Free ISTQB ISTQB-CTFL Practice Exam with Questions & Answers | Set: 2

ATDD stands for Acceptance Test-Driven Development, which is a collaborative approach to software development and testing, in which the acceptance criteria of a user story are defined and automated as executable tests before the implementation of the software system. ATDD tests are usually written in a Given-When-Then format, which describes the preconditions, the actions, and the expected outcomes of a test scenario. ATDD tests are intended to verify that the software system meets theexpectations and the needs of the users and the stakeholders, as well as to provide feedback and guidance for the developers and the testers. Based on the given information, the ATDD test that is most likely to be written first is the one that corresponds to option B, which is:

Given the logged-in user is on the Change Password page When the user enters the correct current password, enters a valid new password (different from the last 5 passwords), and presses the Change Password button Then the user receives an email confirming that the password has been successfully changed

This ATDD test is most likely to be written first, because it covers the main functionality and the happy path of the user story, as well as the most important acceptance criterion [a]. It also verifies that the user can change the password with a valid new password that meets the criteria related to the length, the type of characters, and the history of the passwords, as specified in the acceptance criterion [c]. The other options are not likely to be written first, because they either cover less critical or less frequent scenarios, such as entering a wrong current password [d] or an invalid new password [e], or they are not related to the user story or the acceptance criteria at all, such as submitting a purchase order [d]. References: ISTQB Certified Tester Foundation Level (CTFL) v4.0 sources and documents:

ISTQB® Certified Tester Foundation Level Syllabus v4.0, Chapter 1.3.1, Testing in Software Development Lifecycles1

ISTQB® Glossary of Testing Terms v4.0,Acceptance Test-Driven Development, User Story, Acceptance Criterion, Given-When-Then2

The correct outcome of a two-value boundary value analysis applied to the password length is the set of test cases represented by option D. Boundary value analysis is a test design technique that focuses on the values at the boundaries of an equivalence partition, such as the minimum and maximum values, or the values just above and below the boundaries. A two-value boundary value analysis uses two values for each boundary, one representing the valid value and one representing the invalid value. For example, if the valid range of values is from 4 to 7, then the two values for the lower boundary are 3 and 4, and the two values for the upper boundary are 7 and 8. The test cases in option D use these values for the password length, while also satisfying theother requirements of the password, such as containing at least one numeric character, one capital letter, and one lowercase letter. The test cases in option D are:

1RhT: a 4-character password that is valid

rSp53: a 5-character password that is valid

3N3e10: a 6-character password that is valid

8sBdby: an 8-character password that is invalid The test cases in the other options are incorrect, because they either use values that are not at the boundaries of the password length, or they do not meet the other requirements of the password. For example, the test cases in option A are:

1xA: a 3-character password that is invalid, but it does not contain a capital letter

aB11: a 4-character password that is valid

Pq1ZZab: a 7-character password that is valid

7iDD0a1x: an 8-character password that is invalid References: ISTQB Certified Tester Foundation Level (CTFL) v4.0 sources and documents:

ISTQB® Certified Tester Foundation Level Syllabus v4.0, Chapter 2.2.1, Black-box Test Design Techniques1

ISTQB® Glossary of Testing Terms v4.0, Boundary Value Analysis, Equivalence Partition2

Statement Testing is a type of white-box testing technique where the test cases are designed based on the implementation of the software, specifically aiming to execute every statement in the code at least once. This falls under the category of structure-based testing (also known aswhite-box testing), where the internal structure of the system is used to design test cases. Therefore, option D is correct​​.

The question is about marking the correct sentences among the given statements related to defects, failures, and mistakes. According to the ISTQB glossary, the definitions of these terms are1:

Defect: A flaw in a component or system that can cause the component or system to fail to perform its required function, e.g. an incorrect statement or data definition. A defect, if encountered during execution, may cause a failure of the component or system.

Failure: An event in which a component or system does not perform a required function within specified limits.

Mistake: A human action that produces an incorrect result.

Therefore, out of the five given statements, only two are correct, namely:

A human mistake may produce a defect: This is true, as a mistake is a source or cause of a defect, e.g. a programmer may make a mistake in writing a code statement, which results in a defect in the software component.

When a defect exists in a system it may result in a failure: This is true, as a defect is a potential or actual cause of a failure, e.g. a defect in the software component may cause the system to fail to perform a required function when the defect is encountered during execution.

The other three statements are incorrect, namely:

Defects are a result of environmental conditions and are also referred to as “Failures”: This is false, as defects are not a result of environmental conditions, but of mistakes or other factors, and defects are not the same as failures, but rather the causes of failures.

A system will totally fail to operate correctly when a failure exists in it: This is false, as a system may not necessarily fail completely or stop operating when a failure occurs, but may continue to operate with reduced functionality or performance, or with incorrect results.

Defects occur only as a result of technology changes: This is false, as defects can occur due to various reasons, not only technology changes, such as human mistakes, design flaws, requirement changes, hardware failures, etc.

References:

1: ISTQB Glossary of Testing Terms 4.0, 2023, available at ISTQB) and ASTQB).

The extent of testing required for a software product depends on various factors, such as the level of risk, the budget, and the time available. The level of risk reflects the potential impact of failures on the stakeholders and the environment. The budget determines how much resources can be allocated for testing. The time available defines the schedule and deadlines for testing activities. The particular tester involved in testing is not a deciding factor for the extent of testing required, as testing should be based on objective criteria and not on personal preferences or abilities. Verified References: [A Study Guide to the ISTQB® Foundation Level 2018 Syllabus - Springer], Chapter 2, page 14-15.

Comprehensive and Detailed In-Depth Explanation:Maintenance testing is carried outwhenever changes are made to an existing system, including enhancements, defect fixes, and system migrations (C). It is not limited to adaptive maintenance (A) and is needed even when no defects are reported (B). Test cases are essential to validate fixes and prevent regressions (D).

Comprehensive and Detailed In-Depth Explanation:Checklist-based testingusesspecific test conditions(B) that help testers ensure key aspects are validated. The checklist items can be derived from past defects, requirements, or regulatory standards.

(A) is incorrectbecause general guidelines lack specificity.

(C) is incorrectbecause checklists can be used for both manual and automated testing.

(D) is incorrectbecause checklists are useful for both functional and non-functional testing (e.g., security, performance).

Checklistshelp ensure completenesswithout enforcingstrictly scriptedexecution.

The activities of checking test results and logs against specified coverage criteria, assessing the level of component or system quality based on test results and logs, and determining whether more tests are needed fall under the category of test monitoring and control. This phase involves ongoing assessment and adjustment of the test activities to ensure they meet the test objectives and quality goals​​.

When a manager asks when testing will be complete, the most appropriate and informative resource to provide an answer is test progress reports (Option A). Test progress reports contain detailed information on the status of testing activities, including what has been accomplished, what remains to be done, the results of the tests conducted, and any issues or risks that might impact the completion of testing. These reports allow for an informed assessment of the testing progress and estimation of when testing might be completed. Options B, C, and D do not provide the structured, detailed, and specific information required to accurately answer the manager's question about the completion of testing.

Statement D is correct. According to the ISTQB CTFL syllabus, both black-box test techniques (which focus on testing without internal knowledge of the application) and experience-based test techniques (which rely on testers' experience and intuition) can be applied to both functional and non-functional testing. Functional testing is concerned with what the system does, whereas non-functional testing looks at how the system performs under certain conditions. These techniques are versatile and can be employed to address both these aspects​​.