Security Testing Interview Questions

Security Testing Interview Questions

1) What is Security?
Security is set of measures to protect an application against unforeseen actions that cause it to stop functioning or being exploited.
Unforeseen actions can be either intentional or unintentional.

2) What is Security Testing?
  Security Testing is a type of software testing that intends to uncover vulnerabilities of the system and determine that its data and resources are protected from possible intruders.
The goal of security testing is to identify the threats in the system and measure its potential vulnerabilities. 
It also helps in detecting all possible security risks in the system and help developers in fixing these problems through coding.
3) What is Vulnerability?
  This is a weakness in the web application. The cause of such a "weakness" can be bugs in the application, an injection (SQL/ script code) or the presence of viruses.

4) What is a Bug?
  A fault in a program which causes the program to perform in an unintended or unanticipated manner.

5) What are the main focus areas to be considered in Security Testing?
  There are four main focus areas to be considered in security testing (Especially for web sites/applications):
•    Network security: This involves looking for vulnerabilities in the network infrastructure (resources and policies).
•    System software security: This involves assessing weaknesses in the various software (operating system, database system, and other software) the application depends on.
•    Client-side application security: This deals with ensuring that the client (browser or any such tool) cannot be manipulated.
•    Server-side application security: This involves making sure that the server code and its technologies are robust enough to fend off any intrusion.

6) Give an example of a basic Security Test?
  This is an example of a very basic security test which anyone can perform on a web site/application:
•    Log into the web application.
•    Log out of the web application.
•    Click the BACK button of the browser (Check if you are asked to log in again or if you are provided the logged-in application)
Most types of security testing involve complex steps and out-of-the-box thinking but, sometimes, it is simple tests like the one above that help expose the most severe security risks.

7) What are the different types of security testing?
  There are seven main types of security testing as per Open Source Security Testing methodology manual. They are explained as follows:

•    Vulnerability Scanning: This is done through automated software to scan a system against known vulnerability signatures.
•    Security Scanning: It involves identifying network and system weaknesses, and later provides solutions for reducing these risks. This scanning can be performed for both Manual and Automated scanning.
  •    Penetration testing: This kind of testing simulates an attack from malicious hacker. This testing involves analysis of a particular system to check for potential vulnerabilities to an external hacking attempt.
  •    Risk Assessment: This testing involves analysis of security risks observed in the organization. Risks are classified as Low, Medium and High. This testing recommends controls and measures to reduce the risk.
  •    Security Auditing: This is internal inspection of Applications and Operating systems for security flaws. Audit can also be done via line by line inspection of code
  •    Ethical hacking: It's hacking an Organization Software systems. Unlike malicious hackers, who steal for their own gains, the intent is to expose security flaws in the system.
  •    Posture Assessment: This combines Security scanning, Ethical Hacking and Risk Assessments to show an overall security posture of an organization.

8) What are the major tables to be included in test plan?
      Test plan should include,
•    Security related test cases or scenarios
•    Test Data related to security testing
•    Test Tools required for security testing
•    Analysis on various tests outputs from different security tools

9) What is tiger box penetration testing?
 This testing is usually done on a laptop which has a collection of OSs and hacking tools. This testing helps penetration testers and security testers to conduct vulnerabilities assessment and attacks.

10) What is black box testing?
  Tester is authorized to do testing on everything about the network topology and the technology.

11) What is grey box testing?
  Partial information is given to the tester about the system, and it is hybrid of white and black box models.

12) What is Fuzz Testing?
  Fuzz testing is a black box testing technique which uses a random bad data to attack a program to check if anything breaks in the application.

13) What is smoke test?
  Testing the application whether it is performing its basic functionality properly or not, so that the test team can go ahead with application

14) What is the difference between verification and validation?
  Verification is a review without actually executing the process while validation is checking the product with actual execution. For instance, code review and syntax check is verification while actually running the product and checking the result is validation.

15)What are different types of verifications?
  •    Verification is static type of s/w testing. It means code is not executed. The product is evaluated by going through the code. Types of verification are:
•    Walkthrough: Walkthroughs are informal, initiated by the author of the s/w product to a colleague for assistance in locating defects or suggestions for improvements. They are usually unplanned. Author explains the product; colleague comes out with observations and author notes down relevant points and takes corrective actions.
•    Inspection: Inspection is a thorough word-by-word checking of a software product with the intention of locating defects, confirming traceability of relevant requirements etc.

16) What are the myths and Facts of Security Testing?
  Myth 1: We don't need a security policy as we have a small business
Fact: Everyone and every company need a security policy
Myth 2:There is no return on investment in security testing
Fact: Security Testing can point out areas for improvement that can improve efficiency and reduce downtime, enabling maximum throughput.
Myth 3: Only way to secure is to unplug it.
Fact: The only and the best way to secure organization is to find "Perfect Security". Perfect security can be achieved by performing posture assessment and compare with business, legal and industry justifications.
Myth 4: Internet isn't safe. I will purchase software or hardware to safeguard the system and save business.
Fact: One of the biggest problems is to purchase software and hardware for security. Instead, organization should understand security first and then apply it.

Interview Questions and Answers on Web Testing

Q) What is WWW?

The term WWW refers to the World Wide Web or simply the Web. The World Wide Web consists of all the public Web sites connected to the Internet worldwide, including the client devices (such as computers and cell phones) that access Web content. The WWW is just one of many applications of the Internet and computer networks. 

Q) What is Web Application?

It is Software application that is accessed over a network such as the Internet or an intranet through a web browser.

Q) What are the advantages of Web Applications over I-Tier and II-Tier Applications?

• Web Software Applications Support Thousands of clients easily

• Client side installation is optional, so maintenance is easy, adding/removing client machines is easy

• Can be deployed in Stand-alone, Intranet and Internet Environments

Q) What are the different types of environment available in the Web?
• Stand-alone

• Intranet (Local Network)

• Internet (Wide area Network)

• Extranet (Private network over Internet)

Q) What is Intranet application?
It is a private application, can be accessed within the Organization only. It uses Local /Private Network and Internet Protocol technology to share information.

Q) What is Internet application?
Generally it is a public web application, uses Wide area network. It can be accessed from anywhere.

Q) What is Extranet application?
It is also a private application over internet, can be accessed by fixed machines only. It uses Wide area network and Internet Protocol technology to share information.

Q) What are the different types of web applications available in the Software Industry?
We have different types of web applications available in the Industry

a) Websites

Ex: http://www.aurobindo.com/, http://www.pennacement.com/ etc...
-----------------------------------------------------------------
b) Web Portals

Ex: http://www.ebay.in/, http://www.naukri.com/ etc...
-----------------------------------------------------------------
c) Web Applications

Ex: www.icicibank.com/, http://www.sunlife.com/ etc...
-----------------------------------------------------------------
d) Email Service Providers

Ex: www.gmail.com, www.yahoo.com, www.rediffmail.com etc...
-----------------------------------------------------------------
e) Social Networks

Ex: www.facebook.com, www.twitter.com, www.linkedin.com etc...
-----------------------------------------------------------------
f) Discussion Forums-----------------------------------------------------------------
g) Classifieds Web sites
Ex:
-----------------------------------------------------------------
 Etc...

Q) What is Website?

Basically website is an information provider, It provides information globally using internet protocols. 

Q) What is Web Portal?

Web portal is a business gateway, It organizes business operations.

Ex: Online shopping portals, Job portals etc...

Q) What is Web Application?

Web application provides services (Free and Paid) apart from information.

Ex: Online Banking System

it provides Bank information,  Branches & ATM Information, Loans information etc...

And It provides balance enquiry, Fund transfer, Bill payments like services.

Q) What is HTML?

HTML stands for Hyper Text Markup Language, it is for displaying web pages and other information. Basically it is data presenter in the web.

Q) What is Client Side Validation?

Validating client side forms, which is typically done by Java Script. Generally it checks weather the user is entering correct form of data or not? and entering all mandatory fields or not?

Client site validation is 2 types One is Field level validation another is Form level validation.

Q) What is Server Side Validation?
Validating, processing client requests and providing response from the Server.

Q) What is Web Server?

Web server handles Clint side and server side validations and helps to deliver Web content that can be accessed through the Internet protocols.

Examples:

Microsoft IIS (Internet Information Service)

Apache Web server from Apache

Java Web server

Pramathi web server etc...

Q) What is Application Server?

Application Server also called an appserver, It is a program that handles all application operations between users and an organization's back-end business applications or databases.

Examples:

Bea WebLogic

IBM WebSphre

Q) What is Database Server?

Database server is used to refer to the back-end system of a database application using client/server architecture.

The back-end, sometimes called a database server, performs tasks such as data design, storage, data manipulations, archiving, and other non-user specific tasks.

Examples:

Oracle

MS SQL Server

MySQL (Open source)

IBM DB2 etc...

Q) What is HTTP?

Hyper Text Transfer Protocol, the data transfer protocol used on the World Wide Web. 

Q) What is HTTPS?

HTTPS stands for Hypertext Transfer Protocol Secure is a widely-used communications protocol for secure communication over a computer network.

Q) What is purpose of Java Script in the Web?
It is for performing client side validations.

Q) What is the purpose of Vbscript in the Web?
It can be used for client side validations as well as Server side validations.

Q) What is Web Browser?
Web browser is a software application used to locate, retrieve and also display content on the World Wide Web, including Web pages, images, videos and other files.

Examples:

Microsoft Internet Explorer

Mozilla Firefox

Google Chrome

Opera

Safari etc…

Q) What is Server side testing?
Q) What are the advantages of web applications than GUI based applications?

• Only server side installation, client side installation is not mandatory, so deployment and maintenance is easy.

• It can be accessible anywhere, anytime via a PC with an Internet connection. The user interface of web-based applications is easier to customize than it is in GUI applications.

• Content can also be customized for presentation on any device connected to the internet, including PDAs, mobile phones etc…

• Supports thousands of clients effectively

• Adding and removing clients is very easy.
 
Q) What are Web Services?

Web services are application components, communicate using open protocols and these can be used by other applications.

XML is the basis for Web services

SOAP (Simple Object Access Protocol), UDDI (Universal Description, Discovery and Integration) and WSDL (Web Services Description Language) are the Web services platform elements.

Q) What are the important aspects in Web Testing?
 
• Functionality Testing (Includes Forms Validation, Search operations, links testing, navigation testing etc...),

• Security Testing (Ahorization, Access Control, Virus Attacks, Etc...)

• Database Testing (includes Data integrity, data manipulations, data retrievals etc..),

• Performance Testing (includes all types of performance like Load Testing, Stress Testing, Spike Testing, Endurance Testing and Data volume Testing),

• Usability Testing (Easy Navigation, Look and feel including colors, Alignments, Fonts etc...)

• Navigation testing,
• Configuration Testing,

• Compatibility Testing,

• Reliability Testing,

• Availability Testing,

• Scalability Testing Etc...

Q) What is Cookies Testing?
A "cookie" is a small piece of information that sent by a web server to store on a web browser so it can later be read back from that browser. This is useful for having the browser remember some specific information.

Q) How to perform Web Services Testing?
 
A Web Service is a service accessed via Web. Web Service is a way to publish your application over web and enable other applications to access functions defined by your web service. Web services exposes an interface defined in Web Services Description Language (WSDL).

Q) How to test Web Forms manually and using UFT (Formerly QTP) Tool?

Web forms validation is 2 types:

a) Field level validations

b) Form level validations

Using Black Box test design techniques we can test web forms manually

Using Conditional statements and built-in functions we can test web forms (Using UFT)

Q) What is the difference between desktop application testing and web testing?

Desktop testing is standalone testing. Desktop need not worry about number of user etc.

Web testing is related to client server and Web testing needs to have many testing types to be performed like Usability, GUI, Database and Load Testing etc...

Q) What are possible configurations that could affect the testing strategy of any web site?

Possible configurations that affect the testing strategy of any web site are hardware platform (PC, Mac), Browser software and version, Browser Plug-Ins, Browser settings options, Video resolution and Colour Depth, and text size.

Q) What is difference between client server and Web Testing?
The difference between client server and Web Testing:
In client server application you have two different components to test. Application is loaded on server machine while the application exe on every client machine. You will test broadly in categories like, GUI on both sides, functionality, Load, client-server interaction, back-end. This environment is mostly used in Intranet networks. You are aware of number of clients and servers and their locations in the test scenario.

Web application is a bit different and complex to test as tester don’t have that much control over the application. Application is loaded on the server whose location may or may not be known and no exe is installed on the client machine, you have to test it on different web browsers. Web applications are supposed to be tested on different browsers and OS platforms so broadly Web application is tested mainly for browser compatibility and operating system compatibility, error handling, static pages, back-end testing and load testing.

Q) What are the latest web Technologies do you know?

Latest web technologies are:

The main three web tracks:

1. Microsoft ASP.Net Track + SQl Server database engine (IDE: Expression Web, Visual Studio).

2. Oracle Java Track + Oracle database engine (IDE: NetBeans, Eclipse).

3. PHP Track + MySQL database engine (IDE: Zend Studio, DreamWeaver).

There are many new concepts and enhanced methodologies like Ajax, JQuery, JSON, and so on.

Q) What types of web testing security problems do you know?

Types of web testing security problems are:

Denial of Service (DoS) attack, buffer overflow etc…

Q) What types HTTP Response Codes do you know?

Types of HTTP Response Codes are:

2xx - success, 3xx - Redirection, 4xx - Client Error, 5xx - Server Error

SQL Knowledge For Software Testers

Basics of the SELECT Statement
 

In a relational database, data is stored in tables. An example table would relate Social Security Number, Name, and Address: 

EmployeeAddressTable
SSN	FirstName	LastName	Address	City	State
512687458	Joe	Smith	83 First Street	Howard	Ohio
758420012	Mary	Scott	842 Vine Ave.	Losantiville	Ohio
102254896	Sam	Jones	33 Elm St.	Paris	New York
876512563	Sarah	Ackerman	440 U.S. 110	Upton	Michigan

Now, let's say you want to see the address of each employee. Use the SELECT statement, like so:
SELECT FirstName, LastName, Address, City, State
FROM EmployeeAddressTable;
 
The following is the results of your query of the database: 

First Name	Last Name	Address	City	State
Joe	Smith	83 First Street	Howard	Ohio
Mary	Scott	842 Vine Ave.	Losantiville	Ohio
Sam	Jones	33 Elm St.	Paris	New York
Sarah	Ackerman	440 U.S. 110	Upton	Michigan

To get all columns of a table without typing all column names, use:
SELECT * FROM TableName;
 
Note: Each database management system (DBMS) has different methods for logging in to the database and entering SQL commands.

Conditional Selection

To further discuss the SELECT statement, let's look at a new example table:

EmployeeStatisticsTable
EmployeeIDNo	Salary	Benefits	Position
010	75000	15000	Manager
105	65000	15000	Manager
152	60000	15000	Manager
215	60000	12500	Manager
244	50000	12000	Staff
300	45000	10000	Staff
335	40000	10000	Staff
400	32000	7500	Entry-Level
441	28000	7500	Entry-Level

---

a)    Relational Operators

There are six Relational Operators in SQL, and after introducing them, we'll see how they're used:

=	Equal
< or !=	Not Equal
<	Less Than
>	Greater Than
<=	Less Than or Equal To
>=	Greater Than or Equal To

The WHERE clause is used to specify that only certain rows of the table are displayed, based on the criteria described in that WHERE clause. 

If you wanted to see the EMPLOYEEIDNO's of those making at or over $50,000, use the following:

SELECT EMPLOYEEIDNO FROM EMPLOYEESTATISTICSTABLE WHERE SALARY >= 50000;
 

Notice that the >= (greater than or equal to) sign is used, as we wanted to see those who made greater than $50,000, or equal to $50,000, listed together. This displays: 

EMPLOYEEIDNO
------------
010
105
152
215
244
 

The WHERE description, SALARY >= 50000, is known as a condition (an operation which evaluates to True or False). The same can be done for text columns:

SELECT EMPLOYEEIDNO
FROM EMPLOYEESTATISTICSTABLE
WHERE POSITION = 'Manager';
 

This displays the ID Numbers of all Managers.

---

More Complex Conditions: Compound Conditions / Logical Operators

The AND operator joins two or more conditions, and displays a row only if that row's data satisfies ALL conditions listed (i.e. all conditions hold true). 

For example, to display all staff making over $40,000, use: 

SELECT EMPLOYEEIDNO
FROM EMPLOYEESTATISTICSTABLE
WHERE SALARY > 40000 AND POSITION = 'Staff'; 

The OR operator joins two or more conditions, but returns a row if ANY of the conditions listed hold true. 

To see all those who make less than $40,000 or have less than $10,000 in benefits, listed together, use the following query: 

SELECT EMPLOYEEIDNO
FROM EMPLOYEESTATISTICSTABLE
WHERE SALARY <  40000 OR BENEFITS < 10000;
 

AND and OR can be combined, for example: 

SELECT EMPLOYEEIDNO
FROM EMPLOYEESTATISTICSTABLE
WHERE POSITION = 'Manager' AND SALARY > 60000 OR BENEFITS > 12000;
 

First, SQL finds the rows where the salary is greater than $60,000 and the position column is equal to Manager, then taking this new list of rows, SQL then sees if any of these rows satisfies the previous AND condition or the condition that the Benefits column is greater than $12,000. Subsequently, SQL only displays this second new list of rows, keeping in mind that anyone with Benefits over $12,000 will be included as the OR operator includes a row if either resulting condition is True. Also note that the AND operation is done first. 

IN & BETWEEN

An easier method of using compound conditions uses IN or BETWEEN. 

For example, if you wanted to list all managers and staff:

 

SELECT EMPLOYEEIDNO
FROM EMPLOYEESTATISTICSTABLE
WHERE POSITION IN ('Manager', 'Staff');

 

or to list those making greater than or equal to $30,000, but less than or equal to $50,000, use: 

SELECT EMPLOYEEIDNO
FROM EMPLOYEESTATISTICSTABLE
WHERE SALARY BETWEEN 30000 AND 50000;

 

To list everyone not in this range, try:

 

SELECT EMPLOYEEIDNO
FROM EMPLOYEESTATISTICSTABLE
WHERE SALARY NOT BETWEEN 30000 AND 50000;

 

Similarly, NOT IN lists all rows excluded from the IN list. 

Additionally, NOT's can be thrown in with AND's & OR's, except that NOT is a unary operator (evaluates one condition, reversing its value, whereas, AND's & OR's evaluate two conditions), and that all NOT's are performed before any AND's or OR's.

 

SQL Order of Logical Operations (each operates from left to right)

1. NOT
2. AND
3. OR

Using Like

Look at the EmployeeStatisticsTable, and say you wanted to see all people whose last names started with "S"; try: 

SELECT EMPLOYEEIDNO
FROM EMPLOYEEADDRESSTABLE
WHERE LASTNAME LIKE 'S%';

 

The percent sign (%) is used to represent any possible character (number, letter, or punctuation) or set of characters that might appear after the "S". 

To find those people with LastName's ending in "S", use '%S', or if you wanted the "S" in the middle of the word, try '%S%'. 

The '%' can be used for any characters in the same position relative to the given characters. 

Joins

Good database design suggests that each table lists data only about a single entity, and detailed information can be obtained in a relational database, by using additional tables, and by using a join. 

First, take a look at these example tables: 

AntiqueOwners
 

OwnerID	OwnerLastName	OwnerFirstName
01	Jones	Bill
02	Smith	Bob
15	Lawson	Patricia
21	Akins	Jane
50	Fowler	Sam

---

Orders
 

OwnerID	ItemDesired
02	Table
02	Desk
21	Chair
15	Mirror

---

Antiques
 

SellerID	BuyerID	Item
01	50	Bed
02	15	Table
15	02	Chair
21	50	Mirror
50	01	Desk
01	21	Cabinet
02	21	Coffee Table
15	50	Chair
01	15	Jewelry Box
02	21	Pottery
21	02	Bookcase
50	01	Plant Stand

---

Keys
 

First, let's discuss the concept of keys. 

A primary key is a column or set of columns that uniquely identifies the rest of the data in any given row. For example, in the AntiqueOwners table, the OwnerID column uniquely identifies that row. This means two things: no two rows can have the same OwnerID, and, even if two owners have the same first and last names, the OwnerID column ensures that the two owners will not be confused with each other, because the unique OwnerID column will be used throughout the database to track the owners, rather than the names. 

A foreign key is a column in a table where that column is a primary key of another table, which means that any data in a foreign key column must have corresponding data in the other table where that column is the primary key. 

In DBMS-speak, this correspondence is known as referential integrity. For example, in the Antiques table, both the BuyerID and SellerID are foreign keys to the primary key of the AntiqueOwners table (OwnerID; for purposes of argument, one has to be an Antique Owner before one can buy or sell any items), as, in both tables, the ID rows are used to identify the owners or buyers and sellers, and that the OwnerID is the primary key of the AntiqueOwners table. In other words, all of this "ID" data is used to refer to the owners, buyers, or sellers of antiques, themselves, without having to use the actual names.

---

Performing a Join

The purpose of these keys is so that data can be related across tables, without having to repeat data in every table--this is the power of relational databases. 

For example, you can find the names of those who bought a chair without having to list the full name of the buyer in the Antiques table...you can get the name by relating those who bought a chair with the names in the AntiqueOwners table through the use of the OwnerID, which relates the data in the two tables. 

To find the names of those who bought a chair, use the following query:

SELECT OWNERLASTNAME, OWNERFIRSTNAME
FROM ANTIQUEOWNERS, ANTIQUES
WHERE BUYERID = OWNERID AND ITEM = 'Chair';

Note the following about this query...notice that both tables involved in the relation are listed in the FROM clause of the statement.

 In the WHERE clause, first notice that the ITEM = 'Chair' part restricts the listing to those who have bought (and in this example, thereby own) a chair. Secondly, notice how the ID columns are related from one table to the next by use of the BUYERID = OWNERID clause. Only where ID's match across tables and the item purchased is a chair (because of the AND), will the names from the AntiqueOwners table be listed. Because the joining condition used an equal sign, this join is called an equijoin. The result of this query is two names: Smith, Bob & Fowler, Sam. 

Dot notation refers to prefixing the table names to column names, to avoid ambiguity, as follows:

SELECT ANTIQUEOWNERS.OWNERLASTNAME, ANTIQUEOWNERS.OWNERFIRSTNAME
FROM ANTIQUEOWNERS, ANTIQUES
WHERE ANTIQUES.BUYERID = ANTIQUEOWNERS.OWNERID AND ANTIQUES.ITEM = 'Chair';

As the column names are different in each table, however, this wasn't necessary.

DISTINCT and Eliminating Duplicates

Let's say that you want to list the ID and names of only those people who have sold an antique. 

Obviously, you want a list where each seller is only listed once--you don't want to know how many antiques a person sold, just the fact that this person sold one (for counts, see the Aggregate Function section below). 

This means that you will need to tell SQL to eliminate duplicate sales rows, and just list each person only once. 

To do this, use the DISTINCT keyword. 

First, we will need an equijoin to the AntiqueOwners table to get the detail data of the person's LastName and FirstName. However, keep in mind that since the SellerID column in the Antiques table is a foreign key to the AntiqueOwners table, a seller will only be listed if there is a row in the AntiqueOwners table listing the ID and names. We also want to eliminate multiple occurrences of the SellerID in our listing, so we use DISTINCT on the column where the repeats may occur (however, it is generally not necessary to strictly put the Distinct in front of the column name). 

To throw in one more twist, we will also want the list alphabetized by LastName, then by 
FirstName (on a LastName tie). Thus, we will use the ORDER BY clause: 

SELECT DISTINCT SELLERID, OWNERLASTNAME, OWNERFIRSTNAME
FROM ANTIQUES, ANTIQUEOWNERS
WHERE SELLERID = OWNERID
ORDER BY OWNERLASTNAME, OWNERFIRSTNAME;
 

In this example, since everyone has sold an item, we will get a listing of all of the owners, in alphabetical order by last name.

For future reference (and in case anyone asks), this type of join is considered to be in the category of inner joins.

Aliases & In/Sub queries

In this section, we will talk about Aliases, In and the use of sub queries, and how these can be used in a 3-table example. 

First, look at this query which prints the last name of those owners who have placed an order and what the order is, only listing those orders which can be filled (that is, there is a buyer who owns that ordered item): 

SELECT OWN.OWNERLASTNAME Last Name, ORD.ITEMDESIRED Item Ordered
FROM ORDERS ORD, ANTIQUEOWNERS OWN
WHERE ORD.OWNERID = OWN.OWNERID
AND ORD.ITEMDESIRED IN

(SELECT ITEM
FROM ANTIQUES);

This gives:

Last Name Item Ordered
--------- ------------
Smith     Table
Smith     Desk
Akins     Chair
Lawson    Mirror

Miscellaneous SQL Statements

Aggregate Functions
 

Five important aggregate functions: SUM, AVG, MAX, MIN, and COUNT. 

Aggregate functions summarize the results of a query, rather than listing all of the rows.

• SUM () gives the total of all the rows, satisfying any conditions, of the given column, where the given column is numeric.
• AVG () gives the average of the given column.
• MAX () gives the largest figure in the given column.
• MIN () gives the smallest figure in the given column.
• COUNT(*) gives the number of rows satisfying the conditions.

Looking at the tables at the top of the document, let's look at three examples: 

SELECT SUM(SALARY), AVG(SALARY)
FROM EMPLOYEESTATISTICSTABLE;

This query shows the total of all salaries in the table, and the average salary of all of the entries in the table.

SELECT MIN(BENEFITS)
FROM EMPLOYEESTATISTICSTABLE
WHERE POSITION = 'Manager';

This query gives the smallest figure of the Benefits column, of the employees who are Managers, which is 12500.

SELECT COUNT(*)
FROM EMPLOYEESTATISTICSTABLE
WHERE POSITION = 'Staff';

This query tells you how many employees have Staff status (3). 

Views

In SQL, you might (check your DBA) have access to create views for yourself. What a view does is to allow you to assign the results of a query to a new, personal table, that you can use in other queries, where this new table is given the view name in your FROM clause. 

When you access a view, the query that is defined in your view creation statement is performed (generally), and the results of that query look just like another table in the query that you wrote invoking the view. 
For example, to create a view:

CREATE VIEW ANTVIEW AS SELECT ITEMDESIRED FROM ORDERS;

Now, write a query using this view as a table, where the table is just a listing of all Items Desired from the Orders table:

SELECT SELLERID
FROM ANTIQUES, ANTVIEW
WHERE ITEMDESIRED = ITEM;

This query shows all SellerID's from the Antiques table where the Item in that table happens to appear in the Antview view, which is just all of the Items Desired in the Orders table. 

The listing is generated by going through the Antique Items one-by-one until there's a match with the Antview view. Views can be used to restrict database access, as well as, in this case, simplify a complex query.

Creating New Tables

All tables within a database must be created at some point in time...let's see how we would create the Orders table: 

CREATE TABLE ORDERS
(OWNERID INTEGER NOT NULL,
ITEMDESIRED CHAR(40) NOT NULL);

This statement gives the table name and tells the DBMS about each column in the table.  

Please note that this statement uses generic data types, and that the data types might be different, depending on what DBMS you are using. As usual, check local listings. Some common generic data types are:

• Char(x) - A column of characters, where x is a number designating the maximum number of characters allowed (maximum length) in the column.
• Integer - A column of whole numbers, positive or negative.
• Decimal(x, y) - A column of decimal numbers, where x is the maximum length in digits of the decimal numbers in this column, and y is the maximum number of digits allowed after the decimal point. The maximum (4,2) number would be 99.99.
• Date - A date column in a DBMS-specific format.
• Logical - A column that can hold only two values: TRUE or FALSE.

One other note, the NOT NULL means that the column must have a value in each row. If NULL was used, that column may be left empty in a given row. 

Altering Tables

Let's add a column to the Antiques table to allow the entry of the price of a given Item (Parentheses optional):

ALTER TABLE ANTIQUES ADD (PRICE DECIMAL(8,2) NULL);

The data for this new column can be updated or inserted as shown later.  

Adding Data

To insert rows into a table, do the following: 

INSERT INTO ANTIQUES VALUES (21, 01, 'Ottoman', 200.00);

This inserts the data into the table, as a new row, column-by-column, in the pre-defined order. 

Instead, let's change the order and leave Price blank:

INSERT INTO ANTIQUES (BUYERID, SELLERID, ITEM)
VALUES (01, 21, 'Ottoman'); 

Updating Data

Let's update a Price into a row that doesn't have a price listed yet:

UPDATE ANTIQUES SET PRICE = 500.00 WHERE ITEM = 'Chair';

This sets all Chair's Prices to 500.00. As shown above, more WHERE conditionals, using AND, must be used to limit the updating to more specific rows. Also, additional columns may be set by separating equal statements with commas. 

Deleting Data

Let's delete this new row back out of the database:

DELETE FROM ANTIQUES
WHERE ITEM = 'Ottoman';

But if there is another row that contains 'Ottoman', that row will be deleted also. Let's delete all rows (one, in this case) that contain the specific data we added before:

DELETE FROM ANTIQUES
WHERE ITEM = 'Ottoman' AND BUYERID = 01 AND SELLERID = 21; 

------------------------------------------------------------

Miscellaneous Topics

Indexes

Indexes allow a DBMS to access data quicker (please note: this feature is nonstandard/not available on all systems). The system creates this internal data structure (the index) which causes selection of rows, when the selection is based on indexed columns, to occur faster. 

This index tells the DBMS where a certain row is in the table given an indexed-column value, much like a book index tells you what page a given word appears. 

Let's create an index for the OwnerID in the AntiqueOwners table:

CREATE INDEX OID_IDX ON ANTIQUEOWNERS (OWNERID);

Now on the names:

CREATE INDEX NAME_IDX ON ANTIQUEOWNERS (OWNERLASTNAME, OWNERFIRSTNAME);

To get rid of an index, drop it:

DROP INDEX OID_IDX;

By the way, you can also "drop" a table, as well (careful!--that means that your table is deleted). In the second example, the index is kept on the two columns, aggregated together--strange behavior might occur in this situation...check the manual before performing such an operation.

Some DBMS's do not enforce primary keys; in other words, the uniqueness of a column is not enforced automatically. What that means is, if, for example, I tried to insert another row into the AntiqueOwners table with an OwnerID of 02, some systems will allow me to do that, even though we do not, as that column is supposed to be unique to that table (every row value is supposed to be different). One way to get around that is to create a unique index on the column that we want to be a primary key, to force the system to enforce prohibition of duplicates:

CREATE UNIQUE INDEX OID_IDX ON ANTIQUEOWNERS (OWNERID); 

GROUP BY & HAVING

One special use of GROUP BY is to associate an aggregate function (especially COUNT; counting the number of rows in each group) with groups of rows. First, assume that the Antiques table has the Price column, and each row has a value for that column. We want to see the price of the most expensive item bought by each owner. We have to tell SQL to group each owner's purchases, and tell us the maximum purchase price: 

SELECT BUYERID, MAX(PRICE)
FROM ANTIQUES
GROUP BY BUYERID;

Now, say we only want to see the maximum purchase price if the purchase is over $1000, so we use the HAVING clause:

SELECT BUYERID, MAX(PRICE)
FROM ANTIQUES
GROUP BY BUYERID
HAVING PRICE > 1000;

 

More Sub queries

Another common usage of sub queries involves the use of operators to allow a Where condition to include the Select output of a sub query.

First, list the buyers who purchased an expensive item (the Price of the item is $100 greater than the average price of all items purchased): 

SELECT BUYERID
FROM ANTIQUES
WHERE PRICE >

(SELECT AVG(PRICE) + 100
FROM ANTIQUES);

The subquery calculates the average Price, plus $100, and using that figure, an OwnerID is printed for every item costing over that figure. One could use DISTINCT BUYERID, to eliminate duplicates. 

List the Last Names of those in the AntiqueOwners table, ONLY if they have bought an item:

SELECT OWNERLASTNAME
FROM ANTIQUEOWNERS
WHERE OWNERID IN

(SELECT DISTINCT BUYERID
FROM ANTIQUES);

The subquery returns a list of buyers, and the Last Name is printed for an Antique Owner if and only if the Owner's ID appears in the subquery list (sometimes called a candidate list). Note: on some DBMS's, equals can be used instead of IN, but for clarity's sake, since a set is returned from the subquery, IN is the better choice. 

For an Update example, we know that the gentleman who bought the bookcase has the wrong First Name in the database...it should be John:

UPDATE ANTIQUEOWNERS
SET OWNERFIRSTNAME = 'John'
WHERE OWNERID =

(SELECT BUYERID
FROM ANTIQUES
WHERE ITEM = 'Bookcase');

First, the subquery finds the BuyerID for the person(s) who bought the Bookcase, then the outer query updates his First Name.

Remember this rule about sub queries: 

when you have a sub query as part of a WHERE condition, the Select clause in the sub query must have columns that match in number and type to those in the Where clause of the outer query. In other words, if you have "WHERE ColumnName = (SELECT...);", the Select must have only one column in it, to match the ColumnName in the outer Where clause, and they must match in type (both being integers, both being character strings, etc.). 

EXISTS & ALL

EXISTS uses a sub query as a condition, where the condition is True if the sub query returns any rows, and False if the sub query does not return any rows; this is a nonintuitive feature with few unique uses. However, if a prospective customer wanted to see the list of Owners only if the shop dealt in Chairs, try: 

SELECT OWNERFIRSTNAME, OWNERLASTNAME
FROM ANTIQUEOWNERS
WHERE EXISTS

(SELECT *
FROM ANTIQUES
WHERE ITEM = 'Chair');

If there are any Chairs in the Antiques column, the subquery would return a row or rows, making the EXISTS clause true, causing SQL to list the Antique Owners. If there had been no Chairs, no rows would have been returned by the outside query.

ALL is another unusual feature, as ALL queries can usually be done with different, and possibly simpler methods; let's take a look at an example query:

SELECT BUYERID, ITEM
FROM ANTIQUES
WHERE PRICE >= ALL

(SELECT PRICE
FROM ANTIQUES);

This will return the largest priced item (or more than one item if there is a tie), and its buyer. The sub query returns a list of all Prices in the Antiques table, and the outer query goes through each row of the Antiques table, and if its Price is greater than or equal to every (or ALL) Prices in the list, it is listed, giving the highest priced Item. The reason "=" must be used is that the highest priced item will be equal to the highest price on the list, because this Item is in the Price list.