Success Story of Mr. Nandan Darpineni-Testing Engineer shared on 19th April 13:

Hi Sir !!!! I cleared my exam with good percentage and your wesite softwaretestinggenius.com was really very useful. I am very thankful that I found your website Software Testing Genius as soon as I googled for ISTQB certification preparation.I am working as Software developer on Core Java platform. I wanted to change my domain to testing and I decided to do this certification. I prepared on my own from the book written by Dorothy Graham and other authors. I have gone thru all 935 questions in you website and it was very very helpful in clearing the exam.I would suggest even my friends who are aspiring to clear the exam to go thru your website,since its very useful as a mock. Its really a great work done by you sir.Thank you.

Published with the consent of Mr. Nandan Darpineni nandiniph@gmail.com
******************************************************************************

"New Study Material For ISTQB - Foundation Level CTFL Exams with 1145 Nos. Unique Questions and For Remaining 3 Advanced Level CTAL Certification Exams" ******************************************************************************
An Insight to Usability Testing being the Most Indispensible in Software Testing

The satisfaction of a software product truly lies in is its capability to provide not only due satisfaction rather a sense of delight to the users. Hence usability attributes for any software product are reflected by its understandability, ease of learning, operability & ease of communication as practically realized by the users.

The approach to usability testing uses methodologies to gather data according to the groups of the end users who use the software product with an objective of doing certain tasks which represent the ultimate usage. Participants in the usability tests are carefully short listed being the true representative of the final group of users.

Elements of Usability Testing:
Usability testing has different elements when related to the interests of designer, developer, & software testing engineers.

1) Development of a test objective: Applicable to designers & software testing engineers;

2) Using representative sample of end users: Applicable to software testing engineers;

3) Building environment for the test representing the actual work environment: Applicable to designers & software testing engineers;

4) Documentation of observations of the users who either review or use a representation of the product: Applicable to developers & software testing engineers;

5) Collection, analysis, & summarization of qualitative & quantitative performance & preference measurement data: Applicable to designers, developers & software testing engineers;

6) Making recommendations for improvement in the software product: Applicable to designers & developers;

There are four types of usability tests as described in the following table. These tests encompass the entire usability testing that can take place all cross the software life cycle

As the demand for e-business & e-commerce is growing and more and more other applications are getting Web access, the need for having secure systems too is growing. Thus security-testing experts too are getting smarter in planning attack-driven testing aimed to ultimately plug the security holes before attackers find them. Breach in security could be due to various reasons, ranging from incidental mistakes, over fun, to serious crime.

Before we elaborate different black-box techniques used in security testing, let us try to have an insight into an important testing technique known as fuzz testing.

Fuzzing or Fuzz testing is a typical Black-box software testing methodology. It was developed & taught by Prof. B Miller in the Univ. of Wisconsin way back in 1988.

Fuzzing is a powerful automated software testing technique that encompasses several boundary cases using invalid data as an application input to ensure the absence of exploitable vulnerabilities. It can take the data from files, network protocols, API calls & other sources as well.

Different black-box techniques used in security testing are:

1) Fuzz Testing: The objective of fuzzing is to pump in enormous amount of data to a system in order to crash it, therefore revealing security & reliability problems in the software, networks or the operating system. The random data inputted to the system is known as “fuzz”.

Before drawing a comparison among these two visibly similar but fairly distinct terms let us understand the test automation process in totality.

We know that before executing the test cases, lot of groundwork related to setting up of several test prerequisites need to be done. This type of groundwork is usually termed as pre processing activity that is essentially done before the test execution can begin.

Similarly after the execution of the test cases, certain set of activities related to management of test result artifacts become essential. The management of such activities is termed as post processing.

Automation engineers usually go in for a common mechanism to automate all these pre & post processing activities. Performing these activities manually is extremely time consuming as well as prone to errors. Thus having an automation system for these in place, the new test cases just need to specify these tasks, instead of prescribing full details of their implementation.

We can’t say that we are doing automated testing if the tester has to be involved at regular intervals during a series of tests simply to restore data, etc. We can’t expect to have an unattended overnight testing if some sort of manual intervention is required.

Following picture describes various tasks necessary to perform a number of test cases and how automated testing is different to having automated tests. Major difference lies in the automation of the pre and post processing activities. For distinction, the automated processes have been shown in yellow, while manual processes have been shown in blue.