Software testers, test analysts and test managers.
The course is generic and not based on any software or hardware platform.
A basic knowledge of software testing.
Lecture presentations are supported by practical exercises allowing reinforcement of learning and enhancement of the understanding process. Delegates will use a number of specially designed training applications to carry out hands-on testing.
Testing shows the presence, not the absence, of bugs. How many times have you heard that? The trick, however, is finding critical bugs - and quickly. There are many techniques available to a tester but deciding which to use under different sets of circumstances can be daunting. Do you just use the ones you know and hope for the best?
This course introduces the latest software testing standard ISO/IEC/IEEE 29119 and then concentrates on the techniques contained in the standard. Additionally, two areas of non-functional testing which are of increasing importance - usability/accessibility and security penetration testing - are included, with no specialised knowledge required.
At the end of this course attendees will be able to:
- Understand the testing process as defined in the standard and how it fits into a development cycle.
- Choose suitable test techniques for the level of testing to be undertaken, taking into account project constraints and the software quality required.
- Carry out testing using the chosen techniques and produce appropriate test documentation.
- Understand how to perform usability and accessibility testing.
- Provide support for a security penetration testing effort.
Testing and Quality
Software quality, ISO 9126.
Quality control and quality assurance.
What do we test against?
What do we test with?
The Testing Process
Development process (Waterfall, Incremental, RAD, Agile).
Levels of test.
The testing process, ISO/IEC/IEEE 29119.
Dynamic test process documentation.
Structure-based Testing Techniques
Data flow testing.
Specification-based Testing Techniques
Classification tree method.
Boundary value analysis.
State transition testing.
Decision table testing.
Combinatorial test techniques.
Experience-based Testing Techniques
Common failure modes.
Testing without requirements.
Guidelines for using automated testing.
Criteria for automating.
Usability and Accessibility Testing
General usability testing.
Use case analysis.
Performing usability tests.
Components of Web accessibility.
Web accessibility initiative.
Web content accessibility guidelines.
Application Security Testing
Client attacks - text input and drop-down lists.
Credentials transport testing.
Testing for user enumeration.
Brute force attacks.
Password remember and reset.
Logout testing, cached pages.
Session hijacking and session fixation.
Testing for SQL injection.
Testing for authorisation bypass attacks.
Testing for SELECT statement attacks.
URL-based SQL injection.
Testing for INSERT statement attacks.
Cross site scripting, phishing.
Reflective and persistent cross site scripting.
HTTP methods and cross site tracing.