using QC, every time we lock a bug, QC saves the list of keywords from the Summary and Description Fields of the bug. When we search for similar defects in QC, keywords in these fields are matched with other defects which are locked previously. Keywords are more than two characters and they are not case sensitive. We have two methods to conduct search of similar defects.
– Finding Similar Defects: compare a selected defect with all other existing defects in project.
– Finding similar Text: compare a specific test string against all other existing defects in project.

What is Recovery Testing?

Recovery testing is done to check how fast and better the application can recover against any type of crash or hardware failure. Type or extent of recovery is specified in the requirement specifications. Recovery testing will enable customer to avoid any inconvenience that are generally associated with the loss of data and performance of the application. We can perform regular recovery testing in order to take backup of all necessary and important data.

What is Test Case?

A test case is a set of conditions which is used by tester to perform the testing of application to make sure that application is working as per the requirement of the user.
– A Test Case contains information like test steps, verification steps, prerequisites, outputs, test environment, etc
– The process of developing test cases can also enable us to determine the issues related to the requirement and designing process of the application.

In Test First Design what step you will follow to add new functionality into the project?

When we have to add new functionality our project, we perform the following steps:
– Quickly add a developer test: we need to create a test that ensures that new added functionality will not crash our project.
– Run your tests. Execute that test, to ensure that new add functionality does not crash our application.
– Update your production code. In this we update our code with few more functionality so that the code passes the new test. Like adding of error message in field where field can take only numeric data.
– Run your test suite again. If test fails, we have to do change in the code and perform retesting of the application.

What is Validation and Verification?

Verification: process of evaluating work-products of a development phase to determine whether they fulfill the specified requirements for that phase.
Validation: process of evaluating software during or at the end of the development process to determine whether it specified requirements.
Difference between Verification and Validation:
– Verification is Static testing where as Validations is Dynamic Testing.
– Verification takes place before validation.
– Verification evaluates plans, document, requirements and specification, where as Validation evaluates product.
– Verification inputs are checklist, issues list, walkthroughs and inspection where as in Validation testing of actual product.
– Verification output is set of document, plans, specification and requirement documents where as in Validation actual product is output.

What are different approaches to do Integration Testing?

Integration testing is black box testing. Integration testing focuses on the interfaces between units, to ensure that units work together to complete a specify task. The purpose of integration testing is to confirm that different components of the application interact with each other. Integration testing is considered complete, when actual results and expected results are same. There are mainly three approaches to do integration testing.
– Top-down Approach: Tests the components by integrating from top to bottom.
– Bottom-up approach: It takes place from the bottom of the control flow to the higher level components
– Big bang approach: In this are different module are joined together to form a complete system and then testing is performed on it.

Can you explain the elementary process?

Software applications are made up by the help of several elementary processes. There are two types of elementary processes:
– Dynamic elementary Process: The dynamic elementary involves process of moving data from one location to another location. The location can be within the application and outside the application.
– Static elementary Process: Static elementary involves maintaining the data of the application.

Explain the PDCA cycle.

Software testing is an important part of the software development process. In normal software development there are four important steps PDCA (Plan, Do, Check, Act) cycle. The four steps are discussed below:
– Plan: Define the goal and the plan for achieving that goal.
– Do: execute those plan strategy which is planned in plan phase
– Check: Check to make sure that everything is going according to the plan and gets the expected results.
– Act: Act according to that issue.

What are the categories of defects?

There are three main categories of defects:
– Wrong: The requirements are implemented incorrectly in the application.
– Missing: When requirement given by the customer and application is unable to meet those application.
– Extra: A requirement incorporated into the product that was not given by the end customer. This is always a variance from the specification, but may be an attribute desired by the user of the product.

What are different types of verifications?

Verification is static type of software testing which is started in earlier phase of development of software. In this approach we don’t execute the software that the reason it comes in static testing. The product is evaluated by going through the code. Types of verification are:
– Walkthrough: Walkthroughs are informal technique. Where the Developer leader organizing a meeting with team member to take feedback regarding the software. This can be used for the improvement of the software quality. Walkthrough are unplanned in the SDLC cycle.
– Inspection: Inspection is a done by checking of a software product thoroughly with the intention to find out defect and ensuring that software is meeting the user requirements.

Which test cases are written first: white boxes or black boxes?

Generally, black box test cases are written first and white box test cases later. To write black box test cases we need the requirement documents and design or project plan. All these documents are easily available in the earlier phase of the development. A black box test case does not need functional design of the application but white box testing needs. Structural design of the application is clearer in the later part of project, mostly while executing or designing. For black box testing you need to only analyze from the functional perspective which is easily available from a simple requirement document.

What is difference between latent and masked defect?

The difference between latent and masked defect are:
– A latent defect is an existing defect that has not yet caused a failure because the conditions that are required to invoke the defect is not meet.
– A masked defect is an existing defect that has not yet caused a failure just because another defect hides that part of the code from being executed where it is present.

What is coverage and what are the different types of coverage techniques?

Coverage is a measurement used in software testing to describe the degree to which the source code is tested. There are three basic types of coverage techniques as shown in the following figure:
– Statement coverage: This coverage ensures that each line of source code has been executed and tested.
– Decision coverage: This coverage ensures that every decision (true/false) in the source code has been executed and tested.
– Path coverage: In this coverage we ensure that every possible route through a given part of code is executed and tested.

Explain the concept of defect cascading?

Defect cascading is a defect which is caused by another defect. In this one defect invokes the other defect in the application. When a defect is present in any stage but is not identified, hide to other phases without getting noticed. This will result in increase in number of defects.

What are the basic elements of defect report format?

The basic elements of Defect Report Format are:
1. Project name
2. Module name
3. Defect detected on
4. Defect detected by
5. Defect id
6. Defect name
7. Snapshot of the defect(if the defect is in the non reproducible environment)
8. Priority, severity, status
9. Defect resolved by
10. Defect resolved on

What is destructive testing, and what are its benefits?

Destructive testing includes methods where material is broken down in to evaluate the mechanical properties, such as strength, toughness and hardness. For example, finding the quality of a weld is good enough to withstand extreme pressure and also to verify the properties of a material.
Benefits of Destructive Testing (DT)
– Verifies properties of a material
– Determines quality of welds
– Helps you to reduce failures, accidents and costs
– Ensures compliance with regulations

What is Use Case Testing?

Use Case: A use case is a description of the process which is performed by the end user for a particular task. Use case contains a sequence of step which is performed by the end user to complete a specific task or a step by step process that describe how the application and end user interact with each other. Use case is written by the user point of view.
Use case Testing: the use case testing uses this use case to evaluate the application. So that, the tester can examines all the functionalities of the application. Use case testing cover whole application.

What is Requirement Traceability Matrix?

The Requirements Traceability Matrix (RTM) is a tool to make sure that project requirement remain same throughout the whole development process. RTM is used in the development process because of following reasons:
– To determine whether the developed project is meet the requirements of the user.
– To determine all the requirements given by the user.
– To make sure the application requirement can be fulfilled in the verification process.

What is difference between Pilot and Beta testing?

The differences between these two are listed below:
– A beta test when the product is about to release to the end user whereas pilot testing take place in the earlier phase of the development cycle.
– In beta testing application is given to a few user to make sure that application meet the user requirement and does not contain any showstopper whereas in case of pilot testing team member give their feedback to improve the quality of the application.

Describe how to perform Risk analysis during software testing?

Risk analysis is the process of identifying risk in the application and prioritizing them to test. Following are some of the risks:
1. New Hardware.
2. New Technology.
3. New Automation Tool.
4. Sequence of code delivery.
5. Availability of application test resources.
We prioritize them into three categories these are:
– High magnitude: Impact of the bug on the other functionality of the application.
– Medium: it can be tolerable in the application but not desirable.
– Low: it can be tolerable. This type of risk has no impact on the company business.

What is Silk Test?

Silk Test is a tool developed for performing the regression and functionality testing of the application. Silk Test a tool is used when we are testing the applications which are based on Window, Java, web or traditional client/server. Silk Test help in preparing the test plan and management of those test plans, to provide the direct accessing of the database and validation of the field.

What is difference between Master Test Plan and Test Plan.

The differences between Master Plan and Test Plan are given below:
– Master Test Plan contains all the testing and risk involved area of the application where as Test case document contains test cases.
– Master Test plan contain all the details of each and every individual tests to be run during the overall development of application whereas test plan describe the scope, approach, resources and schedule of performing test.
– Master Test plan contain the description of every tests that is going to be performed on the application where as test plan only contain the description of few test cases. during the testing cycle like Unit test, System test, beta test etc
– Master Test Plan is created for all large projects but when it is created for the small project then we called it as test plan.

How to deal with not reproducible bug?

A bug cannot be reproduced for following reasons:
1. Low memory.
2. Addressing to non available memory location.
3. Things happening in a particular sequence.
Tester can do following things to deal with not reproducible bug:
– Includes steps that are close to the error statement.
– Evaluate the test environment.
– Examine and evaluate test execution results.
– Resources & Time Constraints must be kept in point.

What is the difference between coupling and cohesion?

The difference between coupling and cohesion is discussed below:
– Cohesion is the degree which is measure dependency of the software component that combines related functionality into a single unit whereas coupling means that binding the related functionality into different unit.
– Cohesion deals with the functionality that related different process within the single module where as coupling deals with how much one module is dependent on the other modules within the application.
– It is good to increase the cohesion between the software whereas increasing coupling is avoided.

What is the role of QA in a project development?

The role of Quality Assurance is discussed below:
– QA team is responsible for monitoring the process to be carried out for development.
– Responsibilities of QA team are planning testing execution process.
– QA Lead creates the time tables and agrees on a Quality Assurance plan for the product.
– QA team communicated QA process to the team members.
– QA team ensures traceability of test cases to requirements.

When do you choose automated testing over manual testing?

This choice between automated testing over manual testing can be based upon following factors:
1. Frequency of use of test case
2. Time Comparison (automated script run much faster than manual execution.)
3. Reusability of Automation Script
4. Adaptability of test case for automation.
5. Exploitation of automation tool

What are the key challenges of software testing?

Following are some challenges of software testing:
1. Application should be stable enough to be tested.
2. Testing always under time constraint.
3. Understanding the requirements.
4. Domain knowledge and business user perspective understanding.
5. Which tests to execute first?
6. Testing the Complete Application.
7. Regression testing.
8. Lack of skilled testers.
9. Changing requirements.
10. Lack of resources, tools and training.

What is difference between QA, QC and Software Testing?

Quality Assurance (QA): QA refers to the planned and systematic way of monitoring the quality of process which is followed to produce a quality product. QA tracks the outcomes and adjusts the process to meet the expectation.
Quality Control (QC): Concern with the quality of the product. QC finds the defects and suggests improvements. The process set by QA is implemented by QC. The QC is the responsibility of the tester.
Software Testing: is the process of ensuring that product which is developed by the developer meets the user requirement. The motive to perform testing is to find the bugs and make sure that they get fixed.

What is concurrent user hits in load testing?

When the multiple users, without any time difference, hits on a same event of the application under the load test is called a concurrent user hit. The concurrency point is added so that multiple Virtual User can work on a single event of the application. By adding concurrency point, the virtual users will wait for the other Virtual users which are running the scripts, if they reach early. When all the users reached to the concurrency point, only then they start hitting the requests.

What is difference between Front End Testing and Back End testing?

The differences between front and back end testing are:
– Front End Testing is performed on the Graphical User Interface (GUI).whereas Back End Testing involves databases testing.
– Front end consist of web site look where user can interact whereas in case of back end it is the database which is required to store the data.
– When ender user enters data in GUI of the front end application, then this entered data is stored in the database. To save this data into the database we write SQL queries.

What is Automated Testing?

The process of performing testing automatically which reduces the human intervention this is automation testing. The automation testing is carried out with the help of the some automation tool like QTP, Selenium, WinRunner etc. In automation testing we use a tool that runs the test script to test the application; this test script can be generated manually or automatically. When testing is completed then tools automatically generate the test report and report.

What is Testware?

The testware is:
– The subset of software which helps in performing the testing of application.
– Testware are required to plan, design, and execute tests. It contains documents, scripts, inputs, expected results, set-up and additional software or utilities used in testing.
– Testware is term given to combination of all utilities and application software that required for testing a software package.
Testware is special because it has:
1. Different purpose
2. Different metrics for quality and
3. Different users

What is Exhaustive Testing?

Exhaustive Testing, as the name suggests is very exhaustive. Exhaustive testing means to test every component in the application with every possible number of inputs. According to Principles of testing Exhaustive Testing is Impossible because exhaustive testing requires more time and effort to test the application for all possible number of inputs. This may lead to high cost and delay in the release of the application.

What is Gray Box Testing?

Gray box testing is the hybrid of black box and white box testing. In gray box testing, test engineer has the knowledge of coding section of the component and designs test cases or test data based on system knowledge. In this tester has knowledge of code, but this is less than the knowledge of white box testing. Based on this knowledge the test cases are designed and the software application under test treats as a black box & tester test the application from outside.

What is Integration Testing?

Integration testing is black box testing. Integration testing focuses on the interfaces between units, to ensure that units work together to complete a specify task. The purpose of integration testing is to confirm that different components of the application interact with each other. Test cases are developed with the purpose of exercising the interfaces between the components. Integration testing is considered complete, when actual results and expected results are same. Integration testing is done after unit testing. There are mainly three approaches to do integration testing:
– Top-down Approach tests the components by integrating from top to bottom.
– Bottom-up approach It takes place from the bottom of the control flow to the higher level components
– Big bang approach In this are different module are joined together to form a complete system and then testing is performed on it.

What is Scalability Testing?

Scalability testing is testing performed in order to enhanced and improve the functional and performance capabilities of the application. So that, application can meets requirements of the end users. The scalability measurements is done by doing the evaluating the application performance in load and stress conditions. Now depending upon this evaluation we improve and enhanced the capabilities of the application.

What is Software Requirements Specification?

– A software requirements specification is a document which acts as a contract between the customer and the supplier.
– This SRS contain all the requirement of the end user regarding that application. SRS can be used as a communication medium between the customer and the supplier.
– The developer and tester prepare and examine the application based on the requirements written in the SRS document.
– The SRS documented is prepared by the Business Analyst by taking all the requirements for the customer.

What is Storage Testing?

In Storage Testing we test those functionalities of the application which is responsible for storing the data into database. The data entered by the end user in GUI or front end, is the same data which is stored in the database. The storage testing determines that the data taken from the front end of the application is stored in correct place and in correct manner in the database.

What is Stress Testing?

Stress testing tests the software with a motive to check that the application do not crashes if we increase the stress on the application by increasing the large number of user working on the application. We can also apply the stress on the application firing the lots of process which cannot be handled by the application. We perform the stress testing on the application evaluate the application capabilities at or beyond the limits of its specified requirements to determine. Generally, this is a type of performance testing performed in a very high level of load and stress condition.

What is Test Harness?

A test harness is a collection of software and test data required to test the application by running it in different testing condition like stress, load, data- driven, and monitoring its behavior and outputs. Test Harness contains two main parts:
– Test execution engine
– Test script repository
Automation testing is the use of a tool to control the execution of tests and compare the actual results with the expected results. It also involves the setting up of test pre-conditions.

Can you define test driver and test stub?

– The Stub is called from the software component to be tested. It is used in top down approach.
– The driver calls a component to be tested. It is used in bottom up approach.
– Both test stub and test driver are dummy software components.
We need test stub and test driver because of following reason:
– Suppose we want to test the interface between modules A and B and we have developed only module A. So we cannot test module A but if a dummy module is prepare, using that we can test module A.
– Now module B cannot send or receive data from module A directly so, in these cases we have to transfer data from one module to another module by some external features. This external feature used is called Driver.

What is good design?

Design refers to functional design or internal design. Good internal design is indicated by software code whose overall structure is clear, understandable, easily modifiable, and maintainable; is robust with sufficient error-handling and status logging capability, and works correctly when implemented. Good functional design is indicated by an application whose functionality can be traced back to customer and end-user requirements.

What makes a good QA or Test manager?

A good QA or Test manager should have following characteristics:
– Knowledge about Software development process
– Improve the teamwork to increase productivity
– Improve cooperation between software, test, and QA engineers
– To improvements the QA processes
– Communication skills
– Ability to conduct meetings and keep them focused

What is Manual scripted Testing and Manual Support testing?

Manual Scripted Testing: Testing method in which the test cases are designed and reviewed by the team before executing it. It is done by manual testing teams.
Manual-Support Testing: Testing technique that involves testing of all the functions performed by the people while preparing the data and using these data from automated system. it is conducted by testing teams.

What is Fuzz testing, backward compatibility testing and assertion testing?

Fuzz Testing: Testing application by entering invalid, unexpected, or random data to the application this testing is performed to ensure that application is not crashing when entering incorrect and unformatted data.
Backward Compatibility Testing: Testing method which examines performance of latest software with older versions of the test environment.
Assertion Testing: Type of testing consisting in verifying if the conditions confirm the product requirements.

How does a client or server environment affect testing?

There are lots of environmental factors that affect the testing like speed of data transfer data transfer, hardware, and server etc while working with client or server technologies, testing will be extensive. When we have time limit, we do the integration testing. In most of the cases we prefer the load, stress and performance testing for examine the capabilities of the application for the client or server environment.