Analysis and solution of Software Evaluator (PM) test questions in the second half of 2012

Real title three (17 points): Read the following instructions, answer questions 1 to 4, fill in the answer sheet in the corresponding column.

Description: An enterprise wants to develop a business-to-consumer system, its main purpose is to sell goods and services online, so that customers can browse and buy goods services online. The system's user it skills and access to the system vary widely, so the system's ease of use, security, compatibility and other in-person testing is critical.

System Requirements:
(1) All links should be correct;
(2) support different mobile devices, operating systems and browsers;
(3) The system needs to be accessed via SSL, and the user without login cannot access the content inside the app.


Question 1 (5 points): A brief description of the purpose of the link test and the main content of the test.
Question 2 (4 points): A brief description of what compatibility is to be tested in order to achieve the system requirements (2).
Question 3 (4 points): This system emphasizes security, briefly describes what the Web application security test should consider.
Question 4 (4 points): For system requirements (3), design test cases to test the security of your Web App.


Solution Analysis:
This exam examines the content of Web application testing. Web application Testing In addition to the traditional software system testing performance testing, stress testing, but also need to test the link, browser and security, and many other aspects.

question 1 Answer:
The parent of the link test is to ensure that the Web application functionality is successfully implemented. The main test of link test is as follows 3 aspects:
(1) Whether the link can link to the linked page;
(2) the linked page exists;
(3) test if there are orphaned pages. That is, only pages that are accessible through a specific URL.


Question 2 Answer:
Browser compatibility testing, operating system compatibility testing, mobile terminal browser testing, print testing, and more.


Question 3 Answer:
Web Application Security system testing can be done from a variety of aspects such as deployment and infrastructure, input validation, authentication, authorization, configuration management, sensitive data, session management, encryption, parameter manipulation, exception management, auditing, and logging.


Question 4 Answer:
1, SQL injection test case: Enter the correct user name, enter in the Password input box: Enter ' or ' 1 ' = ' 1 in the Password field, click Login.
2. Cross-site Scripting attack test case: When performing the new operation, enter <script>alert ("Hello") in all input boxes; </script> and then execute new or save.
3. Test SSL: https://of URL of a link is replaced by/HTTP.
4, Content access: Https://domain/foo/bar/content.doc (note the domain name and path for the application domain name and path).
5. Content URL copy: Copy the URL of the login, close the browser and reboot and paste the URL into the address access bar to access internal content.

2012 second half of the Software evaluator (PM) questions analysis and Answers