1. Which of the following is not true about Component Based Software Development?

a)         Develops re-usable modules that can be assembled into larger systems.

b)         Uses off-the shelf components to create a software system.

c)         Focuses more on integration of components and less on development of each component.

d)         Requires the use of an object oriented language like Java or C++

2. Your project team is using a Waterfall development model and discovers a requirement error during final system testing.  The team determines that the error must be corrected before the product is released.  To which point in the process must the team return?

a)         Requirements development

b)         Testing

c)         Design

d)         Implementation

3. During the project’s risk management activities, the team identifies a significant project risk associated with using a new wireless technology.  The team contracts with a company for whom this technology is a specialty.  The negotiated contract is “Time and Materials” – the contractor bills for the number of hours and the equipment used during the project.  This is an example of:

a)         Risk Mitigation

b)         Risk Transfer

c)         Risk Acceptance

d)         Risk Avoidance

4. There is actually a fourth development methodology we did not cover called “Code and Fix”.  This is characterized by a total lack of any formal process.  For which of the following projects might this approach be acceptable?

a)         A product for release being developed under extreme time pressure by a team of 2.

b)         Complex testing software that will be used by several teams within the company to conduct formal testing.

c)         Simple utility used by only a few members of the same team and is not released outside of the team or to the customer.

d)         It is never appropriate to use this method.

5. You are in the process of developing requirements for a medical device.  The device is typically purchased on the order of physicians but is actually used by the nursing staff in the hospital.  Which statement is true:

a)         The requirements of the nursing staff should take precedence as an error using the device could have significant consequences for the patient.

b)         The requirements of the physician should take precedence as they are the ones who will actually buy the product.

c)         The development team should implement both sets of requirements with equal priority, consulting with both groups if any requirements conflict.

d)         The development team should use both requirements as guidelines and develop their own set of requirements that the team feels is best.

6. Product risk is:

a)         Any event that can occur that will negatively impact the cost of the project.

b)         Any event that can occur that will negatively impact the quality of the final product.

c)         All of these are correct.

d)         Any event that can occur that will negatively impact the delivery date of the product.

7. Product Verification is:

a)         The process of formal testing of the product against the requirements to determine if the system was constructed properly.

b)         The process of formal testing of the product against the intended use to determine if the product meets the needs of the customer.

c)         The process of formal testing of the product manufacturing process to determine if the manufactured product meets the specified requirements.

d)         The complete suite of formal testing including a., b., and c.

8. Your Q/A Testing team has found a defect in the product.  Your design/implementation team has isolated the defect to a single module and has fixed it.  You have neither the time nor the resources to completely re-test the system but you want a high level of confidence that the change is correct with no other bugs introduced.  What testing will you do:

a)         Fully test the module that was changed.

b)         Fully test the module + Fully test all of the modules that directly interface with the modified module.

c)         Fully test the module + all of the modules that interface with it + random testing elsewhere in the system.

d)         Fully test the module, all interfacing modules, all critical requirements, and random testing in every other module.

9. Is this requirement Testable?  “The response time to user input while the system is fully loaded should be fast enough”

a)         No:  “fast enough” is not specific enough.

b)         No: “response time” is too vague

c)         Yes:  “fast enough” is an easy value to determine and, therefore, is sufficiently accurate.

d)         No:  both a and b

10 Which is not a primary function of a change control board (CCB)?

a)         Prioritize proposed changes against other changes to assign change requests to a given release.

b)         Perform detailed analysis of a change request to determine impact of the change to the system.

c)         Authorize change requests to be implemented for the current release.

d)         Review proposed changes to determine appropriateness and ease of implementation.

11. Which of the following is NOT a reason why an independent reviewer is important in a design review?

a)         Being the most senior developer in the company, they are best positioned to find errors in the implementation and suggest solutions.

b)         Since they do not work on the project, they are not driven by the same schedule commitments or reporting structure as the project team.  This allows them to more freely identify problems or make suggestions that may negatively impact the project’s schedule.

c)         They provide insight into the system without pre-existing biases resulting from the current design.

d)         Design decisions made earlier will often be revisited and challenged by the independent reviewer who has not had the benefit of previous discussions and may have a different set of

12. What sort of items can be placed under the control of configuration management software?

a)         Product Source Code

b)         Requirements documents

c)         Test cases and results.

d)         Design descriptions.

e)         All of these can be placed under configuration control.

13. In the context of configuration management, a “Branch” is created when:

a)         A second development path is created based upon a snapshot of the main development path for a given product.

b)         A release is made and the configuration management database is labeled.

c)         The term “Branch” is not commonly used in configuration management.

d)         A new, independent, development path is created based upon a snapshot of the main development path for use in a completely new product.

14. Which of the following are required for a properly written test case:

a)         Approval by appropriate team members PRIOR to the execution of the test case.

b)         Expected results for each test case step that requires evaluation of results

c)         Links (ID numbers, etc…) back to the requirement(s) that drive this test case.

d)         All of these are required.

15. Which risks should be considered in a risk management plan for a project.

a)         Project Risks

b)         Product Risks

c)         Safety Risks

d)         Schedule Risks

e)         All of these should be considered.

16. System Validation determines what?

a)         That the system meets all of the written requirements.

b)         That the system satisfies all of the intended uses of the product.

c)         That there are no bugs in the software and it can be shipped.

d)         That the requirements documents have been reviewed and the system may be constructed.

17. An example of Risk Transfer is:

a)         Outsourcing a technological challenging component to an expert using a “Time and Materials” contract (contractor is paid by the hour and reimbursed for any expenses).

b)         Outsourcing a technological challenging component to an expert using a contract that rewards speed and low cost while penalizing late and expensive results.

c)         Selecting a less technically challenging component.

d)         Forging ahead with the development realizing that there may be challenges and agreeing to handle the consequences if they occur.

18. In the face of tight scheduling constraints, your team wishes to use regression testing to verify the fix for a bug isolated to a single module.  Which modules require full testing to provide a high confidence that the bug is fixed without damaging other parts of the code.

a)         Changed Module

b)         Modules that directly interface with the changed module.

c)         Modules that implement the most critical features

d)         The entire system.

e)         A & B only

f)         A, B, & C only.

g)         A, B, C, and D.

19. What is wrong with this requirement?

The system shall end the session if there has been no user input for a period of time.

a)         The requirement is ambiguous

b)         The requirement is incomplete

c)         This requirement includes multiple requirements.

d)         Nothing, this requirement is fine.

20. What is wrong with this requirement?

If there is no response from the server after 5 seconds, the software shall throw a “Response Timeout” exception and exit.

a)         The requirement is ambiguous

b)         The requirement is incomplete

c)         This requirement includes multiple requirements.

d)         Nothing, this requirement is fine.

21. A system has 3 redundant temperature sensors.  How would you describe this requirement?

The system shall post an "Overtemperature" alarm and shut off if the temperature exceeds 40 degrees Centigrade.


a)         The requirement is ambiguous

b)         The requirement is incomplete

c)         This requirement includes multiple requirements.

d)         Nothing, this requirement is fine.

22. What is wrong with this requirement?

When the average pulse rate, measured 4 times per second, exceeds 150 beats per minute for more than 1 minute, the device shall trigger the “High Pulse Rate” alarm.

a)         The requirement is ambiguous

b)         The requirement is incomplete

c)         This requirement includes multiple requirements.

d)         Nothing, this requirement is fine.

23. What is wrong with this requirement?

Excessive incorrect log-in attempts shall lock out the user.

a)         The requirement is ambiguous

b)         The requirement is incomplete

c)         This requirement includes multiple requirements.

d)         Nothing, this requirement is fine.

24. Your data base server farm was located in Miami, FL.  The summertime threat of Hurricanes is particularly real.  After the particularly bad 2004 hurricane season, the management team decided to move the server farm to Columbia, Missouri.  The company also decided to purchase additional insurance for the corporate headquarters that will remain in Miami.  The company has decided to ___________ the risk of data loss and to ___________ the risk of damage to the headquarters.

a)         Transfer…..Avoid

b)         Mitigate….Transfer

c)         Mitigate….Accept

d)         Avoid….Transfer

25. In general, for a given requirement error, it is least expensive and requires the least time to fix during which development stage?

a)         Requirements Generation

b)         Software Implementation

c)         Final software verification

d)         After the software has been released to the field.

26. Why would missing requirements be more difficult and costly to correct?

a)         Since they are truly missing, the development team may not realize they are missing so they are more often caught during validation or after product release.

b)         More often than not, a missing requirement requires more extensive code modification to add the feature than to simply fix an incorrect requirement.

c)         Missing requirements have the potential of impacting the overall design much more so than an incorrectly implemented requirement.

d)         All of these are correct.

27. What is the most important reason it is important to be able to rebuild “old” releases of software?

a)         It is helpful, when isolating a bug, to be able to identify exactly when it was introduced.  If you can rebuild old releases, you can check each revision for the existence of the bug.

b)         The company may wish to create a branch off of an older release to start a new development cycle.

c)         During the current development, a minor bug is identified in the field that must be fixed.

d)         In the event a defect is identified in the field, it is important to be able to identify why that defect was not caught in testing.  Having the ability to rebuild the release allows investigative code to be included to better determine where the tests failed.

28. The Use Case sequence diagram does what?

a)         Shows the order that the various use cases will be developed and implemented.

b)         Graphically shows how the various actors interact during the use case activities.

c)         As part of the Test Plan, it shows how the various test cases will be sequencedin order to test the software.

d)         None of the above.

29. A traceability matrix shows what?

a)         The relationship between coded modules and test cases to show that all the code has been tested.

b)         Traces the implementer of each requirement, design element, and code section and is used as a communications tool during project execution.

c)         The relationship between requirements and code to show where a particular requirement is implemented.

d)         The relationship between requirements, design elements, code, and test cases to show that each is specified, implemented, and tested.

30. Which is the most important use of metrics during the software development process?

a)         To plan project duration.

b)         To properly staff resources.

c)         To accurately monitor project execution and ensure the project is on track.

d)         To measure employee contribution to assist the performance review process.

31. Customer requirements and business requirements are the two most common sources of requirements. Name two other sources and describe the types of requirements that may be obtained from these sources.

32. Identify and describe two software metrics. How might these be used to successfully manage a software project?

33. Your company has been marketing a Global Positioning System (GPS) Navigation device for use in automobiles. Your team has been tasked with adding real time traffic functionality. The “hardware folks” have given you a module that provides the geographical coordinates of traffic accidents and other slow-downs as well as the average speed in that area. Your team must specify, implement, and test a module that does three things:

a.       Takes reads the data from the new hardware module (new interface)

b.      Updates the database with the modified speeds (new module)

c.       trigger the existing computational engine to recomputed the route (call the API for an existing module)

Your first task is to create a project plan for this project. Please describe your plan in the following three areas:

1. What development model will you use? Why?

2. What approach will you use for risk management? Identify the two biggest risks and describe your approach to manage them.

3. What testing strategy will you use? Please describe in detail.