*********** API testing *****************
Good and the
questions were
1.
Introduction -
2. Most
complicated area if your project...ways to handle
3. API
VARIABLES - https://help.mabl.com/docs/using-variables-with-api-tests
https://help.mabl.com/docs/using-variables-with-api-tests
4. API
status codes https://www.softwaretestinghelp.com/rest-api-response-codes/
5. Database
queries for top record- select Max(sal)
from emp; select ename,sal from (select ename,sal from emp order by sal DESC)
where rownum=1;
6. To fetch
6th row from employee table; select *
from (select rownum,emp.* from emp) where rownum=6;
7. Login
page test scenario- https://sampletestcases.com/login-page/
8. Process
of QA- https://www.browserstack.com/guide/setup-qa-process#toc2
9. API put
and patch difference- PUT handles updates by replacing
the entire entity, while PATCH only updates the fields that you give it.- https://stackoverflow.com/questions/28459418/use-of-put-vs-patch-methods-in-rest-api-real-life-scenarios
https://www.geeksforgeeks.org/difference-between-put-and-patch-request/
10. How
would you proceed with missing user story- It
simply returns to the Product Backlog. From
there, the Product Owner will assess whether it's still of business value to
complete and will order it accordingly.
11. Database
query - to edit/Update something - https://www.w3schools.com/sql/sql_update.asp
12. Blocker
example in your testing. And, how u managed to come out- https://www.softwaretestinghelp.com/dealing-with-a-blocker-defect/
13. From
where do you get to know that your api request is successful
https://docs.beeswax.com/docs/api-requests-and-responses
s it was already
mentioned in the question, you
can check the response status.
·
2xx statuses considered as successful,
·
3xx can be also turn out as successful, you should use
followRedirect.
14. Adhoc
and Exploratory testing https://www.geeksforgeeks.org/difference-between-adhoc-testing-and-exploratory-testing/
15. How can
you check page load performance? Right-click
and select “Inspect.” Go to the “Network” tab in the pop-up window. As your web
page loads, you can see all the information, including the load time
Consider the word
"path" - a way to get to a location. Path parameters should describe
how to get to the location/resource that you interested in. This includes
directories, IDs, files, etc.
/vehicles/cars/vehicle-id-1
Here, vehicle-id-1 is a path
parameter.
Consider the word
"query" - I think of it as asking a question about the path i.e. is
my path blue, does my path have 100 results.
/vehicles/cars/vehicle-id-1?color=blue&limit=100
Here color=blue and limit=100 are the query parameters, which help
describe what we should do once we get to our resource: filter out blue ones,
and limit them by 100 results.
What
would you do if you are completely blocked for testing? –blocker defect
Login
page scenarios
GUI & Functionality:
- Minimum
and Maximum lengths should be set for all the text boxes
- Password
should be displayed in masked format rather than showing actual text
format
- Login
credentials in UPPER case should not be treated as invalid
- Validation
message should be shown when special characters are entered in the
username field, or when invalid username and/or password is entered or the
fields are left blank
- Reset
button should clear data from all the text boxes in the form
- Login
credentials, especially password, should be stored in database in
encrypted format
Security:
- When
logged in user copy URL and paste in new browser window, it should
redirect to Login page
- Users
should not be allowed to copy and paste Password from text box
- Notification
email for multiple device login - if user login from unusual
device/machine
- Entering
Login credentials using virtual keyboard should be provided for banking
application
- After
3 or 5 unsuccessful attempts of login, user login credentials should get
locked for specific period e.g. 24 hours
- SSL
certificate should be implemented/installed for Secured Website
- SQL
injection attacks & XSS should be verified for login
- Two-way
authentication through OTP on mobile/email should be tested for banking
application
Session:
- After
logout if user clicks on back button user should not be able to login
within same session, it should redirect to login page
- If
user logged in on multiple devices and Logout from one device then it
should Logout from all platform/devices
- Maximum
Session out time should be set for Secured website
Browser:
- If
Browser cookies are cleared and user tries to login, the system should ask
for credentials again
- ‘Remember
Form Data’ setting of the browser should not remember the password
- Validate
the login functionality when browser cookies are turned OFF
How
Databse is used in your project?
1.
I used MYSQL databse in my previous project
2.
We have access to QA environment Database (read
access only)
3.
We use database for searching driver details and
mobile details, app version details
4.
We check data base when they add/update any new
columns as per the requirement
Connection
of database to login page?
what
would you do if any bug is found in production
http://thethinkingtester.blogspot.com/2019/06/what-to-do-when-theres-bug-in-production.html
1. A new build released to test team
2. Test team start testing
3. Test team finish the testing and report the
test result
4. No critical issue founds
5. Go-decision made
6. Product is released and Champagne is opened
…A few days later…
7. A user reports an important bug.
2.
First of all, try to
assist to resolve that bug as soon as possible. At this time, do not find the
responsibility of each person. Then find the root cause of that bug.
There will have 2 cases for that:
1. If bug because of our mistake,like test coverage is not enough, our mistake
when we did execution… try to find the screenshot, email, test evidences for
it, and explain why the bug escapes to production. Always acquiesce the mistake
if that is our mistake.
3. 2. If that is a new bug, try to assist
developer to resolve it immediately. Sometimes bug comes from the different of
test env and production env, different between test data and migrate data, try
to find the root cause and explain to customer.
What
were good and bad in your project?
1.
Unstable Test Environment 2. Tight Deadlines 3.
Wrong Testing Estimation 4. Last-Minute Changes to Requirements 5. You may Test
the wrong things 6. Lack of Communication
https://www.gcreddy.com/2022/07/challenges-in-software-testing.html
https://www.browserstack.com/guide/challenges-faced-by-qa
POSTMAN
response codes and methods
200: This code is
used for a successful request.
201: For a successful
request and data was created.
204: For empty
response.
400: This is used
for Bad Request. If you enter something wrong or you missed some
required parameters, then the request would not be understood by the server,
and you will get 400 status code.
401: This is used for Unauthorized
Access. If the request authentication failed or the user does not have
permissions for the requested operations, then you will get a 401 status code.
403: This is
for Forbidden or Access Denied.
404: This will come
if the Data Not Found.
405: This will come
if the method not allowed or if the requested method is not supported.
500: This code is
used for Internal Server Error.
503: And this code is
used for Service Unavailable.
The most commonly used HTTP methods are GET, POST, PUT,
PATCH, HEAD, DELETE, and OPTIONS.
GET to
Retrieve a resource,
POST to
Create a resource,
PUT to Update a resource, and
DELETE to Delete a resource.
Use
of developer tools
There are
many ways to open the Developer Tools:
- Press the F12 key;
- Press a key combination of Ctrl +
Shift + I;
- Make right-click on the element of
the page>view page source
- Browser menu>More
tools>Developer tools
http://thethinkingtester.blogspot.com/2019/11/six-ways-chrome-devtools-can-help-with.html
1.
Inspect an HTML Element
2.
Edit HTML Elements
3.
View HTTP requests
4.
Simulate device frames
5.
Simulate performance on slower networks
6.
Investigate page load errors
What would you do if page loads slowly?
·
Identify your business
objectives
·
Identify KPIs for
application and web performance
·
Pick a load test tool
·
Create test case
·
Understand your load
environment
·
Run the load test
incrementally
·
Always keep your
end-users in mind
1. What was the toughest time in
your project and how did you overcome it?
Drive the vehicle on road when whenever there is a production
deployment
One of the biggest work challenges I’ve overcome happened at
my last job. Two team members were let go and I was left with the workload of
three people. I fell behind and knew I couldn’t keep up in the long term, so I
asked my manager for help. We came up with a solution that involved hiring,
getting temporary help from another team, and streamlining our team’s processes
to be more efficient, too. The experience taught me a lot in terms of
communication and problem solving, and I think I’m even better prepared for the
next problem or challenge I’ll face since I overcame that previous obstacle
despite it feeling hopeless initially.
2. How do you prioritize the
issues?
https://disbug.io/en/blog/prioritize-bugs#:~:text=for%20prioritizing%20bugs%3A-,1.,also%20be%20given%20high%20priority.
1. Bugs
that affect core functionality or negatively affect users should be given the highest
priority.
2. Bugs
that are affecting a small number of users but are causing significant
problems should also be given
high priority.
3. Bugs
that are not causing any harm but are still affecting the system or
users should be given a lower
priority.
3.
How do you give severity (critical,major,minor,low )to the issues?
https://www.softwaretestinghelp.com/how-to-set-defect-priority-and-severity-with-defect-triage-process/
4.
Login functionality test scenarios
https://www.linkedin.com/pulse/test-scenarios-login-page-jasdeep-kaur/
5.
What will you do if some new requirements are added in last moment?
1. This is not acceptable as this can make impact
on the product
2. Immediately escalate this matter
3. Ask why this is added and what is the impact
in it
4. QA should ask seperate estimation to test it
https://www.softwaretestingclass.com/what-can-be-done-if-requirements-are-changing-continuously/
follow Agile Development process might be the GOOD option to go with
because it allows you change in requirements in late in Software Development
process as well, it is intended for that. Also the end user or customer
involvement is on all stages, so customer is aware of what is implementing
& if they want to changes in requirement or add new requirement then it can be
easily accommodate
5. What would you do if page loads
slowly?
If you are trying to check the resources on your page with the actions
performed while loading, open developer tools on Google Chrome(F12) and go to
Performance Tab>> Click Record and reload the page, stop it and see the
breakdown time wise.
You can go onto Audits tab and start a new
audit to see detailed performance of your page.
BrowserStack's Speed Lab is one such website speed
test tool. It allows teams to check a website's loading time across real
desktop and mobile devices as well as browsers
8. What
is the bug management tool you use? JIRA and gitlab (JIRA integrated
with gitlab)
9. What is the most important step in STLC? IPDER
Phase 1: Requirement Analysis.
Phase 2: Test Planning.
Phase 3: Test Case Development.
Phase 4: Test Environment Setup.
Phase 5: Test Execution.
Phase 6: Test Cycle Closure.
Test execution is, without doubt, the most critical phase in the
STLC. It is the process of executing the code and comparing the expected and
actual results.
10. How do you choose a testing strategy? What are some
examples?
We can categorize the testing
strategies as below:
1.
White box
[If developers have provided the ability to access the application code]
a.
Making changes in back-end & verifying
behavior in font-end
i.
An automation testing company would perform UI,
Database and API testing if there is access to application code, database &
other endpoints.
2.
Black box
[If developers have not provided the ability to access the application code]
a.
This type of testing is included where
functional testing services are provided & it includes testing the
application from a UI perspective without going into code
i.
Examples: Regression testing, user acceptance
testing, smoke testing, sanity testing, etc.
What process you follow for in QA – Agile process
https://www.browserstack.com/guide/setup-qa-process
1.
Analyze Requirements.
It costs more to fix a bug that has been detected during testing as compared to
just preventing them at the stage of requirements design. ...
2.
Plan the tests. ...estimation
3.
Design the tests. ...test
case writing
4.
Execute Tests and
Report Defects. ...test case execution and defect reporting
5.
Run Re-Tests and
Regression Tests. ...retest and regression test
6.
Run Release Tests…..sanity
after release
What
do you think that what is necessary in SDLC process
It is necessary to review the design, verify its testability, check whether the design
architecture meets all functional and non-functional requirements. Also, QA specialists make Data Flow Diagram
(DFD) together with UI/UX designers and document it.
https://www.mindfulqa.com/qa-sdlc/
https://www.toolsqa.com/software-testing/software-development-life-cycle/
There
are one user story and something is missed in that particular functionality.
Then how will you proceed
"All incomplete
Product Backlog Items are re-estimated and put back on the Product
Backlog."
in case stories are not completed, you have two options.
1. Split
2. Carry forward
https://www.scrum.org/forum/scrum-forum/25587/how-handle-stories-were-not-completed
What
do you understand by Regression test
Regression testing is testing existing software applications
to make sure that a change hasn't broken
any existing functionality
How
will you check page load performance
Chrome
-> Right Click -> Inspect Element -> Network Tab. When you load
a page there is a nice report for the timeline of the page showing the actual
page load time, css, js etc.
How
can you proceed with Performance testing
https://www.guru99.com/performance-testing.html
https://www.softwaretestinghelp.com/manual-performance-testing/amp/
Performance
Testing is a
software testing process used for testing the speed, response time, stability,
reliability, scalability, and resource usage of a software application under a
particular workload
How
you proceed if any bug is found in production
Why
we use developer tools – to debug application
Developer tools (or "development tools" or short
"DevTools") are programs that allow a developer to create, test and
debug software. Current browsers provide integrated developer tools, which
allow to inspect a website.
How
you deal with issues that come in
production
Note: Please make sure that your Google Meet link is
accessible before joining the interview call.
https://www.scrum.org/forum/scrum-forum/6171/what-do-if-team-cannot-finish-all-items-sprint
https://www.scrum.org/forum/scrum-forum/6660/how-defects-should-be-handled-scrum
********** Mobile and API Testing ***************
At what stage which testing is performed ?
Unit Testing : Done by developers during the
development phase
Integration testing: Done by developer and tester by
integrating all modules
System testing: Done by tester, how app is
behaving in the system
Acceptance testing: Done by customer
Sanity- after new feature deployment, Smoke-build
veification , Regression- new features against old featues , Integration-
involves integrating the various modules of an application and then testing
their behaviour .
How long is your sprint duration ? 2 weeks
What are the OS in mobile testing ? android, IOS, blackberry and
windows
PAN number textbox field verification , inline message ,
regex API testing when to perform , Before or after functional ( before functional testing API
testing should be done)
Valid Test Cases
Verify the pan number field by entering the ten characters
long valid pan number.
Verify first five characters should be any upper case
alphabets.
Verify next four characters should be any number from 0 to
9.
Verify that the last(tenth) character should be any upper
case alphabet.
Check that the Pan number should not contain any white
space.
Check that alert message when the user enters an invalid
Pan card number.
Check that all the alphabet should be in Upper case only.
Invalid Test Cases
Verify the pan card field by entering the pan number which
is less than 10 digits.
verify the field by entering the pan number which is
greater than 10 digits.
verify the field by entering the pan number first five char
in lower case.
Verify the field by entering the pan number which is white
space.
Verify the 10 digits by entering the number.
Verify the field by entering the pan number which contains
all the alphabet in lower case.
How you receive builds for testing mobile application ?
For android Beta tester option
should enable for recent build or dev team will send the APK to QA team with
updated changes, For IOS, they will deploy the beta build into test flight
any medium through which new build is received? We have a separate slack group for
receiving the builds
Tool used for API testing ? Postman
different methods in API testing ? get, post,put,delete (retrieve, create, update,delete)
if app not launching is a BE or FE issue ? Back end/Front end – back end
issue-api calls
how will you debug
issues in mobile app ios/android? Using server logs (req/response)
how will you categorize bug
found while testing mobile app . FE , BE- page not loading-nework tab
api calls, (back end issue),buttons, text not displaying ( front end issue)
Based on previous
projects () explain any critical feature flow .
Various challanges faced while testing- Auto lauch in Core for tech
Sanity , Smoke , Regression , Integration .
How long is your sprint duration in Agile and
what are the roles and responsibilities as a tester ?
2 weeks sprint will be there, tester roles will be
like, after test estimation, writing test cases for new feature, executing
testcase, after code freeze, running regression suite, then deployment and then
sanity check
What are the OS in mobile testing ? iOS 16 vs. Android 13
API testing when to perform , Before or after
functional-Before
How you receive builds for testing mobile
application ? any medium through which new build is received ? slack channel
Tool used
for API testing ? postman
different
methods in API testing ?
if
app not launching is a BE or FE issue ?
how
to check issue if its FE or BE issue ?
what are the various components(parameters) of
an API request .
https://rapidapi.com/blog/api-glossary/parameters/
An HTTP
method
describes what is to be done with a resource.
There are four basic methods also named CRUD operations:
GET to Retrieve a resource,
POST to Create a resource,
PUT to Update a resource, and
DELETE to Delete a resource.
An endpoint
contains a
Uniform Resource Identifier (URI) indicating where and how to find the resource
on the Internet. The most common type of URI is a Unique Resource Location
(URL), serving as a complete web address.
Headers
store
information relevant to both the client and server. Mainly, headers provide
authentication data — such as an API key, the name or IP address of the
computer where the server is installed, and the information about the response
format.
A body
is used to
convey additional information to the server. For instance, it may be a piece of
data you want to add or replace.
error codes in api testing
:200, 400-cliient side, 500-server side
NOT_IMPLEMENTED
(501)
TOO_MANY_REQUESTS (429)
METHOD_NOT_ALLOWED (405)
NOT_FOUND (404)
UNAUTHORIZED (401)
what are different types of testing that comes
under Mobile testing (approaches)
Functional Testing- validates the
software against the functional requirements
Interruption Testing- ensures that an app
handles interruptions without failure
Localization Testing- technique to verify
software behavior for specific locations and regions
Speed Testing- measures the speed
between your device and a test server, using your device's internet connection
Memory Leak Testing- application,
resulting in hangs, buffering, or crashes
Usability Testing- process of testing
your product with real people
Performance Testing- testing technique
that determines the speed, scalability, and stability of an application under a
given workload.
Security Testing- checks whether software
is vulnerable to cyber attacks
--------------------------------------------
Introduction then explanation of your last project along with roles and responsibilities
2. If PAN Card is correct but still shows error then is it frontend issue or backend issue
3. Which Method is used for creating entity in database
4. How will you debug an issue in mobile if you found an issue
5. Which steps you follow if customer reported any issue
6. What is the functionality of PUT Method
7. How will you address the issue if you found on mobile application
8. What type of scenarios you will follow to test the PAN CARD verification functionality
9. Process follows in previous project
10. Agile methodology and approaches
11. status codes and what will be the status code if you created a resource successfully
-----------------------------------------
