Mastering Web Testing
Duration: 3 Days
While many of the traditional concepts of software testing still hold true, Web sites and Web applications have a different risk profile to other, more mature environments. A typical Web tester now has to deal with shorter release cycles, changing technology, complex hardware and software platforms and an anticipated user base which is uncontrolled and may run into millions. Many testers and test managers are being asked to make the transition from testing traditional client/server, PC, and/or mainframe environments to testing Web sites and applications
The scope of this course covers Web technology, Web architecture and communications, the testing of functional and non-functional requirements such as usability and includes the complex testing activities of performance and security.
Topics Covered In This Course
- Internet and Web History
- Basic Internet Architecture
- Network Protocols
- IP Addresses
- IP, TCP and HTTP
- URLs and DNS
- Intranets and Extranets
- Virtual Private Networks
Code Quality Assurance
- Quality Control and Quality Assurance
- Unit Testing
- Hypertext Markup Language (HTML)
- HTML Validation
- Cascading Style Sheets (CSS)
- Web Open Font Format (WOOF)
- Client-side Scripting
- Extensible Markup Language (XML)
- Document Type Definitions (DTD)
- XML Namespaces
- XML Schema
- Displaying XML with CSS
- Extensible Stylesheet Language (XSL)
- Client Hardware and Software
- Different Browsers (Internet Explorer, Firefox, Chrome, Opera, Safari, etc.)
- Browser Modes
- Internet Explorer 8 and 9 Compatibility View
- Server Software
- Choosing the Test Environment
- Software Combinations
- Software Configuration Tools
- Installability and Serviceability
- Static and Dynamic Links
- Inline Frames
- Navigational Aids
- Internal Search Engines
- Site Maps
- Site Navigation Tools
- Navigational Efficiency
Risk Based Testing
- Test Identification
- Non-Functional Attributes
- Business Impact
- Failure Likelihood
- Test Prioritization
- Client-side and Server-side Validation
- Dynamic HTML
- Document Object Model
- Client-side Pop-ups
- Variable Screen Resolutions
- Client-side Objects
- Java and the Java Virtual Machine
- Server-Side Includes
- Dynamic Page Generation (ASP, PHP, Python, Ruby, etc.)
- Common Gateway Interface (CGI)
- Database Interaction
- Database Middleware
- Interfacing to Back-Office Systems
- Internet Explorer Web Slices
- Maintaining a Session
- Private Browsing
- Shopping Carts
- Multi-Page Transactions
- State Transition Diagrams
- Importance of User Interface
- Actors and Use Cases
- Usability Testing
- Screen Size and Resolution
- Printer Friendly Pages
- Help Systems
- Usability Guidelines
- Performing Usability Tests
- Guidelines for Usability Testing
- Globalization and International Environments
- Color Confusion
- Components of Web Accessibility
- Web Accessibility Initiative
- WAI Guidelines and Techniques
- Web Content Accessibility Guidelines
- Conformance Requirements
- Evaluation Web Sites for Accessibility
- PAS 78
Web Architecture and Communications
- Client Internet Access (fixed)
- Wired Local Area Networks
- Wireless Local Area Networks
- Client Internet Access (mobile).
Performance Test Specification
- Prerequisites to Performance Testing
- The General Process
- Categories of Performance Tests
- Single-Shot/Smoke Testing
- Load and Scalability Testing
- Stress and Hot Spot Testing
- Spike and Bounce Testing
- Integrity Testing
- Defining and Selecting Test Objectives
- Response Time Requirements
- Defining the Workload
- Think Times
- Client Internet Access Speeds ? Fixed and Mobile
- User Geographic Locations
- Background Load.
- Identifying Data Requirements
- Specifying the Test Environment
- Selecting the Loads to Run
- Sampling Errors
- Load Generation Options
- Network Considerations
- Load Generator Calibration.
- Running the Tests
- Measuring the Load
- White-Box and Black-Box Measurements
- Full-Blown and Focused Testing
- Phased Load Testing
- Response Time Graphs
- Margins of Error
- Diagnosing Performance Problems
- Troubleshooting Strategies
- Improving Performance.
- Scalability Testing Objectives
- Server Scalability
- Server Farms and Load Balancing
- Web Site Mirroring
- Web Site Caching.
Reliability and Availability
- Categories Of Tests
- Low Resource Testing
- Endurance Testing
- Volume Testing
- Network Quality Of Service
- Server Failover Testing
- Where is the Problem
- Security Policies
- Hackers and Crackers
- Security Testing Techniques
- Manual Inspections & Reviews - Gap Analysis
- Threat Modelling - Attack Trees
- A Framework for Testing.
- IP v4 and v6
- Transmission Control Protocol, Three-Way Handshake
- IP Spoofing
- Secure Sockets Layer, Transport Layer Security
- Encryption, Public Key Infrastructure
- SSL and TLS Sessions
- Wireless Encryption.
- What Firewalls Can and Can?t Do
- Packet Filtering, Screening Routers
- Proxy Servers
- Network Address Translation
- Virtual Private Networks
- Firewall Configurations
- Mapping Out the Network Topology
- IP Address Inventory, Ping Sweeps
- Service/Socket Inventory, Port Scanning
- Hardening the System Software
- Web Application Fingerprinting
- Testing for Error Code
- Testing for Weak Cipher Levels and SSL Certificate Validity
- Application Code, Server Logs
- Intruder Detection Systems.
- Default or Guessable User Accounts
- Brute Force
- Direct Page Requests
- Parameter Modification
- Session ID Prediction
- Password Remember and Reset
- Social Engineering and Insiders
- Logout Testing
- Cached Pages.
- Analysis of Session Management
- Cookie Reverse Engineering
- Cookie Manipulation by Guessing
- Cookie Manipulation using Brute Force
- Exposed Session Tokens.
Data Validation Testing
- Cross Site Scripting
- HTTP Methods and Cross Site Tracing
- SQL Injection
- Testing for Authorisation Bypass Attacks
- Testing for SELECT Statement Attacks
- Testing for INSERT Statement Attacks
- SSI Injection
- Dynamic Code
- Buffer Overflows.
What You Can Expect
In this course, you will learn how to:
- Understand the different technologies used in Web environments.
- Communicate adequately with appropriate technical personnel to ensure that the correct test environments are set up.
- Perform a simple risk analysis to identify and prioritise tests.
- Create appropriate tests, test cases and test scripts.
- Execute tests in a controlled manner using the correct setup conditions and inputs.
- Understand the nature, availability and limitations of Web testing tools.
- Examine performance requirements and ensure that the requirements are realistic and achievable.
- Understand how to test a site?s reliability and scalability prior to release.
- Examine a security policy and specify the types of tests necessary to ensure that the requirements contained in the policy are being met.
Who Should Take This Course
Software testers, members of QA teams and test managers.
A basic knowledge of the Internet and software testing.
Instructor led with 60% lecture and 40% lab.
Web Software Testing
Software Testing Considerations for Developers
Web Services Testing with soapUI
Software Testing/User Acceptance Testing Fundamentals
Software Testing and Quality Assurance Techniques
Every student attending a Verhoef Training class will receive
a certificate good for $100 toward their next public class taken
within a year.
You can also buy "Verhoef Vouchers" to get a discounted rate for a
single student in any of our public or web-based classes.
Contact your account manager or our sales office for details.