Answer. Requirement Traceability Matrix (RTM) is a document which records the mapping
between the high-level requirements and the test cases in the form of a table.
That’s how it ensures that the Test Plan covers all the requirements and links to their latest
version.
1.1.2 Q-9. What Is The Difference Between A Test Driver And Test Stub?
Answer. The test driver is a piece of code that calls a software component under test. It is
useful in testing that follows the bottom-up approach.
Test stub is a dummy program that integrates with an application to complete its
functionality. These are relevant for testing that uses the top-down approach.
Let’s take an example.
1. Let’s say there is a scenario to test the interface between modules A and B. We have
developed only module-A. Then we can test module-A only if we have real module-B
or a dummy module for it. In this case, we call module-B as the Test Stub.
2. Now, module-B can’t send or receive data directly from module-A. In such
scenario, we’ve to move data from one module to another using some external
features called Test Driver.
1.1.3 Q-10. What Are The Essential Qualities Of An Experienced QA Or Test Lead?
Answer. Following is the list of various testing types used by manual testers.
Unit testing
Integration testing
Regression testing
Shakeout testing
Smoke testing
Functional testing
Performance testing
Load testing
stress testing
Endurance testing
White box and Black box testing
Alpha and Beta testing
System testing
.
1.1.5 Q-12. What Are the Key Elements Of A Test Plan?
1
Reason for testing
The criteria for entrance and exit
Deliverables
Risk factors
Answer. A test case is a sequence of actions and observations that are used to verify the
desired functionality. A good test case helps to identify problems in the requirements or
design of an application.
Answer. Agile testing is a software testing process which evaluates a software from the
customer point of view. And it is important because this does not require Dev to complete
coding for starting QA. Instead, the coding and testing both goes hand in hand. However, it
may require continuous customer interaction.
.
Q-19. What Is the Difference Between Functional Requirement And Non-Functional
Requirement?
Answer. The functional requirement specifies how a product should run whereas a non-
functional requirement represents how it should be.
1.1.7.1 Functional Requirements.
Authentication
Business rules
Historical Data
Legal and Regulatory Requirements
External Interfaces
1.1.7.2 Non-Functional Requirements.
Performance
Reliability
Security
Recovery
Data Integrity
Usability
1.1.8 Q-20. How Comes the Severity And Priority Relate To Each Other?
Answer.
Severity – Represents the gravity/depth of the bug.
Priority – Specifies which bug should get fixed first.
Severity – Describes the application point of view.
Priority – Defines the user’s point of view.
1.1.9 Q-21. What Are Different Types Of Severity?
Answer. The severity of a bug can be low, medium or high depending on the context.
User Interface Defect – Low
Boundary Related Defects – Medium
Error Handling Defects – Medium
Calculation Defects – High
Misinterpreted Data – High
Hardware Failures – High
Compatibility Issues – High
Control Flow Defects – High
2
Load Conditions (Memory leakages under load testing) – High
1.1.10 Q-22. What Is Entry And Exit Criteria In Software Testing?
Answer.Entry criteria – It is a process that should run when a system begins. It includes
the following artifacts.
SRS (Software Requirement Specification)
FRS (Functional Requirement Specification)
Use case
Test-Case
Test-plan
Exit Criteria – It signals when the testing should complete and when should the product be
ready to release. It includes the following artifacts.
Test Summary Report
Metrics
Defect Analysis report
Answer. Test strategy is an approach to carry out the testing activity. It covers the
following.
Roles and responsibilities for each member.
Testing scope.
Test tools.
Test environment.
Testing schedule.
Associated risks.
1.1.11 Q-24. What Is Smoke Testing And What Is Sanity?
Answer.Smoke testing confirms the basic functionality works for a product. It requires you
to identify the most basic test cases for execution.
Sanity testing, on the other hand, ensures that the product runs without any logical errors.
For example, if we are testing a calculator app; we may multiply a number by 3 and check
whether the sum of the digits of the answer is divisible by 3.
1.1.12 Q-25. What Is the Difference Between A Bug, Defect, And Error?
Answer. A bug is usually same as the defect. Both of them represents an unexpected
behavior of the software.
However, an error would also fall in the same category. But in some cases, errors are fixed
values. For example – 404/405 errors in HTML pages.
Q-26. What Is The Difference Between High Level And Low-Level Test Case?
Answer.
High-level test cases cover the core functionality of a product like standard business
flows.
Low-level test cases are those related to user interface (UI) in the application.
Answer.
3
Defect leakage occurs at the Customer or the End-user side after the product delivery. If the
end user sees any issue in the application, then such bugs lead to Defect leakage. And this
process of finding bugs is also called as Bug Leakage.
Answer. BRD provides a detailed business solution for a project including the documentation
of customer needs and expectations.
BRD fulfills the following objectives.
Risk-based testing is the term used for an approach to creating a test strategy that is based
on prioritizing tests by risk. The basis of the approach is a detailed risk analysis and
prioritizing of risks by risk level. Tests to address each risk are then specified, starting with
the highest risk first.
4
projects, the developments are time-boxed, delivered, and then assembled into a working
prototype. This can very quickly give the customer something to see and use and to provide
feedback regarding the delivery and their requirements. Rapid change and development of
the product is possible using this methodology. However the product specification will need
to be developed for the product at some point, and the project will need to be placed under
more formal controls prior to going into production.
16. What is the difference between Testing Techniques and Testing Tools?
Testing technique: – Is a process for ensuring that some aspects of the application system or
unit functions properly there may be few techniques but many tools.
Testing Tools: – Is a vehicle for performing a test process. The tool is a resource to the
tester, but itself is insufficient to conduct testing
Component testing, also known as unit, module and program testing, searches for defects in,
and verifies the functioning of software (e.g. modules, programs, objects, classes, etc.) that
are separately testable. Component testing may be done in isolation from the rest of the
system depend-ing on the context of the development life cycle and the system. Most often
stubs and drivers are used to replace the missing software and simulate the interface
between the software components in a simple manner. A stub is called from the software
component to be tested; a driver calls a component to be tested.
a) Retesting is carried out to verify defect fix / fixes. Regression testing is done to check if
the defect fix / fixes have not impacted other functionality of the application that was
working fine before applying the code changes.
b) Retesting is planned based for the defect fixes listed in Build Notes. Regression testing is
generic and may not be always specific to any defect fix or code change and can be planned
as regional or full regression testing.
c) Retesting involves executing test cases that were failed earlier and regression testing
involves executing test cases that were passed earlier build i.e., functionality that was
working in earlier builds.
5
d) Retesting will involve rerunning failed test cases that are associated with defect(s) fixes
being verified. Regression testing does not involve verifying defect fix but only executing
regression test cases.
e) Retesting always takes higher priority over Regression testing i.e., Regression testing is
done after completing Retesting. In some projects where there are ample testing resources,
Regression testing is carried out in parallel with retesting.
f) Though Retesting and regression testing have different objectives and priorities, they
equally important for project’s success.
The answer depends on the risks for your industry, contract and special requirements
Software testing life cycle identifies what test activities to carry out and when (what is the
best time) to accomplish those test activities. Even though testing differs between
organizations, there is a testing life cycle.
The terms Priority and Severity are used in Bug Tracking to share the importance of a bug
among the team and to fix it.
Severity: Is found in the Application point of view
6
Priority- Is found in the User point of view
Severity- (tells the seriousness/depth of the bug)
1. The Severity status is used to explain how badly the deviation is affecting the build.
2. The severity type is defined by the tester based on the written test cases and
functionality.
Example
If an application or a web page crashes when a remote link is clicked, in this case clicking the
remote link by an user is rare but the impact of application crashing is severe, so the
severity is high and priority is low.
1. The Priority status is set by the tester to the developer mentioning the time frame to
fix a defect. If High priority is mentioned then the developer has to fix it at the
earliest.
2. The priority status is set based on the customer requirements.
Example
If the company name is misspelled in the home page of a website, then the priority is high
and the severity is low to fix it.
Few examples:
High Severity and Low Priority -> Application doesn't allow customer expected
configuration.
High Severity and High Priority -> Application doesn't allow multiple user's.
Low Severity and High Priority -> No error message to prevent wrong operation.
Low Severity and low Priority -> Error message is having complex meaning.
Or
Few examples:
Supposing, you try the wildest or the weirdest of operations in a software (say, to be
released the next day) which a normal user would not do and supposing this renders a run -
time error in the application,the severity would be high. The priority would be low as the
operations or the steps which rendered this error by most chances will not be done by a
user.
An example would be- you find a spelling mistake in the name of the website which you are
testing.Say, the name is supposed to be Google and its spelled there as 'Gaogle'. Though, it
doesn't affect the basic functionality of the software, it needs to be corrected before the
release. Hence, the priority is high.
7
A bug which is a show stopper. i.e., a bug due to which we are unable to proceed our
testing.An example would be a run time error during the normal operation of the
software,which would cause the application to quit abruptly.
Cosmetic bugs
A defect is a product anomaly or flaw, which is variance from desired product specification.
The classification of defect based on its impact on operation of product is called Defect
Severity.
10. What is the difference between High level and Low Level test case?
High level Test cases are those which cover major functionality in the application (i.e.
retrieve, update display, cancel (functionality related test cases), database test cases).
Low level test cases are those related to User Interface (UI) in the application.
In Software Testing, Risk Analysis is the process of identifying risks in applications and
prioritizing them to test.
13. What is the difference between Two Tier Architecture and Three Tier
Architecture?
In Two Tier Architecture or Client/Server Architecture two layers like Client and Server
is involved. The Client sends request to Server and the Server responds to the request by
fetching the data from it. The problem with the Two Tier Architecture is the server cannot
respond to multiple requests at the same time which causes data integrity issues.
The Client/Server Testing involves testing the Two Tier Architecture of user interface in the
front end and database as backend with dependencies on Client, Hardware and Servers.
In Three Tier Architecture or Multi Tier Architecture three layers like Client, Server and
Database are involved. In this the Client sends a request to Server, where the Server sends
the request to Database for data, based on that request the Database sends back the data to
Server and from Server the data is forwarded to Client.
The Web Application Testing involves testing the Three Tier Architecture including the User
8
interface, Functionality, Performance, Compatibility, Security and Database testing.
14. What is the difference between Static testing and dynamic testing?
Static Testing is a White Box testing technique where the developers verify or test their code
with the help of checklist to find errors in it, this type of testing is done without running the
actually developed application or program. Code Reviews, Inspections, Walkthroughs are
mostly done in this stage of testing.
Dynamic Testing is done by executing the actual application with valid inputs to check the
expected output. Examples of Dynamic Testing methodologies are Unit Testing, Integration
Testing, System Testing and Acceptance Testing.
Static Testing is more cost effective than Dynamic Testing because Static Testing is
done in the initial stage.
In terms of Statement Coverage, the Static Testing covers more areas than Dynamic
Testing in shorter time.
Static Testing is done before the code deployment where the Dynamic Testing is done
after the code deployment.
Static Testing is done in the Verification stage where the Dynamic Testing is done in
the Validation stage.
15. Explain Use case diagram. What are the attributes of use cases?
16. What is Web Application testing? Explain the different phases in Web
Application testing?
Web Application testing is done on a website to check its load, performance, Security,
Functionality, Interface, compatibility and other usability related issues. In Web application
testing, three phases of testing is done, they are,
In Web tier testing, the browser compatibility of the application will be tested for IE, Fire Fox
and other web browsers.
In Middle tier testing, the functionality and security issues were tested.
In Database tier testing, the database integrity and the contents of the database were tested
and verified.
9
17. Explain Unit testing, Interface Testing and Integration testing. Also explain the
types of integration testing in brief?
Unit testing
Unit Testing is done to check whether the individual modules of the source code are working
properly. i.e. testing each and every unit of the application separately by the developer in
developer's environment.
Interface Testing
Interface Testing is done to check whether the individual modules are communicating
properly one among other as per the specifications.
Interface testing is mostly used in testing the user interface of GUI application.
Integration testing
Integration Testing is done to check the connectivity by combining all the individual modules
together and test the functionality.
In Big Bang Integration Testing, the individual modules are not integrated until all the
modules are ready. Then they will run to check whether it is performing well.
Defects can be found at the later stage.It would be difficult to find out whether the defect
arouse in Interface or in module.
In Top Down Integration Testing, the high level modules are integrated and tested first. i.e
Testing from main module to sub module. In this type of testing, Stubs are used as
temporary module if a module is not ready for integration testing.
In Bottom Up Integration Testing, the low level modules are integrated and tested first i.e
Testing from sub module to main module. Same like Stubs, here drivers are used as a
temporary module for integration testing.
Alpha Testing:
Alpha Testing is mostly like performing usability testing which is done by the in-house
developers who developed the software or testers. Sometimes this Alpha Testing is done by
the client or an outsider with the presence of developer and tester. The version release after
alpha testing is called Alpha Release.
Beta Testing:
10
Beta Testing is done by limited number of end users before delivery, the change request
would be fixed if the user gives feedback or reports defect. The version release after beta
testing is called beta Release.
Gamma Testing:
Gamma Testing is done when the software is ready for release with specified requirements,
this testing is done directly by skipping all the in-house testing activities.
19. Explain the methods and techniques used for Security Testing?
a. Session Hijacking
Session Hijacking commonly called as "IP Spoofing" where a user session will be attacked on
a protected network.
b. Session Prediction
c. Email Spoofing
Email Spoofing is duplicating the email header ("From" address) to look like originated from
actual source and if the email is replied it will land in the spammers inbox. By inserting
commands in the header the message information can be altered. It is possible to send a
spoofed email with information you didn't write.
d. Content Spoofing
Content spoofing is a technique to develop a fake website and make the user believe that the
information and website is genuine. When the user enters his Credit Card Number, Password,
SSN and other important details the hacker can get the data and use if for fraud purposes.
e. Phishing
Phishing is similar to Email Spoofing where the hacker sends a genuine look like mail
attempting to get the personal and financial information of the user. The emails will appear
to have come from well known websites.
f. Password Cracking
11
1. Brute Force – The hacker tries with a combination of characters within a length
and tries until it is getting accepted.
2. Password Dictionary – The hacker uses the Password dictionary where it is
available on various topics.
SQL Injection is most popular in Code Injection Attack, the hacker attach the malicious code
into the good code by inserting the field in the application. The motive behind the injection is
to steal the secured information which was intended to be used by a set of users.
Apart from SQL Injection, the other types of malicious code injection are XPath Injection,
LDAP Injection, and Command Execution Injection. Similar to SQL Injection the XPath
Injection deals with XML document.
b. Penetration Testing:
Penetration Testing is used to check the security of a computer or a network. The test
process explores all the security aspects of the system and tries to penetrate the system.
c. Input validation:
Input validation is used to defend the applications from hackers. If the input is not validated
mostly in web applications it could lead to system crashes, database manipulation and
corruption.
d. Variable Manipulation
3. Database Level
a. SQL Injection
SQL Injection is used to hack the websites by changing the backend SQL statements, using
this technique the hacker can steal the data from database and also delete and modify it.
20. Explain IEEE 829 standards and other Software Testing standards?
An IEEE 829 standard is used for Software Test Documentation, where it specifies format for
the set of documents to be used in the different stages software testing. The documents are,
Test Plan- Test Plan is a planning document which has information about the scope,
resources, duration, test coverage and other details.
Test Design- Test Design document has information of test pass criteria with test conditions
and expected results.
Test Case- Test case document has information about the test data to be used.
Test Procedure- Test Procedure has information about the test steps to be followed and
how to execute it.
Test Log- Test log has details about the run test cases, test plans & fail status, order, and
the resource information who tested it.
Test Incident Report- Test Incident Report has information about the failed test comparing
the actual result with expected result.
Test Summary Report- Test Summary Report has information about the testing done and
quality of the software, it also analyses whether the software has met the requirements
given by customer.
12
The other standards related to software testing are,
22. What is the difference between bug log and defect tracking?
Bug Log: Bug Log document showing the number of defect such as open, closed, reopen or
deferred of a particular module
Defect Tracking- The process of tracking a defect such as symptom, whether reproducible
/not, priority, severity and status.
Integration Testing:
Regression Testing
It is re-execution of our testing after the bug is fixed to ensure that the build is free
from bugs.
Done after bug is fixed
It is done by Tester
It is an alternative form of Testing, where some colleagues were invited to examine your
work products for defects and improvement opportunities.
Some Peer review approaches are,
Inspection
It is a more systematic and rigorous type of peer review. Inspections are more effective at
finding defects than are informal reviews.
Ex: In Motorola's Iridium project nearly 80% of the defects were detected through
inspections where only 60% of the defects were detected through formal reviews.
Team Reviews: It is a planned and structured approach but less formal and less rigorous
comparing to Inspections.
Walkthrough: It is an informal review because the work product's author describes it to some
colleagues and asks for suggestions. Walkthroughs are informal because they typically do not
follow a defined procedure, do not specify exit criteria, require no management reporting,
and generate no metrics.
Or
13
program at a single workstation and continuously reviewing their work.
Example
Traceability Matrix is a document used for tracking the requirement, Test cases and the
defect. This document is prepared to make the clients satisfy that the coverage done is
complete as end to end, this document consists of Requirement/Base line doc Ref No., Test
case/Condition, Defects / Bug id. Using this document the person can track the Requirement
based on the Defect id.
27. Explain Boundary value testing and Equivalence testing with some examples?
Boundary value testing is a technique to find whether the application is accepting the
expected range of values and rejecting the values which falls out of range.
Exmple
A user ID text box has to accept alphabet characters ( a-z ) with length of 4 to 10
characters.
BVA is done like this, max value: 10 pass; max-1: 9 pass;
max+1=11 fail ;min=4 pass;min+1=5 pass;min-1=3 fail;
Like wise we check the corner values and come out with a conclusion whether the application
is accepting correct range of values.
Example
Security testing is the process that determines that confidential data stays confidential
Or
Testing how well the system protects against unauthorized internal or external access, willful
damage, etc?
This process involves functional testing, penetration testing and verification.
Installation testing is done to verify whether the hardware and software are installed and
14
configured properly. This will ensure that all the system components were used during the
testing process. This Installation testing will look out the testing for a high volume data,
error messages as well as security testing.
AUT is nothing but "Application Under Test". After the designing and coding phase in
Software development life cycle, the application comes for testing then at that time the
application is stated as Application Under Test.
Defect leakage occurs at the Customer or the End user side after the application delivery.
After the release of the application to the client, if the end user gets any type of defects by
using that application then it is called as Defect leakage. This Defect Leakage is also called as
Bug Leakage.
1. Project
2. Subject
3. Description
4. Summary
5. Detected By (Name of the Tester)
6. Assigned To (Name of the Developer who is supposed to the Bug)
7. Test Lead (Name)
8. Detected in Version
9. Closed in Version
10. Date Detected
11. Expected Date of Closure
12. Actual Date of Closure
13. Priority (Medium, Low, High, Urgent)
14. Severity (Ranges from 1 to 5)
15. Status
16. Bug ID
17. Attachment
18. Test Case Failed (Test case that is failed for the Bug)
Error Guessing is a test case design technique where the tester has to guess what faults
might occur and to design the tests to represent them.
Error Seeding is the process of adding known faults intentionally in a program for the reason
of monitoring the rate of detection & removal and also to estimate the number of faults
remaining in the program.
Ad hoc testing is concern with the Application Testing without following any rules or test
cases.
For Ad hoc testing one should have strong knowledge about the Application.
37. What is the difference between Software Testing and Quality Assurance (QA)?
15
Quality Assurance (QA) involves the entire software development PROCESS- monitoring and
improving the process, making sure that any agreed-upon standards and procedures are
followed, and ensuring that problems are found and dealt with. It is oriented to 'prevention'.
To approach a web application testing, the first attack on the application should be on its
performance behavior as that is very important for a web application and then transfer of
data between web server and .front end server, security server and back end server.
Mutation testing is a powerful fault-based testing technique for unit level testing. Since it is a
fault-based testing technique, it is aimed at testing and uncovering some specific kinds of
faults, namely simple syntactic changes to a program. Mutation testing is based on two
assumptions: the competent programmer hypothesis and the coupling effect. The competent
programmer hypothesis assumes that competent programmers turn to write nearly "correct"
programs. The coupling effect stated that a set of test data that can uncover all simple faults
in a program is also capable of detecting more complex faults. Mutation testing injects faults
into code to determine optimal test inputs.
57. How will you review the test case and how many types are there?
Or
Reviews:
1. Management Review
2. Technical Review
3. Code Review
4. Formal Review (Inspections and Audits)
5. Informal Review (Peer Review and Code Review)
objectives of Reviews:
Pilot testing involves having a group of end users try the system prior to its full
deployment in order to give feedback on IIS 5.0 features and functions.
Or
Pilot Testing is a Testing Activity which resembles the Production Environment.
It is Done Exactly between UAT and Production Drop.
Few Users who simulate the Production environment to continue the Business Activity
with the System.
16
They Will Check the Major Functionality of the System before going into production.
This is basically done to avoid the high-level Disasters.
Priority of the Pilot Testing Is High and Issues Raised in Pilot Testing has to be Fixed
As Soon As Possible.
BRS is Business Requirement Specification which means the client who want to make the
application gives the specification to software development organization and then the
organization convert it to SRS (Software requirement Specification) as per the need of the
software.
60. What is Smoke Test and Sanity Testing? When will use the Above Tests?
Smoke Testing: It is done to make sure if the build we got is testable or not, i.e to check
for the testability of the build also called as "day 0" check. Done at the 'build level'
Sanity Testing: It is done during the release phase to check for the main functionalities
without going deeper. Sometimes also called as subset of regression testing. When no
rigorous regression testing is done to the build, sanity does that part by checking major
functionalities. Done at the 'release level'
Debugging is finding and removing "bugs" which cause the program to respond in a way that
is not intended.
We can not perform 100% testing on any application. but the criteria to ensure test
completion on a project are:
1. All the test cases are executed with the certain percentage of pass.
2. Bug falls below a certain level
3. Test budget depleted
4. Dead lines reached (project or test)
5. When all the functionalities are covered in a test cases
6. All critical & high bugs must have a status of CLOSED
Ideally to test a web application, the components and functionality on both the client and
server side should be tested. But it is practically impossible
The best approach to examine the project's requirements, set priorities based on risk
analysis, and then determine where to focus testing efforts within budget and schedule
constraints.
To test a web application we need to perform testing for both GUI and client-server
architecture.
Based on many factors like project requirements, risk analysis, budget and schedule, we can
determine that what kind of testing will be appropriate for your project. We can perform unit
n integration testing, functionality testing, GUI testing, usability testing, compatibility
testing, security testing, performance testing, recovery testing and regression testing.
I'm well motivated, well-organized, good team player, dedicative to work and I've got a
strong desire to succeed, and I'm always ready and willing to learn new information and
17
skills.
For any Project, testing activity will be there from starting onwards, After the Requirements
gathering, Design Document (High and Low) will be prepared, that will be tested, whether
they are confirming to requirements or not, Design then Coding- White box will be done,
after the Build or System is ready, Integration followed by functional testing will be done, Till
the product or Project was stable. After the product or project is stable, then testing will be
stopped.
Test planning is done by test lead. As a test lead test planning begins when TRM is finalized
by project manager and handover to the test lead. Here test lead have some responsibilities
those are,
87. How involved where you with your Team Lead in writing the Test Plan?
As per my knowledge Test Member are always out of scope while preparing the Test Plan,
Test Plan is a higher level document for Testing Team. Test Plan includes Purpose, scope,
Customer/Client scope, schedule, Hardware, Deliverables and Test Cases etc. Test plan
derived from PMP (Project Management Plan). Team member scope is just go through TEST
PLAN then they come to know what all are their responsibilities, Deliverable of modules.
Test Plan is just for input documents for every testing Team as well as Test Lead.
Methodology
1. Spiral methodology
2. Waterfall methodology. these two are old methods.
3. Rational unified processing. this is from I B M and
4. Rapid application development. this is from Microsoft office.
101. Define Verification and Validation. Explain the differences between the two.
Verification - Evaluation done at the end of a phase to determine that requirements are
established during the previous phase have been met. Generally Verification refers to the
overall s/w evaluation activity, including reviewing, inspecting, checking and auditing.
Validation: - The process of evaluating s/w at the end of the development process to ensure
18
compliance with requirements. Validation typically involves actual testing and takes place
after verification is complete.
Or
Reliability: the probability that the software will not cause the failure of the system for a
specified time under specified conditions.
Testing is necessary because software is likely to have faults in it and it is better (cheaper,
quicker and more expedient) to find and remove these faults before it is put into live
operation. Failures that occur during live operation are much more expensive to deal with
than failures than occur during testing prior to the release of the software. Of course other
consequences of a system failing during live operation include the possibility of the software
supplier being sued by the customers!
Testing is also necessary so we can learn about the reliability of the software (that is, how
likely it is to fail within a specified time under specified conditions).
UAT stands for 'User acceptance Testing' This testing is carried out with the user perspective
and it is usually done before a release
UAT stands for User Acceptance Testing. It is done by the end users along with testers to
validate the functionality of the application. It is also called as Pre-Production testing.
116. What is the difference between a test strategy and a test plan?
19
Test
Test Case Input Expected Actual
Case Pass/Fail Remarks
Description Data Result Result
ID
1. Unit/component/program/module testing
2. Integration testing
3. System testing
4. Acceptance testing
111. What is the difference between UAT (User Acceptance Testing) and System
testing?
System Testing: System testing is finding defects when the system under goes testing as a
whole, it is also known as the end to end testing. In such type of testing, the application
undergoes from beginning till the end.
20
UAT: User Acceptance Testing (UAT) involves running a product through a series of specific
tests which determines whether the product will meet the needs of its users.
114. What is the difference between test scenarios, test cases and test script?
Difference between test scenarios and test cases is that
Test Scenarios: Test scenario is prepared before the actual testing starts, it includes plans
for testing product, number of team members, environmental condition, making test cases,
making test plans and all the features that are to be tested for the product.
Test Cases: It is a document that contains the steps that have to be executed, it has been
planned earlier.
Test Script: It is written in a programming language and it's a short program used to test
part of the functionality of the software system. In other words a written set of steps that
should be performed manually.
115. What is a Latent defect?
Latent defect: This defect is an existing defect in the system which does not cause any
failure as the exact set of conditions has never been met
116. What are the two parameters which can be useful to know the quality of test
execution?
To know the quality of test execution, we can use two parameters
Before Testing
During Testing
After the Testing
124. Explain what Test Plan is? What is the information that should be covered in
Test Plan?
A test plan can be defined as a document describing the scope, approach, resources, and
schedule of testing activities and a test plan should cover the following details.
Test Strategy
Test Objective
Exit/Suspension Criteria
Resource Planning
Test Deliverables
127. On what basis you can arrive at an estimation for your project?
To estimate your project, you have to consider following points
Task Member
21
Analyze software requirement specification All the members
129. Explain what is testing type and what are the commonly used testing type?
To get an expected test outcome, a standard procedure is followed which is referred as
Testing Type.
Commonly used testing types are
Q #5) Is Web application testing different from Desktop Application testing? Explain how.
Answer: Yes, there is a lot of difference between web application and desktop application.
This can be explained with the help of the below-mentioned table:
22
Web Application Desktop Application
Definition Web applications are the one which can Desktop applications are one
run on any client machine having the which are separately installed and
internet connection without any executed on the personal
installation of the execution file. computer.
Performance User actions, feedback, statistics can be User actions cannot be monitored
easily monitored as well as data updating as well as changes in data can be
in one place is reflected everywhere in only reflected at the machine.
web application.
1 Authentication is the process with which Authorization is the process with which system
the system identifies who the user is? identifies what user is authorized to do?
2 Authentication determines the identity of Authorization decides the privileges given to the
the user. user i.e. whether the user can access or
manipulate features of certain program.
3 There are different types of There are two types of authorizations, like read
authentications, like password based, only and read write both.
device based, etc.
4 For example: Within an organization, For example: Only account manager or person
each and every employee can login into in accounts department can access account
an intranet application. section.
Q #8) What are the types of Web testing security problems?
23
Answer: Few web security problems include:
Denial of Service (DOS) attack
Buffer overflow
Directly passing internal URL through browser address
Viewing other stats
Q #9) Define HTTP.
Answer: HTTP stands for Hypertext Transfer Protocol. HTTP is the data transfer protocol
which defines how messages are formatted and transferred over World Wide Web. HTTP also
determines the response of the actions performed by web servers and browsers.
For Example, when an URL is entered on the web browser, the HTTP command is sent to the
web server which in turn fetches the requested web browser.
Q #10) Define HTTPS.
Answer: HTTPS stands for Hypertext Transfer Protocol Secure. This is basically HTTP over
SSL (Secure Socket Layer) for security purposes. There is always chances of eavesdrop on
data being transferred between a user and the web server when the website uses HTTP
protocol.
Therefore, websites use secure way i.e. SSL encryption of data sent back and forth using
HTTPS protocol. Almost all the websites that require user log in uses HTTPS protocol.
Few Examples are banking websites, e-commerce websites, etc.
Q #11) What are the common problems faced in Web testing?
Answer: Some of the common problems faced in web testing are enlisted below:
Server Problem, which includes server down and server under maintenance problems.
Database connection problem.
Hardware and browser compatibility problems.
Security related problems.
Performance and load related problems.
GUI (graphical user interface) related problems.
Q #12) What is Cookie testing?
Answer: Cookie is said to be a personalized user’s identity or information which is required
to communicate between different web pages as well as track user’s navigation through the
website pages. Whenever we access any website on any web browser, their respective cookie
is written on the hard disk.
Cookies are used to track user sessions, displays ads, remember user’s choice while
accessing any website, remember and retrieve user’s shopping cart, track the unique number
of visitors, etc.
Suppose an e-commerce site is accessible in many countries like US, Canada, Australia and
their testing is done in India. In that case, while testing the e-commerce site for different
countries in India, at first respective countries cookies is set so that actual data like time
zone etc., are accessed of that particular country.
The client-side validation is usually done by script language such as JavaScript, VBScript,
HTML 5 attributes.
24
Q #14) What do you understand by Server-side validation?
Answer: Server-side validation occurs where the validation and processing of user requests
require the response from the server. To understand it more clearly, user’s input is being
sent to the server and validation is done using server-side scripting languages such as PHP,
Asp.NET, etc.
After the validation process, feedback is sent back to the client in the form of dynamically
generated web page.
When compared to the Client Side validation process, Server side validation process is more
secure because here application is protected against malicious attacks and users can easily
bypass client-side scripting language.
Static websites are the one which gives out Dynamic websites are the one where user
information only and there is no sort of interaction is possible between the website and
interaction between the user and the user along with imparting information.
website.
Static websites are cheapest to develop Dynamic websites are more expensive to develop
and host. as well as their hosting cost is also more.
Static websites are easily loaded on client Dynamic websites usually take the time to load
browser because of its fixed content and on client browser because contents to display are
no database connectivity. dynamically created and retrieved using database
queries.
Static websites can be created from HTML, Dynamic websites require server application
CSS and does not require any server language like ASP.NET, JSP, PHP to run the
application language. application on the server and display the output
on the webpage.
Change in the content of the page of any Dynamic website provides facilities to change the
static website; require being uploaded on page content using server application.
server many times.
Q #16) What do you understand by Client-Server testing?
Answer: Client-server application is the one where the application itself is loaded or installed
on a server whereas application EXE file is loaded on all client machines. This environment is
usually used in Intranet networks.
Following tests are performed on a Client-server application:
GUI testing on both client and server systems.
Client-server interaction.
The functionality of an application.
Load and performance testing.
Compatibility testing.
All the test cases and test scenarios used in client-server application testing is derived from
the tester’s experience and requirement specifications.
25
The communication between the main server and client-server is done through a proxy
server as the client request of any connection, file, resources from the main server is sent
through a proxy server and again the response from the main server or local cached memory
to client-server is done through the proxy server.
Some of the most common proxy servers based on their purpose and functionality are listed
below:
Transparent proxy
Web proxy
Anonymous proxy
Distorting proxy
High anonymity proxy
The proxy server is basically used for the following purposes:
To improve the performance of web response.
In case of presence of a document in a cache memory, the response is directly sent to
the client.
Proxy server filters web page content in the form of web proxies.
A proxy server is also used to block offensive web content to be accessed by the user
especially in an organization, school, and college.
Web proxies prevent the attack of computer viruses and malware.
Q #25) What is Database server?
Answer: A Database server can be defined as a server that refers to the back-end system of
a database application that provides database services such as accessing and retrieving data
from the database.
Database server uses client/server architecture where the data can be accessed either
through the database server by a “front end” which runs and displays data on user’s machine
or “back end” which runs on the database server itself.
A database server is like a data warehouse and also holds on Database Management System
(DBMS).
# Verification Validation
26
Verification is the process of evaluating the
Validation is the process of
artifacts as well as the process of software
validating that the developed
1. development in order to ensure that the
software product conforms to the
product being developed will comply to the
specified business requirements.
standards.
27
Ques.8. Explain STLC - Software Testing life cycle.
Software testing life cycle refers to all the activities performed during testing of a software
product. The phases include-
Requirement analyses and validation - In this phase the requirements documents are
analysed and validated and scope of testing is defined.
Test planning - In this phase test plan strategy is defined, estimation of test effort is
defined along with automation strategy and tool selection is done.
Test Design and analysis - In this phase test cases are designed, test data is prepared
and automation scripts are implemented.
Test environment setup - A test environment closely simulating the real world
environment is prepared.
Test execution - The test cases are prepared, bugs are reported and retested once
resolved.
Test closure and reporting - A test closure report is prepared having the final test
results summary, learnings and test metrics.
28
Black box testing - In black box testing, the tester need not have any knowledge of
the internal architecture or implementation of the system. The tester interact with the
system through the interface providing input and validating the received output.
White box testing - In white box testing, the tester analyses the internal architecture
of the system as well as the quality of source code on different parameters like code
optimization, code coverage, code reusability etc.
Gray box testing - In gray box testing, the tester has partial access to the internal
architecture of the system e.g. the tester may have access to the design documents
or database structure. This information helps tester to test the application better.
29
Ques.15. What is a test script?
Ans. A test script is an automated test case written in any programming or scripting
langauge. These are basically a set of instructions to evaluate the functioning of an
application.
30
Ques.23. Give an example of Low priority-Low severity, Low priority-High severity, High
priority-Low severity, High priority-High severity defects.
Ans.
Ques.28. Explain the different types of specification based test design technique?
Ans. Specification based test design techniques are also referred to as blackbox testing. It
involves testing based on the specification of the system under test without knowing its
internal architecture. The different types of specification based test design or black box
testing techniques are-
31
Equivalence partitioning - Grouping test data into logical groups or equivalence
classes with the assumpation that all the data items lying in the classes will have
same effect on the application.
Boundary value analysis - Testing using the boundary values of the equivalence
classes taken as the test input.
Decision tables - Testing using decision tables showing application's behaviour based
on different combination of input values.
Cause-effect graph - Testing using graphical representation of input i.e. cause and
output i.e. effect is used for test designing.
State transition testing - Testing based on state machine model.
Use case testing - Testing carried out using use cases.
1. Unit Testing
2. Integration Testing
3. System Testing
4. Acceptance Testing
1. Big bang Integration Testing - In big bang integration testing, testing starts only after
all the modules are integrated.
2. Top-down Integration Testing - In top down integration, testing/integration starts
from top modules to lower level modules.
3. Bottom-up Integration Testing - In bottom up integration, testing starts from lower
level modules to higher level module up in the heirarchy.
4. Hybrid Integration Testing - Hybrid integration testing is the combination of both Top-
down and bottom up integration testing. In this approach, the integration starts from
middle layer and testing is carried out in both the direction
32
Ques.42. What is stub?
Ans. In case of top-down integration testing, many a times lower level modules are not
developed while beginning testing/integration with top level modules. In those cases Stubs
or dummy modules are used that simulate the working of modules by providing hardcoded or
expected output based on the input values.
33
testers have the understanding of the application. While in case of monkey testing testers
doesn't have any understanding of the application.
34
Ques.96. Explain Agile methodology?
Ans. Agile methodology of software development is based on interative and incremental
approach. In this model, the application is broken down into smaller build on which different
cross functional team work together providing rapid delivery along with adapting to changing
needs at the same time.
1. Product Owner - The product owner owns the whole development of the product,
assign tasks to the team and act as an interface between the scrum
team(development team) and the stakeholders.
2. Scrum Master - The scrum master monitors that scrum rules get followed in the team
and conducts scrum meeting.
3. Scrum Team - A scrum team participate in the scrum meetings and perform the tasks
assigned.
Test closure activities are endowed with the following major tasks:
35
To see which strategic deliverable are really delivered and to safeguard that all incident
To confirm and document the test ware such as writings, testing environments, etc. for
future reuse.
To deliver the test ware to the maintenance team. They will give sustenance to the
software.
To assess how the testing actually went and acquire lessons for upcoming releases and
ventures.
1. What is testing life cycle?
Answer: In general, software testing life cycle is a collection of various steps executed
to ensure that the final product can be of the acceptable quality. The general steps in
STLC include test planning, test analysis, test design, verification and validation and
testing after implementation of the final product. It's important to note that the exact
steps will vary from organisation to organisation because it's mostly defined by the
policies of the organisation related to quality assurance.
36
will be to test the field for usernames with 9 characters and 11 characters. If the test
passes, then you can be reasonably sure that there is no bug.
37
Image Source: Bugzilla.
10. When do you stop testing? ( I mean when do you say, testing is done?)
Answer: Software testing never stops and in fact, should be done as a continuous
process throughout the life of the software. However it's not practical. In reality, the
38
software testing stops when the software meets the defined quality criteria.
14. If you have ‘n’ requirements and you have less time how do you prioritize the
requirements?
Answer: In such a scenario, the most critical requirements need to be finalised with
discussion from the client. In testing, requirements aren't really 'finalised' by the
testing team.
15. What all types of testing you could perform on a web based application?
Answer: A typical web based application may undergo - Functionality, Usability,
Compatibility, Performance (load testing, stress testing), Security testing.
39
Sanity testing is similar - which ensures that the system or product functions without
any logical errors. If you are testing a calculator app; you may multiply a number by
9 and check whether the sum of the digits of the answer is divisible by 9.
Testing takes place from top to bottom. High-level modules are tested first and then low-
level modules and finally integrating the low-level modules to a high level to ensure the
system is working as intended. Stubs are used as a temporary module if a module is not
ready for integration testing.
It is a reciprocate of the Top-Down Approach. Testing takes place from bottom to up. Lowest
level modules are tested first and then high-level modules and finally integrating the high-
level modules to a low level to ensure the system is working as intended. Drivers are used
as a temporary module for integration testing.
In simple words, what the system actually does is functional testing. To verify that each
function of the software application behaves as specified in the requirement document.
Testing all the functionalities by providing appropriate input to verify whether the actual
40
output is matching the expected output or not. It falls within the scope of black box testing
and the testers need not concern about the source code of the application.
In simple words, how well the system performs is non-functionality testing. Non-functional
testing refers to various aspects of the software such as performance, load, stress,
scalability, security, compatibility etc., Main focus is to improve the user experience on how
fast the system responds to a request.
It is also known as pre-production testing. This is done by the end users along with the
testers to validate the functionality of the application. After successful acceptance
testing. Formal testing conducted to determine whether an application is developed as per
the requirement. It allows the customer to accept or reject the application. Types of
acceptance testing are Alpha, Beta & Gamma.
Alpha testing is done by the in-house developers (who developed the software) and testers.
Sometimes alpha testing is done by the client or outsourcing team with the presence of
developers or testers.
Beta testing is done by a limited number of end users before delivery. Usually, it is done in
the client place.
Gamma testing is done when the software is ready for release with specified requirements. It
is done at the client place. It is done directly by skipping all the in-house testing activities.
Smoke Testing is done to make sure if the build we received from the development team is
testable or not. It is also called as “Day 0” check. It is done at the “build level”. It helps not
to waste the testing time to simply testing the whole application when the key features don’t
work or the key bugs have not been fixed yet.
Sanity Testing is done during the release phase to check for the main functionalities of the
application without going deeper. It is also called as a subset of Regression testing. It is done
at the “release level”. At times due to release time constraints rigorous regression testing
can’t be done to the build, sanity testing does that part by checking main functionalities.
41
To ensure that the defects which were found and posted in the earlier build were fixed or not
in the current build. Say, Build 1.0 was released. Test team found some defects (Defect Id
1.0.1, 1.0.2) and posted. Build 1.1 was released, now testing the defects 1.0.1 and 1.0.2 in
this build is retesting.
Repeated testing of an already tested program, after modification, to discover any defects
introduced or uncovered as a result of the changes in the software being tested or in another
related or unrelated software components.
Graphical User Interface Testing is to test the interface between the application and the end
user.
Recovery testing is performed in order to determine how quickly the system can recover
after the system crash or hardware failure. It comes under the type of non-functional testing.
Identify the modules or functionalities which are most likely cause failures and then testing
those functionalities.
42
Perform abnormal action on the application deliberately in order to verify the stability of the
application.
To verify whether the application is user-friendly or not and was comfortably used by an end
user or not. The main focus in this testing is to check whether the end user can understand
and operate the application easily or not. An application should be self-exploratory and must
not require training to operate it.
Security testing is a process to determine whether the system protects data and maintains
functionality as intended.
This type of testing determines or validates the speed, scalability, and/or stability
characteristics of the system or application under test. Performance is concerned with
achieving response times, throughput, and resource-utilization levels that meet the
performance objectives for the project or product.
It is to verify that the system/application can handle the expected number of transactions
and to verify the system/application behavior under both normal and peak load conditions.
It is to verify the behavior of the system once the load increases more than its design
expectations.
Ad-hoc testing is quite opposite to the formal testing. It is an informal testing type. In Adhoc
testing, testers randomly test the application without following any documents and test
design techniques. This testing is primarily performed if the knowledge of testers in the
application under test is very high. Testers randomly test the application without any test
cases or any business requirement document.
43
61. What is Interface Testing?
Interface testing is performed to evaluate whether two intended modules pass data and
communicate correctly to one another.
Bucket testing is a method to compare two versions of an application against each other to
determine which one performs better.
Testing all the functionalities using all valid and invalid inputs and preconditions is known as
Exhaustive testing.
Defects detected in early phases of SDLC are less expensive to fix. So conducting early
testing reduces the cost of fixing defects.
Defect clustering in software testing means that a small module or functionality contains
most of the bugs or it has the most operational failures.
Inspection is a formal meeting lead by a trained moderator, certainly not by the author. The
document under inspection is prepared and checked thoroughly by the reviewers before the
meeting. In the inspection meeting, the defects found are logged and shared with the author
for appropriate actions. Post inspection, a formal follow-up process is used to ensure a timely
and corrective action.
Test strategy is a high level document which defines the approach for software testing. It is
basically derived from the Business Requirement document. Test strategy is developed by
project manager or business analyst. It is kind of static document which sets the standards
for testing so not updated often.
Test plan is derived from SRS (Software Requirement Specification) which is prepared by test
lead or manager. The main goal of test plan is to include all the details related to testing
44
such as what to test, when to test, how to test and who will be the tester. Test plan is often
not updated but if there is some new feature or change is introduced then it has to be
updated accordingly.
Now, let’s make a list of points which are included in both respectively.
1. Scope and objective: The objective of the business and how much testing scope is
there is defined under test strategy.
2. Business Issues: How much is the budget of the project, how much time is required
for testing, how much resources are needed etc. are the part of business issues which
needs to be considered before the actual testing starts.
3. Testing approach: What type of testing is needed (performance, load, stress,
functional etc.) and whether the testing is only manual or automation or both are
some of the crucial points which defines the testing approach.
4. Test deliverables: What are the documents required from the testing team, how they
would keep the record of the testing cycles etc. will be included here.
5. Defect tracking approach: Which tool will be used for tracking the defects and how
will the testing team communicate with the development team and how the flow
would go for defects are decided at this point in test strategy.
6. Training: If there is some complex or new tool is introduced in the business then it is
helpful if the team members are given proper training. What type of training and the
responsible person to conduct such training is defined here.
7. Automation: If the project or business needs automation testing then the script
language, tool used, reporting and code maintained is planned in test strategy.
8. Risks: Nobody can anticipate all the risks beforehand but obvious risks can be
avoided and also solution (if risk occur) can be included in the document for future
help.
1. Test plan ID: This is a unique ID which defines the test plan. It can be a number or
name or mix of both, as per the convenience.
2. Test environment: This section defines what kind of environment is needed for the
testing to carry out. For e.g. in device testing, usually a virtual set up is made to test
emergency calling.
3. Features to be tested/Not tested: This will have all the details about the features which
tester needs to test and what are the feature which are not tested (may be because it
is not yet implemented or not tested for that particular release).
4. Entry/Exit criteria: These are the terms which define when to start or stop the
testing. Standards will be defined under test strategy and followed by testers in test
plan.
5. Status: Whether a test case is passed or failed or not tested, all these test results are
included in test plan with a proper reason.
6. Types of testing: The types of testing required such as regression, functional, non-
functional, stress etc. are defined and then executed by the respective tester.
7. Brief Intro: Brief introduction is also included sometimes so that if any new member
joins the team, he should get an idea how things work.
Basically, test plan is test strategy and test logistics (tools used, environment set up etc.).
Strategy defines what approach should be there for testing and plan has all the details how
45
those approach will be executed in a proper planned way. They both go hand in hand. Test
plan will have all the names of the testers who tested a particular script and also it maintains
cycle numbers so that if some feature fails in this cycle, previous cycle can be referred to see
if that particular feature was passed or failed, in this way it is easy to get the root of the
issue and hence becomes easy to resolve it.
As mentioned above. Test strategy should not be modified very often because it sets some
standards for test plan and if standards are modified frequently then it becomes difficult to
stick to a particular plan and changing plan frequently will affect the quality of the testing.
Sometimes when small requirements are changed, we only need to update the test plan but
test strategy remains the same.
Feel free to discuss your differences on Test Plan and Test Strategy in comments below.
Sharing your own testing experience, tips or testing secrets in comments below will definitely
make this article more interesting and helpful!!
Test Estimation is a management activity which approximates how long a Task would take
to complete. Estimating effort for the test is one of the major and important tasks in Test
Management.
Two questions you can expect from your clients when discussing potential test engagements
are
Resources: Resources are required to carry out any project tasks. They can be
people, equipment, facilities, funding, or anything else capable of definition required
for the completion of a project activity.
Times : Time is the most valuable resource in a project. Every project has a deadline
to delivery.
Human Skills : Human skills mean the knowledge and the experience of the Team
members. They affect to your estimation. For example, a team, whose members have
low testing skills, will take more time to finish the project than the one which has high
testing skills.
Cost: Cost is the project budget. Generally speaking, it means how much money it
takes to finish the project.
46
4.4 How to estimate?
47
4.4.1
Task is a piece of work that has been given to someone. To do this, you can use the Work
Breakdown Structure technique.
In this technique, a complex project is divided into modules. The modules are divided into
sub-modules. Each sub-module is further divided into functionality. It means divide the
whole project task into the smallest tasks.
Use the Work Break Down structure to break out the Guru99 Bank project into 5 smaller
tasks-
After that, you can break out each task to the subtask. The purpose of this activity is create
task as detailed as possible.
48
Analyze software requirement Interview with the developer & other stakeholders to know more abou
specification the website
In this step, each task is assigned to the appropriate member in the project team. You can
assigned task as follows
Task Members
49
Execute the test cases Tester, Test Administrator
There are 2 techniques which you can apply to estimate the effort for tasks
In this method, the Test Manager estimates Size, Duration, and Cost for the tasks
50
Based on the complex of software functions, the Test Manger has to give
enough weightage to each functional point. For example
Group Weightage
Complex 5
Medium 3
Simple 1
51
2. Fund Transfer Manager Customer:A customer can have transfer funds 5
Customer from his “own” account to any destination
account.
Manager: A manager can transfer funds from
any source bank account to destination
account
Saving
Current
52
Or he can have a multiple current and saving
accounts.
Manager: A manager can add a new account
for an existing customer.
Total Effort: The effort to completely test all the functions of the website
Total Function Points: Total modules of the website
Estimate defined per Function Points: The average effort to complete one
function points. This value depends on the productivity of the member who will take
in charge this task.
Suppose your project team has estimated defined per Function Points of 5 hours/points.
You can estimate the total effort to test all the features of website Guru99 Bank as follows:
Complex 5 3 15
Medium 3 5 15
53
Simple 1 4 4
So the total effort to complete the task “Create the test specification” of Guru99 Bank is
around 170 man-hours
Once you understand the effort that is required, you can assign resources to determine how
long the task will take (duration), and then you can estimate labor and non-labor costs.
Above example also shows the importance of the member in your team. If you
have talented and experienced members, you can finish the assigned task in
the small time, and your project will finish at the deadline or sooner.
STEP C) Estimate the cost for the tasks
This step helps you to answer the last question of customer “How much does it cost?”
Suppose, on average your team salary is $5 per hour. The time required for “Create Test
Specs” task is 170 hours. Accordingly, the cost for the task is 5*170= $850. Now you can
calculate budget for other activities in WBS and arrive at overall budget for the project.
As a project manager, you have to decide how to get the most return for your company’s
investment. The more accurate your estimate of project cost is, the better able you will be
to manage your project’s budget.
Three-Point estimation is one of the techniques that could be used to estimate a task. The
simplicity of the Three-point estimation makes it a very useful tool for a Project Manager that
who wants to estimate.
In three-point estimation, three values are produced initially for every task based on prior
experience or best-guesses as follows
54
When estimating a task, the Test Manager needs to provide three values, as specified above.
The three values identified, estimate what happens in an optimal state, what is the most
likely, or what we think it would be the worst case scenario.
Let’s see how to use the above three values in the following example
For the task “Create the test specification”, can you estimate the test effort? Remember
that you have to cover all the modules of the Guru99 Bank website as done in Function
Point Method
You can estimate as following
The best case to complete this task is 120 man-hours (around 15 days). In this
case, you have a talented team, they can finish the task in smallest time.
The most likely case to complete this task is 170 man-hours (around 21 days). This
is a normal case, you have enough resource and ability to complete the task
The worst case to complete this task is 200 man-hours (around 25 days). You need
to perform much more work because your team members are not experienced.
In the above estimation, you just determine a possible and not a certain value, we must
know about the probability that the estimation is correct. You can use the other formula:
55
In above formula, the SD mean Standard Deviation, this value could give you the information
about the probability that the estimation is correct.
Now you can conclude the estimation for the task “Create the test specification”
To complete the task “Create the test specification” of Guru99 Bank website, you need 166.6
± 13.33 Man-hour (153.33 to 179.99 man-hour)
Once you create an aggregate estimate for all the tasks mentioned in the WBS, you need to
forward it to the management board, who will review and approve it.
The member of management board could comprise of the CEO, Project Manager & other
stakeholders.
The management board will review and discuss your estimation plan with you. You may
explain them your estimation logically and reasonably so that they can approve your
estimation plan.
1 Our highest priority is to satisfy the customer through early and continuous delivery of
valuable software.
3 Deliver working software frequently, from a couple of weeks to a couple of months, with a
preference to the shorter timescale.
4 Business people and developers must work together daily throughout the project.
5 Build projects around motivated individuals. Give them the environment and support they
need, and trust them to get the job done.
6 The most efficient and effective method of conveying information to and within a
development team is face-to-face conversation.
8 Agile processes promote sustainable development. The sponsors, developers, and users
should be able to maintain a constant pace indefinitely.
11 The best architectures, requirements, and designs emerge from self-organizing teams.
56
12 At regular intervals, the team reflects on how to become more effective, then tunes and
adjusts its behavior accordingly.
57