CISSP PRACTICE QUESTIONS – 20200426

Effective CISSP Questions

Your company is an independent software vendor (ISV), providing software packages with the click-through license agreement. Which of the following testing is most likely conducted before providing global availability (GA)?
A. Beta testing
B. User acceptance testing (UAT)
C. Regression testing
D. Installation testing


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Installation testing.

My suggested answer may be controversial, but never mind, this question is designed to provoke thinking about the software development and release process. It’s more important how you justify your answer.

Regression testing is a general concept or testing skill to repeatedly test the software until there are no bugs or issues found. The development team employs unit testing, continuous integration, continuous testing, and many other practices that are automated to support regression testing.

Traditionally, alpha testing emphasizes the testing is conducted by internal teams, while beta tested is exercised by users or customers. Typically, there are bugs or issues found after the beta testing, and they will be fixed and retested.

User acceptance testing (UAT) is a promising answer. However, there are some issues to be clarified:

  • Who will be the users of the software product of an independent software vendor (ISV)
  • What is the target of testing?
  • What are the acceptance criteria?

The question can be summarized as “who accepts what, based on which criteria.”

If users test a software package, and they accept it. Is the software package will be released to the market as is? In most cases, the software package may be integrated into other company’s own or partner’s products.

After the UAT, the software package typically will be repackaged as a standalone release or integrated into other packages. As a result, the installation package has to be tested to ensure it works fine and secure. (without no media/data corruption, backdoor, trojan, etc.)

So, I’d suggest installation testing is the last testing among the four options that should be conducted right before it goes GA.

 

 

 

 

 

References

 

 

 

 

 

 

Leave a Reply