Post by: billyjackson768 on September 30, 2012, 08:31:56 pm
I currently have only not got 100% on one SAC and second behind a tied first in the class so I feel I'm doing pretty good so far. But I do feel my whole class is at a disadvantage (yes, woe is me) for the exam as we've only really worked on what we've needed to make it though SACs. Sure that "should" cover most of the important stuff. But only at a superficial level given most of our focus has been on programming.
Getting to the point though. What do people here recommend to be the most efficient AND effective way of preparing for the exam. We currently all have the VITTA 2011 and 2012 exams as well as the 2011 VCAA exam which will all be worked through. But other than that, for someone looking to get over 40 what else should be done? Should I try and work on as many old exams as possible excluding stuff which has been removed in the new study design? Have a vceit.com slideshow marathon? Summarise the entire text and plaster the walls of my room in pages. Or...?
Post by: Yendall on September 30, 2012, 08:41:21 pm
Post by: billyjackson768 on September 30, 2012, 09:01:53 pm
If only there was a comprehensive SD lecture with notes like with TSFX that was an option to go to. I would even be willing to pay the ridiculous price I paid for Physics and Methods lectures. (Just a hint for anyone aspiring hold lectures for this in the future).
Post by: Lasercookie on September 30, 2012, 09:07:29 pm
If you're just solely passively reading notes it probably won't be entirely helpful. It's probably better to have a good think about some of the concepts, asking the question 'why' and then trying to answer it. That's not to disregard the value of notes, but ultimately knowing the content and then knowing how to apply it in the exam is the important part.
After sitting them once in exam conditions, you'll want to go through each exam you do carefully. Paying attention to things like what's the best way to answer questions, what kind of stuff are the assessors looking for. Take a look at the reports, they complain nearly every year of people not answering in the style expected e.g. things like not using key words correctly, not providing a justification when asked etc. Exploring any content that you're unsure of in a practice exam is probably obvious.
You'll want to develop techniques for common questions, e.g. desk checking algorithms and then how to deal with curveball questions - like desk checking that bubble sort algorithm in that other thread, that was ridiculously massive for a multiple choice question (edit: should say that question was from a VITTA exam, not a VCAA one)
Post by: MJRomeo81 on September 30, 2012, 09:11:21 pm
2: Know the theory well. And I mean really well. As you all know there is no programming on the exam. So the countless hours spent searching for particular code in VB/Python/etc. is irrelevant when it comes to the exam. However understand the algorithms listed in the study design (stuff like bubble sort. binary search, etc.)
3: The true language to master in VCE SD is pseudocode. Be familiar with reading and writing it for any programming problem. In the case study there will be some pseudocode algorithms for you to interpret and desk check.
4: Understand layer 1 of the OSI model. Too many students who I've talked to completely ignore this learning point on the study design. I'm willing to bet that there will be a section B/C question on it this year.
5: Last but not least, use the study design terminology correct. Never write a sentence like this (e.g. comparing two software systems): "X is more efficient and effective than Y". ALWAYS explain how it is efficient and effective (and know the difference between the two - the examiners are strict about this).
Complete all of the VITTA exams once (I've never believed in re-sitting the same prac exam, but of course evaluate where you answered things wrong and how to improve), complete the 2011 exam if you haven't already. Identify your mistakes. There's no need to stare at notes until your eyes hurt. At this stage you don't want to be bashing in ideas you already know. Focus on those concepts that you have always been a little iffy on.
Post by: billyjackson768 on September 30, 2012, 09:54:08 pm
Also what other exams are out there besides VCAA and VITTA?
Post by: Lasercookie on September 30, 2012, 10:11:58 pm
Also what other exams are out there besides VCAA and VITTA?As far as I'm aware: CSE, Insight (I think they only have a 2011 one)
Oh don't forget the VCAA sample + solutions on VCEIT too.
Edit:
OFF-TOPIC, but on sorting:
http://www.youtube.com/watch?v=ywWBy6J5gz8
http://www.youtube.com/watch?v=lyZQPjUT5B4
(the quick sort one is better imo)
Post by: Yendall on September 30, 2012, 10:16:09 pm
- The purposes of a DFD and a UCD (especially the difference between the two)
- Maintaining relevance to the case study at all times when discussing ethical considerations, characteristics of solutions etc.
- Security and Functions of Networks and Systems
- Characteristics of Solutions (This includes efficiency and effectiveness)
- Know the difference between Efficiency and Effectiveness in detail. (Looking at examiners reports this seems like a massive error with students answers)
- The difference between Criterion, Method and Effect
- Functional and Non-Functional Requirements in relation to unique solutions. (Don't just name them, explain why they are important)
- Ability to determine Binary Searches, Bubble Sorts, Linear Searches, Quick Sorts etc. from an algorithm, and also being able to deskcheck these with input data
Post by: billyjackson768 on November 08, 2012, 04:36:17 pm
Now it's time to jump into Software Development study. :)
Well anyways I've managed to do OK with what Vitta exams I have done so far but still have a lot of work to do. Especially seeing as my teacher says he's given me 100/100 for SACs. So if I can do well on this exam I still have a chance at 50 that's not so dependant on 2 others doing at least as well as I do, which is great motivation.
All the advice provided here has been great. I'm stilk working on knowing a few thing back to front, but I'll get there hopefully. Also still have the 2011 VCAA exam mostly untouched which is going to be my big challenge to make sure I know how to answer everything within perfectly. Psueudo code is something I'm still pathetic with as well. So between that, VCAA and VITTA exams. I've got a busy week ahead.
How's everyone elses study plans coming along? Feeling confidant?
Post by: billyjackson768 on November 08, 2012, 04:40:30 pm
Website: http://www.swinburne.edu.au/ict/schools/resources/sd/
Username: edprograms
Password: ict12swin
Post by: Yendall on November 08, 2012, 05:22:48 pm
Post by: billyjackson768 on November 08, 2012, 06:19:58 pm
I'm feeling quite shitty about this exam :/
Give me a day or two and I'll probably be in the same boat as you. As with you I do also have a second exam to study for before IT which is the other problem.
Post by: Yendall on November 08, 2012, 06:21:38 pm
Yeah it's terrible! I just keep looking at the exams and content and realising how much I don't know. It's such an ambiguous subject. I have studio on Monday, so that leaves 3 days of studying as well.I'm feeling quite shitty about this exam :/
Give me a day or two and I'll probably be in the same boat as you. As with you I do also have a second exam to study for before IT which is the other problem.
Post by: ldee on November 08, 2012, 07:46:52 pm
Yeah it's terrible! I just keep looking at the exams and content and realising how much I don't know. It's such an ambiguous subject. I have studio on Monday, so that leaves 3 days of studying as well.I'm feeling quite shitty about this exam :/
Give me a day or two and I'll probably be in the same boat as you. As with you I do also have a second exam to study for before IT which is the other problem.
So painfully true :( What do you guys predict will show up on the exam? EDIT: besides what you mentioned above ;)
Post by: Lasercookie on November 08, 2012, 07:51:03 pm
What do you guys predict will show up on the exam? EDIT: besides what you mentioned above ;)I don't really like predictions, just study the entire course inside and out imo, anything in there could pop up.
I'll probably start studying for SD on Tuesday (after the chem exam). Kind of been looking over things every now and then, but haven't done anything too heavy in the past few weeks.
Post by: ldee on November 08, 2012, 07:57:03 pm
I don't really like predictions, just study the entire course inside and out imo, anything in there could pop up.
Yeah good move I suppose, I especially in a subject like this.
Post by: Yendall on November 08, 2012, 08:30:00 pm
Few questions that I got wrong:
Question 15: Nola's and Ben's computers are part of a network. Recently Nola's computer became infected with a worm. Which statement is most correct?
A. The work will not spread to Ben's computer because it is not a useful program.
B. The worm will spread to Ben's computer only if Nola sends an infected file to Ben as an email attachment.
C. The worm will spread to Ben's computer only if a copy of one of Nola's infected files is opened on his computer.
D. The worm will spread to Ben's computer by sending a copy of itself through the network and infecting one of his files.
I chose B. My reasons for that answer were that:
- A is ridiculous, we aren't even told what program it is. What defines a useful program? And what has that got to do with anything?
- C is implying that a worm can only travel is a copy is opened on another computer which is incorrect, it can travel through attachments
- I thought D was a little unrealistic. I never thought worms could send themselves? I always thought they had to attach to something that was already being sent?
b. Provide an example of a criterion that the new PIMS must meet to pass the UAT process.
I said it must "adhere to the standards of user-friendliness, but apparently that's not a criterion, I think? Anyone have any idea on that one?
Question 16:The introduction of the new PIMS at the Bigton City Council will affect a number of stakeholders.
Outline the conflict that may occur between the Council and each of the following stakeholders.
Outline the conflict that may occur between the Council and each of the following stakeholders.
- Parking Officers
- Motorists using parking bays
Post by: Lasercookie on November 08, 2012, 09:25:43 pm
Question 15: B or D was what I was tossing up.
By D they mean that it's a standalone program, not like a virus where it has to attach itself.
I guess quoting Wikipedia: http://en.wikipedia.org/wiki/Computer_worm
Quote
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program.
Quote from: Yendall
I said it must "adhere to the standards of user-friendliness, but apparently that's not a criterion, I think? Anyone have any idea on that one?My first thought is that is a bit too vague as a criterion, like what does "user-friendliness" encompass? You could word it in a way that's a bit more specific, what would you actually test for it to be user-friendly? e.g. things like is the user interface easy to understand etc.
Going by the assessor report, only 45% got this right - my guess for where people lost the mark would have been in how specific they were to the case study. The examples they gave are pretty specific ones, so that's really the main thing that leads me to assume that VCAA want to see specific answers.
Question 16
Your answer looks fine-ish to me. I think you've got the gist of it, but yeah like you said, you'd want to be specific to the actual scenario in the question. Those two points you give are valid though.
So what you're saying is that they might get fined and not know what law they broke because the council didn't communicate to them properly. I think there's an issue with that. Parking tickets did exist before the system was implemented, and motorists would have been aware of those laws. I think you haven't recognised in your answer that there has been a change made (which is the new system - there's your reference to the actual solution).
You seem to somewhat contradict with the case study only because you've been a bit vague with what an 'unjustified parking ticket' actually is. Of course all parking tickets won't be unjustified, so in that case I think it'd be better to explain why the system might give them 'unjustified' parking tickets - e.g. something that they could have gotten away with before and can't now with the new system.
I guess same as above, always try to make it specific to the case study. I think you could probably word 'take it out on the council' a bit better (seems a bit too informal), but the gist of what you're saying I believe is correct.
In fact, look at the example VCAA gave in the report:
Quote from: VCAA
The parking officers may resist the council's changes and be angry about the new system since they weren't warned or told why. This could result in for example, strike action or an increase in sick days.
Motorists will complain that the council is deliberately attempting to raise revenue from PIMS and that the software is unfair/unjust.
That first one for parking officers is pretty much what you said, except you said it from the point of view of the motorists. The difference is that the VCAA one is specific about how they get might get angry. Looking at the VCAA response, they went with using the word 'complain', which is what you were getting at with "take it out on the council".
There probably is a balance we have to find with how much information to give though, they don't give all that much space to write and you might end up giving too much detail and not being very concise. I usually find that there's nearly always a better way of wording the answer.
Post by: billyjackson768 on November 08, 2012, 09:25:57 pm
Just did the 2011 exam and got 90/100. Not too bad really.
Few questions that I got wrong:Question 15: Nola's and Ben's computers are part of a network. Recently Nola's computer became infected with a worm. Which statement is most correct?
A. The work will not spread to Ben's computer because it is not a use program.
B. The worm will spread to Ben's computer only if Nola sends an infected file to Ben as an email attachment.
C. The worm will spread to Ben's computer only if a copy of one of Nola's infected files is opened on his computer.
D. The worm will spread to Ben's computer by sending a copy of itself through the network and infecting one of his files.
I chose B. My reasons for that answer were that:
- A is ridiculous, we aren't even told what program it is. What defines a useful program? And what has that got to do with anything?
- C is implying that a worm can only travel is a copy is opened on another computer which is incorrect, it can travel through attachments
- I thought D was a little unrealistic. I never thought worms could send themselves? I always thought they had to attach to something that was already being sent?
b. Provide an example of a criterion that the new PIMS must meet to pass the UAT process.
I said it must "adhere to the standards of user-friendliness, but apparently that's not a criterion, I think? Anyone have any idea on that one?Question 16:The introduction of the new PIMS at the Bigton City Council will affect a number of stakeholders.
Outline the conflict that may occur between the Council and each of the following stakeholders.I wrote for Motorists that "The motorists may get angry for receiving unjustified parking tickets and take it out on the council for not explaining the system", however I don't think that's an acceptable answer so I didn't award myself a mark. Does a question like this have to be quite specific to the actual software solution?
- Parking Officers
- Motorists using parking bays
That first question is quite mean. I probably would have said D but thinking about it I'm not that sure about how worms infect others. I would only pick that as A, B and C seem wrong to me. A- What on earth is a "use program" B - It can spread through means other than email attachments surely. C- A description of a trojan? D - Not positive on, but it seems about right when you think about something such as the conficker worm I think was self replicating.
A 90/100 is something to be happy with in my books, that certainly gets you right up there. But have you seen any of the exam questions or done any of the exam before? That would be my major worry, my teacher gave us all the 2011 exam at the start of the year and told us all to take a look. If I got 90/100 I would feel like it should be s 70 or 80. Though I never really saw that much... When I do it tomorrow I'll tell you how I go and give my opinion on the case study question. ;)
Post by: Yendall on November 08, 2012, 09:34:26 pm
Post by: billyjackson768 on November 10, 2012, 04:41:11 pm
Questions I was a little unsure of include:
Quote
Section B Question 4
Big O Television's secure computer network was recently breached. Big O Television has hired an independent IT security company, Secure TVtech, to test the security of its network and provide support in identifying and repairing any weaknesses in its security.
a. Suggest a technique that Secure TVtech might use to test the security of Big O Television's computer network and describe how it would work.
b. Explain how a security audit of the computer network may have prevented the original network breach at Big O Television.
For a. would "Social Engineering" be an acceptable answer, along with a description along the lines of them trying to fool people into allowing them to physically gain entrance into the company and physically be allowed access to something such as a computer or another part of the network? The text book includes this method but neither VCAA or Mark did in their answers. Unless it just comes under the heading of penetration testing. ::)
For b. I'm a little unsure if my explanation is sufficient, I haven't learnt much about audits. My answer is. "A security audit would involve BigO hiring or using the closest they have to a security expert to methodically analyse their network and company to find any gaps in security." Reading other answers, I think I'm on the right track, but maybe not precise enough. I also think it may not be the best idea to suggest that someone in the company may preform the audit, unless they're some kind of expert.
Case Study Question 4:How on earth are you meant to specifically state Functional requirements and then give an example. Just state it twice, rewording it each time? Or is there a way of generally listing functional requirements? I hope we don't get any questions like this on the exam this year, they're just poorly constructed.
Case Study Question 16: I took a mark off for my first description here. Thinking about it, it might not be to bad but nevertheless I said. "In changing the way they work and amount they need to learn, the council [may] be requested to increase their pay." For motorists I said "Motorists may claim the new system is not working to escape fines issued."
Thinking about your question now Yendall, I don't think it would need to specifically refer to the software solution. However it probably would have to refer to the problems that arise between the council, parking officers and motorists in relation the the whole system. I'm sure you meant the whole system, but the software is only a part of it. If you only refer to a problem that is caused by the new system I think that would be acceptable.
On multiple choice I did rather poorly. I lost 4 marks.
Question 9: I said function, I always manage to mess this up. If I actually write myself out some clear definitions I should be fine.
Question 11: I said B which was rather silly given that I can actually recall now this question being gone through in that lecture I linked.
Question 14: My failure to understand the OSI model I suppose. I said D which is apparently TCP. I better revise my OSI and TCP/IP descriptions. Hopefully won't make this mistake again.
Question 20: This one I didn't like... I would never make a user have to scroll through a list 200 items long to find what they want. If I had to make a list of countries I would at least have multiple lists grouped by continents, heck I may even include tiny flags next to names. :P Otherwise though I would probably use an auto complete function in a search bar (text box) which sounds kind of like C. Being unsure though and not originally thinking so clearly about it being every country I said B, which still could possibly be better than the list if you can zoom in to click on smaller countries.
Post by: Yendall on November 10, 2012, 07:38:36 pm
I think Social Engineering would be more to test the level of logic in the workers, wouldn't it be? It's not physically testing the network. Although you could say that the network itself isn't detecting an executable or unknown file when it enters the network stream. However, the company would've created the file themselves so it isn't actually harmful, therefore anti-viruses wouldn't pick it up. It's more-so to see how many people would open an attachment that is foreign.
A suitable test/technique I wrote was:
A penetration test would allow the company to outline any holes in their system. By doing this, they can sucessfully attack all areas of the system in order to evaluate whether the network/system is robust or not. By deliberately breaching the network via a credible hacker, it allows Big O Televisions to log and monitor any gaps in their security, leaving room for amendment and future prevention of intrusions.
For b) I wrote:
If the systems network has undergone a security audit before the attack, the vulnerability would have been noticed and fixed. Audits produce error logs and if there is any problems with the system, the logs will identify it. If this had been done, these attacks would have been avoided.
Case Study Question 4
In the question it mentioned three functional requirements: User-friendliness, Response Rates and Maintainability.
You had to mention the most critical requirement for the system.
I wrote:
Response Rates
The whole system is based around the detection of movement. If the response rates to this subtle, or obvious, movement aren't precise then the data won't be processed correctly nor accurately. The system also requires instantaneous data processing and transfer. The CDU must be able to identify and process the information correctly and fluently for this software solution to work with fluidity and effectiveness.
Question 9:I always used to stuff up questions like this throughout the year, so I sat down with my teacher and went through the difference between instructions, functions, procedures, control structures, methods etc. It's a crap question, but a fair one!
Question 11: I got that one wrong too, I got constraints and the scope wrong so i wrote them the wrong way around for Q11 and 12!
Question 14: Just remember that the physical layer has nothing to do with transfer of data of any sort. So that completely cancels out the rest of the answers besides B
Question 20: I got this one incorrect as well. I think a scrollable list is pretty crappy, but if you think about it, every forum or signup sheet uses a scrollable list! It may seem stupid in theory but most people do it. It would make sense to, because if you live in a tiny country it's hard to find on a world map even if zoom was a possibility. Some countries are tiny!
I personally would use a text box based on characters entered. Perhaps they meant an un-formatted text box, and also you have to cater for other languages! Some countries begin with, say, a 'G', but the alphabet of that country wouldn't have a 'G'. That might seem crazy but it makes sense.
Post by: bevanweerasinghe on November 10, 2012, 08:27:57 pm
Post by: Yendall on November 10, 2012, 08:28:23 pm
man im literally screwed for SD my sac scores were 69%,67%,58% and 75% , the practice exams however seem so much easier than our sacsReally? I think they are harder. Programming is way easier than theory.
Post by: bevanweerasinghe on November 10, 2012, 08:37:29 pm
Just did the 2011 exam and got 90/100. Not too bad really.i made the same mistakes ! this is why SD is so frustrating, the answers they expect of you are sometimes complete BS.
Few questions that I got wrong:Question 15: Nola's and Ben's computers are part of a network. Recently Nola's computer became infected with a worm. Which statement is most correct?
A. The work will not spread to Ben's computer because it is not a useful program.
B. The worm will spread to Ben's computer only if Nola sends an infected file to Ben as an email attachment.
C. The worm will spread to Ben's computer only if a copy of one of Nola's infected files is opened on his computer.
D. The worm will spread to Ben's computer by sending a copy of itself through the network and infecting one of his files.
I chose B. My reasons for that answer were that:
- A is ridiculous, we aren't even told what program it is. What defines a useful program? And what has that got to do with anything?
- C is implying that a worm can only travel is a copy is opened on another computer which is incorrect, it can travel through attachments
- I thought D was a little unrealistic. I never thought worms could send themselves? I always thought they had to attach to something that was already being sent?
b. Provide an example of a criterion that the new PIMS must meet to pass the UAT process.
I said it must "adhere to the standards of user-friendliness, but apparently that's not a criterion, I think? Anyone have any idea on that one?Question 16:The introduction of the new PIMS at the Bigton City Council will affect a number of stakeholders.
Outline the conflict that may occur between the Council and each of the following stakeholders.I wrote for Motorists that "The motorists may get angry for recieving unjustified parking tickets and take it out on the council for not explaining the system", however I don't think that's an acceptable answer so I didn't award myself a mark. Does a question like this have to be quite specific to the actual software solution?
- Parking Officers
- Motorists using parking bays
Post by: billyjackson768 on November 10, 2012, 08:40:43 pm
My mistake with my reference to Case Study Question 4 I meant Case Study Question 3. 4 I am very happy with. ;D
I am going to defiantly going to need to get some very clear and precise definitions of some things sorted out though. Then the rest all comes down to reasoning through the problems and most of the time just suggesting what would make sense to anyone. My confidence for this exam is growing bit by bit, but I still have these tough few days making sure my knowledge is flawless and working through some more of those VITTA exams and Huss's questions.
Post by: billyjackson768 on November 10, 2012, 08:46:27 pm
i made the same mistakes ! this is why SD is so frustrating, the answers they expect of you are sometimes complete BS.
There's always going to be some BS and ambiguity on exams from time to time. Take comfort in knowing that with many of these questions others are in the exact same boat as you. That worm one could have been a little nicer, but to me seems reasonable enough. Some others aren't so great, but just try to get inside the examiners brains and answer what you think they are intending to be correct, or answer the most reasonable answer.
Post by: Yendall on November 10, 2012, 08:51:23 pm
"the art of manipulating people into performing actions or divulging confidential information."
So it's not actually hacking because nothing is, theoretically, being broken.
For example:
Sending a form to employees asking to fill out all of their credit card details, birth dates, pin numbers and security details. This form is from an 'anonymous' sender with a phony email address like "[email protected]". The sender would be the boss of the company, who will receive the e-mail with all the information. Technically, he hasn't breached any security, he has simply sent a text/html e-mail to the coworkers in an attempt to manipulate them into sending them confidential information.
This would be a form of user testing, i believe.
At first i had trouble with Question 3, but this is what I ended up doing:
Functional Requirement 1: Register Car Arrivals
Example: The Road Side Data Logger should be able to detect and register car arrivals and store it in a temporary data structure.
Functional Requirement 2: Transfer ticket data for fines to the central database/server
Example: The Parking Infringement Monitoring System should be able to process ticket information and transfer it to the central database structure. It would do this by collecting the information and sending it across the cabled internet line directly to the centralised server.
I hated that question, but Functional Requirements aren't generalised like Non-Functional Requirements. So you pretty much explain the example in the actual requirement itself. It was a shit question, but I think that's how you answer it.
Yeah i'm feeling a little more confident, but i'm not sure how i'll go with unseen material!
Post by: billyjackson768 on November 10, 2012, 09:04:01 pm
Yeah i'm feeling a little more confident, but i'm not sure how i'll go with unseen material!
Yeah, with all the teachers and some of last years IT people on here helping us to deal with problems that have cropped up in the past it only makes sense that you do fairly well with all the old material. Last year was the first year of the study design too so they generally have an easy first exam to test the waters with. This year if the exam writers get creative we could be in for a little fun. ;) So we've just got to be more prepared than the rest of the state and be ready to take down whatever's thrown at us. :D
Post by: Yendall on November 10, 2012, 09:06:14 pm
I'm actually hoping it will be more technical! I like your attitude, let's smash the exam! although i don't want to jinx us...Yeah i'm feeling a little more confident, but i'm not sure how i'll go with unseen material!
Yeah, with all the teachers and some of last years IT people on here helping us to deal with problems that have cropped up in the past it only makes sense that you do fairly well with all the old material. Last year was the first year of the study design too so they generally have an easy first exam to test the waters with. This year if the exam writers get creative we could be in for a little fun. ;) So we've just got to be more prepared than the rest of the state and be ready to take down whatever's thrown at us. :D
Post by: Lasercookie on November 10, 2012, 10:17:59 pm
Social Engineering isn't actually testing anything physical.I'm pretty sure you know this, but going to remind you that you might want to be careful how you use the word physical, in the context of security it'd probably refer to "physical security" - which is a term you wouldn't want to use incorrectly since that's something they might dock marks for. Stuff like cracking a password technically isn't anything physical either :P
"the art of manipulating people into performing actions or divulging confidential information."
So it's not actually hacking because nothing is, theoretically, being broken.
For example:
Sending a form to employees asking to fill out all of their credit card details, birth dates, pin numbers and security details. This form is from an 'anonymous' sender with a phony email address like "[email protected]". The sender would be the boss of the company, who will receive the e-mail with all the information. Technically, he hasn't breached any security, he has simply sent a text/html e-mail to the coworkers in an attempt to manipulate them into sending them confidential information.
This would be a form of user testing, i believe.
Anyway, you could use social engineering as a hacking technique, you could try to procure a password etc. What if it were a hacker sending that email to the employees?
I would say that something has been broken if someone can manipulate the users into leaking confidential information. Say a password, has been leaked, has the network not been breached? Or the information could be a document etc. That's a hole in the network security, is it not?
You would want your users of the network to be aware of phishing attempts and I don't see why that's not something valid to include in an audit. I don't see why you couldn't consider social engineering something to attempt when performing a penetration test.
Going by the assessor report, I don't think what VCAA said for this question would exclude the answer "social engineering".
Quote from: VCAA
Many students discussed a version of ethical hacking to test the security. Students are reminded to use technically correct IT terminology. Many students used terms incorrectly, including white-box, black-box, white/black/grey hat hacker, penetration testing, cracker, etc. Appropriate responses included the techniques of penetration testing or packet sniffing and a technical and accurate description of how the technique works.
Post by: Yendall on November 10, 2012, 10:33:39 pm
I'm pretty sure you know this, but going to remind you that you might want to be careful how you use the word physical, in the context of security it'd probably refer to "physical security" - which is a term you wouldn't want to use incorrectly since that's something they might dock marks for. Stuff like cracking a password technically isn't anything physical eitherYeah I meant physical as in like.... virtual physical... hahaha you know what I mean.
Anyway, you could use social engineering as a hacking technique, you could try to procure a password etc. What if it were a hacker sending that email to the employees?I agree with you! I wasn't thinking outside the box with this one, I always thought social engineering was only used by internal sources like bosses, employees, managers etc.
When it's outside of a company wouldn't it be classified differently? It doesn't matter though, social engineering seems like a good way to put it in terms of an outsider manipulating staff.
In the example I wrote, a way of preventing this is having a spam filter if it was from an outside source. It's definitely something to consider when undergoing a penetration test.
I would say that something has been broken if someone can manipulate the users into leaking confidential information. Say a password, has been leaked, has the network not been breached? Or the information could be a document etc. That's a hole in the network security, is it not?I kind of disagree with you here though. I agree with the document part, that's a breach of security because that document has left/been stolen. However, an employee sharing his password is not a breach of security, that's a personal issue.
If you gave your password to someone else, and they happened to hack the system with it, that's not a problem with security that's a trust issue, is it not?
However yes I do agree with you now.
Post by: ldee on November 11, 2012, 12:59:17 pm
Overall, pretty good exam I thought. After marking I believe I would have got between 86-91, just depending on a few poor choices of wording on my behalf and not being sure if examiners would understand. A few things I struggled with:
Multiple choice: Only ones I got wrong were the ones discussed above, 18 and 20. Hopefully the ambiguity is at a limit this year, but we all know that's not going to happen
Short answer: Question 3, poor explanation in the both parts. I basically repeated myself, but now I think I'm good with linking and describing the differences between the code of ethics and decision support framework.
Case study: As discussed above, didn't really know what question 3 was asking us to do. I ended up giving 2/4 for this, because I basically just re worded what I said in the function requirement part as the example.
Question 8, stupid mistake on my behalf. When justifying the use of the queue, I didn't say why you wouldn't use the stack, so I'm guessing that would lose a mark.
Question 13, just poor wording by me. Need to brush up on how to accurately describe UAT. Had the right idea, but just poorly explained
Question 15, in part b I thought that to measure the suitability, this would be something you do before implementing? Like, interviewing the staff in which training program they would like to participate in, then rendering which one is suitable for their needs. If you measured after, wouldn't this be effectiveness of the program..?
Post by: Yendall on November 11, 2012, 01:39:46 pm
Suitability is defined: "the quality of having the properties that are right for a specific purpose"
A way of testing whether or not the program itself is suitable, and remember we are talking about the training program, is to test whether or not the employees (parking officers) have actually learnt something from this training program. So, in order to successfully juxtapose the effects of the program you could test their knowledge before and after the program has taken place, for example.
I wrote this:
By asking the Parking Officers questions about their understanding of their job or running appropriate tests/questionnaires before and after training sessions, the Council could successfully measure whether or not the training program is effective and has a positive effect on the Parking Officers, thus testing the suitability of the program.
Post by: ldee on November 11, 2012, 02:53:47 pm
Question 15:You can measure suitability before implementing, but you must show if the training program is successful or not.
Suitability is defined: "the quality of having the properties that are right for a specific purpose"
A way of testing whether or not the program itself is suitable, and remember we are talking about the training program, is to test whether or not the employees (parking officers) have actually learnt something from this training program. So, in order to successfully juxtapose the effects of the program you could test their knowledge before and after the program has taken place, for example.
I wrote this:
By asking the Parking Officers questions about their understanding of their job or running appropriate tests/questionnaires before and after training sessions, the Council could successfully measure whether or not the training program is effective and has a positive effect on the Parking Officers, thus testing the suitability of the program.
Yeah that's what I thought after reading the assessment report. But I just thought about it logically, in that you wouldn't want to do something and then say "oh let's check if it's suitable", you'd want to do that before hand. But for the purposes of IT i'll just shut that out haha.
Your answer makes perfect sense. If the had of asked for a way to measure the effectiveness of the testing program, that's exactly what I would have written (minus the last part, obviously). But thanks for the response, that's all cleared up now.
Post by: Yendall on November 11, 2012, 05:22:06 pm
Yeah that's what I thought after reading the assessment report. But I just thought about it logically, in that you wouldn't want to do something and then say "oh let's check if it's suitable", you'd want to do that before hand. But for the purposes of IT i'll just shut that out haha.Yeah I know what you mean. But there isn't really anyway of seeing whether or not it has worked until you have done it. Obviously you can say before implementing "we wish to implement this to achieve x and y", but in order to test whether x and y were achieved you have to return results. The only way to return credible results is to test whether the program was a success or not, thus using before and after tests, surveys etc.
Your answer makes perfect sense. If the had of asked for a way to measure the effectiveness of the testing program, that's exactly what I would have written (minus the last part, obviously). But thanks for the response, that's all cleared up now.
Post by: Yendall on November 13, 2012, 01:01:40 pm
Post by: paulsterio on November 13, 2012, 01:02:31 pm
Post by: Yendall on November 13, 2012, 01:23:24 pm
I've always found VITTA quite reasonable.I just did the Unit 3 Theory test one from 2011, and got 15/20 for multiple-choice :/
Question 2: Name a device that operates only at the physical layer of the OSI model.
A. Hub
B. Switch
C. Router
D. USB stick
I said USB stick mainly because it cannot have any other function but connect to a port. However, some USB sticks can connect to the internet (ie. 3G mobile broadband) but how can you determine that a hub only runs at the physical layer of the OSI? Can't you have Ethernet Hubs that transfer actual data? The physical data is only binary and circuit transmission?
Question 9:A program is to be written to store the list of items sold and their characteristics. What would be the most appropriate data structure to use?
A. An array of records
B. An array of numbers
C. A one-dimensional array
D. A two-dimensional array
is it always appropriate in a situation like this to chose an array of records?
Question 17: A discount procedure algorithm has the following rules:
Orders over $500 receieve a 10% discount and orders over $1000 receive a 10% discount and free postage. Which of the following sets of test data would adequately test the discount procedure?
A. Order values of $500 & $1000
B. Order values of $501, $502, $600, $1200
C. Order values of $500, $501, $1000, $1001 & $1200
D. Order values of $400, $500, $600, $700, $800, $900, &1000 & $1200
The answer was C, I chose D.
The reason why I chose D is:
- Must test data <500 to ensure no discounts are included
- Must test data = 500 to ensure 500 isn't included in the discount (>500)
- Must test data over 500 to ensure a discount of 10% is given (>500)
- Must test data under 1000 to ensure it's not included in "free postage" (<1000)
- Must test data equal to 1000 to ensure it's not included in "free postage" (=1000)
- Must test data over 1000 to ensure "free postage" is included (>1000)
Post by: billyjackson768 on November 13, 2012, 02:16:19 pm
I just did the Unit 3 Theory test one from 2011, and got 15/20 for multiple-choice :/
Question 2: Name a device that operates only at the physical layer of the OSI model.
A. Hub
B. Switch
C. Router
D. USB stick
I said USB stick mainly because it cannot have any other function but connect to a port. However, some USB sticks can connect to the internet (ie. 3G mobile broadband) but how can you determine that a hub only runs at the physical layer of the OSI? Can't you have Ethernet Hubs that transfer actual data? The physical data is only binary and circuit transmission?
I see why you could have chosen the USB stick, but as you say, USB's aren't something that's so clear cut. A hub however due to the nature of how they generally work as opposed to a switch or router would be a much better answer. As I understand it, what a hub does is just receive a signal in one port. Then without any questioning of it's origin or destination it sends it down all the other ports it has connected and leaves the end device to decide if they want that data or not. I think this process may be done with a simple signal splitter and amplifier or repeater nothing more than circuitry. Whereas a switch is much more intelligent and does a number or other things. Switches keep a table of all connected devices MAC addresses and only send data labelled with an address down the port to the device with that address. (or the device that claims to have that address address spoofing) Then a router, well uses TCP/IP to connect to the internet so that's obviously not it.
Quote
In a situation like that? I think so. An array of record would have been my answer without even thinking.
Question 9:A program is to be written to store the list of items sold and their characteristics. What would be the most appropriate data structure to use?
A. An array of records
B. An array of numbers
C. A one-dimensional array
D. A two-dimensional array
is it always appropriate in a situation like this to chose an array of records?
Quote
Question 17: A discount procedure algorithm has the following rules:
Orders over $500 receieve a 10% discount and orders over $1000 receive a 10% discount and free postage. Which of the following sets of test data would adequately test the discount procedure?
A. Order values of $500 & $1000
B. Order values of $501, $502, $600, $1200
C. Order values of $500, $501, $1000, $1001 & $1200
D. Order values of $400, $500, $600, $700, $800, $900, &1000 & $1200
The answer was C, I chose D.
The reason why I chose D is:The test data at C does not wager for <500, so how can it be adequate?
- Must test data <500 to ensure no discounts are included
- Must test data = 500 to ensure 500 isn't included in the discount (>500)
- Must test data over 500 to ensure a discount of 10% is given (>500)
- Must test data under 1000 to ensure it's not included in "free postage" (<1000)
- Must test data equal to 1000 to ensure it's not included in "free postage" (=1000)
- Must test data over 1000 to ensure "free postage" is included (>1000)
Completely agree with you. Testing just on the lower boundary isn't enough. I would think you should also test below. D does have a number of redundant tests though so they obviously intended it to be "more than adequate" but, even with out worrying about not going below that lower boundary... C has the $1200 that would be completely unnecessary. Unless by adequate they mean thorough in which case D is defiantly a better choice. Who does just one test slightly above the boundary anyways... I test anything I make completely.
Post by: MJRomeo81 on November 13, 2012, 02:28:18 pm
Quote
Question 2: Name a device that operates only at the physical layer of the OSI model.Hubs do not read any of the data passing through them and are not aware of their source or destination. Essentially, a hub simply receives incoming packets, possibly amplifies the electrical signal, and broadcasts these packets out to all devices on the network. Switches are typically layer 2 as they are dealing with frames and MAC addresses, routers are layer 3.
A. Hub
B. Switch
C. Router
D. USB stick
I said USB stick mainly because it cannot have any other function but connect to a port. However, some USB sticks can connect to the internet (ie. 3G mobile broadband) but how can you determine that a hub only runs at the physical layer of the OSI? Can't you have Ethernet Hubs that transfer actual data? The physical data is only binary and circuit transmission?
Quote
Question 9:A program is to be written to store the list of items sold and their characteristics. What would be the most appropriate data structure to use?
A. An array of records
B. An array of numbers
C. A one-dimensional array
D. A two-dimensional array
is it always appropriate in a situation like this to chose an array of records?
It depends on the nature of the item's characteristics. An array can only store one data type, so generally you would want to use a record (e.g. the name of the item (String), number sold (int), etc.). Of course you could define a class of type Object (with different attributes of different types) and store everything in an array as type object, but this is not within the scope of this course. In VCAA exams stick to the array of records for these type of questions.
Quote
Question 17: A discount procedure algorithm has the following rules:
Orders over $500 receieve a 10% discount and orders over $1000 receive a 10% discount and free postage. Which of the following sets of test data would adequately test the discount procedure?
A. Order values of $500 & $1000
B. Order values of $501, $502, $600, $1200
C. Order values of $500, $501, $1000, $1001 & $1200
D. Order values of $400, $500, $600, $700, $800, $900, &1000 & $1200
EDIT. As correctly pointed out below the answer is C.
Post by: paulsterio on November 13, 2012, 02:53:26 pm
QuoteQuestion 17: A discount procedure algorithm has the following rules:
Orders over $500 receieve a 10% discount and orders over $1000 receive a 10% discount and free postage. Which of the following sets of test data would adequately test the discount procedure?
A. Order values of $500 & $1000
B. Order values of $501, $502, $600, $1200
C. Order values of $500, $501, $1000, $1001 & $1200
D. Order values of $400, $500, $600, $700, $800, $900, &1000 & $1200
It's the rubbish questions like this that make me face palm. I agree in a real world scenario the answer should be D. Sure D may be a little excessive but it does test what happens if you enter something less than 500. To me this is still testing the discount procedure, because I am checking its implementation to ensure that the discount is not incorrectly applied to items less than $500. Whoever wrote this question should take a long hard look at themselves. Disgusting.
I personally disagree, I think the answer should be C, that tests all the ranges of values we have.
1) =< 500
2) 500<x=<1000
3) >1000
Post by: Yendall on November 13, 2012, 03:02:43 pm
Actually upon inspection again, I think it might test it properly.QuoteQuestion 17: A discount procedure algorithm has the following rules:
Orders over $500 receieve a 10% discount and orders over $1000 receive a 10% discount and free postage. Which of the following sets of test data would adequately test the discount procedure?
A. Order values of $500 & $1000
B. Order values of $501, $502, $600, $1200
C. Order values of $500, $501, $1000, $1001 & $1200
D. Order values of $400, $500, $600, $700, $800, $900, &1000 & $1200
It's the rubbish questions like this that make me face palm. I agree in a real world scenario the answer should be D. Sure D may be a little excessive but it does test what happens if you enter something less than 500. To me this is still testing the discount procedure, because I am checking its implementation to ensure that the discount is not incorrectly applied to items less than $500. Whoever wrote this question should take a long hard look at themselves. Disgusting.
I personally disagree, I think the answer should be C, that tests all the ranges of values we have.
1) =< 500
2) 500<x=<1000
3) >1000
- "No 10% Discount" (<501) - Tested with 500
- "10% Discount" (>=501) - Tested with 501
- "Postage" (<1001)- Tested with 1000
- "No Postage and 10% Discount" (>=1001) - Tested with 1001 and 1200
What annoys me is "1200" which leads me to believe "400" should be tested as well to ensure complete accuracy, which is why D would be suitable. But I guess this works adequately as well.
Post by: MJRomeo81 on November 13, 2012, 03:05:04 pm
Post by: Yendall on November 13, 2012, 03:09:24 pm
Are we required to have an extensive knowledge of all layers of the OSI Model? Also do we need to memorise the protocol stack in regards to TCP/IP and know the functions of each layer?
Post by: MJRomeo81 on November 13, 2012, 03:14:01 pm
VCAA do not require you to have extensive knowledge of all layers. As long as you understand the basic ideas behind each layer, you should be fine in regards to the OSI model.
Post by: Yendall on November 13, 2012, 03:17:37 pm
Two things in relation to OSI model. Know the physical layer well (the study design certainly emphasizes this). Also understand how the OSI model relates to the TCP/IP model.If terms of protocols, will SSL, HTTPS, FTP, POP3, IMAP, TCP, IP, SMTP suffice? Or is there others we need to know?
VCAA do not require you to have extensive knowledge of all layers. As long as you understand the basic ideas behind each layer, you should be fine in regards to the OSI model.
Post by: MJRomeo81 on November 13, 2012, 03:26:39 pm
Two things in relation to OSI model. Know the physical layer well (the study design certainly emphasizes this). Also understand how the OSI model relates to the TCP/IP model.If terms of protocols, will SSL, HTTPS, FTP, POP3, IMAP, TCP, IP, SMTP suffice? Or is there others we need to know?
VCAA do not require you to have extensive knowledge of all layers. As long as you understand the basic ideas behind each layer, you should be fine in regards to the OSI model.
That sounds like enough to me. My advice would be to prepare "written" responses for the physical layer/TCP-IP and to understand everything else in terms of a MC question. It's not likely that VCAA will ask in short answer to describe the protocols that operate on the application layer. This type of question is more suited for MC.
Post by: billyjackson768 on November 13, 2012, 03:56:26 pm
A little off-topic:
Are we required to have an extensive knowledge of all layers of the OSI Model? Also do we need to memorise the protocol stack in regards to TCP/IP and know the functions of each layer?
I don't think we actually need to know much more about TCP/IP than what it is and what it does. As for the OSI model I think we just need to have a basic idea of what happens on each of the layers and an extensive knowledge on layer 1. Knowing a little more and at what layers TCP and IP operate doesn't hurt I suppose. But it's not going to be my biggest focus.
Post by: ldee on November 13, 2012, 05:39:00 pm
Post by: Yendall on November 13, 2012, 05:44:02 pm
I'm not really confident in my knowledge for layer 1, I'll go into detail when I get home, but for now what would you guys classify as "extensive knowledge"?I'd say:
The Physical Layer (1) of the OSI model is responsible for media, signal and binary transmission in a network. It defines how network devices work physically, which include cabling and voltage output and input. It transfers bits through the network on an electrical level. Some devices included on the Physical layer include network adapters and hubs.
Then you'd need to know the relationship with the physical level and the TCP/IP protocols:
The Physical Layer (1) is responsible to route data between devices on the same network or between the network and other devices. Without the Physical later, a network interface wouldn't be possible thus preventing the TCP/IP protocols from operating
If those are wrong, please correct me!
Post by: paulsterio on November 13, 2012, 06:13:57 pm
Post by: Yendall on November 14, 2012, 09:45:08 am
Code: [Select]
PROCEDURE Calc_Qty(Product_Recipes)
BEGIN
Open File
Ingredient_ID <-- 1
READ Num_Ingredients
REPEAT
Qty(Ingredient_ID) <-- 0
Ingredient_ID <-- Ingredient_ID + 1
UNTIL Ingredient_ID > Num_Ingredients
REPEAT
READ Product_ID, Num_Ord
Ingredient_ID <-- 1
REPEAT
Ingredient_ID <-- Ingredient_ID + 1
Amount_Req <-- Num_Ord * Product_Recipes(Product_ID,Ingredient_ID)
Qty(Ingredient_ID) <-- Qty(Ingredient_ID) + Amount_Req
UNTIL Ingredient_ID = Num_Ingredients
UNTIL End of File
Close Files
ENDWe are given this test data:
| VARIABLE | |
| Num_Ingredients | 3 |
| Product ID | 1 |
| Num Ordered | 10 |
| Product_Recipes(1,1) | 0.15 |
| Product_Recipes(2,1) | 0 |
| Product_Recipes(3,1) | 0.20 |
Upon deskchecking, I end up at the third repeat and run into an issue with array structures.
at this point in the check, these are what the variables currently equal:
Ingredient_ID = 2
Product_ID = 1
Num_Ord = 10
The line: Amount_Req <-- Num_Ord * Product_Recipes(Product_ID, Ingredient_ID) is what is confusing me.
In theory the array structure is (1,2) for Product_Receipes. However in the test data we aren't given (1,2) as variable, instead we are given (2,1). Is this an error in the code or am i deskchecking this incorrectly. If i were to use the test data (2,1) i'd return this answer:
Amount_Req <-- Num_Ord * Product_Recipes(Product_ID,Ingredient_ID)
Amount_Req = 10 * 0 = 0
Qty(Ingredient_ID) <-- Qty(Ingredient_ID) + Amount_Req
Qty(2) <-- Qty(2) + 0
= 2
Is this correct? i feel as though it doesn't make much sense.
Post by: Lasercookie on November 14, 2012, 05:28:59 pm
Quote
The line: Amount_Req <-- Num_Ord * Product_Recipes(Product_ID, Ingredient_ID) is what is confusing me.
In theory the array structure is (1,2) for Product_Receipes. However in the test data we aren't given (1,2) as variable, instead we are given (2,1). Is this an error in the code or am i deskchecking this incorrectly. If i were to use the test data (2,1) i'd return this answer:
Yeah I got to the stage with Product_Recipies(1,2).
I think there's a mistake with the test data given, given that they're all in the form (n,1), I'm assuming that 1 is the product ID. Given the code Product_Recipes(Product_ID, Ingredient_ID) and the fact that it'd make more sense to have Product_ID first (given a product, retrieve the ingredients).
Or the mistake could be with the line Product_Recipes(Product_ID,Ingredient_ID), where it should have been Product_Recipes(Ingredient_ID,Product_ID).
Whether we switch the bit in the code around, or the test data around, it doesn't matter. I'm going to switch the test data around to be in the form (1,n) and leave the code as given.
Product_Recipes(1,1) 0.15
Product_Recipes(1,2) 0
Product_Recipes(1,3) 0.20
What does the code do then?
In the first loop we set Qty(1), Qty(2), Qty(3) all to zero. (Qty would be an array)
What does this mean? Maybe it means that we don't have any of the ingredients at the start, or maybe it's just initialising the array (or both).
Then we get to the next loop, and Ingredient_ID is set to 1. Then we enter a while loop. Ingredient_ID is incremented. This is probably another bug in the code, we skip over Ingredient 1. I'm assuming these kind of errors are there on purpose and that we're supposed to pick them out.
Amount_Req <-- Num_Ord * Product_Recipes(1,2)
Amount_Req <-- 10 * 0 = 0
Since Product_Recipes(1,2) is zero, which implies that Ingredient 2 is not required. I think that reasoning makes sense.
Qty(Ingredient_ID) <-- Qty(Ingredient_ID) + Amount_Req
Qty(2) <-- 0 + 0
Qty(2) <-- 0
If the ingredient was required, we would add the values of the amount that we already have and the amount that we need. This is assuming that the first loop wasn't simply just initialising the array, but actually setting values for how much of each ingredient we had (and that happened to be 0).
I'm not too sure what this final Qty(Ingredient_ID) value actually represents (is it simply the amount we require? Surely it's not that because we could just use Amount_Req or just not bother to add Qty(Ingredient_ID) + Amount_Req together. I actually think it would make more sense to check if Qty(Ingredient_ID) >= Amount_Req to figure out we have enough of that particular ingredient on us or not, and then output information about how much more of a particular ingredient we need to get.
Then we hit, UNTIL Ingredient_ID = Num_Ingredients, this evaluates false so we repeat.
Ingredient_ID is incremented,
Amount_Req <-- Num_Ord * Product_Recipes(1,3)
Amount_Req <-- 10 * 0.20
Amount_Req <-- 2
Qty(Ingredient_ID) <-- Qty(Ingredient_ID) + Amount_Req
Qty(3) <-- 0 + 2
Qty(3) <-- 2
Here Ingredient_ID = Num_Ingredients so we exit the loop.
Then we do that again until we finish reading through the entire file?
Post by: billyjackson768 on November 14, 2012, 09:10:49 pm
What exactally is an instruction. As opposed to a function or procedure. The text book seems to have 7 lines on "Instructions and Syntax" all of which seem to have no bearing on why or how an instruction "modifies a variable's content". I'll check Mark Kelly's solutions again to see what he said, but I just hate the lack of explanation this text book contains here.
Edit: Mark only complains about VCCA at first publishing my answer A as correct when it is not. He gives no reason why though..
Post by: Yendall on November 14, 2012, 10:09:01 pm
Ok... I've just gone over the 2011 VCAA exam again and question 9 in multiple choice still confuses me.Function:
What exactally is an instruction. As opposed to a function or procedure. The text book seems to have 7 lines on "Instructions and Syntax" all of which seem to have no bearing on why or how an instruction "modifies a variable's content". I'll check Mark Kelly's solutions again to see what he said, but I just hate the lack of explanation this text book contains here.
Edit: Mark only complains about VCCA at first publishing my answer A as correct when it is not. He gives no reason why though..
Functions accept a parameter and pass data back via the name of the function. It is also seen as a block of code, rather than a single line. So like the textbook says, SIN(x) will return a value that is native to SIN. If that makes sense? Like SIN will be coded a certain way to produce an exact answer.
Procedure:
Subroutines are basically chunks of code that identify actions (that's in my words, might not make sense). But I see procedures like "Save Procedure" which can be called from within the program multiple times without having to rewrite the code.
Control Structure:
Sequence, Iteration and Selection. I see these as like REPEAT, IF THEN, ELSEIF etc.
Instruction:
Any line of code that the computer can interpret and do (laseredd has put this nicely)
How I see it is that every line of code is a form of instruction. If you're comparing it to the other definitions, an instruction can be seen as something that uses code to produce 'something'. Maybe. It's loosely defined. But in the context of this question, it's the only one that fits the description.
Post by: billyjackson768 on November 14, 2012, 10:21:29 pm
It actually makes sense now. I just hate answers that don't answer a question. With so many getting it wrong you'd think they'd bother to include comments with the answers as methods and further maths usually do. I think this actually reflects poorly on the approach us IT people have. You'd think we were slack or something. *alt-tabs game away*
Post by: Yendall on November 14, 2012, 10:30:37 pm
I think functions may include stuff like: Print(), Calculate(), Display() etc.
Where an instruction would be:
A = 5
B = 6
A + B = 11
I see instructions in the form of arithmetic, where you actually have to tell the variables what to do.
Post by: MJRomeo81 on November 14, 2012, 10:49:24 pm
Quote
In a program, a line of code that modifies a variable's content is best described as a
A. function.
B. procedure.
C. instruction.
D. control structure.
There is a key distinction to be made. Instructions are contained inside procedures, functions, control structures. You might have a control structure that keeps calling the same procedure/function over and over to find the maximum number in an array (with an integer variable containing the temporary max number), but it's the actual line of code (instruction) inside the method that modifies the variable's content.
Post by: Yendall on November 15, 2012, 11:25:04 am
(http://i.imgur.com/Jrwco.jpg)
So desk-checking the first algorithm:
CountVal = 3
A(0) = BOB
A(1) = JANE
A(2) = TMART
b.display = "bob"
temp = 0
For i = 0 to 2
If b.display = A(0) = "bob" then
Temp = 1
End if
End For
Temp = 1
If temp = 0 then (skip this)
Elseif temp = 1 Then
CountVal = 2
While countval < 4 = 2
Countval = Countval + 1 = 3
EndWhile
End if
End
So we are left with:
Countval = 3
Temp = 1
b.Display = "bob"
(http://i.imgur.com/34bgD.jpg)
For this algorithm we are asked to show what Object.Writeline will produce if Countval = 2
Begin {Action B}
For i = (2 - 2) to (2-1)
For i = 0 to 1
Object.Writeline(A(0))
End For
CountVal = CountVal + 1
Now because i doesn't increment, will the end result be: Object.Writeline("Bob") ?
Next we are asked what CountVal will equal.
Because 'i' doesn't increment (and it should), the For is terminated:
2 = 2 + 1 = 3
Countval = 3
How I would've written this algorithm is:
Begin {Action B}
For i = (countVal - 2_ to (countVal - 1)
Object.Writeline(A(i))
i = i + 1
End For
countVal = countVal + 1
End
So it would produce A(1) = Jane
Is this all correct? Thanks!
Post by: MJRomeo81 on November 15, 2012, 06:24:49 pm
Post by: Yendall on November 15, 2012, 07:59:55 pm
Question 1:What are the key tasks associated with the planning of software projects?
Determining the scope of the software solution, also taking into considerations user requirements (non-functional and function) and constraints
My teacher said: "The scope of the solution is more in the design brief" :o is it?
Post by: billyjackson768 on November 15, 2012, 08:55:19 pm
What your teacher is probably meaning by the scope being in the design brief is it being with all the information you are given once the analysis stage is completed including your SRS and all that jazz.
Post by: Yendall on November 15, 2012, 09:03:04 pm
So I would talk about the planning of software projects as more of a Design phase?
Post by: billyjackson768 on November 15, 2012, 09:16:33 pm
Ah okay, I hope that question doesn't come up haha
So I would talk about the planning of software projects as more of a Design phase?
Definatly and a design brief is actualy the first bit of information your given before analysis and the SRS even starts. So I guess that's something like a problem a teacher would give you in class that includes all the information on what a client is looking for you to do.
Post by: Yendall on November 15, 2012, 09:28:53 pm
Post by: Lasercookie on November 15, 2012, 09:41:48 pm
Hmm... I'm pretty sure planning comes under the design stage of PSM (page 5 of Adrian Janson's textbook) and encompass thing such as writing up all your pseudocdoe, creating data dictionaries, IPO charts and doing all that other design stuff where you work out how the system will function.
I disagree. I believe the question
Question 1:What are the key tasks associated with the planning of software projects?is referring to this study design dot point: "key tasks associated with planning software projects, including identifying, scheduling and monitoring tasks, resources, people and time"
I think there's a difference between designing/planning what the actual outcome of the project will look like (which is what is done in the design phase of the PSM) and planning the software project.
Planning the software project involves organising who does that tasks, when they do it, working on deadlines. This study design dot point was more fleshed out in the previous study design, with the GANTT and PERT charts. All that project management stuff. I'm not sure if that fits explicitly into the PSM. I would be inclined to say that following and carrying out the PSM is working on the software project.
You'd definitely do some of that stuff early on, at the start. It might fit somewhere into analysis, but I think even doing analysis would require some project management (figuring out what tasks must be done, what data to be gathered, who will gather the data). That project management stuff would be something ongoing throughout the whole time - you'd be always checking if you're up to speed with the deadlines etc.
Post by: billyjackson768 on November 15, 2012, 10:46:44 pm
Post by: Yendall on November 16, 2012, 09:18:26 am
- The Design Brief
- Specific Project Management skills (breaking down the project into a series of key tasks)
- The Solution Requirements (Functional and Non-Functional)
- Data Collection [Quantitative and Qualitative] (observation, interviews, surveys, questionnaires, examining)
- Constraints
- SRS
That's a pretty massive list, but it's basically everything involved in "Analysis" I believe?
Post by: billyjackson768 on November 16, 2012, 10:47:44 am
Good luck everyone!
Post by: Yendall on November 16, 2012, 10:56:17 am
Good luck!
Post by: billyjackson768 on November 16, 2012, 11:21:54 am
So how's everyones last minute cramming coming along. I just finished skim reading the book. Now I'm going to go over my lists and go through the 2011 exam again so I can make sure I'm ready to answer similar questions and actually am detailed enough in my responses. After clicking through it last night I think I was a little to light on some of my marking. I better make sure all my responses are right up to scratch.
Post by: Yendall on November 16, 2012, 12:29:52 pm
The Physical Layer of the OSI model is used to transfer bits along cables and determine physical destinations between devices. The Physical Layer is the foundation of the OSI model and is responsible and essential for functionality on the sequential layers. Similar to the OSI model is the TCP/IP protocol stack/model, it follows a similar design to the OSI model being that it has a foundation layer called the Network Interface Layer, which is similar to the Physical Layer and Data Link Layer of the OSI in the sense that it determines destinations and routes data between determined devices. Without the Network Interface Layer the 3 sequential layers of the TCP/IP stack wouldn't be able to function.
Maybe. It's still a little sketchy, thoughts?
Post by: billyjackson768 on November 16, 2012, 12:45:19 pm
Post by: Yendall on November 16, 2012, 12:48:57 pm
"Purposes and Functions of the Physical Layer (Layer 1) of the OSI and the relationship of the physical layer to the Transmission Control Protocol/Internet Protocol Model"
I'd say you'd need to know what the layers do and how they are similar. But to what extent? Do you need to talk about devices that operate at the layers or how the data is routed etc.? "Purposes and Functions is fairly broad if you think about it.
Post by: billyjackson768 on November 16, 2012, 01:25:53 pm