NATIONAL BOOK FOUNDATION

CLASS 11
COMPUTER SCIENCE
CHAPTER 1
LONG RESPONSE QUESTIONS

4. Compare and contrast the waterfall model and agile

model in software development . Which one do you think
is more suitable for modern software development and
why?

Aspect Waterfall Model Agile Model

Definition Sequential steps, Iterative cycles
one phase after with flexibility to
another. adapt.
Phases Fixed sequence: Repeated cycles:
Requirements → Planning →
Design → Development →
Implementation Testing →
→ Testing → Review.
Maintenance.
Flexibility Low; changes are High; changes
difficult once a can be made
phase is throughout the
complete. project.
Documentation Heavy Light, evolving
documentation documentation as
before starting the project
coding. progresses.
Testing Testing happens Testing is done
only after the throughout each
implementation iteration or sprint.
phase is
complete.
Suitability Best for projects Best for projects
with stable, with changing
well-defined requirements and
requirements. frequent updates.

Suitability for Modern Software Development

Agile Model is more suitable for modern software

development because:
1. Flexibility: Adapts to changing requirements.
2. Frequent Updates: Delivers updates in short cycles.
3. Customer Feedback: Incorporates feedback
continuously.
4. Risk Management: Identifies and fixes issues early.
5. Team Collaboration: Promotes close collaboration
within the team.
6. Efficiency: Focuses on delivering functional software
quickly.

5) Discuss the role of requirements engineering in SDLC.

What are the challenges and benefits of gathering and
managing requirements effectively?

Role of Requirements Engineering in SDLC

Definition:
● Requirements Engineering is the process of
identifying, analyzing, documenting, and managing
stakeholder needs to ensure the software system
meets its goals.
Importance:
● Foundation for Design: Provides a clear basis for
system design and development.
● Aligns Objectives: Ensures the final product aligns
with business needs and user expectations.
● Reduces Risk: Identifies potential issues early,
preventing costly changes later.

Challenges of Gathering and Managing Requirements

1. Elicitation Difficulties
 ● Issue: Stakeholders may not always have a clear
idea of what they need, leading to vague or
incomplete requirements.
● Impact: Leads to unclear project goals and potential
misalignment.
2. Scope Creep
● Issue: Continuous changes and additions to
requirements.
● Impact: Causes delays and increases costs.
3. Communication Gaps
● Issue: Misunderstandings between stakeholders and
developers.
● Impact: Results in incorrect or incomplete
requirements.
4. Documentation Issues
● Issue: Poorly documented requirements.
● Impact: Leads to ambiguity and potential
implementation errors.

Benefits of Effective Requirements Management

1. Clear Goals
● Benefit: Ensures all stakeholders have a shared
understanding of project objectives.
2. Improved Quality
● Benefit: Fewer defects and rework due to
well-defined requirements.
3. Enhanced Communication
● Benefit: Better collaboration and fewer
misunderstandings.
4. Cost and Time Efficiency
● Benefit: Reduces costs and avoids delays by
addressing issues early in the process.

6) Outline the various methods of system

deployment/implementation mentioned in the text ( direct,
parallel, phase, pilot,) provide real world scenarios where
each deployment method would be most suitable.

Deployment/Implementation Methods

1. Direct Deployment
Definition:
● The new system replaces the old system immediately
and completely in a single, decisive switch.
Real-World Scenario:
 ● Example: A small company migrating from a legacy
accounting system to a modern software platform.
Since the company only has a few users and minimal
risk, a direct deployment minimizes downtime and
training costs.
2. Parallel Deployment
Definition:
● Both the old and new systems run simultaneously for
a period, allowing comparison and ensuring the new
system is functioning correctly before fully switching
over.
Real-World Scenario:
● Example: A large healthcare provider implementing a
new patient management system. During the
transition, both the old and new systems are used in
parallel to ensure no patient data is lost and to
validate that the new system handles all requirements
properly.
3. Phase Deployment
Definition:
● The new system is implemented in phases or
modules over time, rather than all at once.
Real-World Scenario:
● Example: A global retail chain introducing a new
inventory management system. The deployment is
done in phases, starting with one region and gradually
expanding to other regions, allowing for adjustments
and ensuring stability before a full rollout.
4. Pilot Deployment
Definition:
● The new system is initially deployed to a small,
controlled group of users or departments to test its
effectiveness before a full-scale implementation.
Real-World Scenario:
● Example: A government agency testing a new digital
document management system with a single
department before rolling it out agency-wide. This
approach helps identify issues and gather feedback in
a controlled environment.

7) Explain bus, star and ring network technologies. give

their advantages and disadvantages.

1. Bus Network
Definition:
 ● Single central cable (bus) connecting all devices.
Advantages:
● Cost-Effective: Less cabling required.
● Easy Expansion: Simple to add new devices.
Disadvantages:
● Performance Issues: Slows down with more devices.
● Single Point of Failure: Entire network fails if bus
fails.
● Troubleshooting: Hard to locate issues.

2. Star Network

Definition:
● Devices connect to a central hub or switch.
Advantages:
● Reliability: Failure of one device doesn’t affect
others.
● Easy Troubleshooting: Issues are isolated to
individual connections.
● Scalability: Easy to add devices.
Disadvantages:
● Cost: Requires more cabling and a central hub.
 ● Central Point of Failure: Network fails if hub fails.

3. Ring Network

Definition:
● Devices connected in a circular fashion, data travels
in one direction around the ring until it reaches its
destination.
Advantages:
● Predictable Performance: Consistent data
transmission.
● Easy Troubleshooting: Problems can be isolated
quickly.
Disadvantages:
● Single Point of Failure: A fault disrupts the entire
network.
● Complex Setup: More complex to install and
maintain.
8) In the context of cloud computing, elaborate on the
concepts of scalability and reliability. How do these
concepts contribute to the effectiveness of cloud services?
provide a real world example.

Scalability and Reliability in Cloud Computing

Scalability
Definition:
 ● Scalability means a cloud service can handle more
users or data by adding resources when needed or
reducing them when they're not.
Benefits:
● Handles Growth: Easily adjusts to more traffic or
users.
● Cost-Efficient: Pay only for the resources you use.
Example:
● Netflix: When many people watch movies at the
same time, Netflix uses more servers to handle the
load. After the peak, it reduces servers to save costs.
Reliability
Definition:
● Reliability means a cloud service stays up and
running without interruptions and can recover quickly
if something goes wrong.
Benefits:
● Less Downtime: Service remains available even if
there are problems.
● Data Safety: Protects against data loss.
Example:
 ● Google Drive: If one data center has a problem,
Google Drive automatically switches to another center
to keep your files accessible.
9) explain symmetric and asymmetric encryption methods
in the context of cyber security?

Symmetric and Asymmetric Encryption in Cyber

Security
Symmetric Encryption
Definition:
● Symmetric Encryption uses the same key for both
encryption and decryption. This means the same key
is used to encode and decode the data.
How It Works:
● Encryption: Data is encrypted with a secret key.
● Decryption: The same secret key is used to decrypt
the data.
Advantages:
● Speed: Generally faster and more efficient for
processing large amounts of data.
● Simplicity: Easier to implement due to the use of a
single key.
Disadvantages:
 ● Key Distribution: Securely sharing the key between
parties can be challenging.
● Scalability: Managing keys for multiple users can be
complex.
Example:
● AES (Advanced Encryption Standard): Widely used
symmetric encryption algorithm for securing data.
Asymmetric Encryption
Definition:
● Asymmetric Encryption uses a pair of keys: a public
key for encryption and a private key for decryption.
The keys are mathematically related but different.
How It Works:
● Encryption: Data is encrypted with the recipient’s
public key.
● Decryption: Data is decrypted with the recipient’s
private key.
Advantages:
● Secure Key Distribution: No need to share the
private key, only the public key is distributed.
● Digital Signatures: Allows for digital signatures,
which verify the authenticity and integrity of the data.
Disadvantages:
● Performance: Generally slower than symmetric
encryption due to the complexity of the algorithms.
● Computational Overhead: Requires more
processing power and resources.
Example:
● ECC (Elliptic Curve Cryptography): An asymmetric
encryption algorithm that provides strong security with
smaller key sizes, making it efficient for mobile and
IoT devices.

10) Imagine you are responsible for the cybersecurity of a

large organization. describe a comprehensive
cybersecurity strategy that includes multiple layers of
defense against various threats.

Comprehensive Cybersecurity Strategy

1. Network Security
● Firewalls: Control and monitor network traffic. Use
next-generation firewalls (NGFWs) that offer
advanced features like deep packet inspection and
threat intelligence.
 ● Intrusion Detection/Prevention: Detect and block
suspicious activities.
● Network Segmentation: Divide network into
segments to limit breaches.
. Endpoint Security
2

● Antivirus/Anti-malware: Protect individual devices

from threats.
● Endpoint Detection and Response (EDR): Monitor
and respond to endpoint threats.
● Device Management: Use Mobile Device
Management (MDM) for control.
3. Access Control
● Authentication: Use multi-factor authentication
(MFA) for secure login.
● Authorization: Implement role-based access control
(RBAC).
● Identity Management: Manage user identities and
permissions.
4. Data Security
● Encryption: Encrypt data at rest and in transit.
● Data Loss Prevention (DLP): Prevent unauthorized
data transfers.
● Backup and Recovery: Regular backups and test
recovery processes.
5. Application Security
● Secure Development: Follow secure coding
practices and test applications.
● Web Application Firewalls (WAF): Protect web apps
from attacks.
● Patch Management: Regularly update and patch
software.
6. Security Operations
● Security Information and Event Management
(SIEM): Monitor and analyze security data.
● Incident Response: Prepare and practice response
to security incidents.
● Continuous Monitoring: Track network and system
activity in real-time.
7. User Awareness and Training
● Security Training: Educate employees on risks and
best practices.
● Policy and Compliance: Establish and enforce
security policies and standards.