2024-2025上学期期中考试详解

slug

type

status

Q1:

Q2:

The security of a database is a critical topic in the Cambridge International AS & A Level Computer Science syllabus. Below are the key aspects you should consider when discussing database security in the context of CIE 9618:

1. Authentication

Ensures only authorized users can access the database.

Techniques:

Username and password.
Multi-factor authentication (e.g., a code sent to a phone).
Biometric systems (e.g., fingerprint or face recognition).

2. Authorization

Determines what actions authenticated users are allowed to perform.

Example: Different levels of access for administrators, users, and guests:

Admin: Full access (read/write/delete).
User: Limited access (read/write).
Guest: View-only access.

3. Encryption

Protects data by converting it into a coded format that is unreadable without a decryption key.

Use Cases:

Encrypting sensitive data like passwords or financial details.
Securing data during transmission over networks.

4. Backups

Regular backups ensure data can be recovered in case of loss or corruption.

Backups should be stored securely and, ideally, offsite or in the cloud.

5. Firewalls and Network Security

Firewalls restrict unauthorized access to the database from external networks.

Security measures like Virtual Private Networks (VPNs) and Secure Sockets Layer (SSL) can provide additional protection.

6. Input Validation

Ensures data entered into the database is safe and conforms to expected formats.

Protects against SQL injection attacks, where malicious SQL code is entered to manipulate or compromise the database.

7. Audit Trails

Maintains logs of database activities to monitor for unusual or unauthorized actions.

Helps in detecting and investigating security breaches.

8. Access Control

Uses roles and permissions to restrict database operations.

Example: A student in a university system should not have access to administrative or financial records.

9. Physical Security

Protects database servers from physical threats such as theft or damage.

Measures: Secure server rooms, biometric locks, and CCTV surveillance.

10. Software Updates and Patches

Keeps database management systems (DBMS) updated to address known vulnerabilities.

Minimizes risk from exploits targeting outdated software.

Common Threats

SQL Injection: Exploiting vulnerabilities in input validation.

Unauthorized Access: Gaining access to sensitive data without proper credentials.

Data Breaches: Theft or exposure of private data.

Data Corruption: Accidental or intentional alteration of data.

Would you like to create questions or Anki flashcards based on this information?

To normalize the given database table into First Normal Form (1NF), we must ensure that:

Each cell contains a single value (atomicity): Multi-valued fields (like Subject and SubjectCode) must be removed.

Each record is unique: A unique identifier (Primary Key) is added.

Steps to Modify the Table

1. Remove Multi-Valued Fields

Separate the subjects and their corresponding subject codes into individual rows. Each subject for a student will become a separate record.

2. Create a Unique Identifier

Add a new field, StudentID, as a unique primary key for each student.

3. Restructure the Table

The new table will include one record per student per subject, ensuring each field contains atomic values.

Normalized Table in 1NF

StudentID	StudentName	DateOfBirth	TutorGroup	Subject	SubjectCode
1	Yuwei Chen	01/09/2004	SMH	English	EN
1	Yuwei Chen	01/09/2004	SMH	Maths	MA
1	Yuwei Chen	01/09/2004	SMH	Computer Science	CS
2	Claudia Raj	23/02/2005	JMB	Maths	MA
2	Claudia Raj	23/02/2005	JMB	Physics	PY
2	Claudia Raj	23/02/2005	JMB	Art	AR
3	Aamil Akram	24/01/2005	KMB	Art	AR
3	Aamil Akram	24/01/2005	KMB	Design	DE
3	Aamil Akram	24/01/2005	KMB	English Language	EN
4	Areeba Faraz	21/12/2004	SMH	English Language	EN
4	Areeba Faraz	21/12/2004	SMH	Chemistry	CH
4	Areeba Faraz	21/12/2004	SMH	Design	DE

Key Changes

Multi-valued attributes (Subject and SubjectCode) are split into separate rows.

A unique identifier (StudentID) is added to ensure each row can be uniquely identified.

The table structure ensures atomicity and adheres to the 1NF principle.

Q3:

Application

Digital clocks and calculators.

Justification

BCD (Binary-Coded Decimal) is used because it simplifies the conversion between binary and decimal representations, making it efficient for displaying numeric data on screens without requiring complex calculations.

Q4:(略)

Q5:

Q6:

Here’s a concise comparison of IPv4 and IPv6:

Feature	IPv4	IPv6
Address Length	32 bits	128 bits
Address Format	Dotted decimal (e.g., 192.168.0.1)	Hexadecimal colon-separated (e.g., 2001:0db8::1)
Address Space	~4.3 billion addresses	~3.4×10³⁸ addresses
Header Size	20 bytes	40 bytes
Security	Optional (e.g., IPSec is not inherent)	Mandatory (IPSec is built-in)
Address Configuration	Manual or via DHCP	Auto-configuration or DHCPv6
Broadcast Support	Yes	No (uses multicast instead)
Fragmentation	Performed by sender and routers	Only performed by the sender
Checksum	Yes	No (handled by lower layers)
Compatibility	Widely supported	Growing adoption

Key Differences:

Addressing: IPv6 provides a virtually unlimited address pool compared to IPv4.

Efficiency: IPv6 has a simplified header and better routing efficiency.

Security: IPv6 inherently supports modern security standards.

Transition: Mechanisms like dual-stack and tunneling facilitate IPv4 to IPv6 migration.

Improved network security: Subnetting allows administrators to isolate sensitive parts of the network, reducing unauthorized access and containing potential security breaches within a specific subnet.

Better network performance: Subnetting minimizes congestion by reducing the size of the broadcast domain, which decreases the amount of broadcast traffic and enhances overall network efficiency.

Detect collision: Devices monitor the transmission medium to detect if a collision occurs by checking for signal irregularities.

Send a jam signal: When a collision is detected, a jam signal is sent to inform all devices on the network about the collision.

Backoff and retransmit: Devices stop transmitting, wait for a random backoff period, and then attempt to retransmit the data to avoid further collisions.