Ans to ques No1

(i)

(ii)
(iv)
Ans to ques No 1b
 Ans to ques No1a(or)
The term "CASE" in structured English typically refers to "Computer-Aided Software
Engineering." It is used to describe a set of tools and methodologies that assist in the
development and maintenance of software systems. In structured English, the "CASE" keyword
is often used to represent the application of these computer-aided tools and techniques in the
development process.

Example in Structured English:

CASE
WHEN condition1 THEN
// Actions to be performed when condition1 is true
WHEN condition2 THEN
// Actions to be performed when condition2 is true
ELSE
// Default actions if none of the conditions are true
END CASE

This structure represents a conditional statement where different actions are taken based on
various conditions. The "CASE" keyword here signals the beginning of a conditional structure.

Popular CASE Tools:

CASE tools include a variety of software applications designed to support different phases of the
software development life cycle. Some popular CASE tools include:

1. Microsoft Visio: A diagramming tool that includes support for creating flowcharts, data flow
diagrams, and other visual representations.

2. IBM Rational Rose: A modeling tool used for visual modeling of software systems using
Unified Modeling Language (UML).

3.ERwin Data Modeler:A tool for designing and managing databases, focusing on
entity-relationship modeling.

4. Enterprise Architect: A comprehensive modeling and design tool supporting various notations
and methodologies.

Indexed Sequential File Organization vs. Direct File Organization:

Indexed Sequential File Organization:

Advantages:
1. Fast Access: Provides relatively fast access to records using an index.
2. Sequential Access: Supports both sequential and direct access to records.
3. Efficient for Range Queries: Suitable for queries that involve ranges of records.

Disadvantages:
1. Complexity More complex to implement and manage compared to simple sequential or direct
file organization.
2. Overhead: Requires additional storage for the index, leading to increased overhead.
3. Slower Writes: Writing to the file can be slower due to the need to update the index.
Direct File Organization (Hashing):

Advantages:
1. Fast Access:Provides fast access to records based on a direct lookup using a hash function.
2. Simplicity: Simpler to implement and manage compared to indexed sequential organization.
3. Efficient for Equality Queries:Well-suited for queries that involve equality conditions.

Disadvantages:
1. Limited Range Queries: Inefficient for queries that involve ranges of records.
2. Collision Handling: Requires a mechanism to handle collisions when multiple records map to
the same hash value.
3. Non-Sequential Access: Does not inherently support sequential access to records.

The choice between indexed sequential and direct file organization depends on the specific
requirements of the application, the types of queries performed, and considerations of
complexity and performance.
 Ans to ques No1b

Answer to Question no 2 a
Answer to Question no:2(b)
 Answer to question no:2(c)

Database Design:

Three main phases in Database Design:

1. Conceptual database design - to build the conceptual representation of the database, which
has the identification of the important entities, relationships, and attributes.
2. Logical database design - to convert the conceptual representation to the logical structure of
the database, which includes designing the relations (ERD).
3. Physical database design - to decide how the logical structure is to be physically
implemented (as base relations) in the target Database Management System (DBMS)

Logical Data Modeling

A logical data model is a fully-attributed data model that is independent of DBMS, technology,
data storage or organizational constraints. It typically describes data requirements from the
business point of view. A logical data model describes the data in as much detail as possible.
Features of a logical data model include: • All entities and relationships among them. • All
attributes for each entity are specified. • The primary key for each entity is specified. • Foreign
keys (keys identifying the relationship between different entities) are specified. • Normalization
occurs at this level.

Answer to Question no:3(a)

System Testing: System testing is basically a process to detect errors in the software product.

Objectives of testing

First of all the objective of the testing should be clear. We can define testing as a process of
executing a program with the aim of finding errors.To perform testing, test cases are designed.A
test case is a particular made up artificial situation upon which a program is exposed so as to
find errors.So a good test case is one that finds undiscovered errors. If testing is done properly,
it uncovers errors and after fixing those errors we have software that is being developed
according to specifications.

Answer to Question no:3(b)

WHITE BOX TESTING

White box testing focuses on the internal functioning of the product. For this different procedures
are tested. White box testing tests the following
● Loops of the procedure
● Decision points
● Execution paths

BLACK BOX TESTING

Black box testing tests the overall functional requirements of a product. Input are supplied to
product and outputs are verified. If the outputs obtained are the same as the expected ones
then the product meets the functional requirements. In this approach internal procedures are not
considered. It is conducted at later stages of testing. Now we will look at black box testing
technique.

Black box testing uncovers following types of errors.

1. Incorrect or missing functions
2. Interface errors
3. External database access
4. Performance errors
5. Initialization and termination errors.
​ White-box Testing:

Scenario: Imagine you are testing the internal electronics and software of
a microwave oven.

White-box Testing Example:

Open the microwave oven, examine the circuitry, and test the control panel
buttons individually. Check if the internal components operate according
to the specified requirements. Verify the program logic that controls the
cooking time and power levels.

​ Black-box Testing:

Scenario: Consider testing the overall functionality of a microwave oven

without looking into its internal workings.

Black-box Testing Example:

Place food inside the microwave, set the cooking time and power level
using the control panel, and start the microwave. Observe whether the
oven heats the food as expected and stops when the timer reaches zero.
In this case, you are testing the microwave's functionality without knowing
the intricate details of its internal components.
 Answer to Question no:3(c)

Answer to Question no:4(a)

Answer to Question no:4(b)
Answer to Question no:4(c)
Answer to Question no:5(a)
 Answer to Question no:5(b)

Threats: Objects, persons, or other entities that represents a potential danger to the system

1. Physical Threats:

Definition: Physical threats refer to potential dangers to the tangible components of a computer
system, including hardware, infrastructure, and physical premises.
Examples:
Natural Disasters: Events like earthquakes, floods, fires, or storms can physically damage
hardware and disrupt operations.
Theft or Vandalism: Unauthorized access to physical equipment can lead to theft or intentional
damage.
Accidents: Unintentional incidents, such as spills or collisions, may harm hardware
components.

Mitigation: Implementing physical security measures, such as surveillance, access control, and
disaster recovery plans, helps mitigate physical threats.

2. Non-Physical Threats:

Definition: Non-physical threats involve risks to the intangible aspects of a computer system,
including data, software, and network communication.
Examples:
Malware: Viruses, ransomware, and other malicious software can compromise data integrity
and system functionality.
Unauthorized Access: Individuals gaining unauthorized access to sensitive information or
systems.
Data Breaches: Leakage of confidential information, leading to privacy concerns.
Phishing Attacks: Attempts to trick users into revealing sensitive information through deceptive
means.

Mitigation: Employing cybersecurity measures such as firewalls, encryption, access controls,

and user education helps mitigate non-physical threats.

Answer to Question no:5(c)

Network Security:

Definition: Network security involves implementing measures to protect computer networks from
unauthorized access, attacks, and data breaches.

Key Aspects:
● Firewalls and Intrusion Detection Systems (IDS).
● Encryption for secure data transmission.
● Access controls and authentication mechanisms.
● Regular monitoring and updates to address vulnerabilities.

End-point Security:

Definition: End-point security focuses on securing individual devices (end-points) such as

computers, laptops, and mobile devices from cyber threats.
Key Aspects:
● Antivirus software to detect and remove malicious programs.
● Endpoint detection and response (EDR) tools.
● Device encryption and access controls.
● Regular software updates and patch management.

Internet Security:

Definition: Internet security aims to protect users and their data from online threats and attacks
while using the internet.

Key Aspects:
● Secure browsing practices and HTTPS usage.
● Email security measures to prevent phishing and malware.
● Virtual Private Network (VPN) for encrypted connections.
● Regular software updates and awareness of online risks.

Cloud Security:

Definition: Cloud security focuses on safeguarding data, applications, and infrastructure hosted
in cloud environments from unauthorized access, data breaches, and other cyber threats.

Key Aspects:
● Identity and Access Management (IAM) for controlling user access.
● Encryption of data in transit and at rest.
● Regular security audits and compliance checks.
● Multi-factor authentication for enhanced user verification.

OR,
Answer to Question no:5(a)
Project Management:

Definition: Project management is the disciplined planning, execution, and control of tasks and
resources to achieve specific project goals within constraints like time, cost, and scope.

Need of project management:

Project management is essential to ensure organized and efficient completion of projects,
allowing teams to meet objectives, control resources, and adapt to changes effectively.
PERT (Program Evaluation and Review Technique):

Definition: PERT is a project management tool that analyzes and represents the tasks involved
in completing a project, emphasizing the relationships between these tasks.

ROI (Return on Investment):

Definition: ROI is a financial metric used to evaluate the profitability and efficiency of an
investment, comparing the gain or loss relative to its cost.

Answer to Question no:5(b)

1) Data Elements: Basic Pay, Professional Tax

Basic Pay:

Definition: The fixed monetary compensation an employee receives before additional

allowances or deductions.

● Data Type: Numeric (Currency).

● Format: Upto two decimal places.

Example: $45,000.

Professional Tax:

Definition: A tax levied by some states on salaried individuals as a professional tax.

Data Type: Numeric (Currency).

● Format: Upto two decimal places.

Example: $200.

2) Data Stores: Salary Summary, Arrears File

Salary Summary:

Definition: A data store containing summarized information about employee salaries, including
gross pay, deductions, and net pay.

● Data Structure: Tabular format with columns like Employee ID, Gross Pay, Deductions,
Net Pay.
Arrears File:

Definition: A data store storing information about pending or retroactive payments owed to
employees.

● Data Structure: Tabular format with columns like Employee ID, Arrears Amount, Reason,
Date.

3) Data Flows: Earning Details, Deduction Details

Earning Details:

Definition: The data flow carrying information about an employee's earnings, including salary
components and bonuses.

● Data Structure: Tabular format with columns like Employee ID, Basic Pay, Allowances,
Bonuses.

Deduction Details:

Definition: The data flow conveying information about deductions from an employee's salary,
including taxes and other withholdings.

● Data Structure: Tabular format with columns like Employee ID, Tax Deductions,
Insurance Deductions, Other Deductions

Answer to Question no:5(c)

Importance of Documentation in Software Development:

● Communication: Facilitates clear communication and understanding among team

members.

● Knowledge Transfer: Aids in sharing knowledge, especially during team changes or

onboarding.

● Requirements Clarity: Clarifies client expectations, reducing ambiguity in project

requirements.

● Traceability: Provides a traceable record of design decisions, code changes, and bug
fixes.

● Maintenance and Support: Streamlines maintenance tasks by offering insights into

system architecture and functionality.
● Quality Assurance: Supports the QA process by providing a basis for creating test cases
aligned with project requirements.

● Collaboration: Fosters collaboration, enabling cohesive teamwork and maintaining

coding consistency.

● Risk Management: Identifies and addresses potential risks early in the development
process.

● Regulatory Compliance: Essential for demonstrating compliance with industry standards

and regulations.

● Future Enhancements: Lays the groundwork for future enhancements, easing integration
of new features.