As a test engineer who has been working for 10 years, I also moved to several large Internet companies. Although I do lack some stability, I have also accumulated some interview experience. I will share some with you. Then it is mainly some summaries for test engineers. For other types of jobs, I may summarize some interview skills in other articles. This article will focus on the experience of test engineers.
The interview focus of the test is divided into two parts: technology, project
To expand: some technical attention points, some handling methods on the project (some will also have some communication skills), may not be written in detail, but I will point to them, and I will continue to add them later ( nearly 30,000-word long text warning, hoping to help technical friends)
Then go directly to the goods, hoping to help everyone in the industry to find a satisfactory job, let's encourage each other!
1. Black-box testing method (you may ask about the classification of equivalence classes, equivalence classes and boundary values are the most important)
1. Equivalence class division:
Effective equivalence class: For the program specification, it is a reasonable and meaningful set of input data
Invalid equivalence class: For the program specification, it is unreasonable and meaningless set of input data
2. Boundary value analysis method
3. Cause and effect diagram method
4. Orthogonal experimental design method
5. Function diagram analysis method
6. Miscalculation
7. Requirement document conversion method
8. Random test
9. Object attribute analysis method
2. White box testing method (you can selectively memorize...don't know if you will ask)
1. Statement coverage: It is to design several test cases and run the program under test so that each executable statement is executed at least once.
2. Decision coverage: Make the designed test case guarantee that each value branch of each judgment in the program is experienced at least once.
3. Conditional coverage: Conditional coverage refers to selecting enough test cases so that when these test cases are run, all possible results of each condition in the decision appear at least once, but may not cover all branches
4. Judgment condition coverage: Judgment-condition coverage is to design enough test cases so that all possible values of each condition in the judgment are executed at least once, and at the same time, all possible judgment results of each judgment are executed at least once, that is, all judgments are required. Possible combinations of conditional values are executed at least once.
5. Conditional combination coverage: In the white box testing method, select enough test cases to make all combinations of the judgment results of each condition appear at least once in all judgments, and satisfying this coverage standard becomes conditional combination coverage.
6. Path coverage: each possible execution path is executed at least once.
Replenish:
(1) Statement coverage is the weakest coverage among all test methods.
(2) Decision coverage and condition coverage are stronger than statement coverage, and test cases that meet the decision/condition coverage criteria must also meet decision coverage, condition coverage, and statement coverage
(3) Path coverage is also a relatively strong coverage, but it does not necessarily consider the combination of judgment condition results, and cannot replace condition coverage and condition combination coverage.
3. TCP/IP layered protocol (attention should be paid to the protocol of each layer)
1. Link layer (data link layer/network interface layer): including the device driver in the operating system and the corresponding network interface card in the computer
2. Network layer (Internet layer): Handles the activities of packets in the network, such as routing of packets.
3. Transport layer: It mainly provides end-to-end communication for applications on two hosts.
4. Application layer: Responsible for handling specific application details.
Fourth, the difference between TCP and UDP (knowledge points on the network)
1. TCP is connection-oriented (for example, you need to dial up to establish a connection before making a call); UDP is connectionless, that is, there is no need to establish a connection before sending data
2. TCP provides reliable services. That is to say, the data transmitted through the TCP connection is error-free, not lost, not repeated, and arrives in order; UDP does its best to deliver, that is, does not guarantee reliable delivery
3. TCP is byte-oriented. In fact, TCP regards data as a series of unstructured byte streams; UDP is packet-oriented.
UDP has no congestion control, so network congestion will not reduce the sending rate of the source host (useful for real-time applications, such as IP telephony, real-time video conferencing, etc.)
4. Each TCP connection can only be point-to-point; UDP supports one-to-one, one-to-many, many-to-one and many-to-many interactive communications
5. The header overhead of TCP is 20 bytes; the header overhead of UDP is small, only 8 bytes
6. The logical communication channel of TCP is a full-duplex reliable channel, while UDP is an unreliable channel
5. TCP/IP three-way handshake and four-way handshake (frequently asked questions)
First handshake (SYN=1, seq=x)
The client sends a TCP packet with the SYN flag set to 1, indicating the port of the server the client intends to connect to, and the initial sequence number X, which is stored in the Sequence Number field of the packet header.
The second handshake (SYN=1, ACK=1, seq=y, ACKnum=x+1)
The server sends back an acknowledgment packet (ACK) in response. That is, both the SYN flag and the ACK flag are 1. The server side chooses its own ISN serial number, puts it in the seq field, and sets the Acknowledgment Number (Acknowledgment Number) as the client's ISN plus 1, that is, X+1. After sending, the server enters the SYN_RCVD state.
The third handshake (ACK=1, ACKnum=y+1)
The client sends an acknowledgment packet (ACK) again, the SYN flag is 0, the ACK flag is 1, and the sequence number field of the ACK sent by the server + 1 is sent to the other party in the confirmation field, and the ISN is written in the data segment +1 for that.
After sending, the client enters the ESTABLISHED state. When the server receives this packet, it also enters the ESTABLISHED state. The TCP handshake ends and the TCP connection is established.
My understanding....:
A asks B: Did you hear that? Send a confirmation message
B answers A: Heard it, tell A that it can receive A's message
A returns to B: I can receive your message, send another confirmation, and then establish a connection
Four waves:
first wave (fin=1, seq=x)
Assuming that the client wants to close the connection, the client sends a packet with the FIN flag set to 1, indicating that it has no data to send, but it can still receive data.
After sending, the client enters the FIN_WAIT_1 state.
The second wave (ACK=1, ACKnum=x+1)
The server confirms the client's FIN packet and sends a confirmation packet, indicating that it has received the client's request to close the connection, but it is not ready to close the connection yet.
After sending, the server enters the CLOSE_WAIT state, and the client enters the FIN_WAIT_2 state after receiving the confirmation packet, waiting for the server to close the connection.
The third wave (FIN=1, seq=y)
When the server is ready to close the connection, it sends an end connection request to the client, and FIN is set to 1.
After sending, the server enters the LAST_ACK state, waiting for the last ACK from the client
The fourth wave (ACK=1, ACKnum=y+1)
The client receives a close request from the server, sends a confirmation packet, and enters the TIME_WAIT state, waiting for possible ACK packets to be retransmitted.
After receiving the confirmation packet, the server closes the connection and enters the CLOSED state.
After waiting for a certain fixed time (two maximum segment life cycles, 2MSL, 2Maximum Segment Lifetime), the client does not receive the ACK from the server, thinking that the server has closed the connection normally, so it closes the connection itself and enters the CLOSED state.
Why three times, not two or four (this question could really be asked)
The two-way handshake does not guarantee reliability (B is not sure that A can receive his own information), and the four-way handshake wastes efficiency
6. DNS (running on UDP protocol, port 53)
Concept: dns is a domain name system, a distributed database that maps domain names and IP addresses on the World Wide Web, enabling users to access the Internet more conveniently without having to remember IP numbers that can be directly read by machines
7. TestNG (I have used this myself, you can take a look if you are interested) testng parameter passing method (parameter in testng.xml or through dataprovider)
Operation method: 1.Run as 2.testng.xml
Execute in order: preserve-order=true
Ignore tests: @Test(enable=false)
Group test: @Test(groups=..)
Dependency testing: @Test(dependsonmethods=...)
The result is in oup-put, the log level is verbose
Concurrent running use cases: parallel=methods
Eight, appium (you can understand it a little bit, it is similar to selenium, and I think some points are similar to UI automation)
Features:
1. Cross-platform, native hybrid webview (H5)
2. Cross-device, android iOS
3. Cross-app, you can interact between multiple apps
4. Do not rely on APP open source code (reserved opinion, android Uiautomator's support for H5 requires code support, which will not be elaborated here)
5. Support Selenium WebDriver / Selenium Grid
6. Cross-language, java python ruby nodejs
7. Open Source principle: Android
Nine, Linux common commands (I think it is more likely to ask more)
cd: change directory
Current directory and parent directory: ./ ../
Home directory: ~/
View the current path: pwd
Clear screen: clear
Exit the current command: ctrl+c to exit completely
Soft link: ln -s slink source
Find the terminal information where you are: who am i
View who is currently using this host: who
ls -l (or directly ll): list long data strings, including file attributes and permission data, etc.
ls -a: List all files, together with hidden files (files beginning with .) (commonly used)
find -name filename: find a matching filename
mkdir: create a directory with the specified name
cp -a file1 file2: copy file1 to file2 along with all the characteristics of the file
cp file1 file2 file3 dir: copy files file1, file2, file3 to directory dir
mv file1 file2 file3 dir : Move files file1, file2, file3 to directory dir
mv file1 file2 : rename the file file1 to file2
rm -fr dir : Forcefully delete all files in the directory dir
ps -ef|grep java: Find all java processes
kill -9 process number: completely kill a process
chmod changes file permissions
Syntax: chmod [options] mode files
Most of the permissions are expressed in the form of three octal numbers, the first specifies the authority of the owner, the second specifies the group permissions, and the third specifies the permissions of other users, each through 4 (read), 2 (write), 1 (execute) and the sum of the three values to determine the authority. For example, 6(4+2) represents the right to read and write, and 7(4+2+1) has the right to read, write and execute
chmod u+x file: Add execution permission to the owner of the file
vi: file name# edit mode view, can be modified
cat: filename #display all file contents
more: file name # page display file content
less: the file name # is similar to more, and it is better to turn the page forward
head: file name # only view the head, you can also specify the number of lines
tail -f 20160921.logs : view the log file being changed
tail -3000 catalina.out: view the last 3000 rows of data
history: view the list of used commands
df -hl: View disk usage space
which : Only executable files can be checked
whereis : You can only check binary files, documentation, source files, etc.
du : Display the size of a directory or file
df : Display the information of the file system where each <file> is located, the default is to display all file systems
The df command gets the real file system data, while the du command only looks at part of the file system
The built-in command let of the bash shell can perform mathematical operations on integer numbers
free: Displays the current memory usage of the system, including used memory, available memory, and swap memory
top: Displays some processes that occupy the most resources in the current system
netstat -anp|grep port: Check whether a port is occupied
chown -R: change the owner and group of a file or directory
Shift + PageUp: turn page
Empty the file: echo "" > filename or cat /dev/null > a.txt or >a.txt
Occurrences in Linux statistics file:
(1) A single string: grep -o targetstr filename | wc -l
Multiple strings: grep -o "targetstr_1\targetstr_2" filename | wc -l
(2) awk '{s+=gsub(/targetStr/,"&")}END{print s}' filename
Linux looks for a word in a file:
grep 'test'a,b,c looks for the word test in files a,b,c
grep -r 'test' . #Find the word test in the current directory
grep -r 'test' example #Find the word test in the example directory
wc -l filename: Check how many lines are in the file
uniq testfile: delete duplicate lines in a file
sort testfile1 | uniq: sort after deleting duplicates (number of times)
10. Mysql (don't write messy statements, write something I was asked)
- authorization statement
grant select, insert, update, delete on testdb.* to common_user@'%'
- Writing common SQL query statements (here are only examples of common query statements, if there are more pitfalls, I hope to add)
Query the mathematics scores of all students, display the student's name, score, from high to low.
SELECT a.name, b.score FROM student a, grade b WHERE a.id = b.id AND kemu = '数学' ORDER BY score DESC;Count the total score of each student (because students may have duplicate names), display fields: student id, name, total score.
SELECT a.id, a.name, c.sum_score from student a, (SELECT b.id, sum(b.score) as sum_score FROM grade b GROUP BY id) c WHERE a.id = c.id ORDER BY sum_score DESC;- What does slow query mean?
Enabling the slow query log allows MySQL to record queries that exceed the specified time. By locating and analyzing performance bottlenecks, the performance of the database system can be better optimized.
- What are the possible causes of poor database performance?
Hardware environment problems, such as disk IO
Query statement problems, such as join, subquery, no index built
The index is invalid, and the index is built, but it is useless when querying
Query associated with too many joins
Server-associated cache, number of threads, etc.
There are redundant fields in the table, and it takes extra time to generate the Cartesian product
11. Is your company agile development? Introduce agile development?
- Yes, agile rapid iteration, multi-version simultaneous iteration
- Agile development belongs to incremental development. For projects with unclear scope of requirements and frequent changes in requirements, it can respond to and embrace changes to a large extent, advocate simplicity, embrace change, sustainability, incremental changes, and high-quality work , fast feedback, software is your main goal
12. Test case design
login module
- functional use case
- Compatibility (app version, operating system version, different mobile device resolutions)
- Performance (single-user response time, high concurrency, long-term multi-user login)
- Security (encryption, SQL injection (by inserting SQL commands into web forms to submit or input query strings for domain names or page requests, and finally trick the server into executing malicious SQL commands), script attacks, mutual exclusion of multi-device logins)
- Weak network (android under fiddler, ios through its own status, write in the next chapter)
- UI testing
- Usability, ease of use (full keyboard input, enter, tab)
- Localization (multilingual)
There are many more, such as testing paper cups, elevators, shopping carts, payment functions (this is what I have encountered in interviews), many other aspects can also be considered, anyway, it depends on my own experience~~
13. Weak network test
- The Idea of Weak Network Test
Weak network function test: 2G/3G/4G, high latency, high packet loss
No-network state test: disconnection function test, local data storage
User experience concerns: response time, page rendering & timeout copywriting & timeout reconnection, security and high traffic risks
Network switching test: Wifi>>4G/3G/2G>>No network multi-state switching
- How to simulate a weak network test?
Both fiddler and charles can simulate weak network tests. The usual simulated packet loss is also a simulated weak network test.
- Network switching test
This part is mainly to switch between several different network scenarios, including:
1.wifi-2G/3G/4G
2. wifi-no network
3.2G/3G/4G-wifi
4.2G/3G/4G-No Internet
5. No Internet-2G/3G/4G
6. No network-wifi, etc.
Mainly pay attention to the display and interaction of the page, especially the case of weak network to wifi, wifi to weak network, whether there will be page crash and display disorder, whether the session is consistent, request accumulation processing, etc.
- user experience focus
1. Whether the page response time is acceptable, including hot start, cold start time, page switching, front and back switching, first word time, first screen time, etc.
2. Whether the page rendering is completed consistently
3. Whether the timeout copy meets the definition, and whether the abnormal information is displayed normally
4. Is there a timeout reconnection
5. All angles: whether there will be dns hijacking, frequent login ip changes, abnormal single sign-on, etc.
6. Risk of high-traffic events: Will large-traffic actions such as updating apk packages and downloading files be performed under weak networks
14、Fiddler
The difference between the break point and AutoResponder, pay attention to the request timeout after modifying the data, causing the client to not make the request
1. The interrupt point is that the request is blocked, and no result is returned. The request will always exist in the thread until it is kicked out after timeout.
2. AutoResponder returns 404/502. In this case, there is a result returned, which means that the request is also over, and it will not always exist in the thread
fiddler catches https package
(1) The principle is the same as charles, first: install the certmaker plug-in for fiddler (and then restart)
(2)Tools->Fiddler Options->HTTPS ,Actions->Trust Root Certificate, install the CA certificate after the pop-up box
After the installation is successful, you can view the installed certificate through Actions—>open windows certificate Manager
(3) Install the Fiddler certificate on the mobile phone, open the mobile browser, and enter the proxy server IP and port in the browser address. Click to install the certificate
15、APP crash
- Common causes of crash (null pointer, memory leak, array out of bounds, calling a higher version API)
Device Fragmentation: Due to the extreme diversity of devices, apps may behave differently on different devices.
Bandwidth Constraints: Networks with poor bandwidth may not be fast enough for the app to respond quickly.
Network changes: Switching between different networks may affect the stability of the App.
Memory management: Low available memory, or use of unauthorized memory locations may cause the app to fail.
Too many users: Too many connections may cause the App to crash.
Code errors: New features that have not been tested may cause the App to fail in the production environment.
(It may be that when the UnChecked exception of java occurs, because there is no corresponding try...catch to handle the exception object, the Java runtime environment will terminate and the program will exit)
Third-party services: Ads or pop-up screens may cause the App to crash.
- App crash test case design
Verify app behavior on multiple devices with different screen resolutions, operating systems and carriers.
Verify App behavior with newly released OS version.
Verify App behavior in environments with sudden changes in network quality such as tunnels and elevators.
Verify App behavior with manual network changes from cellular to Wi-Fi, or vice versa.
Verify App behavior in a non-networked environment.
Verify App behavior on incoming call/SMS and device-specific alerts like alarms and notifications.
Verify app behavior in different view modes by changing the orientation of the device.
Verify app behavior when device memory is low.
Verify App behavior by applying loads with the test harness.
16. Git (command-based)
git clone copies a Git repository to the local
git status View warehouse status
git diff * View the modified content of the X file
git log view history
git reset --hard HEAD^ back to the previous version
git reset --hard HEAD~ If you want to roll back to the third version, use git reset --hard HEAD~3
git branch View all local branches
git branch -a View all remote branches
git branch name creates a branch
git branch –d dev delete dev branch
git checkout –b dev Create a dev branch and switch to the dev branch
git merge dev merges the dev branch generation on the current branch
Submit the code trilogy hahaha:
git add * Add the x file to the temporary storage area
git commit –m "*" Submit files – m is followed by comments
git push
17. Monkey (you can use the command to check this, you must know that -p is the specified package)
1. The Monkey program comes with the Android system and is written in Java language. The storage path in the Android file system is: /sdk/sdk/tools/lib/monkey.jar
2. The Monkey.jar program is started by a shell script named "monkey". The storage path of the shell script in the Android file system is: /sdk/sdk/tools/bin/monkey
- adb shell monkey {+command parameters} After the Monkey test has an error, the general analysis steps (I was asked before, and I was confused at the time (´⊙ω⊙`)) Look at Monkey’s log (note the first swith and exception information, etc.)
- Program Unresponsive Issues: Search for "ANR" in the logs
- Crash problem: search for "Exception" in the log (if there is a null pointer, NullPointerException) there must be a bug
18. The difference between Android and IOS testing
- Android long press the home button to call out the application list and switch applications, and then slide right to terminate the application;
- Multi-resolution test, more than 20 types on Android, less on ios;
- Mobile phone operating system, Android is more, ios is less and cannot be downgraded, only one-way upgrade; the resource library in the new ios system cannot be fully compatible with the applications in the lower version of the ios system, and the application calls in the lower version of the ios system A new resource library is installed, which will directly lead to a crash (Crash);
- Operating habits: Android, whether the Back button is rewritten, test whether the feedback after clicking the Back button is correct; whether the application data can run normally after being moved from the internal memory to the SD card, etc.;
- Push test: Android: click the home button, when the program is running in the background, receive a push at this time, wake up the application after clicking, whether it can jump correctly at this time; ios, click the home button to close the program and lock the screen (the red dot show);
- Installation and uninstallation testing: There are many platforms, tools and channels for downloading and installing Android, while iOS mainly includes app store, iTunes and testflight downloads;
- Upgrade test: Necessary conditions for being upgraded: the old and new versions have the same signature; the old and new versions have the same package name; there is an identifier to distinguish the old and new versions (such as version number). For Android, if there is a built-in application, it needs to be checked after the upgrade. Whether the file matches (such as the built-in input method)
19. IOS and android log capture
iOS:
- Obtain the user's crash log through iTunes Connect (Manage Your Applications - View Details - Crash Reports)
- Get crash logs from your device with Xcode
- Add the crash capture code in the program yourself, if the application integrates a third-party SDK, such as Baidu Statistics
Android:
- By integrating third-party SDKs, such as Baidu Statistics, Youmeng Statistics, etc.
- Use hardening tools when publishing, and they will also collect error logs, such as 360 hardening
- Add the capture code for program abnormal crash in the program and save it to a local file
20. SQL Injection (After thinking about it for a long time, I have to list this. Although we don’t do security, we basically ask about it. It’s enough to understand this paragraph. If you ask how to prevent it, it’s about verifying user input. Do not dynamically splice SQL)
select * from users where username='' or 1=1#' and password=md5('')
Equivalent to
select * from users where username='' or 1=1
What does SQL injection use' OR 1=1 # mean?
What is the meaning of the last # sign?
SELECT * FROM test WHERE name='' OR 1=1 #' AND age='20'
What does the #' written behind this mean?
Explanation: You can comment out the following line of SQL code
It is equivalent to removing a where condition
MySQL comment, filter out the following SQL statement, making it ineffective
Because 1=1 is always true, that is, the where clause is always true. After further simplifying the SQL, it is equivalent to the following select statement:
select * from users Yes, the function of this sql statement is to retrieve all the fields in the users table
The peak interview season for gold, nine and silver ten is coming soon. Everyone hopes to take this opportunity to find a job they like. Make comprehensive preparations for the explosive interview questions. Of course, in addition to this, you also need to lay a solid foundation in your daily life, so that no matter how the interviewer digs into a knowledge point, you can handle it well~
Finally, I would like to thank everyone who has read my article carefully. As a person who has been here, I hope that you will avoid some detours . Here I will share with you some learning resources for automated testing . If you can use it, you can take it away. I hope it can be given to you. Help along the way.
( Including Python programming, WEB automated testing, app automated testing, interface automated testing, testing framework, continuous integration, automated testing development, performance testing, security testing, big factory interview questions, resume templates, etc., and of course some testing basics, Tools, app testing, interface testing, linux, mysql database and other basic knowledge ), I believe it will make you better progress!
Information acquisition method:
