With the unprecedented rise of e-commerce and other startups like online travel and insurance companies, the demand for web testing engineers is growing by leaps and bounds. And this is what led us to write this software testing article that covers the most frequently asked web testing interview questions.
By writing this post we thought to help a large number of Web application testers. Since the scope of web testing is far-flung, we tried to include questions from all the key areas. For example, we’ve added a variety of question types such as testing HTTP/HTTPS sites, checking broken links, validating browser/platform compatibility, and cross-site scripting.
Next, these web-testing interview questions foil the primary skill for a QA job profile. But there are other skills you need like manual testing expertise for test planning/execution, knowledge of automated testing, and tools.
Top Interview Questions for QA Engineers in Web Testing
Before you begin with the questionnaire, just read this message to ensure success in a job interview.
The secret of acing a job interview is to stop believing in luck and start believing in yourself. Best wishes.
Q-1. What is the scope of Web Testing?
Ans. Web testing is the name given to Software Testing that focuses on testing web-based applications.
Before going to the production environment, the test team performs exhaustive testing of the web applications. It helps to uncover different issues in the application related to functionality, web application security, web service testing, problems during integration, environmental issues, and its ability to handle the user load. These issues if remain uncovered may get exposed to the public. Thus efforts are made in this stage of testing to find out the possible bugs.
Q-2. What are the most common issues seen in web testing?
Ans. The following issue may crop up when you do web testing.
1. Functional Issues.
2. Problems that occur while navigating an application.
3. Usability issues like broken links, form fields missing default focus, tab key not working, and all keyboard shortcuts not fully functional.
4. Cosmetic and GUI issues.
5. Performance issues – How much time it takes to display the page to the user?
6. Load – How much load an application can handle at any point in time.
7. Stress – Load that causes an application to crash.
8. The flow of data – Storing of information entered by the user in the correct format.
9. Proper static information is not displayed along with text fields to enter data.
Q-3. Explain the difference between HTTP and HTTPS.
Ans. Following are the key differences between HTTP and HTTPS.
- HTTP stands for Hypertext Transfer Protocol which is a set of rules for passing information back and forth between clients and web servers. HTTPS refers to a combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) transport mechanism.
- HTTP uses port number 80 whereas, HTTPS uses port number 443.
- HTTP supports the mechanism of sending a file to the client asking for it only if an update is there. Whereas, HTTPS encrypts user page requests and decrypts the page response that the web server returns.
Recommended – REST API Interview Questions and Answers
Q-4. List down the key web application testing techniques.
Ans. Following is the list of standard testing techniques that we apply to test any web application.
1. Functional Testing – includes link testing, form validation, search operations, and navigation testing.
2. Security Testing – includes authorization checks for secure pages, verifying access control and the user making direct entry to the internal page or redirecting to the login page, checking if the session expires after it remains idle for a pre-defined time, and testing virus attacks.
3. Database Testing – includes verifying data integrity on creating, updating, or deleting data in the database, obtaining a correct result on executing heavy queries, retrieving data from the database, and representing on the web pages correctly.
4. Performance Testing – Check response times of applications under different speeds of connections, verify if the site handles many simultaneous user requests at the same time, check how the site handles large input data from users, and check how the site pulls through if a crash occurs due to peak load.
Next, there are some which ensure a good user experience.
5. Usability Testing – includes navigation testing to verify that the Menus, Links, or buttons on web pages move to the correct pages, and content testing to identify all the spelling and grammatical errors present on the page.
6. Compatibility Testing – includes verification of OS compatibility, browser compatibility, and mobile browsing.
7. Interface Testing – verifies that communication towards all three servers – The Web, Application, and Database Server is working fine. Check if any request interrupts in-between then how the application is responding. Handle any error from the web or database server to the application server and display the correct error message to the user.
Q-5. List the main differences between client-server, the web, and desktop applications.
Ans. The following are the key differences between them.
Desktop application.
1. The application runs in single memory with Front-end and Back-end in one place.
2. It has a single user only.
Client/Server application.
1. The application runs on two or more machines.
2. It is menu-driven.
3. Works in connected mode ( that means connection exists until logout).
4. It has a limited number of users.
5. it has less number of network issues as compared to the web app.
Web application.
1. The application runs on two or more machines.
2. It is URL-driven.
3. It uses a web browser as the client interface.
4. Works in disconnected mode (stateless).
5. It has an unlimited number of users.
6. It has many issues like hardware compatibility, browser compatibility, version compatibility, security issues, and performance issues.
Q-6. Can you tell us a few scenarios for testing a web application?
Ans. While testing a web application, you need to consider the following areas.
1- Functionality verification.
a) Testing Links which include.
i. Internal Links.
ii. External Links.
iii. Mail Links.
iv. Broken Links.
b) Form validation includes.
i. Field validation.
ii. Display error message for wrong input.
iii. Verification of optional and mandatory fields.
c) Database.
i. Testing the database integrity.
d) Cookies.
i. Testing will be done on the client system side, on the temporary Internet files.
2- Performance verification.
Performance testing can be applied to understand the website’s scalability or to benchmark the performance in the environment of third-party products such as servers and middleware for potential purchases.
a) Connection Speed.
Testing was done on various networks like Dial-up, and ISDN.
b) Load.
i. A Huge number of users accessing the application at the same time.
ii. Check for peak loads and how the system behaves.
iii. A Large amount of data accessed by a user.
c) Stress.
i. Apply continuous load on the system.
ii. Verify the performance of memory, CPU, and file handling.
3- Usability.
The characteristics of a system are measured.
i. Ease of use.
ii. Navigation.
iii. Content completeness and correctness.
iv. General appearance.
4- Server Side Interface.
To verify that communication is proper on this interface. Test the compatibility of the server with software, hardware, network, and database.
5- Client-Side Compatibility.
Testing is done on different platforms using various browsers.
6- Security.
Security testing involves the following.
i. Network Scanning.
ii. Vulnerability Scanning.
iii. Password Cracking.
iv. Log Review.
v. Integrity Checkers.
vi. Virus Detection.
Q-7. What are the different configurations that a tester should consider while testing a web application?
Ans. The following key factors need consideration while testing an application.
1. Hardware platform: different users may use different platforms like Mac, Linux, and Microsoft.
2. Browser: The layout of the web page changes on different browsers. Also, browser versions and plug-ins are other important factors. The resolution of the monitor along with color depth and text size are some of the other configurations.
Q-8. What is the difference between authentication and authorization in web testing?
Ans. The key difference between both processes is.
1. Authentication is the process that empowers the system to identify the user. Whereas, authorization happens after authenticating the user.
2. The authentication ensures that the user is indeed a valid user, who he claims to be. Whereas, an authorization system will decide whether a user is entitled to perform a particular task.
3. There are different ways of doing authentication like password-based and device-based. However, authorization is of two types read-only and read-write.
Q-9. What is the difference between a static and dynamic website?
Ans. The main differences between Static and Dynamic websites are the following.
1. A Static website contains web pages with fixed content whereas, in a Dynamic website content of the web page may change at runtime.
2. It’s not difficult to build a static website as you don’t require any database design. However, developing a dynamic website requires good programming resources and database knowledge.
3. A static website doesn’t support user communication as it displays the same information to each one of them. Whereas, in the case of dynamic websites, users may communicate with each other.
Q-10. What is Cross-Site Scripting?
Ans. Cross-site scripting is a thread in the dynamic website. It is also known as XSS. It occurs when a web application gathers malicious data from a user.
Data collection happens in a hyperlinked form that contains malicious content within it. It allows the insertion of malicious code into the web page. The web page can be a simple HTML code or a client-side script.
Suppose a user, accidentally clicks on a web page containing the malicious code then that code becomes part of the web request of the user. This request can also execute on the user’s computer and steal confidential information.
Q-11. List down the actions necessary for securing a new web server.
Ans. Following are some of the important steps that a tester should take to secure a web server.
1. Limit user rights as per their roles.
2. Update user permissions for resources required.
3. Clean default data and scripts stashed on the server.
4. Use a Software firewall on the server.
5. Enabling and making use of IIS logging.
6. Taking Regular backups.
Q-12. What is field validation in web testing?
Ans. Field validation is done to ensure that the user enters only correct data into the fields present on any web page. We can select a variety of validation option that depends on the type of data the user may enter into the field. We can also ask to display an error message if the user enters an incorrect value. For example, you can set an option to make it mandatory for the user to enter a value in the field else, an error message is displayed. It performs data validation like the email field must contain the data in email@domain.com format.
Q-13. What are the different tools that you use for web testing?
Ans. Below is the list of the most popular web testing tools available nowadays. And we are using them frequently to run web tests.
1. JMeter (mainly load and performance testing tool) – It is a Java desktop application that is useful for creating the load test environment. It measures the performance of the application during the load test. It is capable of testing the performance of both static and dynamic websites.
2. Selenium (Web app testing tool ) – It is a framework for the automated testing of web applications. It’s not just a single tool but a suite of software each catering to different testing needs. Its components include Selenium IDE, Selenium Remote Control, Selenium Webdriver, and Selenium Grid to examine and evaluate the web application. Nowadays, Selenium RC and Webdriver have merged into Selenium 2.0.
Q-14. Do you know about the tools used for analyzing HTTP traffic?
Ans. Yes, we often need to track the HTTP requests that flow from the browser to the downstream web server. Also, by probing the network traffic, we can get to the details of each request/response and cross-verify.
Next, many tools are available in the market for monitoring Web traffic. I can name some of them which are open-source and frequently used.
1. Wireshark – It’s to check all data that passes through the network.
2. Fiddler – It is more useful for analyzing the HTTP/s-only traffic.
3. Live HTTP Headers – It’s a Firefox add-on that helps preview the HTTP headers.
4. FireBug – It’s the most popular Firefox plugin that can monitor AJAX transactions. However, its essential feature is to fetch the Web element locators.
5. BrowserMob Proxy – It adds additional functionality to Selenium Webdriver for running automated tests.
Q-15. What are the tests that you’ll run for testing a Login form that uses a Web Service for authentication?
Ans. For testing such a user case, we need to verify both the Web service and the Login test form. So we can design the test cases in the following manner.
Web Service Testing.
1. First of all, we’ll cover the testing of Web service API for input/output validation.
2. We’ll execute cases including valid/invalid username/password combinations as well as verify the correct error messages.
Login UI Testing.
1. Consequently, there will be tests for the login web page to check the location of the display of error messages, their color, and font.
2. Also, if the login page uses any Javascript or Cookies, then we’ll add cases to test the application functionality.
Recommended – Automation Testing Interview Questions
Wrapping UP – Web Testing Interview Questions and Answers
It was one more post where we took up a key topic for Software Testers. Also, web testing is becoming more and more important for business reasons. That’s why we came up with this blog post on the top web testing interview questions for QA engineers.
It would be great if you let us know your feedback on this post. Also, you can ask us to write on a topic of your choice. We’ll add it to our writing roadmap.
Lastly, if you enjoyed the post, then please care to share it with friends and on social media.
Keep Learning,
TechBeamers
