Sunday, August 15, 2010

Test case Review Checklist

High level checklist of test cases review is as follows:

1. All the requirements mentioned in FRS are covered.
2. All negative scenario tests are covered.
3. Boundary Value Conditions are covered. i.e Tests covering lower/upper bounds are covered.
4. Data Validity tests are covered
5. All the GUI related test cases (if mentioned in FRS) are covered
6. To check is there any invalid Test case
7. To check is there any redundancy in Test cases
8. To check the Test case Priority
9. To check Narration of Test case
10. To check no major scenarios is missing in test cases
11. Test step is written complete and understandable
12. Clear Expected result is mentioned for each step
13. Checking for all text/ grammatical errors
14. Length of test steps is appropriate or not
15. Information related to setup of test environment, pre-requisties, what are the success/ Failed end condition

Check list can be vary upon the types of test cases that is functional , regression, perfomance etc.

Monday, August 9, 2010

What is a vulnerability?

A vulnerability is a flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy.
A threat is a potential attack that, by exploiting a vulnerability, may harm the assets owned by an application (resources of value, such as the data in a database or in the file system). A test is an action that tends to show a vulnerability in the application.

What is Penetration Testing

A penetration test is a method of evaluating the security of a computer system or network by simulating an attack. A Web Application Penetration Test focuses only on evaluating the security of a web application.
The process involves an active analysis of the application for any weaknesses, technical flaws, or vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution.