Top Real-Time Software Testing Interview Questions and Answers – Part 1

1. What are the three types of authentication?

• Authentication is crucial to security, ensuring that only authorized users gain access to systems, applications, and data. There are three main types of authentication methods:

Something You Know:

• This type of authentication relies on information that the user knows.
• Examples: Passwords, PINs, security questions, or passphrases.
• Advantages: Easy to implement and use.
• Disadvantages: Can be vulnerable to social engineering, phishing attacks, or being guessed.

Something You Have:

• This type of authentication depends on something the user possesses.
• Examples: Physical tokens, smart cards, mobile devices, security keys, or one-time password (OTP) generators.
• Advantages: Adds a layer of security that is more difficult to breach compared to just using passwords.
• Disadvantages: Can be lost, stolen, or damaged, and may require additional hardware.

Something You Are:

• This type of authentication uses the inherent characteristics of the user.
• Examples: Biometric authentication methods such as fingerprints, facial recognition, iris scans, voice recognition, or behavioural biometrics.
• Advantages: Provides a high level of security since biometric traits are unique to individuals.
• Disadvantages: It can be more expensive to implement and may have privacy concerns; some biometric systems can be tricked or spoofed.

2. What is a critical bug?

• A critical bug is a bug that impacts a major functionality of the application. This means affecting a large area of the functionality or breaking any functionality; there is no other method to overcome this problem. The application cannot be delivered to the end user unless the critical bug is fixed.
• For example, on a shopping website like Amazon, the following bugs will be classified as critical:

            Cannot log in to your account.

            Cannot checkout.

            The system crashes after payment.

            The product's price is not displayed.

Major:

• A major defect is a defect that leads to the failure of a crucial part of the application.
• For example, on a shopping website like Amazon, the following bugs will be categorized as major:

            Search results do not match the search query.

            Cannot use debit cards during checkout. (But can use credit cards and other payment options).

            Product reviews are not displayed.

Minor:

• A minor defect is a defect that causes problems in some unimportant or niche functionality of the system.
• For example, on a shopping website like Amazon, the following bugs will be deemed minor:

            Cannot search past orders that are more than a year old.

            Cannot compare more than three products at a time.

            Thumbnails of product photos uploaded by users are unclear.

3. What are the impacts caused by a failure in white box testing?

• White-box testing is a software testing method that focuses on the internal structure of the code.
• This type of testing is often used to identify defects in the code, such as logic errors, syntax errors, and data-handling errors.
• If defects are not identified and fixed early in the development process, they can be more expensive to fix later on. This is because it may take longer to find the root cause of the defect, and the fix may require changes to more code.

4. What bugs mainly come in Web testing?

• Issues in the navigation of the application - The flow of the site is not consistent.
• Usability - The application is not user friendly and the interface is not easy to understand, or navigate and is not extractive.
• Cosmetic Issues and GUI Issues - Cross browser application does not have a consistent look and feel, and Field level validations are not working.
• Functional Issues.
• Performance issues - How much time it takes to display the page to the user.
• Load - How much load an application can handle at any point in time.
• Stress - At how much load the application will crash.
• Flow of data - Information which is entered by the user is stored in the correct format.

5. What is Usability testing in web testing?

• Designers should always remember that the experience of the user on their website must be as pleasant as possible. How the user interacts with the website is very important.
• While doing usability testing of a web application:

           Font of the fields.

           Colour of the validation messages and fields.

           Mandatory fields should be in an asterisk symbol.

           Alignment of the fields.

           Showing the Next/previous link in a data grid if the application count reaches 10.

           Navigational link.

           All pages should have a heading consistently.

           User-friendly validation messages in each and every operation.

           Size, shape and arrangements of Iframe, panel, tables, text boxes, radio buttons etc.

6. What are the typical problems in web testing?

• Security: Authentication Issues, data not encrypted, User privileges leaks, SQL injection can done, cross side scripting, cookie testing etc.
• Session Issues: Session of page not maintained.
• GUI issues: Page resize issues, alignment of page, page refresh issues, look & feel, broken links, bad hyperlinks, spelling etc.
• Pages on the website are not properly validated and do not conform to industry standards (CSS, HTML/XHTML).
• The application's business logic is not proper.
• User inputs are not properly validated.
• User inputs do not meet technical specifications.
• Error messages are not generated or are incorrect.
• Web page design (fonts, colour scheme, layout) does not meet requirements.
• Broken links.
• Feeds do not work properly.
• Pages are not accessible to the visually impaired.
• Copyright information is incorrect.
• Images have not been optimized or do not otherwise meet requirements.
• Cookies don't work properly.
• Web clients can't handle some of the messages returned by the server.
• Pages don't render properly with some operating systems and/or browsers.
• Data obtained through web pages are not captured and/or stored properly in the database.
• It takes too long for some pages to render.
• Performance lags when there are numerous simultaneous users.
• Users have inappropriate access to roles or content.
• User problems with login (password strength, failure to track login attempts, etc).
• Concurrency issues (session problems) when multiple users are on the same page and/or when a single user is on multiple windows of the same page.
• The server log does not properly track transactions.
• The website does not properly use SSL.

7. There are 3 mandatory fields and 3 optional fields: How many possible test cases can be written?

• Submit the page with empty optional fields and verify whether the validation messages are shown for optional fields.
• Each time leave any one of the optional fields, submit the page and verify whether the validation messages are shown.
• Submit the page with empty mandatory fields and verify whether the validation messages are shown for mandatory fields.
• Each time leave any one of the mandatory fields, submit the page and verify whether the validation messages are shown.

8. Examples of Severity and Priority of all combination

       Priority is how soon the issue needs to be resolved. Severity defines the impact of the issue.

• High severity low priority: Logo of the company.
• High severity high priority: Submit button of login page not working or page not displaying.
• Low severity high priority: Cosmetic error or spelling mistake on the login page. It's a small bug but has high priority as it's on the main login page.
• Low severity low priority: spelling mistakes in text of home screen.

9. What is RTM? How is it useful in testing?

• The Requirement Traceability Matrix (RTM) captures all requirements proposed by client or development team. Used to check all testcases are covered, so that no functionality should miss.

10. The exact difference between alpha and beta testing

• Alpha Testing: Pre-release testing by end-user representatives at the developer site.
• Beta Testing: Done by a selective group of users (Normal Users). For example: Apps like Yahoo Messenger, and Firefox release their beta version to users and get their feedback.

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

API Testing Using Postman – Part 5: Advanced Examples & Real-Time Scenarios

 Two types of scripts in postman:

1. Pre-request script (It will run the script before execution)
2. Test script (it will run the script after execution)

Order of execution:

 Pre-request --> Request --> Response--> Test script

Execute the pre-request script and test script in 3 levels.

1. Collection level
2. Folder level
3. Request level

• If we give scripts in pre-request and test scripts at all levels. The order will be executed in the following manner.
• Collection -> Folder-> Request (until this pre-request) -> Request -> Response -> Collection -> Folder -> Test script.

Variables:

• Variables are created to reduce the effort in updating data every time. In Postman, we are also creating variables to update data every time.
• For example, some parts of the URL are common across all the requests ("https://localhost3000"). This can be stored in one variable and can be used anytime whenever we want.
• If localhost number 3000 changes also, we can update the variable, it's a one-time update and can be updated everywhere.

Types of variables:

1. Global - Accessible in Workspace
2. Collection - Accessible within the collection.
3. Environment - Accessible in all collections, but we need to switch to a particular environment.
4. Local - Accessible only within the request (Specific to Request).

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

API Testing Using Postman – Part 4: Advanced Scenarios & Real-Time Examples

 Here we are validating 5 types of response in the output.

1. Status code
2. Headers
3. Cookies
4. Response time
5. Response body

• To test the above validations we have something called "Assertions" in Postman. Assertion is nothing but a validation point. To add this validation we have one library in Postman called "pm".In this, we have so many functions available. By adding some parameters to these functions we can validate the above responses.

Testing Headers:

• We can check static values present in the header.
• We are checking whether the text is present in the header as well as the text assigned to the header.

Testing Cookies:

• Every time, the cookies we get are not constant. So we are using two types of assertions. One is to check whether that cookie is present and another is text present for that cookie.

Testing Response time:

• We are checking whether the API is running in the expected time. we don't know the exact time every time, So we are giving min or max time to validate the time.

Testing Response body:

• Sometimes the response in the body is not static values, it will be dynamic sometimes. So, we are validating only the static values or content in the response body.

validating the Response body in 3 categories.

1. Validating the type of values.
2. Validating the values assigned.
3. Validating JSON Schema.

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

API Testing Using Postman – Part 3: Advanced Scenarios & Real-Time Examples

HTTP vs HTTPS:

• We have 2 types of URLs. One is HTTP and the other is HTTPS.

1. HTTP(Hypertext transfer protocol) will give the data to the client without any security(without password encryption).
2. HTTPS(Hyper Text transfer protocol secure) will give the data to the client with some security (password encryption).

• URL is divided into 3 parts:

1. URL: Uniform Resource Locator
2. URI: Uniform Resource Identifier
3. URN: Uniform Resource Name

Feature & Resource:

• The feature is the term which is used in manual Testing to test some functionality. Resource is the term used in API Automation Testing referring to some functionality.

Payload: payload is the body HTTP Request and Response message.

Request payload: In the Request payload, we send the request in the request body using HTTP/HTTPS Request.

Response payload: In the response payload we will get the response in the format of HTTP Response which contains the status code, Response payload and string message.

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

API Testing Using Postman – Part 2: Advanced Scenarios and Interview Q&A

•  API helps to communicate between two different applications and also which are coded in 2 different languages.
• For example, Google developed maps that contain open-source APIs. Maps are not only used by Google but also by different applications such as whatsapp, FB, snap etc.

• API vs Webservice: API is a request which will be developed offline without using of public server and Webservice is also an API but it is deployed in the server and made available for the public.
• All Webservices are API but all APIs are not Webservices.
• An API is called a Webservice when an API is deployed in a public server and makes it available for everyone.

Two Types of API:

1. Simple Object Access Protocol(SOAP). (XML format)
2. REST(Representational State Transfer). (JSON, XML, etc.)

• SOAP is a very old tool and it is difficult to understand the request and response sometimes.
• Currently, we are using REST services. we have 4 major commands to request or to get the response.

1. GET - used to get the requested info from the Database.
2. POST - used to create a new item in DB.
3. PUT - used to update the existing item in DB.
4. DELETE - used to delete existing items from DB.

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.