Which method systematically scans a computer system or network to find potential vulnerabilities?

  • Compression
  • Encryption
  • Penetration Testing
  • Vulnerability Scanning
Vulnerability Scanning is a systematic approach that uses specialized tools to identify, rank, and report potential vulnerabilities in a computer system or network. It provides an overview of the security flaws but doesn't necessarily exploit them like penetration testing.

In mobile application testing, which tool is often used for testing the performance and load capability of the app?

  • Appium
  • JIRA
  • JMeter
  • Selenium
JMeter is a popular open-source tool primarily used for performance testing. It allows testers to simulate multiple users and test how much load an app can handle, ensuring the app performs well under heavy usage. While it started for web applications, it is now used for mobile application load testing as well.

What's the primary difference between test planning and test strategy?

  • Planning's documentation
  • Planning's scope
  • Strategy's duration
  • Strategy's overarching approach
The primary difference between test planning and test strategy is their purpose and scope. While test planning is a document that outlines the specifics of the testing process for a particular project, test strategy provides an overarching approach to testing across multiple projects or for an entire organization.

Which tool or method would be best for identifying vulnerabilities in a web application's code before it's deployed?

  • Code Review
  • JUnit
  • Selenium
  • Wireshark
A Code Review is a systematic examination of the application's source code. It's conducted to find vulnerabilities or bugs before the app is deployed. While tools like Selenium and JUnit focus on functional testing, and Wireshark on network analysis, only a thorough code review provides insights into code vulnerabilities.

You are assigned a project where components are being developed concurrently by multiple teams. What form of integration testing can ensure that as each piece is completed, it works correctly with the others?

  • Acceptance Testing
  • Big Bang Integration
  • Incremental Integration
  • System Testing
Incremental Integration testing involves testing parts of a system sequentially as they're developed. In environments where multiple teams work on different components, this approach ensures that each new piece integrates smoothly with the existing parts, helping detect issues early and reducing integration risks.

You're in a meeting where a team member presents a portion of the system's design, and the group asks questions to understand and potentially identify flaws. What type of review process is this scenario most similar to?

  • Formal Review
  • Inspection
  • Pair Programming
  • Walkthrough
A Walkthrough is a type of review where the author leads members of the review through the document based on their understanding. It's informal in nature and often relies on scenarios to provide the reviewers with a deeper understanding. The main goal is to gather feedback and achieve a common understanding.

The aspect of Configuration Management that ensures no unauthorized changes have been made to the software is known as _______.

  • Change Management
  • Configuration Auditing
  • Configuration Control
  • Configuration Identification
Configuration Auditing is a critical aspect of Configuration Management. It involves the process of evaluating and examining the configurations to ensure that they align with the approved configuration documentation. Through this, unauthorized changes, discrepancies, or inconsistencies can be detected and addressed promptly.

Which black-box testing technique is based on deriving the test cases from the system requirements?

  • Boundary Value Analysis
  • Equivalence Partitioning
  • Requirement-based Testing
  • State Transition
Requirement-based Testing, as the name implies, involves designing test cases directly based on the system requirements. It ensures that the software system meets and conforms to the specified requirements, making certain that all functionalities are tested as intended.

If a tester deems the defect as not genuine, what status is typically assigned to the bug?

  • Closed
  • Deferred
  • Rejected
  • Reopened
If a defect is considered not genuine or if it's not a real issue, it is typically marked as "Rejected." This status indicates that the defect raised is either not replicable, is intended behavior, or isn't valid in the context it was reported.

Why might an organization prefer Alpha Testing over Beta Testing for certain software products?

  • Alpha Testing is more time-consuming.
  • Alpha Testing is performed without actual users.
  • Alpha Testing offers tighter feedback loops.
  • Beta Testing is restricted to internal teams.
Alpha Testing is usually performed in a controlled environment and involves internal teams. This allows the organization to receive feedback in a quicker and more direct manner. Beta Testing, on the other hand, involves actual users but may introduce challenges in managing feedback and potential public relations issues.