 |
EWD621S - ENTERPRISE WEB APPLICATION DEVELOPMENT -2ND OPP - JAN 2020 |
|
|
1 Page 1 |
▲back to top |
pl NAMIBIA UNIVERSITY
OF SCIENCE AND TECHNOLOGY
FACULTY OF COMPUTING AND INFORMATICS
DEPARTMENT OF INFORMATICS
QUALIFICATION : BACHELOR OF INFORMATICS AND BACHELOR OF IT IN BUSINESS
COMPUTING
QUALIFICATION CODE: 07BAIF and 80BSBC
COURSE: Enterprise Web Application
Development
DATE: JANUARY 2020
_DURATION: 3 Hours
_
_
LEVEL: 7
COURSE CODE: EWD621S
SESSION: 2
MARKS: 100
SECOND OPPORTUNITY/SUPPLEMENTARY EXAMINATION QUESTION PAPER
EXAMINER(S)
Mrs. Katazo Amunkete and Mr. Veerabhadram Paduri
MODERATOR: Mr. Kandetu Tengovandu
INSTRUCTIONS
Answer ALL the questions.
Write clearly and neatly.
Number the answers clearly.
All marks are indicated in brackets at the end of each question.
The length of the answer/s must be guided by the available mark/s.
THIS QUESTION PAPER CONSISTS OF 6 PAGES (Including this front page)
|
|
2 Page 2 |
▲back to top |
SECTION A: STRUCTURED QUESTIONS
[45 Marks]
Question 1
Discuss the concept of constraint requirements and provide an example
requirement.
Question 2
What is data integration and why is it important for enterprise applications?
of a constraint
[4 Marks]
[2 Marks]
Question 3
Discuss any two (2) challenges that an enterprise might encounter when they decide to
implement an Enterprise Application (EA).
[4 Marks]
Question 4
Distinguish between constants, variables and arrays.
[3 Marks]
Question 5
What are the benefits of implementing a Content Management System ?
[4 Marks]
Question 6__
_
_
Define what Business Process Modelling (BPM) is and explain its relevance to web application
development.
[5 Marks]
Question 7
Differentiate between intranets and extranets.
[4 Marks]
Question 8
Different business processes are followed in the departments of different enterprises. Think of a
business function in any enterprise and provide an example ofa Business Process Model depicting
the business processes that are required to achieve that function.
[3 Marks]
Question 9
Distinguish between the presentation and data management tiers of enterprise applications (EAs).
[4 Marks]
Question 10
Discuss why is it important to carry out the requirements engineering process when developing
an enterprise web application?
[4 Marks]
Question 11
Discuss any two (2) things that can be done with PHP that wouldn’t otherwise be possible with
HTML.
[4 Marks]
Question 12
Explain how the client — server computing model works and produce a diagram to illustrate the
client-server relationship.
[4 Marks]
|
|
3 Page 3 |
▲back to top |
SECTION B: PRACTICAL QUESTIONS
[40 Marks]
Question 13
Write a PHP script that assigns a string to a variable and displays the message “Welcome to PHP
scripting (variable declared)”. Add a multi-line comment to explain the function of the script
and comment each line of code.
[5 Marks]
Question 14
Write a PHP script that assigns the date function to a variable. Use a conditional structure to:
[6 Marks]
e inform the user to have a nice weekend if the day is a Friday.
e inform the user to have a nice Sunday if the day is a Sunday.
e inform the user to have a nice day if it is any other day that is not a Friday and neither a
Sunday.
Question 15
Write 2 scripts that achieve the following:
a) Script 1: A form that prompts the user for a first name, a username and a password.
re
~
[5 Marks]
b) Script 2: Once the user clicks on the submit button in the form created in Script 1, Script 2
should display to the screen “Welcome to this simple form (name supplied by the user)”.
“Your username is (username supplied by the user) and your password is (password
supplied by the user)”.
[5 Marks]
Question 16
Write down the lines of code that achieve the following (1 mark for each):
a) create an array called name, the array should contain 5 names.
b) create a cookie called exam containing the value php.
c) start a session.
d) open a file called file2.txt in read-only mode.
[4 Marks]
Question 17
Write down the lines of code that achieve the following:
a) Create a database called EWD.
b) Create a table called Second with the following fields: Name, Age,
Assign a relevant data type to each field.
c) Insert values into each of the fields in the table you created in b).
d) Query the database for the content in the Name and Age fields.
e) Delete the table that you created in b).
Occupation
{1 Mark]
and Salary.
[3 Marks]
[4 Marks]
[2 Marks]
[1 Mark]
Question 18
Define what Events are in JavaScript (JS) and provide an example of an event hander used in JS.
[4 Marks]
|
|
4 Page 4 |
▲back to top |
SECTION C: CASE STUDY
[15 Marks]
Please read the case study below and answer the questions that come below it. Please write the
responses in your own understanding. Copying directly from the case will result in a score of
zero for that question.
Information Security Measures in PHP Website Design
Xu Zhiyong
Nanchang Institute of Science & Technology, Nanchang, China
In the Internet era, network has spread into all walks of life including both nation and individuals.
The bold and resolute advent of network has brought radical changes in people’s way of life as
well as more convenient internet life, greatly improving people’s life quality. Since personal
information is exposed to network environment, how to ensure information safety in particularly
important. Therefore, in the constant development of internet technology, PHP website design
is born at the right moment, whose optimized website design manner has played a vital
role_in improving reliability and safety of websites. However, it cannot be denied that
information security problems still exit in PHP website design. Specifically, in recent years,
website establishment of China has become more and more common. The issue of the first
national network security law has demonstrated the importance of internet information security
as well as importance of national information security. Based on such reasons, how to effectively
defend information security in PHP website design has become an issue to be settled urgently.
As dynamic languages, PHP and ASP utilize wamp technology to integrate server and database,
which plays an important role in website design optimization. The limited advantages of PHP
website design in practical application have exerted positive impact on reliability and safety of
websites. Specifically, the rise of network technology in recent years and the advent of network
era have greatly transformed people’s way of life. Since network spreads all walks of life,
individuals and nations have relied heavily on network. The network overcame national
boundaries and geographic restrictions, playing an irreplaceable part in promoting integration
of world economy. Its wide application in life has hugely enhanced life quality. Under the
network era, personal and national information has exposed to network. Once network
collapses, information security is easily endangered and national information security even
more. It can be seen from the first national network security law in China the importance of
national information security as well as attention to website information security payed by the
nation. Based on that, how to complete effective information security defense in PHP website
design has become an issue demanding prompt solution. Strengthening information security
defense in PHP website design from all aspects can effectively avoid impact of adverse factors
on website information safety, promote safe and stable operation of websites, reaching
important goals of PHP website design and promotion in the real sense.
|
|
5 Page 5 |
▲back to top |
Though setting of structured language exerts little effect on website running, its loophole will
bring serious threats to websites, endangering information security defense of websites.
When comes to common applied structured languages in present stage, SQL occupies a major
part. Proper application of SQL in PHP website design can offer security of information safety
in some degree. But how to integrate these two objects and ensure structured language
invasion codes to be given full play has become an issue demanding prompt solution in PHP
website design at present. While application statement can make illegal attackers skip password
authentication when logging website system. In most cases, relevant login password is set in
supervising website information security. Only when administers pass password authentication
can information be accessed by users. The reason for program statement directly attacking
information security defense lies in that, it utilizes character strings without verification in
computer program of website designers. Attackers take it as an attack point to easily break
through the supervision of website information security and access information illegally. XSS_ is
short of Cross Site Script Execution, whose fundamental principle is that attackers utilized
designed website program to start from insufficient user filtering and break through the
information security defense system, directly invading systems and information security of
other users. Such behavior usually appears in maliciously embezzlement of user information
and website attacking, whose wide coverage seriously effects the website information security.
In website information browsing, small-page pop-up windows in web pages (figure 1) actually
means that attackers make users be infected Trojan virus in looking through websites by use of
cross-site script execution program, thus, causing paralysis of user information security
supervision system eventually, exerting adverse impact on website information safety.
Thank you
(
8] Local intranet
100% >
Figure 1
In a word, it is an urgent issue for strengthening information security defense in PHP website
design. Whether invasion of structured languages or program statement and cross-site attacks,
they will lead to_adverse effect on website information security. On the current network
context, personal and national information is exposed to network systems. As long as system is
attacked or invaded maliciously, information leakage will take place, having a negative impact.
5
|
|
6 Page 6 |
▲back to top |
Thus, how to achieve efficient information security defense in PHP website design is associated
with its key goals.
Information security measures should be informed to users when they use websites. The main
reason is the vital role of user engagement in website information security supervision. If
users guide their behaviors in accordance with relevant requirements, they can avoid
malicious invasion in some extent. For instance, the pop-up windows in browsing websites is
actuallya cross-site script execution program. If users click on the pop-up windows, their
information will be spied maliciously. The basic principle of cross-site script execution is
that attackers utilize insufficient user filtering in the designed website program as an entry
point, breaking through information safety defense system of websites and directly invading
systems and threating information security of other users. Based on such phenomenon, in the
management of PHP website information, it is necessary to inform users of information
security defense methods and follow users’ data in a legal manner at the same time. The main
reason is that network technology has exerted huge impact on people’s lifestyle, and the rapid
development of network technology has accelerated the progress of human society.
In terms of information security defense in PHP website design, there are numerous problems
inthis respect. Structured language, program statement or cross-site script execution will
have negative effect on information safety of websites. Therefore, adverse factors should be
dealt with respectively to strengthen information security defense in website design. For
example, major designers must reserve structured language codes in website design to prevent
attackers from utilizing invasion of structured language to invade websites. As for defense in
cross-site script execution, it is necessary to begin with arousing the enthusiasm of user
information management, informing users of relevant measures. In the practical defense and
supervision, information security behavior should be normalized to strengthen information
security defense in PHP website design in the real life.
End of Case-study
Question 19
(a) What has led to the increase in the use of web applications?
(b) Discuss the three (3) threats that can affect php applications.
(c) According to the case study, how can the threats identified in b) be overcome?
(d) What technology was used to combine the webserver and MySQL?
[3 Marks]
[6 Marks]
[4 Marks]
[2 Marks]
End of Exam Paper
6