Practice Free CTFL_SYLL_4.0 Exam Online Questions
Question #21
Consider the following user story about the authentication functionality of an e-commerce website:
"As a logged-in user, I want to change my current password with a new one, so that I can make my account safer".
The following are some of the acceptance criteria defined for the user story:
[a] After the logged-in user has successfully changed his password, an email confirming the change must be sent to him
[b] To successfully change the password, the logged-in user must enter the current password, enter a new valid password, and finally confirm by pressing the ‘Change Password’ button
[c] To be valid, the new password entered by the logged-in user is not only required to meet the criteria related to the length and type of characters, but must also be different form the last 5 passwords of that user
[d] A dedicated error message must be presented to the logged-in user when he enters a wrong current password
[e] A dedicated error message must be presented to the logged-in user when he enters the correct current password, but enters an invalid password
Based only on the given information, which of the following ATDD tests is most likely to be written first?
- A . The logged-in user enters a wrong current password and views the dedicated error message
- B . The logged-in user enters the correct current password, enters a valid new password (different from the last 5 passwords), presses the Change Password’ button, and finally receives the e-mail confirming that the password has been successfully changed
- C . The logged-in user enters the correct current password, enters an invalid password, and finally views the dedicated error
- D . The logged-in user submits a purchase order containing ten items, selects to pay with a Visa credit card, enters credit card information of a valid card, presses the ‘Confirm’ button, and finally views the dedicated message confirming that the purchase has been successful
Correct Answer: B
B
Explanation:
ATDD stands for Acceptance Test-Driven Development, which is a collaborative approach to software development and testing, in which the acceptance criteria of a user story are defined and automated as executable tests before the implementation of the software system. ATDD tests are usually written in a Given-When-Then format, which describes the preconditions, the actions, and the expected outcomes of a test scenario. ATDD tests are intended to verify that the software system meets the expectations and the needs of the users and the stakeholders, as well as to provide feedback and guidance for the developers and the testers.
Based on the given information, the ATDD test that is most likely to be written first is the one that corresponds to option B, which is:
Given the logged-in user is on the Change Password page When the user enters the correct current password, enters a valid new password (different from the last 5 passwords), and presses the Change Password button Then the user receives an email confirming that the password has been successfully changed
This ATDD test is most likely to be written first, because it covers the main functionality and the happy path of the user story, as well as the most important acceptance criterion [a]. It also verifies that the user can change the password with a valid new password that meets the criteria related to the length, the type of characters, and the history of the passwords, as specified in the acceptance criterion [c]. The other options are not likely to be written first, because they either cover less critical or less frequent scenarios, such as entering a wrong current password [d] or an invalid new password [e], or they are not related to the user story or the acceptance criteria at all, such as submitting a purchase order [d].
Reference: ISTQB Certified Tester Foundation Level (CTFL) v4.0 sources and documents:
ISTQB® Certified Tester Foundation Level Syllabus v4.0, Chapter 1.3.1, Testing in Software Development Lifecycles1
ISTQB® Glossary of Testing Terms v4.0, Acceptance Test-Driven Development, User Story, Acceptance Criterion, Given-When-Then2
B
Explanation:
ATDD stands for Acceptance Test-Driven Development, which is a collaborative approach to software development and testing, in which the acceptance criteria of a user story are defined and automated as executable tests before the implementation of the software system. ATDD tests are usually written in a Given-When-Then format, which describes the preconditions, the actions, and the expected outcomes of a test scenario. ATDD tests are intended to verify that the software system meets the expectations and the needs of the users and the stakeholders, as well as to provide feedback and guidance for the developers and the testers.
Based on the given information, the ATDD test that is most likely to be written first is the one that corresponds to option B, which is:
Given the logged-in user is on the Change Password page When the user enters the correct current password, enters a valid new password (different from the last 5 passwords), and presses the Change Password button Then the user receives an email confirming that the password has been successfully changed
This ATDD test is most likely to be written first, because it covers the main functionality and the happy path of the user story, as well as the most important acceptance criterion [a]. It also verifies that the user can change the password with a valid new password that meets the criteria related to the length, the type of characters, and the history of the passwords, as specified in the acceptance criterion [c]. The other options are not likely to be written first, because they either cover less critical or less frequent scenarios, such as entering a wrong current password [d] or an invalid new password [e], or they are not related to the user story or the acceptance criteria at all, such as submitting a purchase order [d].
Reference: ISTQB Certified Tester Foundation Level (CTFL) v4.0 sources and documents:
ISTQB® Certified Tester Foundation Level Syllabus v4.0, Chapter 1.3.1, Testing in Software Development Lifecycles1
ISTQB® Glossary of Testing Terms v4.0, Acceptance Test-Driven Development, User Story, Acceptance Criterion, Given-When-Then2
Question #22
Which of the following statements is CORRECT about the value added by a tester to release planning?
- A . The tester estimates the testing effort for individual iterations
- B . The tester assesses the testability of the user stories
- C . The tester breaks down user stories into smaller testing tasks
- D . The tester writes acceptance criteria
Correct Answer: B
B
Explanation:
During release planning, a tester adds value by assessing the testability of user stories. This involves evaluating whether the user stories are clear, concise, and testable. The tester ensures that the acceptance criteria are well-defined and that the stories can be effectively tested within the given timeframe.
Reference: ISTQB CTFL Syllabus V4.0, Section 5.1.2 on the tester’s contribution to iteration and release planning, which includes assessing the testability of user stories.
B
Explanation:
During release planning, a tester adds value by assessing the testability of user stories. This involves evaluating whether the user stories are clear, concise, and testable. The tester ensures that the acceptance criteria are well-defined and that the stories can be effectively tested within the given timeframe.
Reference: ISTQB CTFL Syllabus V4.0, Section 5.1.2 on the tester’s contribution to iteration and release planning, which includes assessing the testability of user stories.
Question #23
Which ONE of the following options BEST describes black-box test techniques?
- A . Black-box testing techniques are based on experience with the test object without knowing the internal structure.
- B . In black-box testing techniques, test cases are created based on the software’s implementation.
- C . Black-box testing techniques are based on analyzing the test object’s specified and implied behavior without knowledge of its internal data structure.
- D . Black-box testing techniques involve analyzing the specified behavior of the test object without knowledge of its internal structure.
Correct Answer: D
D
Explanation:
Black-box testing techniques focus on testing the functionality of the software without knowledge of its internal workings (D). They derive test cases from specifications, requirements, or expected behavior.
Option A describes exploratory testing, B contradicts the definition by focusing on implementation, and C incorrectly includes "implied behavior," which is not a core characteristic of black-box testing.
Reference: ISTQB CTFL v4.0 Syllabus, Section 4.2 C Black-Box Testing Techniques
D
Explanation:
Black-box testing techniques focus on testing the functionality of the software without knowledge of its internal workings (D). They derive test cases from specifications, requirements, or expected behavior.
Option A describes exploratory testing, B contradicts the definition by focusing on implementation, and C incorrectly includes "implied behavior," which is not a core characteristic of black-box testing.
Reference: ISTQB CTFL v4.0 Syllabus, Section 4.2 C Black-Box Testing Techniques
Question #24
Which of the following are the phases of the ISTQB fundamental test process?
- A . Test planning and control, Test analysis and design, Test implementation and execution, Evaluating ex t criteria and reporting. Test closure activities
- B . Test planning, Test analysis and design. Test implementation and control. Checking test coverage and reporting, Test closure activities
- C . Test planning and control, Test specification and design. Test implementation and execution, Evaluating test coverage and reporting, Retesting and regression testing, Test closure activities
- D . Test planning. Test specification and design. Test implementation and execution. Evaluating exit criteria and reporting. Retesting and test closure activities
Correct Answer: A
A
Explanation:
The ISTQB fundamental test process consists of five main phases, as described in the ISTQB Foundation Level Syllabus, Version 4.0, 2018, Section 2.2, page 15:
Test planning and control: This phase involves defining the test objectives, scope, strategy, resources, schedule, risks, and metrics, as well as monitoring and controlling the test activities and results throughout the test process.
Test analysis and design: This phase involves analyzing the test basis (such as requirements,
specifications, or user stories) to identify test conditions (such as features, functions, or scenarios) that need to be tested, and designing test cases and test procedures (such as inputs, expected outcomes, and execution steps) to cover the test conditions. This phase also involves evaluating the testability of the test basis and the test items (such as software or system components), and selecting and implementing test techniques (such as equivalence partitioning, boundary value analysis, or state transition testing) to achieve the test objectives and optimize the test coverage and efficiency.
Test implementation and execution: This phase involves preparing the test environment (such as hardware, software, data, or tools) and testware (such as test cases, test procedures, test data, or test scripts) for test execution, and executing the test procedures or scripts according to the test plan and schedule. This phase also involves logging the outcome of test execution, comparing the actual results with the expected results, and reporting any discrepancies as incidents (such as defects, errors, or failures).
Evaluating exit criteria and reporting: This phase involves checking if the planned test activities have been completed and the exit criteria (such as quality, coverage, or risk levels) have been met, and reporting the test results and outcomes to the stakeholders. This phase also involves making recommendations for the release or acceptance decision based on the test results and outcomes, and identifying any residual risks (such as known defects or untested areas) that need to be addressed or mitigated.
Test closure activities: This phase involves finalizing and archiving the testware and test environment for future reuse, and evaluating the test process and the test project against the test objectives and the test plan. This phase also involves identifying any lessons learned and best practices, and communicating the findings and suggestions for improvement to the relevant parties.
Reference = ISTQB Certified Tester Foundation Level Syllabus, Version 4.0, 2018, Section 2.2, page 15;
ISTQB Glossary of Testing Terms, Version 4.0, 2018, pages 37-38; ISTQB CTFL 4.0 – Sample Exam –
Answers, Version 1.1, 2023, Question 88, page 32.
A
Explanation:
The ISTQB fundamental test process consists of five main phases, as described in the ISTQB Foundation Level Syllabus, Version 4.0, 2018, Section 2.2, page 15:
Test planning and control: This phase involves defining the test objectives, scope, strategy, resources, schedule, risks, and metrics, as well as monitoring and controlling the test activities and results throughout the test process.
Test analysis and design: This phase involves analyzing the test basis (such as requirements,
specifications, or user stories) to identify test conditions (such as features, functions, or scenarios) that need to be tested, and designing test cases and test procedures (such as inputs, expected outcomes, and execution steps) to cover the test conditions. This phase also involves evaluating the testability of the test basis and the test items (such as software or system components), and selecting and implementing test techniques (such as equivalence partitioning, boundary value analysis, or state transition testing) to achieve the test objectives and optimize the test coverage and efficiency.
Test implementation and execution: This phase involves preparing the test environment (such as hardware, software, data, or tools) and testware (such as test cases, test procedures, test data, or test scripts) for test execution, and executing the test procedures or scripts according to the test plan and schedule. This phase also involves logging the outcome of test execution, comparing the actual results with the expected results, and reporting any discrepancies as incidents (such as defects, errors, or failures).
Evaluating exit criteria and reporting: This phase involves checking if the planned test activities have been completed and the exit criteria (such as quality, coverage, or risk levels) have been met, and reporting the test results and outcomes to the stakeholders. This phase also involves making recommendations for the release or acceptance decision based on the test results and outcomes, and identifying any residual risks (such as known defects or untested areas) that need to be addressed or mitigated.
Test closure activities: This phase involves finalizing and archiving the testware and test environment for future reuse, and evaluating the test process and the test project against the test objectives and the test plan. This phase also involves identifying any lessons learned and best practices, and communicating the findings and suggestions for improvement to the relevant parties.
Reference = ISTQB Certified Tester Foundation Level Syllabus, Version 4.0, 2018, Section 2.2, page 15;
ISTQB Glossary of Testing Terms, Version 4.0, 2018, pages 37-38; ISTQB CTFL 4.0 – Sample Exam –
Answers, Version 1.1, 2023, Question 88, page 32.
Question #25
Which of the following is a test-first approach, where tests that express a shared understanding from stakeholders of how the application is expected to work, are first written in business-readable language (following the Given/When/Then format), and then made executable to drive development?
- A . Test-Driven Development (TDD)
- B . Acceptance Test-Driven Development (ATDD)
- C . Behavior-Driven Development (BDD)
- D . Domain-Driven Design (DDD)
Correct Answer: C
C
Explanation:
This answer is correct because Behavior-Driven Development (BDD) is a test-first approach, where tests that express a shared understanding from stakeholders of how the application is expected to work, are first written in business-readable language (following the Given/When/Then format), and then made executable to drive development. BDD is a collaborative approach that involves testers, developers, business analysts, product owners, and other stakeholders in defining the expected behavior of the application using scenarios that describe the preconditions, actions, and outcomes of the application. BDD scenarios are written using a domain-specific language (DSL) that can be translated into executable test cases using tools such as Cucumber or SpecFlow. BDD aims to improve communication, collaboration, and feedback among the team members, and to deliver software that meets the customer’s needs and expectations.
Reference: ISTQB Glossary of Testing Terms v4.0, ISTQB Foundation Level Syllabus v4.0, Section 3.1.1.4
C
Explanation:
This answer is correct because Behavior-Driven Development (BDD) is a test-first approach, where tests that express a shared understanding from stakeholders of how the application is expected to work, are first written in business-readable language (following the Given/When/Then format), and then made executable to drive development. BDD is a collaborative approach that involves testers, developers, business analysts, product owners, and other stakeholders in defining the expected behavior of the application using scenarios that describe the preconditions, actions, and outcomes of the application. BDD scenarios are written using a domain-specific language (DSL) that can be translated into executable test cases using tools such as Cucumber or SpecFlow. BDD aims to improve communication, collaboration, and feedback among the team members, and to deliver software that meets the customer’s needs and expectations.
Reference: ISTQB Glossary of Testing Terms v4.0, ISTQB Foundation Level Syllabus v4.0, Section 3.1.1.4
Question #26
Which ONE of the following options BEST describes Behavior-Driven Development (BDD)?
- A . Expresses the desired behavior of an application with test cases written in a simple form of natural language that is easy to understand by stakeholders―usually using the Given/When/Then format. Test cases are then automatically translated into executable tests.
- B . Defines test cases at a low level, close to the implementation, using unit test frameworks.
- C . Is primarily focused on non-functional testing techniques to ensure system reliability and performance.
- D . Requires testing to be performed after development is completed to validate software functionality.
Correct Answer: A
A
Explanation:
BDD emphasizes collaboration between developers, testers, and business stakeholders to define system behavior in a readable format (A). It typically uses the Given-When-Then syntax. Unlike unit testing (B), BDD is at a higher level of abstraction. It does not focus solely on non-functional testing (C) and encourages early testing rather than post-development validation (D).
Reference: ISTQB CTFL v4.0 Syllabus, Section 2.1.5 C Behavior-Driven Development (BDD)
A
Explanation:
BDD emphasizes collaboration between developers, testers, and business stakeholders to define system behavior in a readable format (A). It typically uses the Given-When-Then syntax. Unlike unit testing (B), BDD is at a higher level of abstraction. It does not focus solely on non-functional testing (C) and encourages early testing rather than post-development validation (D).
Reference: ISTQB CTFL v4.0 Syllabus, Section 2.1.5 C Behavior-Driven Development (BDD)
Question #26
Which ONE of the following options BEST describes Behavior-Driven Development (BDD)?
- A . Expresses the desired behavior of an application with test cases written in a simple form of natural language that is easy to understand by stakeholders―usually using the Given/When/Then format. Test cases are then automatically translated into executable tests.
- B . Defines test cases at a low level, close to the implementation, using unit test frameworks.
- C . Is primarily focused on non-functional testing techniques to ensure system reliability and performance.
- D . Requires testing to be performed after development is completed to validate software functionality.
Correct Answer: A
A
Explanation:
BDD emphasizes collaboration between developers, testers, and business stakeholders to define system behavior in a readable format (A). It typically uses the Given-When-Then syntax. Unlike unit testing (B), BDD is at a higher level of abstraction. It does not focus solely on non-functional testing (C) and encourages early testing rather than post-development validation (D).
Reference: ISTQB CTFL v4.0 Syllabus, Section 2.1.5 C Behavior-Driven Development (BDD)
A
Explanation:
BDD emphasizes collaboration between developers, testers, and business stakeholders to define system behavior in a readable format (A). It typically uses the Given-When-Then syntax. Unlike unit testing (B), BDD is at a higher level of abstraction. It does not focus solely on non-functional testing (C) and encourages early testing rather than post-development validation (D).
Reference: ISTQB CTFL v4.0 Syllabus, Section 2.1.5 C Behavior-Driven Development (BDD)
Question #28
Which of the following statements about white-box test techniques is true?
- A . Achieving full statement coverage and full branch coverage for a software product means that such software product has been fully tested and there are no remaining bugs within the code
- B . Code-related white-box test techniques are not required to measure the actual code coverage achieved by black-box testing, as code coverage can be measured using the coverage criteria associated with black-box test techniques
- C . Branch coverage is the most thorough code-related white-box test technique, and therefore applicable standards prescribe achieving full branch coverage at the highest safety levels for safety-critical systems
- D . Code-related white-box test techniques provide an objective measure of coverage and can be used to complement black-box test techniques to increase confidence in the code
Correct Answer: D
D
Explanation:
This answer is correct because code-related white-box test techniques are test design techniques that use the structure of the code to derive test cases. They provide an objective measure of coverage, such as statement coverage, branch coverage, or path coverage, which indicate how much of the code has been exercised by the test cases. Code-related white-box test techniques can be used to complement black-box test techniques, which are test design techniques that use the functional or non-functional requirements of the system or component to derive test cases. By combining both types of techniques, testers can increase their confidence in the code and find more defects.
Reference: ISTQB Glossary of Testing Terms v4.0, ISTQB Foundation Level Syllabus v4.0, Section 2.3.2.2
D
Explanation:
This answer is correct because code-related white-box test techniques are test design techniques that use the structure of the code to derive test cases. They provide an objective measure of coverage, such as statement coverage, branch coverage, or path coverage, which indicate how much of the code has been exercised by the test cases. Code-related white-box test techniques can be used to complement black-box test techniques, which are test design techniques that use the functional or non-functional requirements of the system or component to derive test cases. By combining both types of techniques, testers can increase their confidence in the code and find more defects.
Reference: ISTQB Glossary of Testing Terms v4.0, ISTQB Foundation Level Syllabus v4.0, Section 2.3.2.2
Question #29
Consider the following examples of risks identified in different software development projects:
[I]. It may not be possible to generate the expected workloads to run performance tests, due to the poor hardware equipment of the machines (load injectors) that should generate these workloads
[II]. A user’s session on a web application is not invalidated after a certain period of inactivity (configured by the system administrator) of the user
[III]. The test team will not have an adequate requirements specification (since many requirements will still be missing) by the time test design and analysis activities should begin according to the test plan
[IV]. Following a failure, the system is unable to continue to maintain its pre-failure operation and some data becomes corrupted
Which of the following statements is true?
- A . [II] and [IV] are product risks: [I] and [III] are project risks
- B . [II] and [III] are product risks, [I] and [IV] are project risks
- C . [I], and [IV] are product risks: [II] and [III] are project risks
- D . [I], [II] and [III] are product risks; [IV] is a project risk
Correct Answer: A
A
Explanation:
Product Risks: Relate to the quality of the software product itself, such as functionality, performance, security, and user experience.
II: A session management issue affects the product’s security and functionality.
IV: Inability to maintain operation and data corruption directly affects the product’s reliability and data integrity.
Project Risks: Relate to the circumstances and activities within the project, such as schedule, resources, and planning.
I: Poor hardware equipment for performance testing impacts the project’s ability to conduct performance tests.
III: Inadequate requirement specifications affect the project timeline and the ability to design tests.
A
Explanation:
Product Risks: Relate to the quality of the software product itself, such as functionality, performance, security, and user experience.
II: A session management issue affects the product’s security and functionality.
IV: Inability to maintain operation and data corruption directly affects the product’s reliability and data integrity.
Project Risks: Relate to the circumstances and activities within the project, such as schedule, resources, and planning.
I: Poor hardware equipment for performance testing impacts the project’s ability to conduct performance tests.
III: Inadequate requirement specifications affect the project timeline and the ability to design tests.
Question #30
Which of the following statements about TDD, BDD and ATDD is true?
- A . Refactoring is a practice that is an integral part of TDD and is applied both to tests and to code written to satisfy those tests
- B . ATDD is a black-box test design technique that is applicable exclusively at acceptance test level
- C . BDD is a developer practice where business stakeholders are not usually involved as the tests are directly written at unit/component test level
- D . ATDD is the practice of running the automated acceptance tests as part of a continuous integration process
Correct Answer: A
A
Explanation:
Test-Driven Development (TDD) includes refactoring as a key practice. After writing tests and the code to satisfy those tests, refactoring is performed to improve the code and test quality without changing the functionality. This continuous process helps maintain clean, efficient, and manageable code.
Reference: ISTQB® CTFL Syllabus 4.0, Chapter 2.1.3, page 25: TDD, ATDD, and BDD Practices
A
Explanation:
Test-Driven Development (TDD) includes refactoring as a key practice. After writing tests and the code to satisfy those tests, refactoring is performed to improve the code and test quality without changing the functionality. This continuous process helps maintain clean, efficient, and manageable code.
Reference: ISTQB® CTFL Syllabus 4.0, Chapter 2.1.3, page 25: TDD, ATDD, and BDD Practices