Unit 2 :

1. With the help of diagram describe client-server testing.

In Client-server testing there are several clients communicating with the server.
1. Multiple users can access the system at a time and they can communicate with the server.
2. Configuration of client is known to the server with certainty.
3. Client and server are connected by real connection.
Testing approaches of client server system:
1. Component Testing:
One need to define the approach and test plan for testing client and server individually.
When server is tested there is need of a client simulator, where as testing client a server simulator, and to
test network both simulators are used at a time.
2. Integration testing:
After successful testing of server, client and network, they are brought together to form system
testing.
3. Performance testing:
System performance is tested when number of clients are communicating with server at a time.
Volume testing and stress testing may be used for testing, to test under maximum load as well as normal
load expected. Various interactions may be used for stress testing.
4. Concurrency Testing:
It is very important testing for client-server architecture. It may be possible that multiple users may
be accessing same record at a time, and concurrency testing is required to understand the behavior of a
system in this situation.
5. Disaster Recovery/ Business continuity testing:
When the client server are communicating with each other , there exit a possibility of breaking of the
communication due to various reasons or failure of either client or server or link connecting them. The
requirement specifications must describe the possible expectations in case of any failure.
6. Testing for extended periods:
In case of client server applications generally server is never shutdown unless there is some agreed
Service Level Agreement (SLA) where server may be shut down for maintenance. It may be expected that
server is running 24X7 for extended period. One needs to conduct testing over an extended period to
understand if service level of network and server deteriorates over time due to some reasons like memory
leakage.
7. Compatibility Testing:
Client server may be put in different environments when the users are using them in production.
Servers may be in different hardware, software, or operating system environment than the recommended.
Other testing such as security testing and compliance testing may be involved if needed, as per testing and
type of system.
2. Explain GUI testing with suitable example.
Graphics User Interface Testing (GUI) Testing is important part of application along with functionality as it
affects the usability.
Example: Consider any website like MSBTE, google, yahoo or any login form or GUI of any application to be
tested.
It includes following:
• All colors used for background, control colors, and font color have a major impact on users. Wrong
color combinations and bright colors may increase fatigue of users.
• All words, Fonts, Alignments, scrolling pages up and down, navigations for different hyperlinks and
pages, scrolling reduce usability.
• Error messages and information given to users must be usable to the user. Reports and outputs
produced either on screen or printed should be readable. Also paper size on printer, font, size of screen
should be consider.
• Screen layout in terms of number of instructions to users, number of controls and number of pages
are defined in low level design. More controls on single page and more pages reduce usability.

• Types of control on a single page are very useful considering usability.

• Number of images on page or moving parts on screen may affect performance. These are high-
priority defects. It has direct relationships with usability testing, look, and feels of an application. It affects
emotions of users and can improve acceptability of an application.
Advantages of GUI Testing:
• Good GUI improves feel and look of the application; it psychologically accepts the application by the
user.

• GUI represents a presentation layer of an application. Good GUI helps an application due to better
experience of the users.
• Consistency of the screen layouts and designs improves usability of an application.
Disadvantages of GUI Testing:

• When number of pages is large and number of controls in a single page is huge.
• Special application testing like those made for blind people or kids below age of five may need
special training for testers.
3. State process of Bi-directional Integration testing with two advantages and two disadvantages.
Bi- directional integration is a combination of the top-down & bottom-up integration approaches used
together to derive integration steps.

As shown in fig , assume that the software components become available in the order mentioned by the
component numbers. The individual components 1,2 ,3,4 and 5 are tested separately and bi-directional
integration performed initially with the use of stubs and drivers. Drivers are used to provide upstream
connectivity while stubs provide downstream connectivity .A driver is a function which redirects the
requests to some other components and stubs simulate the behavior of missing components. After the
functionality of these integrated components are tested, the drivers and stubs are discarded. Once
components 6,7 and 8 become available, the integration methodology then focus only on those components
, as there are the components which need focus and are new. This approach is also called “Sandwich
Integration”.
Advantages:
1. Sandwich approach is useful for very large projects having several subprojects.
2. Both Top-down and Bottom-up approach starts at a time as per development schedule. Units are tested
and brought together to make a system .Integration is done downwards.
Disadvantages:
1. It require very high cost for testing because one part has Top-down approach while another part has
bottom-up approach.
2. It cannot be used for smaller system with huge interdependence between different

4. Describe how to perform security and performance testing

Security Testing:
Testers must use a risk-based approach, By identifying risks and potential loss associated with those
risks in the system and creating tests driven by those risks, the testers can properly focus on areas of code
in which an attack is likely to succeed. Therefore risk analysis at the design level can help to identify potential
security problems and their impacts. Once identified ranked, software risks can help guide software security
Performance testing:
Performance testing is intended to find whether the system meets its performance requirements
under normal load or abnormal level of activities. Normal load must be defined by the requirement
statement defined by the customer and system design implements them. Performance criteria must be
expressed in numerical terms. Design verification can help in determining whether required measures have
been taken to meet performance requirements or not. This is one area where verification does not work to
that much extents and one needs to test it by actually performing the operation on the system.

5. Explain following concept related to web-based testing:

(1) Usability testing
(2) Compatibility testing
Usability testing related to web-based testing:
The presentation design emphasizing the interface between user and web application gives rise to
usability testing. The general guideline for usability testing
1. Do not force users to remember key information across document
2. Present information in a natural and logical order
3. All possible options like menus, links or buttons on web pages should be visible and accessible
from all web pages.
4. Check that link are active such that there are no erroneous or misleading links
5. Indicate similar concept through identical terminal and graphics.
6. Provide understandable instruction where useful.
7. The user should not get irritated while navigating through the web application .eliminate
information which is irrelevant or distracting.
8. Content writer should not mix the topics of information. There should be clarity in the information
being displayed
9. Organize information hierarchically, with more general information appearing before more specific
details encourage the user to delve as deeply as needed, but to stop whenever sufficient information has
been received
Compatibility testing related to web-based testing:
Web application may be put in different environment when the user is using them in production.
Server may be in different hardware, software or operating system environment than the recommended one.
Client browsers may differ significantly from the expected environmental variable. Testing must ensure that
performance is maintained on the range of hardware and software configuration and user must be
adequately protected in case of configuration mismatch.
The general guideline for compatibility testing:
1. There are number of different browsers and browser options. The web application has to be
designed to be compatible for majority of the browser.
2. The graphics have and other objects on website have to be tested on multiple browser.
3.There are different versions of HTML. Also there are other code has to be tested like Java , Javascript
, ActiveX etc.
 4. Test your web application on different operating systems like windows,Unix,MAC,Linux.

6. Describe following testing with example.

(1) Security testing
(2) Performance testing
Security testing
 It is a type of non-functional testing.
 Security testing is basically a type of software testing that‟s done to check whether the application or the
product is secured or not. It checks to see if the application is vulnerable to attacks, if anyone hack the system
or login to the application without any authorization.
 It is a process to determine that an information system protects data and maintains functionality as
intended.

 The security testing is performed to check whether there is any information leakage in the sense by
encrypting the application or using wide range of software‟s and hardware‟s and firewall etc.
 Software security is about making software behave in the presence of a malicious attack.
 The six basic security concepts that need to be covered by security testing are: confidentiality, integrity,
authentication, availability, authorization and non-repudiation.
2) Performance Testing
 Performance testing is testing that is performed, to determine how fast some aspect of a system performs
under a particular workload.
 It can serve different purposes like it can demonstrate that the system meets performance criteria.
Stress Testing:
 It is a type of non-functional testing.
 It involves testing beyond normal operational capacity, often to a breaking point, in order to
observe the results.
 It is a form of software testing that is used to determine the stability of a given system.
 It put greater emphasis on robustness, availability, and error handling under a heavy load, rather
than on what would be considered correct behavior under normal circumstances.

 The goals of such tests may be to ensure the software does not crash in conditions of insufficient
computational resources (such as memory or disk space).
LoadTesting:
 Load testing is a type of non-functional testing.
A load test is type of software testing which is conducted to understand the behavior of the
application under a specific expected load.
 Load testing is performed to determine a system‟s behavior under both normal and at peak
conditions.
 It helps to identify the maximum operating capacity of an application as well as any
bottlenecks and determine which element is causing degradation. E.g. If the number of users are
 increased then how much CPU, memory will be consumed, what is the network and bandwidth
response time.
 Load testing can be done under controlled lab conditions to compare the capabilities of
different systems or to accurately measure the capabilities of a single system.
Examples of load testing include:
 Downloading a series of large files from the internet.  Running multiple applications on a
computer or server simultaneously.

7. List any four advantages of acceptance test before launching any software.
1. Acceptance testing is phase after system testing that is normally done by the customer or representatives
of the customer. Due to that customer themselves to quickly judge the quality of the product.
2. Determine whether the software is fit for the user.
3. Making users confident about product.
4. Determine whether a software system satisfies its acceptance criteria.
5. Enables the buyer to determine whether to accept the system or not

8. Describe use of load testing and security testing in performance testing of facility of online result
display of MSBTE.
In case of testing of facility of online result display of MSBTE, Performance testing, will be a non-
functional testing technique performed to determine the system parameters in terms of responsiveness and
stability under various workload on the website. It will measures the quality attributes of the
Load testing –
It is the simplest form of testing conducted to understand the behavior of the system under a specific
load. Load testing will result in measuring number of critical transactions and load on the database,
application server, etc., are also monitored. It will show how the software will respond if the number of
students checking the result at the same time are more than specified. Response time of the system,
throughput, resource utilization,and Maximum user load will be checked by this type of testing.
Security Testing:
Security testing is a testing technique to determine if an information system protects data and
maintains functionality as intended. It also aims at verifying 6 basic principles as Confidentiality of the
MSBTE online result display system, Integrity of the software, authentication of the user who logs in to the
system to check the result with the help of valid seat number and enrollment number, authorization,
availability , and Nonrepudiation of the system.
9. How performance testing is performed? List steps involved in it?
i. Performance testing, a non-functional testing technique performed to determine the system parameters
in terms of responsiveness and stability under various workload.
ii. Performance testing measures the quality attributes of the system, such as scalability, reliability and
resource usage.
Techniques are:
Load testing - It is the simplest form of testing conducted to understand the behaviour of the system
under a specific load. Load testing will result in measuring important business critical transactions and load
on the database, application server, etc., are also monitored.
Stress testing - It is performed to find the upper limit capacity of the system and also to determine
how the system performs if the current load goes well above the expected maximum.
Soak testing - Soak Testing also known as endurance testing, is performed to determine the system
parameters under continuous expected load. During soak tests the parameters such as memory utilization
is monitored to detect memory leaks or other performance issues. The main aim is to discover the system's
performance under sustained use.
Spike testing - Spike testing is performed by increasing the number of users suddenly by a very large
amount and measuring the performance of the system. The main aim is to determine whether the system
will be able to sustain the workload.

10. Explain unit testing. State its additional requirements.

Unit Testing: Software product is made up of many units, each unit needed to be tested to find whether they
have implemented the design correctly or not.
Additional Requirements: The module under consideration might be getting inputs from another module or
the module is calling some another module. Some interface modules has to be simulated if required like
drivers and stubs.
Drivers:
The module where the required inputs for the module under test are simulated for the purpose of
module or unit testing is known as a Driver module. The driver module may print or interpret the results
produced by the module under test.
Stubs:
The module under testing may also call some other module which is not ready at the time of testing.
There is need of dummy modules required to simulate for testing, instead of actual modules. These are called
stubs.

11. Explain the performance testing and its criterias.

Performance testing:
Performance testing is intended to find whether the system meets its performance requirements
under normal load or abnormal level of activities. Normal load must be defined by the requirement
statement defined by the customer and system design implements them. Performance criteria must be
expressed in numerical terms. Design verification can help in determining whether required measures have
been taken to meet performance requirements or not. This is one area where verification does not work to
that many extents and one needs to test it by actually performing the operation on the system. It can serve
different purposes like it can demonstrate that the system meets performance criteria.
Criteria of Performance testing:
Stress Testing:
In stress testing the resources are used less than the requirement. If the system has limited resources
available, the response of the system may deteriorate due to non-availability of the resources. It tries to break
the system under test by overwhelming its resources in order to find the circumstances under which it will
crash. It is also a type of load testing. It is designed to determine the behavior of the software under abnormal
situations. In stress testing test cases are designed to execute the system in such a way that abnormal
conditions.
Load Testing:
When a system is tested with a load that causes it to allocate its resources in maximum amounts. The
idea is to create an environment more demanding than the application would experience under normal
workloads. Load is varied from minimum to the maximum level the system can sustain without running out
of resources. Load is being increased transactions may suffer excessive delays. Load testing involves
simulating real-life user load for the target application. It helps to determine how application behaves when
multiple users hits it simultaneously. Load testing can be done under controlled lab conditions to compare
the capabilities of different systems or to accurately measure the capabilities of a single system.

12. Explain the alpha testing. State its limitations.

Alpha testing is done by the customers in development environment in front of the development team.
Limitations:
1. Data provided by the customer may not represent actual data or business data. If data is created by testers
using any data definition technique, probability of such data occurring in real life must be checked and
validated by the customer.
2. Laboratory environment may not represent real life environment.
3. Key users deployed by customer may not be the people who are going to use the system in reality and also
may not be aware of actual working expectations from a new system.

13. Explain the Integration Testing and its two types. In each type, explain with example the steps of
integration.
Testing that occurs at the lowest level is called unit testing or module testing. As the units are tested
and the low-level bugs are found and fixed, they are integrated and integration testing is performed against
groups of modules. This process of incremental testing continues, putting together more and more pieces of
the software until the entire product or at least a major portion of it is tested at once in a process called
system testing.
With this testing strategy, it's much easier to isolate bugs. When a problem is found at the unit level,
the problem must be in that unit. If a bug is found when multiple units are integrated, it must be related to
how the modules interact. Of course, there are exceptions to this, but by and large, testing and debugging is
much more efficient than testing everything at once.
Types of Integration testing:
1). Top down Testing:
In this approach testing is conducted from main module to sub module. If the sub module is not
developed a temporary program called STUB is used for simulate the sub module.
Advantages :
Advantageous if major flaws occur toward the top of the program.
Once the I/O functions are added, representation of test cases is easier.
Early skeletal Program allows demonstrations and boosts morale.
Disadvantages:
Stub modules must be produced Stub Modules are often more complicated than they first appear to
be.
Before the I/O functions are added, representation of test cases in stubs can be difficult.
Test conditions may be impossible, or very difficult, to create.
Observation of test output is more difficult.
Allows one to think that design and testing can be overlapped.
Induces one to defer completion of the testing of certain modules.
2). Bottom up testing:
In this approach testing is conducted from sub module to main module, if the main module is not developed
a temporary program called DRIVERS is used to simulate the main module.
Advantages:
Advantageous if major flaws occur toward the bottom of the program.
 Test conditions are easier to create.
 Observation of test results is easier.
Disadvantages:
 Driver Modules must be produced.
 The program as an entity does not exist until the last module is added.
3). Bi-Directional Integration.
Bi-directional Integration is a kind of integration testing process that combines top-down and
bottom-up testing.
With an experience in delivering Bi-directional testing projects custom software development
services provide the best quality of the deliverables right from the development of software process.
Bi-directional Integration testing is a vertical incremental testing strategy that tests the bottom
layers and top layers and tests the integrated system in the computer software development process.
Using stubs, it tests the user interface in isolation as well as tests the very lowest level functions using
drivers. Bi-directional Integration testing combines bottom-up and top-down testing.
Bottom-up testing is a process where lower level modules are integrated and then tested.
This process is repeated until the component of the top of the hierarchy is analyzed.
It helps custom software development services find bugs easily without any problems.
Top down testing is a process where the top integrated modules are tested and the procedure is
continued till the end of the related module.
Top down testing helps developers find the missing branch link easily.

14. Explain the regression testing. State when the regression testing shall be done.
Regression testing a black box testing technique that consists of re-executing those tests that are
impacted by the code changes. These tests should be executed as often as possible throughout the software
development life cycle.
It is performed to validate the build that hasn't changed for a period of time. This build is deployed
or shipped to customers. A normal regression testing is performed to verify if the build has not broken any
other parts of the application by the recent code changes for defect fixing or for enhancement. It finds other
related bugs. It tests to check the effect on other parts of the program. Regression testing produces Quality
software. Validate the parts of software where changes occur. It validates parts of software which may be
affected by some changes but otherwise unrelated. It ensures proper functioning of the software, as it was
before changes occurred. It enhances quality of software, as it reduces the high risk bugs.

15. Describe how drivers and stubs can be used in unit testing with neat diagrams.
1. Drivers
1. Drivers are tools used to control and operate the software being tested.
2. One of the simplest examples of a driver is a batch file, a simple list of programs or commands that
are executed sequentially. In the days of MS-DOS, this was a popular means for testers to execute their test
programs.
3. They‘d create a batch file containing the names of their test programs, start the batch running, and
go home.
 4. With today‘s operating systems and programming languages, there are much more sophisticated
methods for executing test programs.
5. For example, a complex Perl script can take the place of an old MS-DOS batch file, and the Windows
Task Scheduler can execute various test programs at certain times throughout the day as shown in Figure
below :

2. Stubs
1. Stubs, like drivers, are white-box testing techniques.
2. Stubs are essentially the opposite of drivers in that they don‘t control or operate the software being
tested; they instead receive or respond to data that the software.
3. The Figure shows the general view of stub configuration.

16. What is load testing and stress testing? Describe with respect to system testing.
Stress testing is testing the software under less than ideal conditions. So subject your software to
low memory, low disk space, slow cpus, and slow modems and so on. Look at your software and determine
what external resources and dependencies it has. Stress testing is simply limiting them to bare minimum.
With stress testing you starve the software.
For e.g. Word processor software running on your computer with all available memory and disk
space, it works fine. But if the system runs low on resources you had a greater potential to expect a bug.
Setting the values to zero or near zero will make the software execute different path as it attempt to handle
the tight constraint. Ideally the software would run without crashing or losing data.
 Load testing is testing the software under customer expected load. In order to perform load testing
on the software you feed it all that it can handle. Operate the software with largest possible data files. If the
software operates on peripherals such as printer, or communication ports, connect as many as you can. If
you are testing an internet server that can handle thousands of simultaneous connections, do it. With most
software it is important for it to run over long periods. Some software‘s should be able to run forever without
being restarted. So Time acts as a important variable.
Stress testing and load testing can be best applied with the help of automation tools.
Stress testing and load testing are the types of performance testing.
The Microsoft stress utility program allows you to individually set the amounts of memory, disk
space, files and other resources available to the software running on the machine.
Example:
Open many number of browsers in the windows simultaneously.
Connect more than the specifies clients to the server.
Connect more than one printer to the system.

17. Describe any four testing approaches of web application.

Web application testing, a software testing technique exclusively adopted to test the applications that are
hosted on web in which the application interfaces and other functionalities are tested.
Web Application Testing -Techniques:
(1) Functionality Testing –
The below are some of the checks that are performed but not limited to the below list:
Verify there is no dead page or invalid redirects.
First check all the validations on each field.
Wrong inputs to perform negative testing.
Verify the workflow of the system.
Verify the data integrity.
(2) Usability testing -
To verify how the application is easy to use with.
Test the navigation and controls.
Content checking.
Check for user intuition.
(3) Interface testing –
Performed to verify the interface and the dataflow from one system to other.
(4) Compatibility testing-
Compatibility testing is performed based on the context of the application.
Browser compatibility
 Operating system compatibility
Compatible to various devices like notebook, mobile, etc.
(5) Performance testing –
Performed to verify the server response time and throughput under various load conditions.
Load testing –
It is the simplest form of testing conducted to understand the behaviour of the system
under a specific load. Load testing will result in measuring important business critical transactions and load
on the database, application server, etc. are also monitored.
Stress testing –
It is performed to find the upper limit capacity of the system and also to determine how
the system performs if the current load goes well above the expected maximum.
Soak testing –
Soak Testing also known as endurance testing, is performed to determine the system
parameters under continuous expected load. During soak tests the parameters such as memory utilization
is monitored to detect memory leaks or other performance issues. The main aim is to discover the system's
performance under sustained use.
Spike testing –
Spike testing is performed by increasing the number of users suddenly by a very large
amount and measuring the performance of the system. The main aim is to determine whether the system
will be able to sustain the work load.
(6) Security testing –
Performed to verify if the application is secured on web as data theft and unauthorized access
are more common issues and below are some of the techniques to verify the security level of the system.
Injection
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Insecure Direct Object References
Security Misconfiguration
Sensitive Data Exposure

18. Describe any two special tests in testing process.

Refer summer 17
19. Write a short note on :
(i) Load testing
(ii) Stress testing
(iii)Recovery testing
(iv)Usability testing
i)Load testing:
Load is testing the software under customer expected load. In order to perform load testing
on the software you feed it all that it can handle. Operate the software with largest possible data files. If the
software operates on peripherals such as printer, or communication ports, connect as many as you can. If
you are testing an internet server that can handle thousands of simultaneous connections, do it. With most
software it is important for it to run over long periods. Some software‘s should be able to run forever without
being restarted. So Time acts as a important variable.
ii) Stress testing:
Stress testing is testing the software under less than ideal conditions. So subject your software
to low memory, low disk space, slow cpus, and slow modems and so on. Look at your software and determine
what external resources and dependencies it has. Stress testing is simply limiting them to bare minimum.
With stress testing you starve the software. For e.g. Word processor software running on your computer
with all available memory and disk space, it works fine. But if the system runs low on resources you had a
greater potential to expect a bug. Setting the values to zero or near zero will make the software execute
different path as it attempt to handle the tight constraint. Ideally the software would run without crashing
or losing data.
iii) Recovery testing:
Recovery testing is a type of non-functional testing. Recovery testing is done in order to check
how fast and better the application can recover after it has gone through any type of crash or hardware
failure etc.
• Recovery testing is the forced failure of the software in a variety of ways to verify that
recovery is properly performed.
• Determining the feasibility of the recovery process.

• Verification of the backup facilities.

• Ensuring proper steps are documented to verify the compatibility of backup facilities.

• Providing Training within the team.

• Demonstrating the ability of the organization to recover from all critical failures.
• Maintaining and updating the recovery plan at regular intervals.
(iv)Usability testing:
Usability testing, a non-functional testing technique that is a measure of how easily the system
can be used by end users.It is difficult to evaluate and measure but can be evaluated based on the below
parameters:
• Levels of Skill required learn/use the software. It should maintain the balance for both
novice and expert user.

• Time required to get used to in using the software.

 • The measure of increase in user productivity if any.
• Assessment of a user's attitude towards using the software.
• Usability testing, a non-functional testing technique that is a measure of how easily the
system can be used by end users.
• It is difficult to evaluate and measure but can be evaluated based on the below parameters:

• Levels of Skill required learn/use the software. It should maintain the balance for both
novice and expert user.
• Time required to get used to in using the software.
• The measure of increase in user productivity if any.

20. Describe acceptance testing with its advantages.

• It is associated with overall & involves testing the product in user environment.
• These tests uncover the compatibility issues with the other systems available in the user
environment.

• It also uncovers the non-functional issues such as load & performance defects in the actual user
environment.
Advantages:
• It is conducted to ensure that system requirements meet business needs.

• The UAT process allows for any issues to be fixed before the system goes live.
• It helps in simulating the real-time user behavior and environment.
• It allows the company to improve the software quality by involving customer feedback.