Certified Software Quality Engineering Quiz for December 2003

1. Accepting an internal auditing assignment to audit a teams conformance to a procedure would be a potential
conflict of interest if:
A. the procedure was written by another member of your SQA team.
B. you know the manager of the team being audited.
C. you had previously audited the same team against other procedures.
D. you are hoping to transfer to the team being audited.
2. In response to the results of an audit, a corrective action plan is required for:
A. each organizational area evaluated during the audit.
B. each finding documented in the audit report.
C. each observation documented in the audit report.
D. each nonconforming product identified during the audit.
3. A team of stakeholders including developers and end-users is brought together in a facilitated session to determine
the requirements for a new release of a software product. This is an example of:
A. joint applications development.
B. quality functional deployment.
C. a focus group.
D. use case analysis.
This Gantt chart is used in question 4
4. Based on the Gantt chart shown above, which of the following tasks was completed behind schedule?
A. Task A
B. Task B
C. Task C
D. Task D
5. The mode of a data set is an indicator of:
A. the measurement scale used to collect that data set
B. the variation in that data set
C. the central tendency of that data set
D. the average of that data set
6. The valid inputs for variable X are character strings 1 and 32 characters in length. Which of the following sets of
test case inputs should be selected to perform boundary testing on this input?
A. Null character string and character strings consisting of 1, 32 and 33 characters in length
B. Character strings consisting of 1, 2, 31 and 32 characters in length
C. Character strings consisting of 1 and 32 characters in length
D. Null character string and a 33 character strings
7. Which of the following tools would be considered part of the software configuration management toolset?
I. Virus detection and removal tool
II. Capture and playback tool
III. Change request reporting tool
IV. Code analysis tool
A. II only
B. I and III only
C. II and IV only
D. I, III and IV only
Answers to the Certified Software Quality Engineering Quiz for December 2003
1. Answer D is correct. According to the ASQ Code of Ethics, a potential conflict of interest exists when any
business connections, interest, or affiliations that might influence my judgment or impair the equitable character of
my service exists. The desire to transfer to or be hired by the team being audited would be an example of a
potential conflict of interest. Simply knowing the manager of the team being audited, previously auditing that team
or the fact that the procedure was written by another member of your SQA staff typically does not result in a conflict
of interest. In internal auditing, these situations occur frequently. CSQE Body of Knowledge Area: I.D.1
2. Answer B is correct. The corrective action plans are created by the auditees organization to address the root
causes of the nonconformances and noncompliances documented as findings in the audit report. While some
findings may be the responsibility of specific organizational areas that were evaluated during an audit, other finding
may require cross-functional corrective action. Other organizational areas may have been found to be in compliance
and therefore require no corrective action. Observations may be either positive or negative. While, observations do
not specifically require corrective action as part of the audit process, it may be a good idea to evaluate the future
impact of negative observations and take corrective actions as necessary. If only the specific nonconforming
products are corrected, only the symptom may be addressed and not the root cause. Also since auditing is a sampling

process, other nonconforming products may exist that were not examined during the audit. CSQE Body of
Knowledge Area: II.C.3
3. Answer A is correct. The purpose of joint applications development (JAD) is to bring together developers and
users to jointly define an application or system. A JAD session is a facilitated workshop that streamlines
communications by bringing together a cross-functional group of stakeholders to identify and resolve issues. CSQE
Body of Knowledge Area: III.C.2

This Gantt Chart is used in question 4

4. Answer B is correct. In this tracking Gantt chart, the black bars represent the original baselined schedule, the
dark grey bars represent the actual status to date and the pale grey bars reflect the new projected schedule. Task B
was started behind schedule and was completed behind schedule. Task A started on time and was completed slightly
ahead of schedule. Task C started behind schedule, is still in progress, and is projected to complete behind schedule.
Task D started ahead of schedule, is still in progress, and is projected to complete ahead of schedule. CSQE Body of
Knowledge Area: IV.A.3
5. Answer C is correct. The mode of a data set is the value that occurs most often in that data set. The mode is used
to indicate the central tendency of data sets with severely skewed distributions, for irregular situations (e.g., where
two peaks are found in the distribution of the data set), or for eliminating the effects of extreme values. For example,
in the data set {1, 2, 2, 5, 6, 6, 6, 6, 7, 8, 9, 12, 12, 1534} six is the mode. CSQE Body of Knowledge Area: V.A.2
6. Answer A is correct. Boundary value analysis explores the values around the boundaries of the equivalence
classes. This is done by testing:
t he minimum value (character string of one character)
the maximum value (character string of 32 characters)
the value just below the minimum (null character string)
the value just above the maximum (character string of 33 characters).
CSQE Body of Knowledge Area: VI.C.4 7. Answer B is correct. A virus detection and removal tool would be part
of the configuration management toolset because they ensure the integrity of the software build and help guarantee
that only authorized changes are made to the configuration items. A change request reporting tool supports the
change control function and would therefore also be considered part of the Software Configuration Management
(SCM) toolset. A capture and playback tool would be used for test automation and is a testing tool. A code analysis
tool would also be part of either the software engineering/development toolset or part of the verification and
validation toolset depending on the type of analysis that the tool performed. CSQE Body of Knowledge Area:
VII.A.3
Certified Software Quality Engineering Quiz for September 2003
1. A software quality action team is having trouble because of two individuals that have been dominating the team
discussions. The team needs to generate a list of improvement suggestions for their companys software auditing
process. As the teams facilitator, which of the following tools would you suggest that they use?
A. Activity network diagram
B. Nominal group technique
C. Brainstorming
D. Joint application development
2. A software tester has identified a problem during system test that she believes is a defect in the software. Which of
the following should the tester do next?
A. Document the problem in the problem reporting and change request tracking system
B. Contact the software developer and discuss the potential problem to determine if it really is a defect
C. Obtain a copy of the corresponding source code and debug the problem to identify the defect
D. Investigate previous releases of the software product to determine if they also have the problem
3. Which of the following software architecture styles is characterized by abstract data types with inheritance?
A. Rule-Based
B. Transactional Database
C. Object-Oriented
D. Communicating Processes

4. Which of the following is NOT a phase gate review?

A. Critical design review
B. System test readiness review
C. Code peer review
D. Ready to ship review
5. If a software program contained 5,462 lines of code and 34 defects have been discovered in that program. Which
of the following is the defect density of that program in defect per thousand lines of code?
A. 0.006 defects per KLOC
B. 0.16 defects per KLOC
C. 6.2 defects per KLOC
D. 16 defects per KLOC
6. A programmer asks an SQE to review his detailed design document. The programmer emails the SQE a copy of
the document, which the SQE redlines and sends back to the programmer. This is an example of:
A. desk-checking.
B. a product audit.
C. an inspection.
D. a walkthrough.
7. The software units and components stored in which of the following libraries would be utilized to build a software
executable for use in system testing?
A. Dynamic
B. Controlled
C. Static
D. Backup
Answers to the Certified Software Quality Engineering Quiz for September 2003
1. Answer B is correct. The steps in the Nominal Group Technique (NGT) process are:
- State the purpose of the session
- Describe process & rules for NGT session
- State the problem or question
- The group generates ideas in silence
- Present ideas in round-robin fashion
- Clarify & discuss ideas
- Group and/or combine ideas
- Rank ideas using a multi-voting process
Because members of the team generate ideas in silence and then present them in a round-robin fashion, nominal
group techniques can be particularly helpful when activity requires that all team members participate however one
or more individuals are dominating the team. CSQE Body of Knowledge Area: I.C.3
2. Answer A is correct. All problems discovered during system testing should be formally documented into a
problem reporting and tracking system. This may be an automated system or a manual system that consists of
completing a problem report form. This provides a permanent record that will keep the potential defect from being
forgotten. Contacting the developer to determine if the problem is a defect before recording it might lead to a quick
judgment made without complete information or adequate analysis. The role of debugging the software and
investigating previous releases typically belongs to the software developer who is most familiar with the source
code. CSQE Body of Knowledge Area: II.B.5
3. Answer C is correct. The Object-Oriented architectural style is characterized by abstract data types with
inheritance. It combines data and instructions into a self-sufficient "object. Objects have two sections, fields
(instance variables) and methods. Fields represent what an object is. Methods represent how an object is used. These
fields and methods are closely tied to the real world characteristics and use of the object. An object is used by means
of its methods. Abstraction refers to the act of representing essential features without including the background
details or explanations. Classes that use the concept of data abstraction are known as "abstract data types". Abstract
data types are achieved by making certain variables and methods in a class private. Inheritance is the mechanism
that allows the programmer to derive new classes from existing classes. The derived classes inherit the methods and
data structures of the parent class. CSQE Body of Knowledge Area: III.A.2
4. Answer C is correct. Phase gate reviews are reviews held at the completion of a major milestone or .phase of the
software development project to verify the successful completion of that milestone or phase and to provide a quality
checkpoint before the start of the next major portion of the project. Depending on the size of the software, there may
literally be hundreds of code peer reviews during the coding phase of a software development project. In fact, there
may be more than one code peer review for a single source code module. CSQE Body of Knowledge Area: IV.B.1
5. Answer C is correct. Defect density is the number of defects divided per size. So the defect density is 34 / 5,462
= 0.0062 defects per line of code or 6.2 defects per KLOC (thousand lines of code). CSQE Body of Knowledge
Area: V.B.2

6. Answer A is correct. Desk checking is an informal peer review method where one or more individuals other than
the author examines a work product independently and provides feedback comments to the author. This is typically
done on the first draft of a document or after a clean compile of the code. The focus is on a general evaluation and
may include a review of style and an analysis of engineering choices as well as defect identification. CSQE Body of
Knowledge Area: VI.B.1
7. Answer B is correct. Software builds for system test would be created from the controlled library. The dynamic
library is used to hold configuration entities that are currently being worked on by development. The static library is
used to archive various baselines released for general use. The backup library contains duplicates of the versions of
the software and associated components, data and documentation at the point in time when the backup copies were
made. CSQE Body of Knowledge Area: VII.A.2
Certified Software Quality Engineering Quiz for August 2003
1. Mandatory requirements employed and enforced to prescribe a disciplined uniform approach to software
development are:
A. standards.
B. procedures.
C. processes.
D. guidelines.
2. When calculating Cost of Quality data, the cost of maintaining a web site where customers can obtain service
pack download would be considered:
A. a prevention cost.
B. an appraisal cost.
C. an internal failure cost.
D. an external failure cost.
3. Which of the following is an example of a test automation tool?
A. Requirements traceability analyzer
B. Capture and playback tool
C. Problem reporting tool
D. Code complexity analyzer
4. The major project management elements that must be balanced to have a successful project include all of the
following EXCEPT:
A. cost
B. schedule
C. product
D. process
5. The Goal/Question/Metric paradigm is used to:
A. select metrics that align with the goals of the metric customer.
B. establish goals for implementing a metric program,
C. ensure that we have measurable goals established for our projects.
D. evaluate the usefulness of existing goals and metrics.
6. Which of the following are characteristics of a formal inspection?
I. Attended by project management
II. Attendees have assigned roles and responsibilities
III. Focuses on identifying work product defects
IV. Provides engineering analysis input into the creation of the work product
A. I and IV only
B. II and III only
C. II and IV only
D. II, III and IV only
7. The baseline that is established when the system requirements are approved is the:
A. product baseline.
B. development baseline.
C. functional baseline.
D. allocated baseline.
Answers to the Certified Software Quality Engineering Quiz for August 2003
1. Answer A is correct. This is the definition of a standard. A procedure is a written description of a course of action
to perform a given task. A process is a sequence of steps performed for a given purpose. A guideline is a
recommended but not required approach. CSQE Body of Knowledge Area: I.B
2. Answer D is correct. External failure costs are all the costs of quality that involve handling and correcting a
failure that has occurred once the software has been made available to the customer. The cost of maintaining a web

site where customers can obtain service pack downloads would be counted as an external failure cost. CSQE Body
of Knowledge Area: II.B.3
3. Answer B is correct. A capture and playback tool can be used to do test automation by capturing the inputs the
tester enters during the execution of a test case or test scenario. Those sequences can then be played back to repeat
the testing sequence. CSQE Body of Knowledge Area: III.D.4
4. Answer D is correct. Process is not one of the three major elements that must be balanced to have a successful
project. The cost element represents the cost of all the resources that go into the project. The schedule element
represents the calendar time it takes to complete the project. The product element represents both the quality and the
quantity (amount of functionality) of output from the project. The larger the resulting product, the longer it typically
takes and the more it costs. CSQE Body of Knowledge Area: IV.A.1
5. Answer A is correct. The Goal/Question/Metric Paradigm looks at the goals of the metric customer, asks questions
about the types of information needed to determine whether we are moving towards those goals or have achieved
those goals and then selects metrics to provide the information needed to help answer those questions. This method
is used to ensure that we are selecting metrics that align with the goals of the metric customer. CSQE Body of
Knowledge Area: V.A.3
6. Answer B is correct. Formal inspections are peer reviews and are therefore NOT attended by project management
(with the exception of when a project management work product is being inspected). Attendees of a formal
inspection are assigned specific roles and responsibilities including moderator, author, reader, scribe and inspector.
Formal inspections focus exclusively on detecting defects in work products that the author considered complete.
Therefore, inspections do NOT provide engineering analysis into the creation of the work product. CSQE Body of
Knowledge Area: VI.B.1
7. Answer C is correct. The functional baseline is established when the system requirements are approved. The
allocated baseline is established when the system requirements are allocated to the software and the software
requirements are approved. A developmental baseline is established when the software design specification has been
approved. A product baseline is established when the software has been approved for distribution to the field. CSQE
Body of Knowledge Area: VII.B.2
Certified Software Quality Engineering Quiz for April 2003
1. A software developer might be sued for malpractice if:
A. their software was intentionally designed to steal money from their customers.
B. their software program provides unreasonably poor professional services.
C. they knowingly misrepresented the capabilities of their software product.
D. their software caused injury or property damage because it was dangerously defective.
2. Put the following audit steps in the order in which they typically occur.
1. Preparation
2. Reporting
3. Planning
4. Corrective Action
5. Execution
A. 1, 3, 5, 4, 2
B. 1, 3, 5, 2, 4
C. 3, 1, 5, 4, 2
D. 3, 1, 5, 2, 4
This diagram is used in question 3.
3. Based on the diagram above the circle labeled Element 3 is:
A. an entity external to the system.
B. a data item.
C. a process inside the system that transforms the data.
D. a repository for data (e.g., buffer, queue, data file, database).
4. Using the PERT method of effort estimation, if the minimum time to accomplish a task is estimated to be 30 days,
the most likely time is estimated at 45 days and the maximum time is estimated at 90 days, which of the following
effort estimates would be used for the task?
A. 30 days
B. 45 days
C. 50 days
D. 55 days
5. Which of the following are derived measures?
I. The defect density of a software work product
II. The size of a source code module in lines of code
III. The duration of a task in hours

IV. The phase containment effectiveness of the design phase

A. I and IV only
B. II and III only
C. II, III and IV only
D. I, II, III and IV
6. Which of the following testing strategies ignores the internal structure of the software?
A. Interface testing
B. Top down testing
C. White box testing
D. Black box testing
7. Which of the following would be done as part of a physical configuration audit?
A. A review of the verification and validation reports to verify test completeness
B. An evaluation of the elements of the quality system for applicability
C. An evaluation of the users manuals for format and completeness
D. A review of all approved changes to verify their implementation
Answers to the Certified Software Quality Engineering Quiz for April 2003 1. Answer B is correct. A malpractice
type tort lawsuit is appropriate if the softwares author (or the program itself) provides unreasonably poor
professional services. A conversion type tort lawsuit would be appropriate if the software was intentionally designed
to steal from the customer or destroy property. A fraud type tort lawsuit would be appropriate if the seller of the
software knowingly misrepresented the capabilities of the product. A strict product liability type tort lawsuit would
be appropriate if the software caused injury or property damage because it is dangerously defective. CSQE Body of
Knowledge Area: I.D.2
2. Answer D is correct. After the audit has been initiated, the audit is planned including the selection of the audit
team and the writing of the audit plan. Then the audit team and lead auditor prepare for the audit by studying the
relevant documentation prior to the on-site audit execution to evaluate its appropriateness and adequacy. The
auditors use information from the input documents and audit criteria to prepare checklists and other tools for use
during the audit. During this step, the lead auditor works with the auditees organization to handle any logistics for
the audit. The on-site audit is then executed. This is the information-gathering portion of the audit that starts when
the auditors arrive at the auditees location and ends with the closing meeting. Most of the time and effort of the
execution step is spent gathering data and objective evidence. The lead auditor, with input from the audit team, then
writes the audit report. Finally the auditee creates and implements a corrective action plan to address any findings
found during the audit. The lead auditor then follows-up on the implementation of those corrective actions to ensure
that the corrective actions taken were implemented effectively, that they resulted in the elimination of the root cause
of the problem. CSQE Body of Knowledge Area: II.C.2

3. Answer C is correct. In a data flow diagram, a circle is the symbol used for a process inside the system that
transforms the data. In this example diagram, the process (labeled Element 3) received the data (labeled Element 2)
from the external entity (labeled Element 1) and transforms it into two data items. One data item (labeled Element 4)
is stored in a data repository (labeled Element 5). The other data item (labeled Element 6) is transferred to another
process (labeled Element 7). CSQE Body of Knowledge Area: III.C.3
4. Answer B is correct. The PERT method adds the most optimistic estimate plus four times the most likely
estimate plus the most pessimistic estimate and divided by 6. For this task that would be (30 + (4 x 45) + 90) / 6 =
50 days. CSQE Body of Knowledge Area: IV.A.3

5. Answer A is correct. A derived measure is defined as a function of two or more values of base measures. In other
words, the value of a derived measure is calculated using a formula or algorithm that combines two or more base
measures or other derived measures. Defect density is calculated by dividing the number of defects found in a work
product by the products size. Phase containment effectiveness for the design phase is calculated by dividing the
number of design defects identified during the design phase by the total number of design defects identified.
Base measures can be measured in terms of the attribute and the methods used to quantify it. For example, we can
directly measure the size of a source code module by counting the line of code (assuming that we have clearly
defined criteria). We can also directly measure the duration of a task by measuring the number of hours it took to
complete that task. CSQE Body of Knowledge Area: V.A.1
6. Answer D is correct. According to the IEEE Standard Glossary of Software engineering Terminology black box
testing, also call functional testing, ignores the internal mechanisms of a system or component and focuses solely
on the outputs generated in response to selected inputs and execution conditions. CSQE Body of Knowledge Area:
VI.C.3
7. Answer C is correct. An evaluation of the users manual for format and completeness would be part of a physical
configuration audit. A review of the verification and validation reports and a review of all approved changes to
verify completeness would be part of a functional configuration audit. An evaluation of the elements of the quality
system for applicability would be part of a quality system audit. CSQE Body of Knowledge Area: VII.E.2
Certified Software Quality Engineering Quiz for March 2003
1. Mandatory requirements employed and enforced to prescribe a disciplined uniform approach to software
development are:
A. standards.
B. procedures.
C. processes.
D. guidelines
2. Which of the following is NOT a role of the lead auditor?
A. Writing the final audit report
B. Preparing the audit plan
C. Conducting the closing meeting of the on-site audit
D. Providing the authority to conduct the audit
3. Which of the following tools is most likely to be used in requirements management?
A. Data flow diagram
B. Histogram
C. Entity relationship diagram
D. Traceability matrix
Cost Categories & Results for Project ABC
Development costs
$220K
Peer review costs
$35K
Structural & Integration testing costs
$40K
Functional testing costs
$87K
Regression testing costs
$12K
Capital equipment costs
$76K
Training costs
$13K
Debugging & problem correction costs
$41K
Initial release & roll-out costs
$18K
Corrective release & roll-out costs
$9K
Software Quality Assurance costs
$17K
Software process definition & tailoring costs $5K
Auditing costs
$12K
Metrics program costs
$3K
This data table is used in question 4.
4. The chart above shows the breakout of the cost for project ABC by category. Based on this information the total
cost of quality for project ABC would be reported as:
A. $168K
B. $274K
C. $368K
D. $588K
Phase Introduced
Phase Detected
Requirements Design
Code
Requirements
25

Design
7
32
Code
2
12
63
Test
9
26
23
Post Release
2
5
7
This data table is used in question 5.
5. Given the information in the table above, what is the phase containment effectiveness of the design phase?
A. 41%
B. 43%
C. 74%
D. 93%
6. Which of the following items is LEAST likely to be peer reviewed?
A. Design specification
B. User manual
C. Problem report
D. Test cases
7. A specification or product that has been formally reviewed and agreed upon and that can be changed only through
formal change control is called:
A. a baseline.
B. a promotion.
C. a version.
D. a configuration item.
Answers to the Certified Software Quality Engineering Quiz for March 2003
1. Answer A is correct. A standard is a mandatory requirements employed and enforced to prescribe a disciplined
uniform approach to software development. A procedure is a written description of a course of action to perform a
given task. A process is a sequence of steps performed for a given purpose. A guideline is a recommended but not
required approach or best practice. CSQE Body of Knowledge Area: I.B
2. Answer D is correct. Providing the authority to conduct the audit is the role of the audit initiator, also called the
audit customer or client. The lead auditor is responsible for:
Preparing the audit plan
Managing the audit team
Conducting the opening, daily feedback and closing meetings
Making decisions about the conduct of the audit
Reviewing findings and observations from auditors and preparing the audit report
Reviewing corrective action plans
Verifying effectiveness of completed corrective action
CSQE Body of Knowledge Area: II.C.2
3. Answer D is correct. According to the Software Engineering Institutes (SEIs) Capability Maturity Model
Integrated (CMMISM), one of the specific practices of requirements management is to maintain bi-directional
traceability of the requirements to the project plans and work products. Creating a traceability matrix can help track
the relationship between the requirements and the design elements, configuration components, individual software
modules/units and test cases to which those requirements are allocated. An Entity Relationship Diagram (ERD)
graphically represents the relationships between the data objects in the system. A Data Flow Diagram (DFD) is a
graphical representation of how data flows through and is transformed by the system. ERDs and DFDs are most
likely used to analyze and specify the requirements (or design). A histogram is a bar chart used to show the
distribution (shape) of a set of data. CSQE Body of Knowledge Area: III.B.3
Cost Categories & Results for Project ABC
Development costs
$220K
Peer review costs
$35K
Structural & Integration testing costs
$40K
Functional testing costs
$87K
Regression testing costs
$12K
Capital equipment costs
$76K
Training costs
$13K
Debugging & problem correction costs
$41K

Initial release & roll-out costs

$18K
Corrective release & roll-out costs
$9K
Software Quality Assurance costs
$17K
Software process definition & tailoring costs $5K
Auditing costs
$12K
Metrics program costs
$3K
4. Answer B is correct. Cost of quality calculations include prevention costs, appraisal costs, and internal and
external failure costs. Based on this chart the preventions cost include:
Training costs
Software Quality Assurance costs
Software process definition and tailoring cost
Appraisal costs include:
Peer review costs
Structural and Integration testing costs
Functional testing costs
Auditing costs
Metrics program costs
Internal & external failure costs include:
Regression testing costs
Debugging and problem correction costs
Corrective release and roll-out costs
The costs of building and delivering the product correctly the first time are not counted in the total cost of quality.
Theses costs include:
Development costs
Capital equipment costs
Initial release and roll-out costs
CSQE Body of Knowledge Area: IV.B.2
Phase Introduced
Phase Detected
Requirements Design
Code
Requirements
25
Design
7
32
Code
2
12
63
Test
9
26
23
Post Release
2
5
7
5. Answer B is correct. Phase containment effectiveness is calculated as the number of defects introduced during a
phase that were found in the phase divided by the total number of defects introduced in that phase. During the
design phase 32 design defects were found. However, an additional 43 (12 + 26 + 5) design defects escaped and
were found in later phases. So the phase containment effectiveness is 32 / (32 + 43) = 43%. CSQE Body of
Knowledge Area: V.B.4
6. Answer C is correct. Software problem reports should be review by a Change Control Board (CCB) and an
impact analysis performed. However, software problem reports are typically not peer reviewed. CSQE Body of
Knowledge Area: VI.B.2
7. Answer A is correct. A baseline is a specification or product that has been formally reviewed and agreed upon,
that thereafter serves as the basis for further development, and that can be changed only through formal change
control. A version is a software configuration item with a defined set of functionality. A promotion is the transition in
the level of authority needed to approve changes to a controlled entity. A configuration unit is a single software
module, unit or object that is discrete and identifiable. CSQE Body of Knowledge Area: VII.B.2
Certified Software Quality Engineering Quiz for February 2003
1. The overall cost of ownership of a software product decreases when:
A. the quality of the software increases.
B. the softwares development cycle time is decreased.
C. customer satisfaction increases.
D. the calendar time between maintenance release is increased
2. Which of the following is NOT an example of a quality record?
A. CCB meeting minutes
B. Process definition
C. System test log
D. Audit report

3. A company is developing a small size maintenance release to an existing software product. The requirements for
the enhanced functionality are well defined and understood. The development team lead has extensive experience
with the application and domain and the company has done many similar projects in the past. However, the
development team consists of mostly new hires. Which of the following life cycle models would be most
appropriate for this project?
A. Waterfall
B. Rapid prototyping
C. Spiral
D. Incremental
4. At a minimum, which of the following metrics should be considered when determining if sufficient testing has
been completed and the product is ready for release?
I. Test anomaly report arrival rates
II. Earned value of the testing activities
III. Resolution status of known defects
A. I only
B. I and III only
C. II and III only
D. I, II and III
5. The act of measuring in and of itself has an impact on the behavior of the people involved with the product or
process being measured and therefore an effect on the measured values. This is a description of:
A. Statistical process control
B. Variance
C. The central limit theorem
D. The Hawthorn effect
6. In a typical walkthrough meeting, who has the responsibility for presenting the work product to the team?
A. Moderator
B. Reader
C. Author
D. Scribe
7. Customer submitted change requests against a software product should be:
A. Implemented in the next functional release of that software product
B. Approved by quality assurance before implementation
C. Implemented in a service pack release for that software product
D. Approved by the configuration control board before implementation
Answers to the Certified Software Quality Engineering Quiz for February 2003
1. Answer A is correct. As the quality of a software product increases the cost of owning that software decreases.
Examples include:
- Decreases in the number of defects resulting in increased reliability and decreased cost associated with software
failures
- Increases in usability and efficiency of the software resulting in decrease cost of operating the software
- Increases in the security or safety of the software resulting in decreased costs associated with security breaches or
safety incidents
Decreases in the development cycle time may actually have adverse effects on the costs of owning a software
product. For example, eliminating system test can reduce the development cycle time. However, doing so would
result in more defects in the shipped product and therefore increases maintenance costs to the customer. While
decreasing the cost of owning a software product would typically increase customer satisfaction, increases in
customer satisfaction would not cause decrease in ownership costs. Reducing the frequency of maintenance
releases may reduce the costs associated with installing the software upgrades. However, this may be offset by
increased costs due to continuing software failures because known defects go uncorrected. CSQE Body of
Knowledge Area: I.A.1
2. Answer B is correct. Quality records provide the evidence that the appropriate quality activities took place and
that the execution of those activities met required standards. Examples of quality records include documented test
results, problem reports and change requests, annotated documents, review records, minutes, and audit reports. A
process definition specifies part of the quality system requirements but provides no evidence that those requirements
were implemented. CSQE Body of Knowledge Area: II.A.4
3. Answer A is correct. The waterfall model is a good model for small to medium size projects with well-defined
requirements. The waterfall model is easy for the new hires model to understand and is an easy model to plan and
monitor. Since this is a small project with well-defined requirements in a familiar application domain it is a low risk
project and doesnt need the risk management focus of the Spiral model, which also requires more process expertise
than the new hires will have. Its small size eliminates the need to break it into smaller size pieces for incremental

development. The fact that the requirements are well-known eliminates the need for rapid prototyping. CSQE Body
of Knowledge Area: III.A.1
4. Answer B is correct. The test anomaly report arrival rate should be considered because if new anomalies are still
being discovered at a significant rate then additional testing will probably be effective in finding more problems.
The resolution status of known defects should be considered because if there are a large number of unresolved
problems, additional time for regression testing after their correction will be needed to ensure that those corrections
were not only adequate to correct documented the anomalies but also that the corrections had no adverse affect on
the previously tested areas of the software. The earned value metric measures the actual cost and schedule to date
against the plan. While cost and schedule status should be considered when making a product release decision and
balanced against product quality, they are not part of determining the product quality issues of test sufficiency and
readiness for release. CSQE Body of Knowledge Area: IV.C.2
5. Answer D is correct. The Hawthorn effect was first noticed in the Hawthorn plant where production processes
were being studied to determine the impact of various conditions (lighting levels, rest breaks, etc.) on productivity.
However, each change in these conditions resulted in overall increases in productivity, including the return to the
original conditions. It was concluded that production increased not as a consequence of actual changes in working
conditions but because of the simple act of measurement, which gave attention (demonstrated interest by
management) to values being measured. CSQE Body of Knowledge Area: V.A.3
6. Answer C is correct. There is no reader role in a walkthrough. The author presents the work product to the team
during a walkthrough meeting. In a formal inspection, it is the responsibility of the reader role to "paraphrase" their
interpretation of the section of the work product being inspected. This gives insight to the author on how the work
product is interpreted and allows the other inspectors to confirm their own interpretation of the work product. CSQE
Body of Knowledge Area: VI.B.3
7. Answer D is correct. Change requests initiated by the customer, like all other change requests, should be reviewed
by a configuration control board (CCB) including impact analysis before they are implemented. The CCB can
approve the change request for implementation in a service pack, in the next release of the software, or in a future
release or disapprove the change request. Representatives from software quality assurance may or may not be
members of the CCB. CSQE Body of Knowledge Area: VII.C.2
Certified Software Quality Engineering Quiz for December 2002
1. Which of the following is an example of benchmarking?
A. Observing a set of users while they interact with our software product and using those observations to improve
our products GUI interfaces
B. Analyzing the root causes of the field failures for our software and using the results to improve our system test
process
C. Evaluating the formal software inspection process of a SEI CMMSM level 4 company and adapting the lessons
learned to improve our own peer review processes
D. Performing a skill gap analysis between needed and current knowledge and ability levels and using that
information to improve our training program
2. Which of the following documents defines the project level quality tasks and responsibility assignments?
A. Corporate Quality Policy
B. Quality Assurance Plan
C. Standard Process Document
D. Work Instructions
3. A customer has a requirement that the software system cannot consume more than 80% of the memory capacity of
the system while performing its functions. This is an example of which of the following types of customer
requirements?
A. Reliability
B. Portability
C. Efficiency
D. Usability
4. The team that is developing antilock brake system control software for automobiles conducts an analysis of all the
potential failure modes of the software and how those failures might adversely effect the safe operation of the
vehicle. This is an example of which of the following types of analysis?
A. Hazard analysis
B. Root cause analysis
C. Project risk analysis
D. Human factors & ergonomics analysis
5. The mean time to fix a software problem report is an example of which of the following measurement scales?
A. Nominal
B. Interval
C. Ratio

D. Ordinal
6. Which of the following types of testing typically uses drivers?
A. Bottom-up integration testing
B. Regression testing
C. Functional testing
D. Top-down integration testing
7. The System Test Readiness review is successfully completed and the software is handed off from the development
level change control board to the product level change control board. This is an example of:
A. Escalation
B. Dependency
C. Revision
D. Promotion
Answers to the Certified Software Quality Engineering Quiz for December 2002 1. Answer C is correct.
Benchmarking is the process of identifying, understanding, and adapting outstanding practices and processes from
organizations anywhere in the world to help our organization improve its performance. CSQE Body of Knowledge
Area: I.A.3
2. Answer B is correct. The projects Quality Assurance Plan should define the specific quality level tasks for that
project and assign responsibilities for those tasks. CSQE Body of Knowledge Area: II.A.4
3. Answer C is correct. Efficiency requirements describe the amount of computing resources required to perform
software functions. CSQE Body of Knowledge Area: III.C.1
4. Answer A is correct. Hazard analysis examines the potential failure modes of a product and determines their
impacts. CSQE Body of Knowledge Area: IV.C.14
5. Answer C is correct. Ratio scale measurement have an exact distance between the scales and an absolute or nonarbitrary zero point. All mathematical operations can be applied including addition, subtraction, multiplication and
division. CSQE Body of Knowledge Area: V.A.2
6. Answer A is correct. Bottom-up integration testing starts with the lowest-level modules and uses drivers to
simulate the higher-level calling modules. Each driver is then replaced with the next higher level of module and its
driver and so on until all the modules have been integrated. CSQE Body of Knowledge Area: VI.C.6
7. Answer D is correct. Promotion is the transition in the level of authority needed to approve changes to a
controlled entity. CSQE Body of Knowledge Area: VII.C.1
Certified Software Quality Engineering Quiz for November 2002
1. Establishing which of the following team rules is an example of a win-win outcome?
A. The last person to arrive at the meeting keeps the minutes
B. Team discussions will focus on products and processes and not on personalities
C. Team decisions will be made through a multi-voting process
D. The meeting times will be adjusted weekly to accommodate team members schedules
2. A Software Engineering Process Group (SEPG) has defined and documented a new change request process to
reduce the cycle time for requesting and implementing customer requested enhancements to company ABCs
software. The SEPGs next step should be to:
A. conduct a pilot implementation of the new process to test its effectiveness.
B. perform an in-process audit to identify problems with the existing process.
C. implement a training program to teach the new process throughout the company.
D. purchase a change request tool and site license to support the new process.
3. A preliminary design review meeting is held with the customer for a new software product. During this review, a
defect is identified that results in changes to several requirements in the baselined requirements specification. Which
of the following work products should be evaluated to determine the impact of this change?
I. Architectural design specification
II. Detailed design specification
III. Source code
A. I only
B. III only
C. II and III only
D. I, II and III
4. The completion and baselining of the Users Manual and Installation Instructions should be an entry criteria into
which of the following phase gate reviews:
A. Critical design review
B. System test readiness review
C. Ready to ship review
D. Post project review

5. Which of the following metrics is a software product metric?

A. Cycle time
B. Phase containment effectiveness
C. Defect density
D. Effort hours expended during coding
6. Which of the following tests would be considered a stress test for an accounting package that is required to handle
100,000 transactions an hour with a cycle time of 10 seconds per transaction or less?
A. Utilizing an automated program that simulates a varying stream ranging from no transactions per hour to 100,000
transactions per hour of various types while monitoring the software performance capabilities
B. Utilizing an automated program that simulates a steady stream of 99,999 transactions per hour of various types in
the background while kicking off an additional occurrence of each type of transaction in sequence and monitoring
their cycle times
C. Utilizing an automated program that simulates a steady stream of 100,000 transactions per hour of various types
over a 48-hour period while monitoring the software performance capabilities
D. Utilizing an automated program that simulates a steady stream of 100,000 transactions per hour of various types
in the background while periodically kicking off an additional 1,000 transactions and monitoring the resulting
impact to the operations of the software
7. Which of the following work products would be part of the functional baseline?
I. System requirements specification
II. Software requirements specification
III. Software architectural design specification
IV. Software detailed design specification
A. I only
B. II only
C. I and II only
D. III and IV only
Answers to the Certified Software Quality Engineering Quiz for November 2002
1. Answer D is correct. Answer D is an example of a win-win outcome, every team member wins because their
schedules are taken into consideration so they can attend the meeting without undue problems caused by conflicting
work and because the team meetings are more productive when all the team members are consistently in attendance.
Answer A is an example of a win-lose outcome, the last person in the room loses because they have to take the
minutes and everyone else wins because they dont. Answer B is a useful team rule that helps minimize negative
conflict within the team but it doesnt have a direct outcome, win-win or otherwise. Answer C is an example of a
rule that will prompt a win-lose outcome, in a multi-voting process the items or ideas with the most votes win and
the other items or ideas lose. CSQE Body of Knowledge Area: I.C.4
2. Answer A is correct. The new process should be tested through conducting a pilot implementation to ensure that it
works effectively. This provides an opportunity to fine tune the process and correct any problems before it is
propagated to the entire organization. It also minimizes the impact on the organization if the process doesnt have
the desired results and a determination is made not to implement the process organization wide. An in-process audit
to identify problems with the existing process (Answer B) should have been conducted prior to defining and
documenting the new process as input into determining the types of changes that need to be made. Implementing a
training program to teach the new process throughout the company (Answer C) would be part of the roll out of the
new process and should be done only after a successful pilot. Purchasing a change request tool and site license to
support the new process (Answer D) would also be part of the roll out. The identification of the supporting tool
would typically be part of the definition of the new process and it may be necessary to acquire enough
demonstration copies or tool licenses to conduct the pilot. However the expense of a site license is premature until
after a successful pilot. CSQE Body of Knowledge Area: II.B.2
3. Answer A is correct. A preliminary design review is held to evaluate the architectural design of the product. Since
this is a new product, the detailed design and software source code have typically not been created at this point in
the software development process. CSQE Body of Knowledge Area: III.B.2
4. Answer B is correct. The Users Manual and Installation Instructions should be tested as part of System Testing.
Therefore, their completion and baselining should be part of the entry criteria to the system test readiness phase gate
review. CSQE Body of Knowledge Area: IV.B.1
5. Answer C is correct. Defect density is a metric that measures the number of defects per size of the software
product so it is a software product metric. Examples of defect density might be the number of coding defects per
thousand lines of code, the number of user manual defects per page or the number of defects per test case. Cycle
time measures the amount of calendar time it takes to perform a process or task so it is a process metric. Phase
containment effectiveness measures the percentage of defects that were found in the same phase of the software
development life cycle in which they were introduced. An example of phase containment would include the number
of requirements type defects that were found during the requirements phase or the number of coding defects found
during the coding and unit test phase. Therefore, phase containment is a process metric that measures the

effectiveness of the defect detection processes during a phase. Effort hours expended during coding is a resource
metric. CSQE Body of Knowledge Area: V.B.1
6. Answer D is correct. Stress testing subjects the software to surges or spikes of excess load over short periods of
time and evaluates the softwares capability. Answer A is an example of load testing which evaluates the softwares
performance capabilities at various levels of normal usage conditions. Answer B is an example of performance
testing which is done to determine if the system has any problems meeting its performance requirements for
throughput, response time, number of simultaneous users, number of terminals supported, etc. Answer C is an
example of volume testing which subjects the software to heavy loads over long periods of time. CSQE Body of
Knowledge Area: VI.C.1
7. Answer A is correct. The functional baseline includes the initial, approved technical specification (system
requirements) for the product. CSQE Body of Knowledge Area: VII.B.2
Certified Software Quality Engineering Quiz for September 2002
1. Which of the following would be a role of the quality action teams sponsor?
A. Directing the team including making assignments
B. Recommending quality improvement tools and techniques
C. Providing ongoing resources to the team
D. Arranging team meeting locations and other logistics
2. A software systems analyst has identified a way to improve the organizations defined requirements elicitation
process. Which of the following should the analyst do first?
A. Change the way they personally elicit requirements in order to pilot the improvement
B. Update the requirements elicitation process definition to document the improvement
C. Document a lessons learned and post it on the intranet
D. Document the improvement in a change request and forward it to the process owners
3. Which of the following is NOT an element of the unified modeling language (UML)?
A. Data flow diagrams
B. Use cases
C. Interaction diagrams
D. State diagrams
4. Which of the following would typically be reviewed as part of a senior management project review meeting?
I. Details of upcoming tasks and inter-task dependencies
II. Changes to the projects objective or business climate
III. Status of high priority project risks
IV. Project schedule status against milestones
A. III and IV only
B. I, II and IV only
C. II, III and IV only
D. I, II, III and IV
5. As a facilitator, you would recommend the use of a checklist when the team is trying to:
A. organize and categorize a large number of ideas from a brainstorming session.
B. analyze and organize the root causes of a particular problem.
C. ensure that all of the important items have been included in their discussion.
D. identify driving forces that help move towards reaching their goal & restraining forces inhibiting movement
towards their goal.
6. Which of the following is a characteristic of an inspection but NOT of a walkthrough?
A. Conducted by a team of peers
B. Focused only on defect detection
C. Evaluates a software work product
D. Attended by the work product author
7. Which of the following would NOT be considered a role of software configuration management?
A. Allocating system-level requirements to each software component
B. Creating or releasing baselines for internal use and for delivery to the customer
C. Controlling changes to the content of software components
D. Assigning unique identifiers to each software component
Answers to the Certified Software Quality Engineering Quiz for September 2002
1. Answer C is correct. One of the responsibilities of the teams sponsor is to ensure that the team has required
resources to adequately perform their function. The teams facilitator is the expert on the use of quality improvement
tools and techniques and would make recommendations to the team on their use. The teams leader would typically
direct the team, including making assignments, and would also arrange for meeting rooms and other logistics.
CSQE Body of Knowledge Area: I.C.3

2. Answer D is correct. Changes to a defined process should be done formally through a change request process
that involves the process owners. This allows the improvement to be appropriately analyzed as to its impact on the
entire quality system. A single individual should not personally deviate from the defined process or change the
process documentation without formal approval. Simply doing a lessons learned posting on the intranet will not
insure that the improvement idea is considered and implemented if appropriate. CSQE Body of Knowledge Area:
II.B.5
3. Answer A is correct. A data flow diagram is a graphical representation of how data flows through and is
transformed by the processes of a system. Data flow diagrams are not one of the elements of the Unified Modeling
Language (UML). CSQE Body of Knowledge Area: III.D.1
4. Answer C is correct. The senior management project review meeting would not review the details of individual
tasks and inter-task dependencies. This would typically be dealt with at the lower level project team status meetings.
CSQE Body of Knowledge Area: IV.B.4
5. Answer C is correct. A checklist can be used to ensure that all of the important items have been included in their
discussion. An affinity diagram can be used to organize the ideas into categories. Affinity diagrams can also be used
with defect data, customer quality requirements, audit observations or any other set of data that needs to be
organized into categories. A cause and effect diagram, also called a fishbone diagram, would be a good tool to help
the team analyze and organize the root causes of a particular problem. The force field analysis tool can be useful
when trying to identify driving forces that help move towards reaching their goal & restraining forces inhibiting
movement towards their goal. CSQE Body of Knowledge Area: V.C.2
6. Answer B is correct. Inspections focus exclusively on defect detection while walkthroughs include both defect
detection and engineering analysis aspects. Both inspections and walkthroughs are peer reviews that are used to
evaluate software work products. The work product author plays a critical role in both inspections and
walkthroughs. CSQE Body of Knowledge Area: VI.B.1
7. Answer A is correct. The allocation of system-level requirements to each software component is done as part of
defining the system and software architecture and is therefore a role of software development or systems
engineering not configuration management. CSQE Body of Knowledge Area: VII.A.1
Certified Software Quality Engineering Quiz for June 2002
1. The cost of fixing a requirements defect
A. will decrease as more and more of the product is implemented and tested.
B. will increase the later in the software development life cycle the defect is detected.
C. is dependant on the severity of the defect.
D. remains constant as development progresses.
2. Which of the following is an example of a second party product audit?
A. An organizations SQA team auditing a sample set of its source code to verify compliance with coding standards
B. An acquisition team conducting a supplier qualification audit prior to awarding a contract
C. A customer team performing a functional configuration audit of a subcontracted software system prior to
acceptance
D. The FDA auditing a supplier of biomedical device software for compliance to government regulations
3. In a client/server architecture, the client typically:
I. manages the network resources.
II. centralizes storage of shared data.
III. runs on a decentralized computer.
A. II only
B. III only
C. I and II only
D. I and III only
4. The graph above reports the earned value for project ABC, which has been in progress for 5 months. Based on the
information in this graph, at month 5 project ABC is currently:
A. over budget and behind schedule.
B. over budget but ahead of schedule.
C. under budget and ahead of schedule
D. under budget but behind schedule.
5. Utilizing Cyclomatic complexity as a metric to measure the size of a software module is:
A. neither reliable nor valid.
B. reliable but not valid.
C. valid but not reliable.
D. both valid and reliable.
6. Which of the following is an example of a dynamic analysis verification and validation technique?
A. Running a spell checker on the users manual
B. Compiling a software module

C. Integration testing a software/hardware interface

D. Peer reviewing a detailed design document
7. The compiler and linker used to build the software:
A. are not considered configuration items and therefore are not placed under configuration control.
B. are not placed under configuration control because they are controlled by their vendor.
C. should be placed under configuration control because they are considered part of the products external
deliverables.
D. are potential candidates for configuration control depending upon requirements including the need to support
multiple release of the product.
Answers to the Certified Software Quality Engineering Quiz for June 2002
1. Answer B is correct. If a requirements defect is detected during the requirements phase and it costs one unit to fix
(e.g., 3 engineering hours, $500) that same defect will typically increase exponentially in cost to fix the later it is
found in the life cycle. For example, if it is not found until the design phase cost increases because both the
requirements specification and the design that was based on that requirement have to be fixed. If the defect is not
found until coding, the requirements and design specifications and all of the code based on the defective requirement
have to be fixed. By the coding phase, test cases and user documentation may also have been written based on the
defective requirement that will also need to be corrected. If the defect isnt found until the testing phases, all of these
work products will have to be corrected, retested and regression tested. CSQE Body of Knowledge Area: I.A.1
2. Answer C is correct. A second party audit is where a customer audits its supplier. A functional configuration
audit is an example of a product audit, where the software product is evaluated for compliance to its requirements.
Answer A is an example of a first party product audit. Answer B is an example of a second party quality systems
audit. Answer D is an example of a third party audit (the FDA is not the customer of the biomedical device supplier).
CSQE Body of Knowledge Area: II.C.2
3. Answer B is correct. The client is typically an application that runs on a decentralized computer or workstation
and allows the localization of processing. The client typically downloads or accesses centralized data that is stored
on the server. The server also typically manages the network resources. CSQE Body of Knowledge Area: III.A.2
4. Answer A is correct. The cost variance = BCWP ACWP. A negative cost variance indicates that we are in an
over budget condition (i.e., the actual cost of the work performed (ACWP) is more than what was budgeted for that
work (BCWP)). The schedule variance = BCWP BCWS. A negative schedule variance indicates that we are
behind schedule (i.e., the budgeted cost of work scheduled (BCWS) is more than the budgeted cost (amount) of
work we have actually performed (BCWP). CSQE Body of Knowledge Area: IV.B.3
5. Answer B is correct. Reliability is a function of consistency. Cyclomatic complexity is a reliable metric because
the Cyclomatic complexity of a module can be measured by different people (or the same person multiple times)
with the same result. A metric is valid if it measures what we expect it to measure. Cyclomatic complexity is a
measure of the control flow complexity of a module and not its size and therefore is NOT a valid measure of the size
of a module. CSQE Body of Knowledge Area: V.A.1
6. Answer C is correct. Dynamic analysis involves the actual execution of the software product and evaluating the
actual results against the expected results. Testing is a form of dynamic analysis. Running a spell checker, compiling
a source code module and performing a peer review are all static analysis techniques. CSQE Body of Knowledge
Area: VI.A.1
7. Answer D is correct. Support tools like compilers and linkers used to create or support the software product
should be considered for placement under configuration control. For example, they should be placed under
configuration control, if necessary, in order to insure that past versions of the product can be recreated and
maintained. CSQE Body of Knowledge Area: VII.B.1
Certified Software Quality Engineering Quiz for May 2002
1. Which of the following standards defines a common rating scale that makes it possible to compare assessments
conducted using a variety of models?
A. IEEE/EIA 12207
B. ISO 15504
C. SEI CMMISM Continuous Representation
D. ISO 9001
2. When documenting the process for conducting an audit on-site visit, which of the following would be included as
part of the entry criteria?
A. The audit checklists are documented
B. The audit interviews are complete
C. The audit report has been approved
D. The opening audit meeting has been conducted
3. The diagram above is an example of:
A. a data flow diagram.
B. an entity relationship diagram.

C. a state transition diagram.

D. a use case diagram.
4. Based on risk exposure, which of the following risks would have the highest priority?
A. Risk A that has a 25% probability of a problem occurring that would cost $300,000.
B. Risk B that has a 15% probability of a problem occurring that would cost $400,000.
C. Risk C that has a 50% probability of a problem occurring that would cost $180,000.
D. Risk D that has a 40% probability of a problem occurring that would cost $250,000.
5. Coupling is dependant on:
I. The internal control structure of each module
II. The interface complexity between modules
III. What data is passed across the module interfaces
IV. The cohesion of each module
A. I and IV only
B. II and III only
C. I, II and III only
D. I, II, III and IV
6. Who has the responsibility for recording inspection metrics, reported defects and other issues during an inspection
meeting?
A. Moderator
B. Author
C. Reader
D. Scribe
7. Which of the following is NOT typically a function of configuration identification?
A. Assigning unique identifiers to each product and its components
B. Identifying component, data and product acquisition points and criteria
C. Establishing product and component baselines
D. Tracking the content and status of each build
Answers to the Certified Software Quality Engineering Quiz for May 2002
1. Answer B is correct. IEEE/EIA 12207 standard establishes a common framework for software lifecycle
processes. SEI CMMISM Continuous Representation is an assessment model that complies with ISO 15504. ISO
9001 specifies requirements for a quality management system. CSQE Body of Knowledge Area: I.B
2. Answer A is correct. Entry criteria are conditions that must be true before a process can be started. The audit
checklists should be documented as part of the audit planning and should be complete before the on-site visit starts.
The opening audit meeting and the audit interviews would be tasks that are defined as part of the audit on-site visit
process. The audit report is written after the completion of the on-site visit. CSQE Body of Knowledge Area: II.A.4
3. Answer C is correct. A state transition diagram represents the behavior of a system by depicting its states and the
events that cause the system to change states. CSQE Body of Knowledge Area: III.C.3
4. Answer D is correct. Risk exposure is the expected value and is calculated as the risks probability multiplied
times its predicted cost if it turns into a problem. The risk exposure for Risk A is 25% x $300,000 = $75,000. The
risk exposure for Risk B is 15% x $400,000 = $60,000. The risk exposure for Risk C is 50% x $150,000 = $90,000.
The risk exposure for Risk C is 40% x $250,000 = $100,000. Therefore risk D has the highest risk exposure and
would be given the highest priority. CSQE Body of Knowledge Area: IV.C.2
5. Answer B is correct. Coupling is a measure of the interconnection among modules in a software structure.
Coupling is dependant on the interface complexity between modules, what data is passed across the module
interfaces and the point at which entry is made to a module. [Roger Pressman, Software Engineering, A
Practitioners Approach, Fifth Edition] CSQE Body of Knowledge Area: V.B.3
6. Answer D is correct. The scribe keeps the minutes of the inspection meeting, which includes the recording of
inspection metrics, reported defects and other issues. CSQE Body of Knowledge Area: VI.B.3
7. Answer D is correct. Tracking the content and status of each build is a configuration status accounting function.
CSQE Body of Knowledge Area: VII.B.1