Certified Secure Software Lifecycle Professional certification dumps- Set 1

What is Testing Artifacts?

Test Artifacts are simply integral part of software testing. These are generally set of documents, which software project tester gets during STLC (Software Testing Life Cycle).As we know that , there are a variety of software tests to ensure that software is in a secured state. The quality assurance team is responsible for testing and managing software testers who are going to be working on projects all throughout the software development life cycle process. Throughout the development process artifacts are generated.

What are the examples of Artifacts?

Examples of artifacts include a use case diagram, or a class diagram, or a UML diagram. The case diagram describes use cases, the class diagram describes the systems classes, while a UML diagram provides a visual representation of the system.

Explain Test Plan Artifact?

Testing Team creates artifacts throughout the software development life cycle process that support the design and development of software testing. One such artifact is the test plan. The test plan identifies objectives of the software test. There are 3 components to a test plan: the test requirements, the test methods that will be used in testing, and the test coverage, which is what will be covered by the test.

Explain traceability matrix.

The traceability matrix correlates software’s design documents to the test documents. It’s very important that we understand which part of the software design relates to the test design. If the design gets changed , it may have an impact on the test which may need to be changed in order to meet the new design. With a traceability matrix we can trace the test all the way back to its root design element.

Explain about Functional Testing.

Functional Testing is a testing process carried out by developers to confirm the software functions as expected by the end-user, as it’s documented in the software applications design specifications. Different types of functional testing include, in no specific order, unit testing, smoke testing, regression testing, usability testing, integration testing and sanity testing.

In Functional Testing, We determine the intended functionality by referring to the defined requirements for the software. Next we create input tests that test any data input within the various functions. Functional Testing should also include logic testing. Logic testing seeds are stepping through the code manually or with a debugging tool. The goal is to verify the application logic, for example, verifying conditional, branching.Different types of functional testing include, unit testing, smoke testing, regression testing, usability testing, integration testing and sanity testing.

Explain Non-functional Testing.

Non-functional testing involves testing software for its non-functional requirements, verifying the behavioral characteristics of software and systems. With this type of testing we’re generally concerned with testing how well or how fast a system works.Non-functional Testing helps in assuring the reliability and security of the software.

Explain ISO 9126 Software Quality Model.

ISO 9126-1 provides six primary quality characteristics. First, there’s functionality. This is the set of required functions for a product or service, along with the properties of each. These include suitability, accuracy, security, interoperability and functionality compliance.


Question: Which type of functional testing has test cases that include line coverage, code path coverage, and method coverage?

Unit testing

Usability testing

Ans – Unit testing

UNIT TESTING is a type of software testing where individual units or components of a software are tested. The purpose is to validate that each unit of the software code performs as expected.

Question: What process can be performed on real production data in order to develop useful data for complex environments?

Anonymize real data

Encrypt real data

Ans – Anonymize real data

Question: Which of these are typical states in the remediation of bugs?

Ignore the issue

Removal of data

Mitigation of responsibility

Mitigation of defect

Ans – Ignore the issue

Mitigation of defect

Question: Which of these are testing artifacts?

Test reports

Test scripts

Test method

Test cases

Ans – Test scripts

Test cases

Question: Which standard has DIACAP been replaced by?

Security management framework

Risk management framework

Ans – Risk management framework

Question: Which type of functional testing establishes a benchmark for the performance of the application?

Baseline testing

Stress testing

Ans – Baseline testing

Question: Which of these are valid primary quality characteristics suggested by the ISO 9126-1 software quality assurance standard?





Ans – Reliability



Question: Which two dimensions does SSE-CMM define to gauge an organization’s capability to perform specific activities?





Ans – Capability


Question: Which of the four phases of the OSSTMM methodology include a posture review, logistics, and active detection?

Interactive Controls Test Phase


Ans – Regulatory

Question: Which types of boundaries should be subject to environment testing to ensure adequate security?

Code boundaries

Security boundaries

Trust boundaries

Ans – Security boundaries

Trust boundaries

Question: Which are advantages of white-box testing?

Tests performed from the user’s perspective

More thorough testing

Allows for earlier testing

Ans – More thorough testing

Allows for earlier testing