Performance Testing Overview 207

Selecting PerformanceTesting Machines 209

Checking Configurations Before Performance Testing 210

Starting Performance Testing 212

Taking Measurements 213

Continuing with Performance Testing 217

Optimizing for Bandwidth 219

Optimizing Code 220

Optimizing by Compression 221

Reading Metrics 222

Load and Stress Testing 225

Testing Reliability and Stability 229

Testing Scalability 231

Testing Active Server Pages Performance 232

Automating Performance Testing 234

Key Performance Testing Tips 235

Improving Application Performance 237

Security Testing 241

Who Are We Up Against? 242

Choosing Your Security Test Tactics 243

Coordinating the Security Effort 245

Developing Your Approach 246

Testing for Types of Security Problems 251

Consequences of Buffer Overruns 252

Testing for Buffer Overruns 253

Parsing Problems 260

Conversion Problems 269

Shared Data 272

Escaping 273

Deciding to Escape Data 275

Commonly Escaped Characters and Escaping Test Cases 276

CrossSite Scripting 280

SQL Injection 281

Error Handling 282

Denial of Service 284

Testing for Privacy Issues 286

Component Interaction Testing 288

Securing the Application through Administration 290

Testing for Other Security Issues 291

Closing Security Thoughts 294

Being a Tester 297

Automation 299

What Can Automation Do for You? 300

Types of Automation 301

Planning Automation 303

Deciding What Should be Automated 305

Selecting Tools 306

Weighing Your Options 307

Writing the Automation 308

Deciding Where to Start 309

Adding More Detail 310

Determining Verifications 312

Naming Conventions 313

Planning for the Future 314

Continuing the Automation Effort 316

Rating the Effect 318

Implementing Good Practices in Automation Development 320

Final Automation Reminders 321

Test Planning and Design 323

Why Plan? 324

Methodologies 325

Formal Methodologies 326

Rational Unified Process RUP 327

Capability Maturity Model CMM 328

Extreme Programming and Extreme Testing 329

ISO Standards 330

Approaches 331

ScenarioBased Testing 332

ModelBased Testing 333

Writing Test Plans 334

Coordinating the Test Plan with Project and Development Plans 335

Designing the Test Plan for Use within the Test Team 337

Other Concerns When Writing the Test Plan 338

Where Will You Start? 339

On Being a Professional Tester 341

Makes a Professional? 342

Developing Your Tester Modus Operand 343

Planning 344

Organizing 345

Knowing Where Youre Going and Where Youve Been 346

Sharing 348

Asking Questions 349

Using Common Sense 350

Applying Best Practices 351

Evolving As a Professional Tester 352

Testing Reference Appendices 355

Code Pages 357

Unicode Ranges 371

Language Guides 375

System Guides to Configuring Your Machines 405

HTTP Response Codes 415

Languages and Mappings 431

Problem Characters and Sample Test Input 435

Testing Checklist and Questions

Forms and Templates

Tools

Relevant RFCs ISO Standards and IEEE Standards

Numeric References

Web Site References

Bibliography and Recommended Reading

Glossary

Whats on the Web Site?