Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/402

Click to flip

402 Cards in this Set

  • Front
  • Back

The Web is a beautifully simple idea.What are the two distinct technologies that made it possible?

-­‐ Interconnected computer networks


-­‐ Data exchange protocols.

Explain briefly the aim of the Advanced Research Projects Agency Network (ARPANet) project

aimed at creatingcomputer networks that would be resistant to failure

Explain briefly the two main protocols that supported the exchange of electronic documents in the Internet.

The development of (the Hypertext Transfer Protocol (HTTP)) and a document mark-­‐up language (the Hypertext Mark-­‐up Language (HTML)) supported the exchange of electronic documents in the Internet.

Why did Tim Berners-­‐Lee proposed the idea of the WEB?

Tim Berners-­‐Lee had created an internet-­‐based solution for global information sharing of deliverable content over a network irrespective of the hardware or operating system of the different users, this was the idea of ‘World Wide Web

What are the features of a web application?

1) A web application fulfils the notion of some form of business requirement




2) Websites provide a means to distribute information to the public




3) Web application fulfils the requirement to distribute information to potential customers




4) Many companies now use the same internet and web technologies to support internal processes on their intranet

Explain how the Web is an example of a client–server architecture or distributed architecture

The user (‘client’ or front-­‐end) requests via a browser a web application from the serve. The web ‘server’ (back end) consists of special software loaded into a ‘server’ which responds to requests for ‘pages’ of content

What is meant by the term that says “Web applications should be ‘standards-­‐ compliant’”

Web applications should be ‘standards-­‐compliant’, in that they should comply with the various recommendations and standards published by bodies such as the W3C and the IETF

What is a web application?

. -­‐fulfils some form of ‘business’ requirement.


-­‐ is built using internet and web technologies and protocols.


-­‐ employs a distributed architecture.


-­‐ is standards‐compliant.


-­‐ should be usable.


-­‐ should be accessible.



Discuss Web applications variations in terms of their complexity.

1) ‘static content’ means that Web applications will deliver the same content of information to all users




2) ‘dynamic content’ means that Web applications are personalized to the user and is responsive to the individual choices

Discuss Web applications variations in terms of their size

In terms of size, one web server may host hundreds of personal ‘websites’, such as those offered by an ISP to its subscribers

What is the main challenges for the web application designer?

-­‐ Rich functional and responsive application.


-­‐ Requirements should be balanced against a simplicity.


-­‐ Maintained and expanded when required.


-­‐ Ensure delivering contents very quickly.


-­‐ Keep track of users transactions data.


-­‐ Ensure the security of personal information

Explain briefly the twoGeneric client–serverconfiguration modelsupporting your answer bymodels diagrams

Explain briefly the role of the server in client–server model.

The role of a server is to listen to the network traffic and wait for document requests containing that server’s unique address

Explain briefly the concept of Web addresses

Each computer connected to the internet has a unique number, or ‘address’, assigned to it by the Internet Protocol (IP) standard which defines how information is passed from one machine to another

Explain briefly the concept the domain name system.

Human beings prefer names, and for each IP address there is a corresponding name assigned to the computer, which is chosen by its owner. These names are known as ‘name servers’, which effectively match up any unique IP address to the corresponding domain name

List some of the Internet services.

file transfer (FTP), news groups (NNTP), chat rooms (IRC), address resolution (ARP), domain name system (DNS), Real Simple Syndication (RSS)

What do we mean by the term ‘World Wide Wait’,

The term ‘World Wide Wait’ indicates the response time between a client requesting a page and that page and its content being delivered.

What is the time it takes to retrieve a resource acrossa network. Assuming that the user is visiting a website with an average data transmission rate of 56 kilobits per second (Kbps); consider the request for a single web page comprising 6934 bytes of text (including HTML tags) and a CSS file containing 2360 bytes, along with six images that form a navigation panel used throughout the website, at an average size of 4034 bytes, and asingle image for the banner at a size of 20 849 bytes.We’ll assume that it takes the server 8 milliseconds to respond to each file request and we’ll ignore any delays due to the transmission of packets across the internet. We’ll also assume that this is your first visit to the site, so that none of the files have been stored in your browser’s cache.Note: 1 Kbps = 1000 bits/second, 1 byte = 8 bits.

i Content to download: HTML file is 6934 bytes CSS file is 2360 bytesSix images of 4034 bytes each = 24 204 bytes Banner image is 20 849 bytesTotal content = 54 347 bytes ii The total file size in bits: 54 347 × 8 = 434 776 bitsDownload speed is expressed as kilobits per second (Kbps): 56 kilobits = 56 000 bpsThe transmission time of the nine files in seconds is calculated as follows:File size in bits/transmission speed in bps 434 776/56 000 = 7.763 secondsThe delay (in seconds) incurred by the server processing nine files is calculated as follows:8 ms x 9 = 0.072 secondsvi Total time to download is the transmission time plus the delay: 7.763 + 0.072 seconds= 7.835 seconds.

Assume that the user in the previous example above upgrades their internet connection to an average data transmission rate of 220 kilobits per second and without clearing the browser cache requests another web page from the site comprising 8054 bytes of text and a new banner size 27 748 bytes. Howlong would it take to download the page?

Content to download:8054 bytes {HTML text} + 27748 bytes {banner image} 8054 bytes + 27 748 bytes = 35 802 bytesConvert the total file size from bytes into bits: 35 802 × 8 = 28 6416 bitsDownload speed is expressed as kilobits per second (Kbps):220 000 bpsTransmission time of the two files in seconds is calculated: File size in bits/transmission speed in bps286 416/220 000 = 1.302 secondsThe delay (in seconds) incurred by the server processing two files is: 8 ms × 2 = 0.016 secondsTotal download time:1.302 + 0.016 seconds= 1.318 seconds.The server delay is trivial when compared to the delivery timeof the content, so for efficient delivery of web content it is important to keepcode tidy and image file sizes to a minimum.

What are the goals of the World Wide Web Consortium?

1) Web for Everyone – promoting the importance of internationalization




2) Web on Everything – to make access to the Web by any means as easy as it is from a desktop PC


3) Knowledge Base – to promote the knowledge base of the Web to solve complex problems




4) Trust and Confidence – to promote technologies that enable a more collaborative environment

Why should we have standards for mark-up languages?

to provide a means of describing the structure of a document so that any browser can efficiently render its contents on any device.

Explain briefly about what we mean by ‘the Browser Wars’, and how it could resolved.

Different browser developers created products that interpreted the standards in different ways regarding how their browsers might render HTML elements; they then added their own ‘proprietary’ features

Why did W3C developed the Extensible Mark-up Language (XML)?

The W3C recognized that HTML is limited in its ability to distribute, process and display documents. HTML alone could not deliver everything such as chemical formulae, mathematical equations or musical notation

What are the main difference between HTML and XML?

The main difference between HTML and XML, however, is that HTML focuses on displaying information and on how it looks, whereas XML also describes the information.

Why did W3C introduce XHTML?

HTML and XML have different functions and that XML was never intended to replace HTML. However, in combining the two standards into XHTML, the W3C has developed a powerful mark-­‐up language incorporating the formatting and display capabilities of HTML with the flexibility of XML

Explain briefly about the concept of Cascading Style Sheets, show example.







What do we mean by element of the HTML? Show example.

Each HTML document structure contains recognisable ‘elements’, such as a heading, a paragraph, hypertext links, lists, tables, images

Each HTML document structure contains recognisable ‘elements’, such as a heading, a paragraph, hypertext links, lists, tables, images





What do we mean by attributes of the HTML? Show example.

What is the importance of hypertext? Show example.

HTML contains features for hypertext that connect documents or web pages to each other

What do we mean by well- formed in the context of XHTML?

1) All XHTML elements must be properly nested


2)All XHTML elements must be nested in the root element.


3) In XHTML element names must be in lower-case


5) Note that for empty elements which are often written in shorthand form such as horizontal rules

Explain briefly about the role of W3C in establishing standards for delivery mark-up of content to devices other than PCs.

to consider the challenge of delivering mark-up of content to devices other than PCs.

Explain briefly about The XHTML Basic document type.

The XHTML Basic document type includes the minimal set of modules required to be an XHTML host language document type, and in addition it

W3C have been proactive in several areas, list them.

-- Mobile Web applications can take full advantage of the technical progress in the Open Web Platform


-W3C widgets offer a packaging format to distribute Web-based applications


-W3C is also exploring ways to use the Web on mobile devices to bridge the digital divide

What is the concept of Usability?

The concept of usability is a relatively simple one underpinned by the principle of simplified web design

What did Jakob Nielsen and Donald A Norman coin the Usability?

Jakob Nielsen and Donald A Norman coined it quite simply as ‘survival of the easiest’

What did Nielsen define Usability?

Nielsen defines usability as ‘a quality attribute that assesses how easy user interfaces are to use

What are five quality components that define usability by Neilsen?

1) Learnability: How easy is it for users to accomplish basic tasks the first time they encounter the design


2) Efficiency: Once users have learned the design, how quickly can they perform tasks


3) Memorability: When users return to the design after a period of not using it, how easily can they re-­‐establish proficiency


4) Errors: How many errors do users make, how severe are these errors, and how easily can they recover from the errors


5) Satisfaction: How pleasant is it to use the design

What are the main questions we should consider when creating a website?

1)How easy is it to find your way around the site?2)Can you find the information you want?


3)What elements of the site design contribute to ‘ease of use’?


4)Is the mission of the site reflected in the site design

What are the natural way most people run Web projects leads to mistakes at all levels?

Business model:treating the Web as a marcom




Project management:outsourcing to multiple agencies without coordination




Information architecture:Structuring the site like the company’s own org chart instead of reflecting the users’ view of the service




Page layout:using heavy graphics because they look gorgeous on the art director’s high-­‐end color monitor where they are downloaded over a direct line to the server

What are the questions have to be raised when talking about Planning?

What has to be done,


When it should be completed,


By whom it will be done


How it will be achieved

List the main points of Reiss’s breakdown of the planning process.

Planning


Allocate


Analyse


Architect


Accumulate


Apply


Assemble


Adjust

What are the variety of structures of how ages might link together for different web functions that have been identified by Joel Sklar?

Linear


Tutorial


Web


Hierarchical


Cluster


Catalogue.

Explain briefly the Linear structure.

A linear structure has a content path that lends itself to navigating back and forth from a natural starting position to a definitive end point.

Explain briefly the Tutorial structure.

The tutorial structure is perfect for computer-basedtraining such as lessons, tutorials

Explain briefly the Web structure.

Web structure is suited to smaller websites, allowing users to navigate from any page to any other within the content structure

Explain briefly the Hierarchical structure.

The hierarchical structure lends itself to larger content collections. Where navigation is between sections and within those sections it is linear in structure

Explain briefly the Cluster structure.

The cluster structure is similar to the hierarchical structure in that there are different sections and topics, but here Sklar notes that each topic is an island of information with all the pages in each cluster linked to each other.All pages contain clear navigation with links to the section pages, main page and site map

Explain briefly the Catalogue structure.

The catalogue structure is suited to online shopping applications

The process of developing a web application encapsulates a number of succinct steps, List them with explanation.

Define the goals of the website


Define the target audience


Analyze the market and look at what your competitors are doing


Consider the environment you are aiming to operate in

Why would someone visit a certain site?

Looking for a particular type of product


Looking for a specific product, service or piece of information


Because it turned up in a search


Because another site suggested the link


Because they know about your company for some other reason.

What is the goal in designing the ‘look and feel’ of any website?

The goal in designing the ‘look and feel’ of any website is to ensure that visitors can find what they want quickly and efficiently so that they will come back for more

What are the key factors in bringing visitors back are to?

1)See if you have added new products or information


2)Investigate something they saw during an earlier visit


3)Use a service provided by the site itself

Explain briefly the importance of the WEB.

The Web has undoubtedly become an important resource providing unprecedented access in almost all aspects of life

What are the main challenges for the WEB?

The challenge is in ensuring that the Web remains open.

What do we mean by accessibility?

Web accessibility means that people with disabilities can use the Web. More specifically

What are the points of W3C Web Accessibility Initiative guidelines?

1. Implementing International Guidelines for accessibility


2. Providing support materials for web accessibility


3. Providing accessibility resources


4. Providing a collaborative environment for web developers to exchange ideas and accessibility solutions

What are the distinct areas of accessibility into which the W3C have split their resources?

1)Web Content Accessibility Guidelines




2)Authoring Tool Accessibility Guidelines




3)User Agent Accessibility Guidelines

What are the principles of accessibility?

1. Perceivable to users in ways they can perceive




2. This means that users must be able to perceive the information being presented




3. Operable – user interface components and navigation must be operable.


4. This means that users must be able to operate the interface (the interface cannot require interaction that any user cannot perform)

What are the main categories developers should consider in terms of putting together a business case for accessibility?

1)Social factors


2)Technological factors


3)Financial factors


4)Legal and policy factors

What are the consequences If designers do choose to ignore accessibility guidelines?

they run the risk of alienating up to 20 per cent of their client base ,they run the risk of running into litigation

What is the main function of CSS.

CSS provides the simple mechanism for adding style in terms of fonts ‘colors’ and positioning to the content of Web documents

Explain briefly how element are dealt with in an XHTML when CSS to display content in a browser.

every element in an XHTML document is considered to be a rectangular box of ‘content area’ surrounded by ‘padding’, a ‘border’ and ‘margins’.

List the available modes in CSS that are used when positioning boxes.

‘normal’, ‘float’ and ‘absolute’

What is the job of CSS visual formatting model?

CSS visual formatting model describes how element content boxes , should be handled by user agents

What are the points that stated by W3C which will govern the layout of these boxes?

1)Box dimensions and type.


2)Positioning scheme


3)Relationships between elements in the document tree


4)External information

What is the idea that the CSS box model built around?

The CSS box model is quite simply built around the idea that the content is for a web application is placed within a set of nested rectangles

Draw a diagram that show the idea of the CSS box model

Explain briefly how each sigle box is built in the CSS Box Model.

Within any single box, there is the core content area, at the centre where the content goes.This is then surrounded by the rectangles that define the padding, the border and the margin

What are the main job of Padding, Border, and Margin properties?

Padding properties specify the area between the content of the box and the border.The border properties specify border-style, border-color and border-width for all four borders.Margin properties specify the outer margins.Boxes can combine in CSS to form a single margin

What are the simple design principles that should be followed when designing for the web?

1. Choose a few select fonts and sizes


2. Use fonts that are available on user’s devices


3. Design for legibility and for usability.


4. Avoid using text as graphics

Define Typography

verbal and visual equation that helps the reader understand the form and absorb the substance of the page content

Explain briefly Typography role.

Typography plays a dual role as both verbal and visual communication. When readers scan a page they are subconsciously aware of both functions

What makes a good typography?

Good typography establishes a visual hierarchy for rendering prose on the page by providing visual punctuation and graphic accents that help readers understand relations between prose and pictures

What is the important of consistent formatting?

Consistent formatting is important for the look and the feel and the legibility of a website or application

What is the main advantage of using an external CSS style sheet?

we can control the look across multiple documents for the same website.

Explain briefly how CSS recognizes different media types.

CSS recognizes different media types that define the properties that make sense for any particular target media, such as ‘screen’ for colour computer screen

What are the points that good typography depend on?

Good typography depends on the visual contrast between one font and another

What is the advantages of using regular and repeating patterns through pages?

Using regular and repeating patterns through pages help the reader to establish the location and organization of your information and increase legibility.

Explain briefly the idea of Using text as graphics

sometimes web application requires a font that represents a brand such as Google logo

Why does a designer choose to present text as a graphic form?

to avoid forcing visitors to install the font on their operating systems

What are the disadvantages of using text as graphics?

The Web Open Font Format is an open format for using fonts on the Web

What is RGB when using a computer monitor?

When you view any colour on a computer monitor you are experiencing a mix of the three basic colours: red, green and blue (RGB).

What are the format that CSS representing ‘color’?

Name, ‘Hexadecimal’ and ‘RGB’

What is the advantage of using RGB and hexadecimal format over names format?

Both RGB and hexadecimal ‘color’ values allow a wider choice than colour names.

What is the main problem with specifying color that will be displayed in different monitors?

The main problem with specifying color is that different monitors display different color depths

What are the main commonly used graphics formats? And what they use to create the best image?

There are four commonly used graphics formats GIF, JPG, PNG, SVG.They use compression to create the best image they can under compression technologies

Explain briefly about GIF format.

GIF, the Graphics Interchange Format images are compressed images that do not lose color information when compressed

Explain briefly about JPG format.

JPG, the Joint Photographic Experts Group will usually be photographs and it is called ‘lossy’ in that when the graphic is compressed some information loss occurs

Explain briefly about PNG format.

PNG, Portable Network Graphics image format was designed for the web PNG does not compress as efficiently as JPG, so it is not necessarily the best choice for presenting photographic

Explain briefly about SVG format.

SVG, the Scalable Vector Graphics Format

When do we usually need security while using the Web?

When we connect computers together in networks for passing data from one computer to another

What are the main uses of a firewall?

The firewall exists to assess the traffic that is exchanged between the PC and the wider internet and to make choices about the validity of any data transaction between the server and the client.

What are the components of a firewall?

Firewall is a hardware (such as a router), a software product, or a combination of the two.

What is the Hypertext Transfer Protocol Secure?

is a version of the HTTP protocol combined with SSL/TLS protocol that provides encrypted communication and secure identification of a network web server

What is Digital Certificates?

are data files exchanged between client and server to identify individuals and organizations across networks in order to enable secure and confidential communication between two parties

What are the main contents of Digital Certificates?

A standard digital certificate contains the name of the holder and additional identification information , and the individual’s e-­mail address.

Which cryptography does Digital Certificates depend on?

Forms in XHTML are web pages that made up of text boxes, drop-­‐down lists and menus, ‘check’ boxes and buttons of various sorts.

What is the importance of Web Forms?

The ability to capture information and Feedback from a user

Define The Common Gateway Interface (CGI).

is the standard protocol for returning form data to the server.

What is the main disadvantage of CGI?

A disadvantage of the CGI, is that each form returned to the server causes a new copy of the program to be executed

What does Web servers offer to programmers to minimize these overheads?

Some web servers offer programmers ways to minimize these overheads through the use of an Application Programming Interface (API).

What happens usually when a user submit a form?

When you submit a form you will usually be accessing a script of some description on a server and it is that script that will handle the data that you have submitted

What are the methods of submitting form data?

get’ and ‘post’

What is the default value if no method is specified?

is ‘get’

What is the disadvantage of using get method when submitting date?

The ‘get’ method for submitting data is insecure for the exchange of sensitive data

What is the main function of name attribute

The name attribute is included to identify the form to the script at the server and also can be used to identify the form element for CSS.

What is the main feature of Radio button?

Radio buttons are simply a means of taking a number of mutually exclusive options where only the one that is selected is submitted to the server

What is the difference between reset and submit buttons?

The reset button resets all the fields in the form to their default values.

Explain briefly the idea of hidden input fileds.

The hidden input field type allows authors to include form data that isn’t rendered by the browser

Why do we use the type= “password”?

creates a field that masks the characters typed as asterisks or black circles.

Explain briefly the use of file fields.

The contents of a user-specified file may be submitted with a form.The user is prompted for his or her name and a list of file names that should be submitted with the form.

What is the function of ‘enctype’’ when using file fields.

the contents of each file are packaged for submission as a distinct section of a ‘multipart’ document.

What is the main use of Checkboxes component?

Checkboxes allow a user to select any number of a multiple of options presented from a limited number of choices.

What is the use of the tabindex attribute?

the tabindex attribute specifies the position of the current element in the tabbing order for the current document’.

Explain briefly the size attribute when using List boxes.

The size attribute of the select element is presented as a scrolled list box.

What is the solution for impaired users using screen readers such as JAWS?

For visually impaired users using screen readers such as JAWS, we need to consider placing the label for each control adjacent to it

Explain briefly the use of the fieldset element and the legend element.

For more complex forms where you might have several elements that can be grouped together

Explain briefly The architecture of web applications in terms of their ‘structure’.

hardware (the physical structure of the application) and software (the programs making up an application).

What did Shaw and Garlan define The architecture of a software system?

defines that system in terms of computational components and interactions among those components

What did Fowler define The architecture?

Brown (2012) describes architecture more widely


Architecture basically comprises of four things:


1)Structure the building blocks (components) and how they relate to and/or interact with one another


2)Foundations - a stable basis on which to build something.


3)Infrastructure services – the essential services that are an integral part of whatever is being built.


4)Vision – should be understood what it is you are building and how that process will be done.





Explain the client–server architecture.

In client–server architecture it is commonly called ‘two-­‐tier architecture’, divides an application into two parts, ‘client’ and ‘server’..The client part (‘presentation’ layer or tier) provides the interface for users, displays information, and passes information to the server for searching.

Which is the common client used to access applications in the client– server architecture.

A common client used to access applications is a web browser that accesses server applications using HTTP.

What is the different between thin client and thick client?

The web browser (thin client) simply displays the information that the server provides.The ‘more intelligent’ (thick client) allows you to take the information the server provides and to manipulate and display it in various ways according to your own personal needs.

Explain the Multi-­‐tier architecture.

In Multi-­‐tier architecture, Both the client and the server parts can be further subdivided if this is appropriate to the application.
The client may be responsible for some processing of data and for the presentation of information

In Multi-­‐tier architecture, Both the client and the server parts can be further subdivided if this is appropriate to the application.The client may be responsible for some processing of data and for the presentation of information

Explain briefly the term ‘middle tier’.

The tier between the data tier and the web server application, is sometimes termed the ‘middle tier’ or middleware.

How many tiers usually mean when we talk about ‘multi-tier architecture’.

‘Multi-tier architecture’ refers to what should more specifically be called three-tier architecture (client, server and data tiers).

What are advantages to breaking down the application into tiers?

There are advantages to breaking down the application into tiers. Each tier can be changed more easily as it is less dependent on details of the other components with which it interacts

There are advantages to breaking down the application into tiers. Each tier can be changed more easily as it is less dependent on details of the other components with which it interacts



Explain the concept of Service-Oriented Architecture (SOA)

Service-Oriented Architecture (SOA) is based around the idea of breaking down an application into a set of much smaller tasks that can be performed by small independent pieces of software,Each performing a discrete task commonly called a service

What are the main components or roles of SOA?

1)A requester that can both search and discover web services




2)A directory or registry that holds the details of web services those are available.




3)The services themselves. Each service has its details published as an XML description in any number of directories.





Explain how to find a service on the Web when using SOA

A requester must know the location (ex. URL) of a directory service and then search the directory for the type of service required.The directory provides a description of the service

What are the distinct layers of Web service architecture (WSA)?

1)Network transport layer. It supports the passing of messages between components in the architecture


2)Message encoding layer. It provides a standard approach to encoding information in messages so that they can be understood


3)Service description layer. It provides a way to describe a web service so that it can be accessed and used


4)The Web Services Description Language (WSDL) is used to describe services




5)Service discovery layer. It provides the means to publish descriptions of and find web services in a central repository.

What do we mean by web services protocol stack

The four layers of Web service architecture (WSA) are termed the web services protocol stack

What are the processes of the operation of web services?

1. Publish service description


2. Search request.


3. Service descriptions


4. Request service


5. Service response

What are the main properties of SOA?

The SOA model (with its ‘publish’, ‘find’ and ‘bind’ operations), together with the small size of operations embodied by services, leads to a very flexible solution.

Define Clouds.

that virtual servers are made available and used over the internet, but more generally the Cloud is seen as consisting of a wide range of different resources.

What is the definition of Clouds that has been provided by the National Institute of Standards and Technology (NIST)?

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of computing resources ) that can be providing quickly and with minimal management effort or service

What is the general principle behind the Cloud?

The general principle behind the Cloud is that it functions as a set of available resources and services that can be accessed over the internet

Explain briefly the concept of ‘Web 2’.

There has been a trend to enhance the user experience on the Web by increasing the opportunities for participation

What is the important advance in Web 2, relevant to architecture

One important advance, relevant to architecture, is that thin clients such as browsers are equipped with more sophisticated functionality so that

Explain the concept of Asynchronous JavaScript + XML (AJAX).

Asynchronous JavaScript + XML (AJAX) is an approach provide an additional client-side layer that sits behind the client user interface (browser window) and manages the communication, using HTTP requests

What should we look at after looking at architecture? Give example.

After looking at architecture then we should look at the issue of ‘design’


For example, in multi-tier architecture, we might specify that there is a data tier and it will include information about sales and stock levels.

Why did we look at “conceptual architecture” when what we really needed to produce a solution?

We looked at “conceptual architecture” when what we really needed to produce a solution because “realization” composed of real items that can be downloaded and used

Explain briefly in terms of simplicity of functions.

Thin client has little internal logic so it will not do very much work and will perform only quite simple functionsThe thinnest client will simply present information

What is required on every operation on the client side?

Every operation on the client side requires an HTTP request to be sent to the server that performs the operation and then returns new information to the client.

Where does the main processing occurs in thick client?

A thick client performs a significant amount of processing on the client side and thus puts greater demands on the client-­‐side machine.

Explain briefly the concept of real-­‐time applications.

In some cases, thick clients actually establish their own private connections to a data layer outside of the HTTP communications with the server.

Define a program.

A program is a complete set of instructions for performing a task.

Why programs are translated into a set of processor instructions?

Programs are ‘translated’ from a programming language into a set of processor instructions for execution.

Does high-­‐level language understood by a computer’s processor?

high-­‐level languages’ cannot be understood by a computer’s processor, so the instructions have to be translated or interpreted into machine language in order to be executed

When does Scripts are interpreted? Give example of interpreted languages.

Scripts are interpreted at execution time.There is a wide range of interpreted languages

What is the key distinguishing property of interpreted languages?

The key distinguishing property of interpreted languagesIt’s that they are translated from the programming language into processor instructions when the script is executed.

Explain what compiled languages mean.
Compiled languages are translated to an executable file.When using compiled languages (such as C, Delphi or Fortran) the complete program is translated before being executed.

What is the major advantage of the compiled approach?

A major advantage of the compiled approach is :That the program can be compiled once and run as many times as required

Explain the concept of ‘platform independent’.

This means that a program can be able to run on any type of computer (e.g. Macintosh, PC) using any operating system (e.g. Windows, Solaris, Linux).

What are the stages of translation process that make Java achieves computer-type (processor) and operating-system independence?

Java achieves computer-type (processor) and operating system independence in a two-stage translation process.The program is translated into a new set of instructions, known as bytecode, that are closer to the language that any processor understands but are not specific to any one processor or operating system.

Explain ‘plug-ins’ in the browsers, give examples.

. Most browsers also support the use of extensions, commonly known as ‘plug-ins’, which provide some additional functionality

Explain briefly how a web page can be seen as composed of a set of layers

A web page can be seen as composed of a set of layers. HTML is used to structure the basic page content.

List some of the common features of JavaScript.

JavaScript can be embedded in any XHTML page.JavaScript can be interpreted by most modern browsers, without the use of plug-ins

What are the common ways of inserting JavaScript code in a web page?

Inside an HTML tag script, in a ‘character data’ or CDATA sectionInside an external .js file, linked to the HTML page that contains a declaration

Explain briefly the concept of The Document Object Model (DOM).

The Document Object Model (DOM) is a technique based on a view of a web page as a hierarchical structure made up of objects

Explain briefly the window object.

At the top level of the DOM hierarchy is a single window object, which represents the browser window.

Explain briefly the document object.

The document object is a child of the window object, and allows us to manipulate a web page

Explain briefly the navigator object.

The navigator object (window.navigator) allows us to retrieve information about the browser that has been used to access a page.


Through the navigator object, you then can then identify the name of the browser (navigator.appname) and the operating system of the client

Explain briefly the images object.

The document object includes an images object (document.images), which allows access to all the images that are included in the document.

What are the mainfunctions of The DOM application program interface (API)?Walking the DOM

The DOM application program interface (API) allows therelationships between nodes to be used to ‘walk’ around adocument tree,

Why do use validation?

Validation is used to ensure that the values in the fields of a form are complete and appear to be correct

What should be occurred when an error is found in a field’s value?

When an error is found in a field’s value, the user should be informed about this and be given some guidance on how to correct the problem.

How can errors reported?

messages using string concatenation operation Validation functions can be called one at a time and then concatenate returned value in one message, or calling all validation functions and then reports the result

What are the main events that are often used to invoke form validation on fields?

onBlur: Which occurs when an object loses focus.


onChange: Which occurs when the content of a field changes.


onFocus: which occurs when an object gets focus.

Explain briefly the concept of Form events.

As a user enters data into a form, the movement of the cursor sets off a series of events such as ‘onFocus’ event, ‘onBlur’ event, and ‘onChange’ event.

Explain briefly how onsubmit event works along with validation.

The form action parameter and a ‘submit’ button are used to specify the URL to send the form to and to provide a clickable button for sending the form.

What are the consequences if the browser does not support JavaScript or if JavaScript is turned off?

When the browser does not support JavaScript or if JavaScript is turned off then content inside of ‘noscript’ tags is displayed. This allows alternative ‘non-­‐JavaScript’ content to be included in a page,

Why do usually use The equality operator ‘==’?

We might want to check that a field has some content and then further validate the field value.

Explain briefly the concept of a pattern or‘regular expression’.

Some fields can be validated according to the type of value they should contain. A common approach to this is to construct a pattern or ‘regular expression’ and then test to see if the expression matches the field value

What the ways of constructing a regular expression in JavaScript?

There are two ways to construct a regular expression in JavaScript, either as a string or an object

What are the advantages of using objects constructing a regular expression?

The advantage of using objects is that the expression value can be created at runtime whereas literals, more efficiently

What is the general approach to making a regular expression in JavaScript?

The general approach to making a regular expression in JavaScript is to write:var RegularExpression = /pattern/

Write some examples with explanation that show the use of(. , \d , \w , ^) in matching pattern.

1. abc matches only abc and nothing else


2. . matches any character (‘a’, ‘3’, ‘&’ etc)


3. \d matches any digit (‘1’, ‘5’, ‘9’ etc)


4. \w matches any alphanumeric character (‘a’, ‘2’, ‘_’)


5. ^ Specifies the start of the string being matched, so


6. the pattern ‘^hello*’ matches ‘hello there’ but not ‘A big hello’

How to create a string object

var myString = “Hello there”;


Or


var myString = new String(“Hello there”);

Explain briefly the concept of using External JavaScript files

If you were developing some functions to validate a form then you might want to use the functions across several forms.

Talk briefly about PHP

1. PHP is an open source scripting language. PHP is freely available.


2. PHP is available for IIS but is more commonly used with other mainstream open source software.


3. PHP is a common part of what is called the LAMP software stack.

Explain briefly about The LAMP variations in terms of the operating system

The LAMP acronym also has some variations in terms of the operating system used

What do we need to run PHP?

To run PHP we need a web server that serves content, such as HTML pages.The server must also be able to run PHP scripts that are embedded in HTML pages

Talk briefly about MySQL.

MySQL is an open source database system, it is has a high performance, high reliability and ease of use. It is also the database of choice for a new generation of applications

Explain briefly the process of requesting a PHP page from the server.

PHP resides on the server. So when a request is made for a page, the server will fetch the page and execute any PHP scripts before sending the resulting

Explain the two different functions in PHP for including a file.

1)include() – if the file to be included cannot be found, this functiongenerates a warning, but the script will continue execution




2)require() – in this case if the file can’t be found the function generates a fatal error, and the script will stop.

How to deal with included variables when dealing with external PHP files

Included variables, etc. are subject to the same scope rules as if they were declared where the include statement is found, except that functions in the included file are global.

What happens when the included file is parsed.

When the included file is parsed then the parser returns to HTML mode, so that PHP in the files must be enclosed with PHP tags

What advantage of including file

that the included code is written just once and can be included in any number of pages

Give a general definition for a Database.

A database is simply a container in which we can store data and later retrieve it.

List some of the characteristics of the Database.

1. A database can contain any number of tables.2. Each table is given a unique name when it is created so it can be referred to.


3. A table can have any number of columns and rows up to a product-­‐dependent limit.


4. Each column is also given a unique name within the able so it, too, can be referred to.

List some of the operations that can be achieved on any table.

1. Search the table for a specific person.


2. Sort the table by, say, surname.


3. Add or delete rows


4. Update values.

Explain briefly the concept of a Key in the database.

A database might have millions of rows of data in a single table. To improve the efficiency of operations such as searching and sorting, one or more columns can be specified to be a ‘key’.

Can we deal with databases through PHP?

PHP allows us to connect to a database and perform operations on the database and its tables. We can also create and delete entire databases.

What does PHP use to manipulate the database?

PHP uses the standard ‘Structured Query Language' (SQL)to manipulate the database.

To what extent SQL can help PHP to manipulate the database?

We can achieve most of the database operations required for a simple web application with just a few SQL commands.

List the sequences that typically used when using PHP database functions.

1. connect to the MySQL database server


2. select a database to use


3. construct an SQL query as a string


4. execute the SQL string


5. if the query is such that data is to be returned, then collect up the data for our own purposes (such as for display in a dynamic web page)


6. close the connection.

Do all SQL queries must return data?

Some SQL queries will not return data: for example, deleting a table row, while others, such as searching, will return the data (rows) that are found.

Explain the use of ‘@’ operator in PHP.

The ‘@’ is PHP’s one error control operator.

What do we mean exactly by mobile devices?

We are surrounded by mobile phones, laptop computers, net book computers, tablet computers, satellite navigation systems (Sat Navs

What are the main features of the mobile devices?

1. We can carry them around with us




2. They can connect to the internet wirelessly either using the mobile phone network or local wireless access points.




3.They have the potential to report their location.




4. They have such things as cameras, microphones/loudspeakers, GPS and accelerometers built in to them. (The accelerometers can report orientation of the device and its motion.)

What are the challenges of producing websites for mobile devices?

1. Using Touch-­‐screen input


2. Processor power


3. Small keyboard


4. Limited capabilities


5. Some website navigational and usability features won’t work

What is the difference betweenscreen size and pixel size?

Screen size:The physical dimensions of the screen that called is screen size




Pixel size:Refers to the number of pixels displayed on the screen in the horizontal and vertical directions

What do we mean by resolution?

Resolution is the number of pixels per cm or inch

Calculate the resolution of the iPhone device having the following dimensions: If we assume that the pixels are spaced equally in the horizontal and vertical directions, we can define a pixel separation distance.The height of the screen is 640 pixel widths. The width of the screen is 960 pixel widths.

The length of the diagonal in pixel widths can be calculated using the equation a2 + b2 = c2, where a and b = the two sides of the screen and c = the diagonal (Pythagorus’s theorem).For the iPhone this gives:√(960 x 960 + 640 x 640) = 1154 pixels widths lengthTo find the resolution then, we divide the diagonal length in pixel widths (1154) by the length in inches (3.5), which gives a resolution of 330 pixels per inch across the diagonal.If we assume the pixels are evenly distributed across the screen, this becomes the resolution of the screen in pixels per inch.a2 + b2 = c2 to fined the c c = √( a2 + b2 )c = √(7202 + 10802)c = √(518400 + 1166400) c = √1684800c = 1298 /4.0 = 325 pixel per inch

What do we mean by finer resolution and coarser resolution?

Devices with more pixels per inch are said to have finer resolution.


Devices with less resolution are said to have coarser resolution.

Is there a limit to the degree of resolution?

There is practical limit to the degree of resolution that can be distinguished, and that limit is set by the characteristic of one’s eyes.

Why does pixel size matter?

because you can get very different viewing experiences when looking at a website using mobile devices that have different screen sizes

What is Ripple?

Ripple is a multi-­‐platform mobile environment emulator that runs in a web browser and is custom-­‐tailored to mobile HTML5 application development and testing

Explain briefly how Touch-­‐ screen input is a challenge when producing websites for mobile devices.

Mobile devices use touch-­‐screen as their input device. Normal websites designed for use by a pointing device such as a mouse are ill-­‐suited to touch-­‐screen devices.

Explain how Processor power is a challenges when producing websites for mobile devices.

Mobile devices tend to have processors that are less powerful than desktop or laptop computers. This means that they may seem slow when browsing a media

Explain how Small keyboard is a challenges when producing websites for mobile devices.

Many of the mobile devices have very limited size keyboards. If the website requires text entry, this can be a tedious business on a mobile device.

Give an example of the limited capabilities of some the mobile devices.

iPhone and early versions of Android smart phones which couldn’t play any Flash video files

What is the effect that Some website navigational and usability features won’t work?

Many websites use ‘mouseover’ technique where a message is displayed if the pointer controlled by the mouse lingers, or hovers, over features in the website

What are the different approaches that are taken when designing websites for mobile devices?

1. Do nothing


2. Design one website but use a different style sheet or sheets for mobile devices


3. Have separate websites for mobile devices:

Explain briefly the approach Do nothing designing websites for mobile devices.

Mobile devices are getting more capable and have larger screens. ‘Phone development will solve the problem’

What does it require when designing one website but use a different style sheet or sheets for mobile devices

Design one website but use a different style sheet or sheets for mobile devices:This requires a way of detecting that a mobile device is accessing the website.

Explain briefly the approach “Have separate websites for mobile devices”

This approach would give the best browsing experience for a particular device

How can we reduce the difficulties of accessing websites with mobile devices,?

the first step is to detect that the user is indeed using a mobile device.

Write the code that will detect screen size mobile devices using JavaScript

What is the main use of XLST?

XSLT is a language that transforms an XML document into another XML document.

What is the main use of the following:CSS, XSL, XSLT, XPath, XSL-­‐FO

CSS: A style sheet for HTML


XSL: Style Sheets for XML XSL describes how the XML document should be displayed


XSLT: A language for transforming XML documents


XPath: A language for navigating in XML documents


XSL-­‐FO: A language for formatting XML documents

How Mobile applications vary in complexity?

They vary in complexity from simple interfaces that allow mobile phones to display a website in a phone-­‐friendly way to complex applications that use the device’s camera, microphone loudspeaker

What do we mean by native apps?

Mobile apps that are designed to run on specific phones are termed native apps.

What do mean by Scanning apps?

In scanning apps the camera can be used to scan business cards or barcodes, to identify objects.

Explain an example ofScanning apps.

In the example of the business card readers, the server uses that image and optical character recognition (OCR).The image is scanned for text, then for key fields that correspond to, say, email address, phone numbers, or job title.This data is then sent back to the phone in a format that is compatible with the contact list in the phone

Explain the Goggles application

allows text to be translated using computer translation before it is sent back to the mobile device.

Explain how Barcode scanning applications work in mobile devices.

A product barcode gives each product a unique number and once it is read,the mobile device sends it to a server that identifies the product from its unique number.Once the product is identified the server runs a search of the Web for the price of that product using a price comparison application.

How is the book cataloging app work?

In the book cataloguing app, the camera can be used to scan a barcode (ISBN)

How can the mobile device ‘know’ where it is?

1. . From the mobile telephone network


2. . From knowing the location of the Wifi point to which the device is connected


3. . By using an inbuilt GPS receiver in the device4. . A combination of all these.

Explain briefly Location applications of mobile devices.

If the device is connected to the mobile phone network, that network ‘knows’ where the phone is even if it is not making a call.

What happens whenever a user’s phone is switched on?

Whenever a user’s phone is switched on their network detects it from the signal coming from the phone whichever cell it is in.

How the precision of detecting a mobile can be improved?

These cells can be large, particularly in rural areas, so the precision may be no better than an estimate of position with an error of about a kilometer.

What is Google Maps?

Google Maps for mobiles is a downloadable application that runs on many web-­‐enabled mobile phones and uses a phone’s cell information together with that of any adjacent cells receiving the phone’s signal .

How can the mobile app identify the mobile phone’s location approximately?

From a database of cells and the base stations servicing each cell, the app can identify the position of nearby base stations.

What do we mean bytriangulation?

Calculation to identify the mobile phone’s location uses a trigonometric process called triangulation (because at least three locations are usually needed).

What is Wifi triangulation?

This approach relies on detecting signals from nearby Wifi access points and using them to determine where the device is.

Is it necessarily that the device need to connect to any of the wireless access points?

The device does not necessarily need to connect to any of the wireless access points, but does need to identify them and to have access to the supplier’s database.

What is the advantage of a phone with a built-­‐in GPS module?

Allows it to work with the phone network to give a quicker fix than stand-­‐alone GPS,and a more accurate one than the phone network or Wifi triangulation alonewhich can be fed back to the location provider to improve their database

What is GPS?

GPS is a type of triangulation system used to determine location.

What are the features of GPS that make it less than ideal for a location system for a mobile device?

There are a couple of features of GPS that make it less than ideal for a location system for a mobile device.

Explain briefly about the ‘assisted GPS’ (A-­‐GPS) service.

An ‘assisted GPS’ (A-­‐GPS) service available on several models of phone that can give location information to within 20 m or better in a matter of a few seconds.

Explain what happens during the TTFF period.

During the TTFF periodthe GPS receiver is searching for at least four satellites. It needs to identify the specific ones it can ‘see’ and exactly where they are.

State the factors that allow the assistance server to give the phone the information it needs to work out its exact position far faster.

1. has more computing power than the phone and


2. have a stronger GPS signal.


3. has access to the phone network, and


4. hence knows which cell IDs the phone can detect.

What are the additional location-­‐based services become possible when a GPS module incorporated into a mobile phone?

A GPS module incorporated into a mobile phone will almost certainly have an internet connection,Maps and traffic conditions can be updated while travelling.The locations of nearby points of interest can be added

What software is needed to develop Mobile applications? Is it enough?

All of the mobile smart phone and tablet manufacturers provide their own Software Development Kits (SDKs) which contain tools that simplify the development of mobile applications.

What is the advantage and disadvantage of the tools thae allow applications to be native for a range of phones?

Some allow development using HTML and JavaScript and offer a version of your app that will be native for a range of phones

What is the next stage after developing Mobile application?

Once an app is developed, the next stage is to make it available either within an organization or to the general public.

What do we mean by route to market?

The process of making Mobile applications available to the market is called the ‘route to market’.

How routes to market are controlled?

Apps for the iPhone can only be released through the iTunes store and Apple check the apps against their criteria before putting them in the store.If they are to be sold in the store, Apple will take a percentage of the price.

Explain how Mobile applications can be run on different phone operating systems

it has to be produced for each one and this clearly involves duplication of development effort.

What’s a Mobile Web App?

A Mobile Web App is a website developed to give the same type of experience as a native app but without needing to be run on the device.

What are the advantages of a Mobile Web App?

1. It has to be developed once


2. It is not device specific and different forms are not required.


3. The app will run if the device’s browser supports HTML5 and JavaScript.


4. When to distribute the app you just need to distribute the URL of the Mobile Web App site to the mobile device.

What do we mean by The term ‘downtime’?

The term ‘downtime’ refers to the total time that a system is unavailable for use.

What are the main causes of downtime?

The majority of downtime isThe result of planned maintenance and upgrades.

What is the effect of downtime on today’s e-­‐ business?

Downtime can hurt a business becauseinformation is not available, decisions are not made, orders are not shipped in short, business stops.

Arnold suggests that all downtime can be broadly classified under seven headings, List them.

1. Backup and restoration


2. Hardware, network, operating system upgrades


3. Batch processing transactions


4. Application and database maintenance

What is the main idea of data centers

large warehouses containing several thousand servers, special cooling equipment, backup generators and multiple suppliers of power and internet access.

What is the main advantage of data centers?

spread the cost of the specialized equipment and staff across all the servers and incorporate disaster recovery techniques to safeguard customer operations

What are the main causes of downtime in data centers?

• Weather


• Standby generator failure


• IT equipment failure


• Accidental/human error

Define Reliability.

The ability of a system or component to perform its required functions under stated conditions for a specified period of time.

What is The ‘mean time to failure’ (MTTF)?

is a statistical measure of reliability for items that cannot be repaired.

How to calculate the mean time to failure (MTTF) is:

If a disk drive manufacturer tests a sample of 1,000 drives by running them for a period of 1,000 hours (just over 41.5 days). At the end of that period one disk drive was found to have failed. Calculate The MTTF.

How do we calculate TheAnnualized failure rate (AFR)

If a disk drive manufacturer tests a sample of 1,000 drives by running them for a period of 1,000 hours (just over 41.5 days). At the end of that period one disk drive was found to have failed. Calculate The AFR.

The factor 8760 is the number of hours in one year. (MTTF of 1,000,000 hours) the AFR = 0.876%.

How can we use the AFR to estimate the performance of the disk drives in a server farm?

as follows:Number of drive failures = number of drives x AFR. For example:If there are 2000 disk drives we can expect 2000 × 0.876, or approximately 18 drive failures per year.

What is the main problems with MTTF and AFR

One of the problems with MTTF and AFR is that they represent statistical values obtained from special test set ups, so they share little in common with the average computer

Define Availability.

Availability is the probability that a service or system is available to be used;

Define Availability From a user’s perspective

is the probability that a system is working when required

How do we calculate Availability?

How do we calculate Availability If a system has not yet been built

What is Operational availability?

is another version of availability, which is a measure of the availability actually measured for a real system

How do we calculate Operational availability?

What is the mean downtime (MDT

accounts for all the time the system is unavailable, no matter the cause

What is Load sharing?

Load sharing is intended to improve availability by sharing the total workload across a number of computers

What is Load sharing in the case of a web application

a web application the ‘nodes’ would be web servers, each with its own local storage for operating system, web server, content, and application data, and the combination of nodes and monitor is referred to as a ‘web server farm’.

What is ‘round-­‐robin’ scheduling?

The ‘load sharing’ monitor provides a single global IP address for the web server farm and communicates with the individual web servers over a private IP network.

How the monitor is represented and what should it do?

The monitor is represented by another computer with appropriate software, but it could also be a smart network switch or router.

What are the solutions for handling the situation of a node that fails after completing a single user request?

One solution to the user data problem is to incorporate cookies into the application so that the data is held by the client’s browser and returned to the web server with every request.

How to overcome the limitations of the basic configuration of the nodes of load sharing?

One solution is to link the nodes together by means of a dedicated ‘heartbeat’ network and a special heartbeat monitor.

What are the additional costs that come with the higher availability of the heartbeat configuration?

• dual network interfaces in each node; one for


• application data and one for the heartbeat


• An additional computer to function as the heartbeat monitor.

Why does simple load sharing offers limited availability gains?

The application will continue to function with multiple node failures, failed node will perceive zero availability

What do we mean by ‘scaling out’

; the ability to process more requests by the simple addition of an extra node.

Why does Load sharing can reduce planned downtime?

A cluster is a collection of independent computer nodes that function as a single ‘logical’ server to the user.

What does Cluster allow the node to do?

allows one node to take over a running application without the user being aware that such a takeover has occurred.

What is the primary goal of Cluster?

The primary goal of a cluster is to increase availability by means of redundant nodes.

Clusters typically operate in two forms,active-­‐passive and active-­‐active.

In the active-­‐passive configuration one node is actively dealing with application requests; this is the ‘active’ node on the left, labelled System A. The other ‘passive’ node, System B, is in a standby state ready to take over in case of failure.

How the two forms of clustering interact?

Heartbeat messages are exchanged between the active and passive nodes to provide the monitoring function.

What is the additional cost that come with Clustering?

• Dual network interfaces in each node, one for application data and one for the heartbeat


• Special software to support the clustering function and failover


• Extra system administration work to install, configure, and monitor the cluster

Explain briefly the concept of fault tolerance.

One of the strategies adopted by organisations that require continuous availability is fault tolerance, whereby a system is designed so that it will continue to operate in the event of a single hardware failure.

What do mean byVirtualization

The techniques for increasing availability are based on the traditional deployment model of one application per server farm or server cluster

Explain briefly the term Infrastructure consolidation

The term used when multiple server applications are virtualized to run on a single hardware platform

Explain briefly the termSandboxing?

The term used to isolate applications for testing or to enforce a high level of security

What do we mean by Legacy systems?

Many virtualisation solutions support operating systems, and hence applications, that cannot be executed on newer hardware platforms

Explain briefly Recovery in virtualization.

an image of a virtual machine can be quickly restarted or migrated from one virtual/physical computer to another very quickly

Explain briefly Testing and debugging in virtualization

take images of the configuration at different stages of testing, andrevert to a saved configuration in the event of a fault.

Explain briefly the concept of Clouds?

solution to provide a rapid or agile response to the changing business environment.

Explain briefly the concept Infrastructure as a Service (IaaS).

Infrastructure as a Service (IaaS) provides a business with a complete set of computers (servers, firewalls, load monitors), network links and storage devices on which to host their own software.

Explain briefly the conceptPlatform as a Service (PaaS)

Platform as a Service (PaaS) offers a business a computing platform, typically a virtual server and guest OS, on which they can run their applications

Explain briefly the conceptSoftware as a Service (SaaS)

provides a business with an entire application, such as an email service for all employees

What do we mean by Disaster Recovery (DR)?

Disaster Recovery (DR) means putting in place a plan that will enable a company to recover its IT systems following a disaster

What are the causes of the disaster?

may be environmental (flood, earthquake,


or hurricane),


equipment failure,


loss of power or communications,


or


a security incident that prevents normal operation

What is the primary goal of the disaster recovery plan?

The primary goal of the plan is to reduce the impact of a disaster and to restore all systems and applications to a fully functional state as quickly as possible

Define the term Project.

A temporary endeavor undertaken to create a unique product, service, or result.

Explain briefly the concept of Project management.

A new field of study is Project management, with its own set of tools and techniques such as Gantt charts, PERT

Discus projects in terms of opportunities and risks.

• The opportunities might be linked to launching a new product, or creating a new web application.


• By undertaking the project the business hopes to increase revenue, become more efficient, and make a profit.


• At the same time the project presents the business with risks because it may not be completed on time

What are the common features of IT failures?

• The common features of IT failures.


• A lack of end-­‐user involvement


• Long or unrealistic timescales


• Vague or inadequate requirements

Explain briefly the concept of The project plan.

Good project management strivesto find a balance between a project’s requirements andquality on one side and the resources,time, andrisks on the other.

Draw a diagram that shows the stages of the Waterfall lifecycle model.

The Waterfall lifecycle model known as linear software development cycle’ each phase must be completed before the next phase can commence

The Waterfall lifecycle model known as linear software development cycle’ each phase must be completed before the next phase can commence

Write three of the Pros and Cons of the Waterfall lifecycle model.

Pros (advantage)Time spent in the early phases reduces the chance of errors in later phasesPromotes a top-­‐down approach to decomposition leading to sub-­‐goals that can serve as project milestones.




Cons (disadvantage)Reliance on documentation outputs at each phase can hinder communication and lead to slow development.There is a long delay between the start of a project and the delivery of functional software.

Explain briefly the V-­‐model

•	Phases can overlap at the edges

•	All testing activity has been pulled out into a separate sequence of phases.

•	The phase ‘detailed design and production’ has been split into three phases: design, code, and test.

• Phases can overlap at the edges


• All testing activity has been pulled out into a separate sequence of phases.


• The phase ‘detailed design and production’ has been split into three phases: design, code, and test.

Define a project plan.

A formal, approved document that defines how the project is executed, monitored and controlled.

What is the main aim of project plan?

• the objectives of the project and


• the process by which the work will be managed and


• delivered on time and


• within budget.

What are the main purposes of project plan?

The project objectives


The scope


Partnerships


The outputs


The resources

Discuss the importance of Projects Monitoring.

Goals and targets of projects must be monitored to ensure that the project gets completed on time and within budget

What do we mean by Project milestone?

Such as the delivery of an item of equipment or completion of some tests

What do we mean by Project Gate?

A project gate (or stage gate) represents a point in the project when all work stops to await a decisio

What are the common metrics employed to monitor projects?

1. Time: compares the estimated duration to the actual time taken to complete a work package.


2. Cost: compares the estimated cost to the actual cost of completing a work package


3. Deliverables: compares the estimated time and cost to create a deliverable with the actual time and costs

Explain briefly the Gathering stage of requirement.

is intended to elucidate the raw ideas about what the ‘solution’ should provide in terms of important features and how it will interact with other parts of the business.

Explain some of the techniques of Gathering?

employed is to interview stakeholders about their specific needs.

Explain briefly the Refining stage of requirement

converts the raw ideas into something more structured, such as a business process or a prototype website.

What are the main the challenges of the user requirements phase?

One of the challenges of the user requirements phase is satisfying conflicting features or functions.

Explain briefly MoSCoW prioritization concept.

acronym ‘MoSCoW’ represents four levels of priority expressed by the words ‘Must’, ‘Should’, ‘Could’, and ‘Won’t’.

Explain briefly the MoSCoW’ levels.

Must – the project must provide the feature or function




Should – the project should provide the feature or function if at all possible




Could – the project could provide the feature or function if it does not affect anything else




Won’t – the project won’t provide a feature or function this time, but will be needed in the future

Explain briefly the term ‘functional quality’.‘external quality’

meaning that a piece of software is ‘fit for purpose’ and delivers the functional requirements.

Explain briefly the term ‘structural quality’ ‘internal quality’

Another interpretation of quality is of ‘structural quality’ or ‘internal quality’ that relates to how well the software was produced.

List the characteristics of software quality which are described by ISO

• Usability,


• Reliability,


• Security,


• Maintainability,


• Portability

List the Consortium for IT Software Quality (CISQ) structural quality attributes that are essential for a piece of software to have business value.

• Reliability


• Efficiency


• Security


• Maintainability


• Size

List the points that should be addressed in the quality plan

• identification of appropriate quality standards and the methods to satisfy them




• procedures to ensure quality standards are followed




• monitoring of project outputs to determine compliance with the quality plans

List standards and tools that can contribute to quality of web applications.

there are numerous standards and tools that can contribute to quality.For example, the W3C standards for HTML and CSS

What are the methods that are used in the resource and duration estimation of projects

• Use historic data: look back at similar tasks and use the time it took as the estimate for the current task. Many companies collect data about performance for just this purpose


.• Ask a friend: asking a co-­‐worker is a good option when the task is unfamiliar to you.


• Weighted average

Explain briefly the termRisk management.

Projects have some degree of uncertainty as to the outcome, for example, Will it be completed on time and on budget and will it fulfill the requirements?

What are the two main important points to observe in Risk management.

The first is that a specific risk may not materialise

The second point is that the consequence of a risk may not have a significant impact on the project

List the strategies that could be employed in Risk Management.

1. Eliminate or avoid the risk by not doing things or doing them a different way


2. Reduce the likelihood of the risk


3. Reduce the impact of the risk


4. Stop the project

What is the final stage of risk assessment?

The final stage of risk assessment is to combine all the information that has been gathered into a risk management plan that highlights the most significant risks

Explain the term risk register

is used to track changes in the level of each risk and to record actions are taken to manage the risks as the project progresses.

What do we mean bySystem testing?

is the mean by which we demonstrate that the solution fulfils the requirements

List with explanation what to test in the system.

Functionality testing: aims to verify that web pages are functional


Usability testing: aims to ensure that the application is easy to useAccessibility testing: aims to ensure the application is accessible to all usersInterface testing: aims to ensure the correct interoperation of the web


Compatibility testing: aims to ensure that the application functions correctly regardless of browser, operating system


Performance testing: measures the ability of servers and network to respond to user demand.Security testing: aims to ensure the application implements authentication and authorization controls and is not vulnerable to attacks.Regression testing: is any type of software testing that seeks to uncover defects that recur as an unintended consequence of program changes

Explain briefly the role of V-­‐model in testing.

provides a useful framework to explore the management of testing

What is the importance of creating tests plans?

The creation of tests plans is an integral part of project definition that provides verification of the design

What is required to mange each phase of testing?

• identification of what is to be tested,


• who does the testing, and


• how the results of the tests are collated and communicated

Who is supposed to conduct the testing?

Large projects often have a dedicated test team who prepare and execute the tests and track defects.Smaller projects typically share the work amongst the development team

What is the main role of Unit test?

Unit tests are intended to verify the execution of small pieces of code

What are the main points that can be included in Unit test for a typical web application?

HTML validation


CSS validation


Forms (as components combining multiple units)Internal hyperlinks

Can the author of the unit prepare the tests or execute them?

The author of the unit should not prepare the tests or execute them; to avoid any tendency

What is the main role of Integration test?

Integration tests are intended to verify that individual units work together

What is the main role of Usability test?

Usability tests are conducted to identify any design inconsistencies

Explain briefly the potential sources of error when conducting Usability tests.

Navigation errors – a user fails to locate functions


Presentation errors – failure to locate important information on the page




Control usage problems – incorrect use of buttons

What is the main role of Functional test?

Functional tests are typically designed around specific tasks, such as user registration, catalogue search, or payment for goods and will highlight integration problems between the client and server

What are the main role of System tests

System tests, or end-­‐to-­‐end tests, are intended to verify the interoperability and performance of the application in its final configuration

Where should we conduct system test?

Ideally system tests are conducted on a dedicated set of equipment that matches the performance and configuration of the final production servers

When should we conduct system test?

By the time system testing commences all Unit and Integration testing should be complete to the point that there is a stable version of the web application to test

What are the goals of performance test?

Once a stable configuration of the test environment has been created performance testing can commence.

what do we mean by the term “LOAD “ when we talk about high load or peak load?

Where the term ‘load’ represents the number of simultaneous users accessing the web application.

Explain briefly with example the load test

Describes a performance test during which a well-­‐defined load is applied to the application to determine the response time for individual functions


example :


the requirements may specify that with a load of 300 users the response time to a log-­‐in request should not exceed 10 seconds or that a search for a product within a catalogue should not exceed 15 seconds.

Explain briefly Stress test and its main goal.

Stress test:Describes a test to assess the performance of the application when the load exceeds the expected usage.




The goal is to ensure that the system remains reliable and stable even though errors may arise, such as dropping a user part-­‐way through a purchase transaction.

Explain briefly Capacity test.

Capacity test:Describes a performance test intended to provide an estimate of the maximum number of users the application can support reliably.

How do we conduct Capacity test?

During the test the load is increased until the performance becomes unacceptable

Explain the goals of Acceptance or user acceptance testing.

Acceptance or user acceptance testing is the final phase of testing in the V-­‐model lifecycle.The goal of this phase is to verify that the web application fulfils the ‘user requirements

Who should conduct the acceptance test?

It is the client, not the developer

What are the critical areas for client involvement in testing

Function: (Application fulfils functional requirements)
Usability: (User can get to information quickly and easily, on-­‐screen instructions are understandable and number of steps to complete a task is appropriate)
Work flow: (Sequence of web pages of an application match the underlying process work flow

What is the difference between Manual or Automated testing?

manual execution: a user sits in front of a computer and enters data, search terms, or follows hyperlinks and records the outcome of each test.




The alternative is automated execution whereby a program or script runs a number of predefined tests and saves the results

What do we mean by Test environments?

Test environments means the configuration of clients, servers, and network used to conduct the tests.


Three distinct environments are required namely: Development, Test, and Production.

What do we mean by the development environments?

is a mixture of clients and servers that will support developers during the early phases of the project.

What is the use of Version control?

Version control will store all the code, tests and documentation associated with each project

what is the use of Access control?

Access controls ensure that each developer’s code is protected and that each project’s resources are restricted to the development team

Explain briefly the Test workstation.

provided to give the access to the version control server in order to export test configurations to migrate to the test environment.

Explain briefly the test plan

a document that setsout the objectives, responsibilities and reporting methods related to testing.

What are the key sections of a generic test plan?

provides a brief summary of the web application.


Objectives (Scope):describes the purpose of the tests to be conducted.


Test Methods (Strategy):describes the main phases of testing, the types of test to be undertaken and how the tests will be conducted (manual or automated).


Responsibilities:provides details of the individuals and the tests for which they will be responsible.


Test environment:outlines details of the resources required to undertake the specified testing within the planned schedule.


Error Reporting:details how functional errors detected during testing will be communicated to developers.


Schedule:provides a schedule of the planned testing activity and any risks that might delay the schedule.


Appendices:references to other project documents that support the testing activity.

Why do we need security for the web servers and applications?

All web servers are susceptible to various kinds of ‘attack’

What are the causes of the successful attacks to any system?

The successful attacks result from a combination of poor coding standards, improperly configured servers

List security risks for web applications that have been maintained by the Open Web Application Security Project (OWASP).

1. Injection


2. Cross-­‐site scripting (XSS)


3. Broken authentication and session management


4. Insecure direct object references

When do we usually have a potential risks while dealing with web applications?

Every time a user submits data, application could be under attack.

Explain briefly with example the term ‘injection’

covers any form of attack that attempts to get untrusted data interpreted as a command. ‘SQL Injection’

What is the basic solution for injection attack?

is to ensure that any scripts that we create (client or server) test all users input data to ensure that both its type and value are valid for the context

Explain whether Client validation is sufficient protection for any data that will be used in a server side script or not.

Client validation is never sufficient protection for any data that will be used in a server side script because it is too easy to bypass the validation.

Explain briefly some of thesecurity problems thatmight come with serverconfiguration.

Some web servers come with demonstration programs that areintended to introduce special features, but the examples typicallyomit error and security checks because the checks would obscurethe points being taught. Unfortunately, if these demonstrations remain active when the server is connected tothe Internet their weaknesses can be exploited.

Explain briefly theapproach Hardening.

Hardening technique is the correct approach to configure allpublic servers so as to resist attacks.

What are the basic rulesthat should be followedfor all servers, includingthe server hosting webapplications.

Ensure that all unused or unnecessary services aredisabled.


A bastion host should not be part of any ‘trust’ relationships that may exist between servers on an intranetRestrict network protocols to those required by the application.


All general purpose user accounts should be removed and any accounts required by applications must have strong passwords.

Explain the term Activity logging.

record (also known as log or audit) all the activities that take place on a server so that we can assess if anyone is attempting to attack our application.

List some of Web servers logging requests

• The requested URI


• The HTTP method (GET, POST, HEAD, etc.)


• The IP of the requesting computer


• The page that referred to the requested resource


• The name and version of the user’s browser• The HTTP status response


• The size of the returned file


• The time taken to process the request.

Explain how Activity logging goes Beyond the web server.

Activity logging does not stop at the web server. Dynamic applications built around n-­‐tier architectures will require activity logging to be extended to the application and database servers.

What is meant by Physical Security?

is the physical security of the server. The server needs protection from fire, flood, earthquake, etc., but also from unauthorised access by anyone.

Explain the concept of Operating system controls

One of the important tasks of an operating system is to manage the permissions of the storage system so that it can control access to the contents of various directories and files stored on the server

How can the operating system manages permissions?

The operating system manages permissions by means of an access control list (ACL),

Explain with example Web server access controls

Microsoft’s IIS server delegates its control of resources to the operating system, but other web servers are equipped to implement their own access controls.Apache, for example, can control access based on resource location or access based on the rights of an individual

Explain the concept of Apache’s document-­‐root.

Apache’s document-­‐root represents the top level of a directory structure on the server and everything within this directory

Explain the concept of Aliases.

One of the consequences of a single root for a web server is that by default all content shares a common set of access permissions.

Explain briefly the concept of Digital certificates.

Anyone can register a domain name, set up a web server and then offer goods and services for sale.The current solution for website owners is to purchase a digital certificate, also known as website certificates, SSL certificates or X509 certificates.

Explain briefly the term Cryptography.

Cryptography is the field of study that deals with protecting information by encryption and decryption

Explain briefly the Symmetric encryption method.

Symmetric methods, such as AES, 3DES, Blowfish and IDEA, use a single key to encrypt and decrypt messages and the computation is fast.

Explain briefly the Asymmetric encryption method.

Asymmetric encryption methods use a pair of keys;one called the public key, and the other the private key. The two keys are mathematically related in a special way such that anything encrypted with the private key can be decrypted with the public key and vice versa. However, neither key can decrypt anything that it previously encrypted.

What is the difference between Authentication and Authorization.

Authentication: is related to identification;


Authorization: relates to permissions

List three methods for authenticating users

• Basic authentication


• Digest authentication


• Client certificates.

Explain briefly the Basic authentication method

Basic authentication is the simplest of the HTTP protocol’s authentication methods and is based on the ‘something you know’ model

Explain briefly the Digest authentication method.

Digest authentication was introduced to protect the exchange of credentials by use of the MD5 hash function

Explain briefly the Client certificates authentication method.

Digital certificates are not restricted to web servers they can also be used to prove the identity of individuals by binding a public key to a user’s email address or network credentials.