Software testing

Questions and Answers

What does the Model in the Model-View-Controller (MVC) pattern manage?

User input interpretation

Data presentation

User interface layout

Data and application logic (correct)

Strict layering in software design always prevents performance bottlenecks.

False

Name one modern framework that has evolved from the MVC pattern.

React or Angular

In the MVC pattern, the __________ is responsible for interpreting user inputs.

Controller

Match the following components of the MVC pattern with their responsibilities:

Model = Manages data and application logic View = Displays data and manages UI Controller = Handles user inputs and commands

What has MVC's evolution in modern frameworks allowed for?

Dynamic UI updates through data bindings

Legacy banking software typically experiences complicated layering issues.

True

What does the 'View' component in MVC do?

Manages how data is displayed

What is white-box testing mainly concerned with?

Examining the internal structure and code

Regression testing ensures that new code changes negatively impact existing functionality.

False

What responsibility do all team members share in a DevOps environment?

Developing, releasing, and supporting the software

In DevOps, it is stated that everything that can be __________ should be automated.

automated

Which of the following is a benefit of Test-Driven Development (TDD)?

High code coverage

Match the testing approaches with their definitions:

White Box Testing = Tests the internal structure and code of software Regression Testing = Ensures new changes do not impact existing functionality Test-Driven Development = Practices writing tests before code DevOps = Emphasizes joint responsibility and automation in software development

Measuring before making changes is not a key principle of DevOps.

False

What is the primary goal of inspections?

To ensure compliance with specifications and identify defects

Peer code reviews are highly formal and follow strict procedures.

False

What role does automated testing play in DevOps?

It minimizes manual interventions in the testing and deployment processes.

List two types of reviews mentioned in the content.

Quality Reviews, Progress Reviews

In inspections, the ______ examines artifacts for defects.

inspection team

Match the review types with their characteristics:

Quality Review = Assesses artifacts against quality standards Progress Review = Evaluates progress and identifies risks Inspection = Formal process focused on defect detection Walkthrough = Informal session for feedback and knowledge sharing

Which role is NOT typically involved in inspections?

Presenter

Walkthroughs are structured processes similar to inspections.

False

What is the primary purpose of a walkthrough?

To gain feedback and detect potential issues

What is a goal of security testing?

To ensure the system can prevent unauthorized access

Automated security testing tools do not help in identifying new risks as they emerge.

False

What approach does risk-based testing prioritize?

High-risk areas

Netflix uses ________ testing to identify capacity thresholds and optimize server allocation.

load

Match the following stages of automated testing with their descriptions:

Arrange = Set up test parameters and prepare the environment Action = Execute the test with specific inputs Assert = Verify the output against the expected result

Which automated tool is mentioned for scanning web applications for vulnerabilities?

OWASP ZAP

EBay does not use test automation for its e-commerce platform.

False

What does automated testing enhance in software testing?

Efficiency

Which of the following is a reason to refactor a monolithic application into microservices?

Independent scaling of specific components

Microservices architectures are always less complex than monolithic architectures.

False

What is a primary advantage of using monolithic architecture for small-scale applications?

Simplicity and lower initial cost

Microservices enhance __________ by allowing failures to be contained within individual services.

reliability

Match the benefits with their corresponding descriptions:

Scalability = Components can be scaled independently Deployment Flexibility = Independent and targeted updates Reliability = Failure containment in services Simplicity = Easier management for small applications

What is a disadvantage of moving to microservices?

Increased complexity in communication between services

Microservices are beneficial for applications requiring high deployment frequency.

True

When is it generally preferable to use a monolithic architecture?

For small-scale or MVP applications

Study Notes

Layering Challenges

• Strict layering in software architecture can pose restrictions, potentially leading to workaround solutions.
• In web applications, strict layering might result in performance bottlenecks due to overheads when processing heavy database operations.
• Real-world systems often face challenges maintaining clear separation between layers, leading to complex dependencies.
• Legacy banking software systems frequently encounter issues during upgrades due to interconnected layer dependencies.

MVC Pattern for Separation

• MVC stands for Model-View-Controller and its primary purpose is to separate data (Model), user interface (View), and user interactions (Controller).
• This pattern proves particularly beneficial when user interfaces undergo frequent changes or require multiple views.
• Web applications are classic examples where the data model remains consistent while the views adapt for various devices.
• In the Model, application logic manages data and applies rules.
• The View focuses on displaying data visually.
• The Controller interprets user input, communicating commands to both the Model and View.

Modern MVC Evolution

• Client-side frameworks like React and Angular employ a "MV*" approach, often substituting traditional controllers with bidirectional data bindings.
• This facilitates more dynamic UI updates, enhancing responsiveness in user interfaces.
• Backend frameworks, including Spring MVC and Django, leverage MVC principles to support APIs that provide data to various front-end clients.
• These frameworks often integrate RESTful services, enabling the decoupling of data from presentation for broader reuse.
• Notably, Netflix utilizes a modified MVC approach where microservices manage data (Model) while the View adjusts dynamically based on devices like TVs, mobile phones, and web.

Test-Driven Development (TDD)

• TDD prioritizes writing tests before writing the actual code.
• Key Benefits
  • Code Coverage: TDD ensures high code coverage by requiring every piece of code to have a corresponding test, effectively catching issues early and enhancing the overall health of the codebase.
  • Regression Testing: With TDD, a growing suite of regression tests serve as a safety net against unforeseen errors whenever new code is added.
  • Scalability Impact: Through TDD, performance bottlenecks can be identified, enabling improvements in scalability to ensure the system remains responsive and reliable under increased demand.
• Example: TDD practices are critical for projects like Apache Kafka, where each messaging protocol is comprehensively tested using TDD to maintain data integrity.

Importance of Testing

• White-box testing involves examining the internal structure and code of the software.
• Testers with access to the source code, algorithms, and internal logic perform white-box testing.
• This approach specifically tests cases that execute different code elements, including functions, lines, statements, and branches.
• Regression testing involves retesting existing software to ensure that new code changes or modifications haven't negatively impacted the existing functionality.
• It also aims to verify that previously fixed bugs haven't reappeared.

DevOps Principles

• DevOps emphasizes collaboration, automation, and continuous improvement in software delivery.
• Key DevOps principles:
  • Shared Responsibility: All team members are responsible for the entire development life cycle, including development, release, and support.
  • Automation: Everything that can be automated should be automated, including testing, deployment, and support tasks.
  • Data-Driven Improvement: DevOps is driven by monitoring data, collecting metrics, and analyzing them to inform decisions regarding processes and tools.

Security Testing

• Security testing aims to ascertain that a system prevents unauthorized access and safeguards sensitive information.
• It typically involves simulating various attacks to identify potential vulnerabilities.
• Risk-based testing prioritizes areas deemed most critical, such as user authentication and payment processing, to ensure robust protection.
• Real-world examples: Healthcare applications often employ risk-based testing, prioritizing patient data privacy as a high-priority.
• Automated security testing, utilizing tools like OWASP ZAP, allows continuous monitoring and rapid identification of new risks.

Test Automation Benefits

• Efficiency: Automated testing significantly reduces manual effort, particularly for repeated tests, leading to faster development cycles.
• Repeatability: Automated tests are highly valuable in CI/CD (Continuous Integration/Continuous Deployment) pipelines where frequent testing is essential.
• Stages of Automated Testing:
  • Arrange: Setting up test parameters and preparing the environment.
  • Action: Executing the test by running the software with specific inputs.
  • Assert: Verifying the test output against the expected results.
• Example: eBay utilizes test automation to streamline testing across its e-commerce platform, leveraging automation for regression tests to ensure new features don't disrupt core functionalities.
• This approach enables faster rollouts of new features without compromising on quality.

Review Types

• Reviews (Formal or Informal)
  • Purpose: Serve as a mechanism to gain feedback and identify potential issues.
  • Structure: Often conducted in meetings, where team members discuss artifacts including code, designs, documentation, or simply progress.
  • Types:
    • Quality Reviews: Focus on assessing whether an artifact meets established quality standards
    • Progress Reviews: Evaluate the overall progress and identify potential risks or blockers.
    • Peer Code Reviews: Emphasize improving code quality, readability, and adherence to coding best practices.
  • Formality: Range from informal sessions to more formal procedures, including documentation of action items and recommendations.
• Inspections (Formal)
  • Purpose: Provide a formal and rigorous way to identify defects in software artifacts and ensure compliance with specifications before moving to the next development phase.
  • Structure: Follow a structured, multi-phase process:
    • Preparation: Selecting materials and organizing the inspection team.
    • Inspection Meeting: Utilize a pre-defined checklist to meticulously examine artifacts for defects.
    • Post-Inspection: Addressing the identified issues and documenting the findings.
  • Roles: Distinct roles within the inspection team, including Moderator, Author, Reader, Inspector, and Recorder, contribute to objectivity and a thorough review.
  • Formality: High degree of formality, pre-defined roles and procedures, resource intensive, but effective for early error detection
• Walkthroughs (Informal)
  • Purpose: Informal collaborative sessions for gaining feedback and identifying issues early in the development process.
  • Structure: The artifact's creator or presenter leads the team through the material, explaining design decisions and rationale, while team members provide feedback and ask questions
  • Roles: Typically less formal than inspections, with primary roles like Author or Presenter, Moderator, and Recorder.

Microservices Architecture

• When to move to Microservices
  • Scalability: When specific components of an app need to scale independently, enabling optimization of resource allocation.
  • Deployment Flexibility: When frequent updates and rapid deployments for individual services are essential.
  • Reliability: For fault tolerance and resilience, minimizing the impact of failures in one service on other components.
• Monolithic vs. Microservices
  • Monolithic Advantages: Simplicity and lower initial cost, particularly for small-scale or MVP (Minimum Viable Product) applications.
  • Microservices Advantages: Enhance scalability, flexibility, and reliability, making them suitable for complex, evolving applications.
• Disadvantages of Microservices
  • Increased Complexity: Inter-service communication, data consistency, and distributed debugging introduce challenges.
  • Deployment & Monitoring: Complex deployment orchestration and centralized monitoring require dedicated tools and strategies.
  • Operational Overhead: Requires higher operational overhead compared to monolithic architectures.