Testing Fundamentals
20%of exam
Testing Across SDLC
15%of exam
Static Testing
10%of exam
Test Analysis + Design
28%of exam
Managing Test Activities
23%of exam
Risk-Based TestingMetricsDefectsReport Picker
Test Tools
5%of exam
Quick Facts
- Exam
- CTFL v4.0
- Questions
- 40 MCQ
- Points
- 40 total
- Pass
- 26/40
- Time
- 60 min
- Extension
- 75 min
- Prereq
- None
- Focus
- Apply concepts
Defect Chain
Error -> Defect -> Failure
Human errorWork product defectRuntime failureRoot cause why
Verification vs Validation
Verification
- Meets specification
- Built right
- Requirements focus
Validation
- Meets need
- Right product
- User focus
Spec vs need
Process Picker
- Define scope→Planning
- Track progress→Monitoring
- Change approach→Control
- Find conditions→Analysis
- Write cases→Design
- Prepare suites→Implementation
- Run tests→Execution
- Archive evidence→Completion
Core Terms
- Error
- Human mistake
- Defect
- Work product flaw
- Failure
- Observed wrong behavior
- Root cause
- Underlying reason
- Quality
- Needs satisfied
- Risk
- Likelihood x impact
- Testware
- Testing work products
- Traceability
- Linked test evidence
Process Flow
Plan, analyze, design, build, run, close
PlanningAnalysis/designImplementation/executionCompletion
Testing vs Debugging
Testing
- Reveal failures
- Provide evidence
- Report defects
Debugging
- Find cause
- Fix defect
- Confirm fix
Find vs fix
Seven Principles
- Presence
- Shows defects
- Exhaustive
- Normally impossible
- Early
- Find defects sooner
- Clustering
- Defects group
- Pesticide
- Tests go stale
- Context
- Approach varies
- Fallacy
- Wrong product fails
Test Process
- Planning
- Objectives and approach
- Monitoring
- Compare actual plan
- Control
- Adjust testing
- Analysis
- Identify test conditions
- Design
- Create test cases
- Implementation
- Prepare testware
- Execution
- Run and log
- Completion
- Close and archive
Test Levels
Component -> Integration -> System -> Acceptance
Unit firstInterfaces nextWhole systemBusiness fit
Confirmation vs Regression
Confirmation
- Retest fix
- Same failure
- Defect closed
Regression
- Check side effects
- Existing behavior
- Change impact
Fix vs side effects
SDLC Models
- Sequential
- Phased delivery
- V-model
- Test levels aligned
- Iterative
- Repeated cycles
- Incremental
- Partial delivery
- Agile
- Short feedback loops
- DevOps
- Build-operate feedback
- Shift-left
- Test earlier
- Retrospective
- Improve process
Test Levels
- Component
- Single unit
- Integration
- Interfaces interact
- System
- Whole system
- Acceptance
- Fit for use
- Driver
- Calls component
- Stub
- Simulates called part
- Contract
- Interface expectation
- Environment
- Execution context
Test Types
- Functional
- What it does
- Non-functional
- How it behaves
- White-box
- Internal structure
- Change-related
- After modification
- Confirmation
- Fix works
- Regression
- Nothing broke
- Maintenance
- Changed live system
- Impact analysis
- Change consequences
Static vs Dynamic
Static
- No execution
- Find early
- Reviews/tools
Dynamic
- Execute software
- Observe failures
- Runtime evidence
Inspect vs run
Review Picker
- Quick feedback→Informal
- Author explains→Walkthrough
- Expert consensus→Technical review
- Formal defects→Inspection
- Tool scans code→Static analysis
- Viewpoint assigned→Perspective reading
Static Basics
- Static testing
- No execution
- Dynamic testing
- Execute software
- Review
- Human examination
- Static analysis
- Tool examination
- Checklist
- Prompt defects
- Scenario reading
- Workflow viewpoint
- Role-based
- Stakeholder viewpoint
- Perspective-based
- Assigned viewpoint
Review Roles
- Author
- Created work product
- Moderator
- Runs review
- Facilitator
- Guides meeting
- Scribe
- Records findings
- Reviewer
- Finds anomalies
- Manager
- Provides resources
- Leader
- Owns review
- Participants
- Review team
Review Types
- Informal
- Ad hoc feedback
- Walkthrough
- Author-led review
- Technical review
- Consensus defects
- Inspection
- Formal review
- Planning
- Define scope
- Kick-off
- Align reviewers
- Individual review
- Find issues
- Communication
- Discuss findings
Coverage Strength
Decision coverage includes statement coverage
Branches imply linesLines miss branchesK3 calculation
EP vs BVA
EP
- Value classes
- One representative
- Valid/invalid
BVA
- Class edges
- Boundary neighbors
- Range defects
Class vs edge
Technique Picker
- Input classes→EP
- Range edges→BVA
- Business rules→Decision table
- States change→State transition
- Code paths→White-box
- Weak specs→Exploratory
Black-Box
- EP
- Partition values
- BVA
- Test edges
- Decision table
- Condition combinations
- State transition
- States and events
- Use case
- User workflow
- Coverage
- Items exercised
- Valid class
- Accepted values
- Invalid class
- Rejected values
Statement vs Decision
Statement
- Lines executed
- Weaker coverage
- Misses branches
Decision
- Outcomes executed
- Stronger coverage
- Covers branches
Line vs branch
White-Box
- Statement
- Executable statement
- Statement coverage
- Statements executed
- Decision
- Branch outcome
- Decision coverage
- Outcomes executed
- Cyclomatic
- Independent paths
- Control flow
- Execution paths
- Data flow
- Variable lifecycle
- Dead code
- Unreachable code
Experience-Based
- Error guessing
- Likely mistakes
- Exploratory
- Learn while testing
- Checklist-based
- Guided experience
- Charter
- Exploration mission
- Session
- Timeboxed testing
- Heuristic
- Helpful rule
- Attack
- Targeted fault idea
- Tour
- Exploration pattern
Risk Formula
Risk = likelihood x impact
LikelihoodImpactPriorityResidual risk
Severity vs Priority
Severity
- Technical impact
- Failure seriousness
- Quality view
Priority
- Business urgency
- Fix order
- Stakeholder view
Impact vs urgency
Management Basics
- Test plan
- Scope and approach
- Entry criteria
- Start conditions
- Exit criteria
- Stop conditions
- Estimation
- Predict effort
- Prioritization
- Order by value
- Strategy
- Overall test approach
- Independence
- Less bias
- Whole team
- Shared quality
Product vs Project Risk
Product
- Quality failure
- User impact
- System behavior
Project
- Delivery threat
- Schedule/cost
- Team constraints
Quality vs delivery
Risk Management
- Product risk
- Quality threat
- Project risk
- Delivery threat
- Likelihood
- Chance of failure
- Impact
- Damage if occurs
- Risk level
- Likelihood plus impact
- Mitigation
- Risk reduction
- Residual risk
- Remaining exposure
- Risk control
- Ongoing response
Metrics + Reports
- Progress
- Run/not run
- Quality
- Product measures
- Defect metrics
- Found/fixed counts
- Coverage
- Requirements or code
- Cost metrics
- Testing spend
- Progress report
- Ongoing status
- Completion report
- Final summary
- Dashboard
- Visual status
Defects + Config
- Anomaly
- Possible problem
- Defect report
- Failure record
- Severity
- Technical impact
- Priority
- Business urgency
- Lifecycle
- Defect states
- CM
- Version integrity
- Baseline
- Approved version
- Change control
- Managed updates
Tool Picker
- Trace requirements→Management tool
- Scan source→Static tool
- Run regression→Execution tool
- Measure branches→Coverage tool
- Simulate load→Performance tool
- Pipeline feedback→CI tool
Tool Types
- Management tool
- Plan and track
- Static tool
- Analyze work products
- Design tool
- Generate tests
- Execution tool
- Run tests
- Coverage tool
- Measure exercised code
- Performance tool
- Simulate load
- Monitoring tool
- Observe operation
- CI tool
- Pipeline feedback
Automation
- Benefit
- Fast repeatability
- Risk
- False confidence
- Maintenance
- Script upkeep
- Pilot
- Small evaluation
- Rollout
- Phased adoption
- ROI
- Value over cost
- Data-driven
- Inputs separated
- Keyword-driven
- Action words
Common Traps
Testing proof
Shows defects ≠ Never proves absence
Testing scope
Includes work products ≠ Not execution only
Validation wording
User need ≠ Not just specification
Debugging owner
Fixing cause ≠ Not reporting failure
BVA targets
Edges matter ≠ Middle optional
Decision tables
Combinations tested ≠ Not single ranges
Acceptance testing
Confidence for use ≠ Not unit checks
Automation promise
Supports testing ≠ Never replaces judgment
Severity priority
Severity is impact ≠ Priority is urgency
Risk-based testing
Prioritizes effort ≠ Does not remove risk
Last Minute
- 1.CTFL: 40Q, pass 26
- 2.K3 means apply
- 3.Ch4 has most questions
- 4.Error causes defect
- 5.Failure is observed
- 6.Testing is evidence
- 7.Verification checks specification
- 8.Validation checks need
- 9.Static means no execution
- 10.EP classes, BVA edges
- 11.Decision table for combinations
- 12.Regression checks side effects
- 13.Severity impact; priority urgency
- 14.Risk equals likelihood impact
- 15.Automation needs maintenance
Buy on Amazon
Take courses on UdemySame family resources
Explore More ISTQB Certifications
Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.
More From This Family
Videos and articles for deeper review.