📘 Subjects Covered

The document includes important repeat questions for the following 6th semester subjects:
1. Introduction to Cryptography
2. Java Programming I
3. Research Methodology
4. Software Engineering
5.
subject is organized into:
• Very Short Questions
• Short Questions
• Long Questions
All questions are marked as "All years" or with specific years like 2073–2081, indicating
their frequent appearance in exam

Subject: Introduction to Cryptography

Very Short Questions (3 Marks Each)

1. Define Cryptography.
Definition:
Cryptography is the science and art of transforming information to make it secure and
immune from unauthorized access. It involves techniques to secure communication in the
presence of adversaries.
Explanation:
It uses mathematical algorithms and protocols to encrypt (scramble) and decrypt
(unscramble) data to protect its confidentiality, integrity, authenticity, and non-repudiation.
Example:
When you send a message through WhatsApp, it uses end-to-end encryption, a
cryptographic technique, so only you and the receiver can read the message.

2. What is a cryptographic hash function?

Definition:
A cryptographic hash function is a mathematical function that takes an input (or message)
and returns a fixed-size string of bytes. The output is typically a digest that is unique to each
unique input.
Properties:
• Deterministic: Same input = same output.
• Pre-image resistance: Hard to find input from hash.
• Collision resistance: Hard to find two inputs with same hash.
• Avalanche effect: A small change in input causes a big change in output.
Example:
SHA-256("Hello") =
185f8db32271fe25f561a6fc938b2e264306ec304eda518007d1764826381969

3. Explain the purpose of S-boxes in DES.

Definition:
An S-box (Substitution-box) in DES (Data Encryption Standard) is a non-linear substitution
table used to perform substitution during the encryption process.
Purpose:
• It introduces confusion, a cryptographic principle that obscures the relationship
between the plaintext and ciphertext.
• Enhances security by replacing input bits with different output bits according to a
predefined table.
Example:
In DES, 48-bit input is compressed into 32-bit output using 8 S-boxes (each 6-bit to 4-bit).

4. Define primitive root of a prime number with an example.

Definition:
A number g is a primitive root modulo p (where p is a prime number) if every number a (1 ≤
a < p) can be expressed as some power of g modulo p.
Explanation:
That is, for every integer a in the range {1, 2, ..., p-1}, there exists an integer k such that:
a≡gkmod pa \equiv g^k \mod pa≡gkmodp
Example:
Let p = 7. The primitive root of 7 is 3 because:
31≡3mod 732≡2mod 733≡6mod 734≡4mod 735≡5mod 736≡1mod 7\begin{align*} 3^1
&\equiv 3 \mod 7\\ 3^2 &\equiv 2 \mod 7\\ 3^3 &\equiv 6 \mod 7\\ 3^4 &\equiv 4 \mod
7\\ 3^5 &\equiv 5 \mod 7\\ 3^6 &\equiv 1 \mod 7 \end{align*}313233343536
≡3mod7≡2mod7≡6mod7≡4mod7≡5mod7≡1mod7

5. What is Elliptic Curve Cryptography?

Definition:
Elliptic Curve Cryptography (ECC) is a public-key encryption technique based on the
algebraic structure of elliptic curves over finite fields.
Explanation:
ECC provides the same level of security as traditional algorithms (e.g., RSA) with smaller key
sizes, resulting in faster computation, reduced power consumption, and memory usage.
Example:
In ECC, the security is based on the Elliptic Curve Discrete Logarithm Problem (ECDLP). A
common curve used is:
y2=x3+ax+by^2 = x^3 + ax + by2=x3+ax+b
Used in mobile applications, SSL certificates, and Bitcoin.

Next: Short Questions (10 Marks Each)

Now proceeding to the Short Questions section. Each answer will include complete detail,
examples, and formatting suitable for 10-mark answers.

6. Explain shift and substitution cipher with examples.

Shift Cipher (Caesar Cipher)

Definition:
A shift cipher is a classical encryption technique where each letter in the plaintext is shifted
a certain number of places down or up the alphabet.
Encryption Formula:
C=(P+k)mod 26C = (P + k) \mod 26C=(P+k)mod26
Where:
• C = Ciphertext letter
• P = Plaintext letter
 • k = Shift key (an integer)
Example:
Plaintext: HELLO
Key: 3
Ciphertext: KHOOR
Explanation:
• H→K
• E→H
• L→O
• L→O
• O→R
Decryption Formula:
P=(C−k+26)mod 26P = (C - k + 26) \mod 26P=(C−k+26)mod26

Substitution Cipher
Definition:
A substitution cipher replaces each element of the plaintext with another symbol or letter.
Types:
• Monoalphabetic: One-to-one mapping.
• Polyalphabetic: Uses multiple substitution alphabets.
Monoalphabetic Example:
Plaintext: ATTACK
Substitution key: A → Q, T → W, C → Z, K → M
Ciphertext: QWWQZM
Comparison:

Feature Shift Cipher Substitution Cipher

Key Type Numeric shift Substitution alphabet

Security Weaker Slightly stronger

Susceptible to Frequency analysis Frequency analysis

7. Differentiate between block cipher and stream cipher.

 Block Cipher
Definition:
A block cipher encrypts data in fixed-size blocks (e.g., 64-bit or 128-bit).
Characteristics:
• Processes one block at a time.
• More secure for large data.
• Example algorithms: DES, AES.

Stream Cipher
Definition:
Encrypts data bit-by-bit or byte-by-byte using a keystream generator.
Characteristics:
• Suitable for real-time data (e.g., audio/video).
• Faster for small sizes.
• Example algorithms: RC4, Salsa20.

Differences Table

Feature Block Cipher Stream Cipher

Data Unit Blocks (fixed size) Bits or bytes

Speed Slower for small data Faster for continuous data

Error Propagation Affects entire block Affects only corresponding bits

Example AES, DES RC4, A5/1

Use Cases:
• Block: File encryption, database encryption.
• Stream: Mobile communication, real-time streaming.

Subject: Introduction to Cryptography

Short Questions (10 Marks Each)

8. Describe the AES algorithm with features and block diagram.

 Definition
AES (Advanced Encryption Standard) is a symmetric block cipher standardized by NIST in
2001, replacing DES. It encrypts data in fixed blocks of 128 bits using keys of 128, 192, or
256 bits.

Features of AES
1. Block Size: 128 bits.
2. Key Sizes: 128, 192, or 256 bits.
3. Number of Rounds:
o 10 rounds for 128-bit keys
o 12 rounds for 192-bit keys
o 14 rounds for 256-bit keys
4. Symmetric: Same key used for encryption and decryption.
5. Fast and Secure: Highly efficient in both hardware and software.
6. Strong Security: Resistant to linear and differential cryptanalysis.

AES Encryption Process

AES operates on a 4x4 matrix called the State. It goes through several rounds of
transformation:
1. Initial Round:
o AddRoundKey
2. Main Rounds (9/11/13 Rounds):
o SubBytes (Non-linear substitution)
o ShiftRows (Row-wise permutation)
o MixColumns (Column-wise mixing)
o AddRoundKey
3. Final Round:
o SubBytes
o ShiftRows
o AddRoundKey (No MixColumns)
 AES Block Diagram
arduino
CopyEdit
Plaintext (128-bit)
↓
Initial Round
↓
10/12/14 Main Rounds
↓
Final Round
↓
Ciphertext (128-bit)

Example:
Suppose plaintext block and key are both 128 bits. AES performs a series of transformations
(as described above) to convert plaintext to ciphertext securely.

9. Explain Fermat's and Euler's theorem with an example.

Fermat’s Little Theorem

Statement:
If p is a prime number and a is an integer not divisible by p, then:
ap−1≡1mod pa^{p-1} \equiv 1 \mod pap−1≡1modp
Example:
Let a = 3, p = 7
36=729mod 7=13^6 = 729 \mod 7 = 136=729mod7=1
Used in public key cryptography (e.g., RSA).

Euler’s Theorem
Statement:
If a and n are coprime (gcd(a, n) = 1), then:
aϕ(n)≡1mod na^{\phi(n)} \equiv 1 \mod naϕ(n)≡1modn
Where φ(n) is Euler’s totient function.
Example:
Let a = 3, n = 10
ϕ(10)=4,34=81mod 10=1\phi(10) = 4, \quad 3^4 = 81 \mod 10 = 1ϕ(10)=4,34=81mod10=1

Applications:
• RSA encryption
• Modular arithmetic
• Key exchange algorithms

10. Describe the digital signature process in detail.

Definition
A digital signature is a cryptographic technique used to validate the authenticity, integrity,
and non-repudiation of a digital message or document.

Process of Digital Signature

1. Hashing:
Message M is hashed using a cryptographic hash function to generate H(M).
2. Signing:
Hash H(M) is encrypted using the sender’s private key to generate the digital
signature S.
3. Sending:
Sender sends [M, S] to the receiver.
4. Verification:
o Receiver computes hash of received message: H(M')
o Decrypts signature S using sender’s public key to get H(M)
o Compares H(M) with H(M') → If equal, message is authentic.
 Diagram:
mathematica
CopyEdit
Sender:
Message → Hash → Encrypt (Private Key) → Signature → [Message + Signature] → Receiver

Receiver:
Message → Hash → Decrypt Signature (Public Key) → Compare Hashes

Applications:
• Digital contracts
• Secure emails
• Software distribution

11. Briefly explain Kerberos with its servers.

Definition
Kerberos is a network authentication protocol designed to provide secure authentication for
users and services in a distributed environment using secret-key cryptography.

Kerberos Components
1. Key Distribution Center (KDC):
o Central authority.
o Issues tickets and session keys.
2. Authentication Server (AS):
o Verifies user credentials.
o Issues a Ticket-Granting Ticket (TGT).
3. Ticket Granting Server (TGS):
o Provides access tickets for other services using TGT.
 Working of Kerberos
1. Login:
o User requests authentication from AS using username/password.
o AS issues TGT.
2. Service Request:
o User sends TGT to TGS requesting access to a service.
o TGS sends session key + ticket for the service.
3. Service Access:
o User sends service ticket to desired service.
o Service validates ticket and grants access.

12. What is SSL? List services provided by SSL.

Definition
SSL (Secure Sockets Layer) is a standard protocol used to establish a secure and encrypted
link between a web server and a web browser.
Modern systems use TLS (Transport Layer Security), an updated version of SSL.

Services Provided by SSL

1. Authentication:
Confirms identity of server and optionally the client using digital certificates.
2. Confidentiality:
Encrypts data so that only the intended recipient can read it.
3. Integrity:
Uses MACs (Message Authentication Codes) to ensure data has not been altered.
4. Session Management:
Establishes and manages secure sessions using keys.

Example:
When you access https://, SSL/TLS encrypts the session to protect login info, credit card
data, etc.
 Continuing with the remaining Short Questions…
You said:
Continuing automatically
ChatGPT said:
Continuing with the remaining Short Questions (10 Marks Each) from Introduction to
Cryptography:

13. Explain Playfair cipher with an example using key "Guidance".

Definition
The Playfair cipher is a digraph substitution cipher developed by Charles Wheatstone and
promoted by Lord Playfair. It encrypts pairs of letters (digraphs) instead of single letters,
making it more secure than a monoalphabetic cipher.

Steps to Encrypt Using Playfair Cipher

Step 1: Generate the 5x5 Key Matrix
Using the keyword: “Guidance”
• Remove duplicates: G, U, I, D, A, N, C, E
• Fill in remaining letters (excluding J) alphabetically.
Key Matrix:

GU I D A

NC E B F

HK L MO

P Q RS T

V WXY Z

Step 2: Prepare the Plaintext

Plaintext: "MEET ME"
 • Remove spaces and convert to digraphs:
"ME ET ME" → ME, ET, ME
• If any digraph has repeating letters, insert X. (Not required here.)

Step 3: Apply Rules for Encryption

1. If both letters are in the same row:
Replace each with the letter to its right (wrap around if needed).
2. If both letters are in the same column:
Replace each with the letter below it (wrap around if needed).
3. If letters form a rectangle:
Replace with letters on the same row but at the column of the other letter.

Encrypting "ME":
• M (Row 2, Col 3), E (Row 1, Col 2)
• Rectangle Rule → New Letters: L (2,2), C (1,3) → LC
Encrypting "ET":
• E (1,2), T (3,4) → Rectangle → C (1,4), R (3,2) → BR
Encrypting "ME" again → LC
Ciphertext: LCBRLC

14. Describe elliptic curve cryptography.

Definition
Elliptic Curve Cryptography (ECC) is a modern public-key cryptographic approach based on
the algebraic structure of elliptic curves over finite fields.

Elliptic Curve Equation

y2=x3+ax+by^2 = x^3 + ax + by2=x3+ax+b
Where:
• a and b are constants,
• The curve must be non-singular: 4a3+27b2≠04a^3 + 27b^2 \ne 04a3+27b2 =0
 Key Concepts
• Base Point (G): A publicly known point on the curve.
• Private Key (d): A random number.
• Public Key (Q): Q = d × G (point multiplication).

ECC Operations
1. Point Addition
2. Point Doubling
3. Scalar Multiplication

Advantages of ECC
• Smaller key size: 256-bit ECC = 3072-bit RSA.
• Faster computations
• Less memory and bandwidth

Applications
• Bitcoin & Blockchain
• Mobile encryption (e.g., Signal)
• TLS certificates (HTTPS)

15. Explain the remainder theorem with an example.

Statement
The remainder theorem states:
If a polynomial f(x)f(x)f(x) is divided by x−ax - ax−a, then the remainder is f(a)f(a)f(a).

Formula
f(x)=(x−a)⋅Q(x)+R⇒R=f(a)f(x) = (x - a) \cdot Q(x) + R \quad \Rightarrow \quad R =
f(a)f(x)=(x−a)⋅Q(x)+R⇒R=f(a)
 Example
Let f(x)=3x3+2x2−x+5f(x) = 3x^3 + 2x^2 - x + 5f(x)=3x3+2x2−x+5
Find the remainder when divided by x−2x - 2x−2:
f(2)=3(2)3+2(2)2−2+5=24+8−2+5=35f(2) = 3(2)^3 + 2(2)^2 - 2 + 5 = 24 + 8 - 2 + 5 =
35f(2)=3(2)3+2(2)2−2+5=24+8−2+5=35
Remainder = 35

Application in Cryptography
Used in modular arithmetic and polynomial division in error-correcting codes and
cryptographic algorithms (e.g., RSA).

16. How to check message integrity using cryptographic hash functions?

Definition
Message integrity ensures that the data has not been altered during transmission. Hash
functions are used to verify integrity.

Process
1. Sender:
o Generates a hash H(M)H(M)H(M) of message MMM
o Sends both MMM and H(M)H(M)H(M) to the receiver.
2. Receiver:
o Computes hash H(M′)H(M')H(M′) of received message M′M'M′
o Compares it with received H(M)H(M)H(M)
3. If H(M)=H(M′)H(M) = H(M')H(M)=H(M′) → Message is intact.

Example
Message: "CSIT"
• Sender computes SHA-256("CSIT") = dfba12...
• Receiver does the same and compares hashes.
 Applications
• Digital signatures
• Blockchain (each block’s hash links to previous block)
• Secure file transfer systems

17. What is web security? Differentiate between firewall and IDS.

Definition
Web security refers to the protection of web applications, websites, and web services from
cyber threats like unauthorized access, data breaches, or DDoS attacks.

Firewall
• Filters incoming/outgoing traffic based on rules.
• Acts as a barrier between internal network and external threats.
• Types: Packet filtering, stateful, proxy firewall.

IDS (Intrusion Detection System)

• Monitors network or systems for malicious activities or policy violations.
• Does not block traffic; only alerts.

Differences

Feature Firewall IDS

Function Controls access Detects intrusions

Action Blocks traffic Generates alerts

Deployment Inline (between networks) Passive monitoring system

Examples iptables, pfSense Snort, OSSEC

18. Explain DSS algorithm with a relevant example.

Definition
Digital Signature Standard (DSS) is a federal standard (FIPS 186) that uses the Digital
Signature Algorithm (DSA) to generate and verify digital signatures.

Key Parameters
• p: Large prime number
• q: Prime divisor of p-1
• g: Generator
• x: Private key (random)
• y = g^x mod p: Public key

Signing Process
1. Choose random number kkk
2. Compute r=(gkmod p)mod qr = (g^k \mod p) \mod qr=(gkmodp)modq
3. Compute s=(k−1(H(m)+xr))mod qs = (k^{-1}(H(m) + xr)) \mod qs=(k−1(H(m)+xr))modq
4. Signature = (r,s)(r, s)(r,s)

Verification
1. Compute w=s−1mod qw = s^{-1} \mod qw=s−1modq
2. u1=H(m)⋅wmod qu_1 = H(m) \cdot w \mod qu1=H(m)⋅wmodq
3. u2=r⋅wmod qu_2 = r \cdot w \mod qu2=r⋅wmodq
4. v=((gu1⋅yu2)mod p)mod qv = ((g^{u_1} \cdot y^{u_2}) \mod p) \mod qv=((gu1⋅yu2
)modp)modq
5. If v=rv = rv=r, signature is valid.

19. Describe SHA-512 features and the padding field.

SHA-512 Overview
• Part of the SHA-2 family.
• Produces 512-bit (64-byte) hash.
• Used in blockchain, digital signatures.
 Features
• Message length: < 21282^{128}2128 bits
• Output length: 512 bits
• Secure against collision and pre-image attacks
• Better performance on 64-bit platforms

Padding in SHA-512
Padding ensures the message is a multiple of 1024 bits.
1. Append 1 bit
2. Append 0s until length ≡ 896 mod 1024
3. Append 128-bit message length

20. Explain DES encryption process and one round with features.

Overview
DES (Data Encryption Standard) is a symmetric key block cipher using 64-bit blocks and 56-
bit keys.

Features
• Block size: 64 bits
• Key size: 56 bits + 8 parity bits
• 16 rounds of Feistel cipher

One Round of DES

Each round includes:
1. Expansion of 32-bit right half to 48 bits
2. XOR with subkey
3. S-box substitution (8 S-boxes, 6-bit → 4-bit)
4. P-box permutation
 Diagram of DES Round
java
CopyEdit
L(i+1) = R(i)
R(i+1) = L(i) XOR F(R(i), K(i))

21. Explain Kerckhoffs's principle and compare block vs stream ciphers.

Kerckhoffs's Principle
A cryptographic system should be secure even if everything about the system, except the
key, is public knowledge.

Block vs Stream Cipher Comparison

(Already discussed in Q7 – Refer back for full comparison table and explanation)

22. What are intruders? Differentiate between active and passive attacks.

Intruders
Entities attempting unauthorized access to systems for data theft or disruption.

Attack Types

Attack Type Description Example

Passive Eavesdropping, monitoring data Packet sniffing

Active Altering, injecting, or destroying data Man-in-the-middle, DoS

23. Write short notes on:

a. Hill Cipher
• A polygraphic substitution cipher using linear algebra.
• Encrypts blocks of letters using matrix multiplication.
b. Shannon’s Theorem
 • States the conditions for perfect secrecy in encryption.
• Key length ≥ message length ensures security (as in One-Time Pad).
c. Symmetric vs Asymmetric Cipher

Type Key Used Example

Symmetric Same key for both AES

Asymmetric Public-private keypair RSA, ECC

Long Questions (12 Marks Each)

24. Define double and triple DES. Explain the DES encryption process with a diagram.

1. Double DES (2DES)

Definition:
Double DES applies the DES encryption algorithm twice using two different keys (K1, K2) to
improve security.
Process:
1. Encrypt plaintext using key K1 → Intermediate ciphertext
2. Encrypt intermediate ciphertext using key K2 → Final ciphertext
Formula:
C=EK2(EK1(P))C = E_{K2}(E_{K1}(P))C=EK2(EK1(P))
Issue:
Still vulnerable to Meet-in-the-Middle (MitM) attack, which reduces effective key space.

2. Triple DES (3DES)

Definition:
Triple DES applies DES encryption three times using two or three different keys to increase
the key length and security.
Modes:
1. 2-key 3DES:
C=EK1(DK2(EK1(P)))C = E_{K1}(D_{K2}(E_{K1}(P)))C=EK1(DK2(EK1(P)))
 2. 3-key 3DES:
C=EK3(DK2(EK1(P)))C = E_{K3}(D_{K2}(E_{K1}(P)))C=EK3(DK2(EK1(P)))
Key Size:
• 2-key 3DES: 112 bits
• 3-key 3DES: 168 bits
Advantage:
• Stronger than DES and 2DES
• Still widely used in legacy systems

3. DES Encryption Process (Overview)

a. Initial Permutation (IP):
• Rearranges the 64-bit plaintext using a fixed permutation.
b. Rounds (16 Total):
Each round consists of:
• Expansion (E): Right 32 bits → 48 bits
• Key Mixing (XOR): XOR with 48-bit round key
• Substitution (S-Boxes): 48 bits → 32 bits using 8 S-boxes
• Permutation (P): Fixed permutation on output of S-box
• Feistel Structure:
Li+1=Ri,Ri+1=Li⊕F(Ri,Ki)L_{i+1} = R_i,\quad R_{i+1} = L_i \oplus F(R_i, K_i)Li+1=Ri,Ri+1=Li
⊕F(Ri,Ki)
c. Final Permutation (FP):
• Reverses the initial permutation

4. DES Block Diagram

pgsql
CopyEdit
64-bit Plaintext
↓ IP
+----------------+
| 16 Feistel Rounds |
+----------------+
↓ FP
64-bit Ciphertext

5. Weaknesses of DES
• Short key length (56 bits)
• Vulnerable to brute-force attacks
• Deprecated for new systems
Solution: Use AES or 3DES for stronger security.

25. Explain the ElGamal encryption algorithm with an example.

1. Overview
ElGamal is a public-key encryption algorithm based on the Discrete Logarithm Problem
(DLP). It provides semantic security, meaning same message → different ciphertexts.

2. Key Generation
1. Choose large prime ppp and generator ggg
2. Choose private key x∈[1,p−2]x \in [1, p-2]x∈[1,p−2]
3. Compute public key y=gxmod py = g^x \mod py=gxmodp
• Public key: (p,g,y)(p, g, y)(p,g,y)
• Private key: xxx

3. Encryption
To encrypt message mmm:
1. Choose random kkk
2. Compute:
 o c1=gkmod pc_1 = g^k \mod pc1=gkmodp
o c2=m⋅ykmod pc_2 = m \cdot y^k \mod pc2=m⋅ykmodp
3. Ciphertext: (c1,c2)(c_1, c_2)(c1,c2)

4. Decryption
Given (c1,c2)(c_1, c_2)(c1,c2), compute:
m=c2⋅(c1x)−1mod pm = c_2 \cdot (c_1^x)^{-1} \mod pm=c2⋅(c1x)−1modp

5. Example
Let:
• p=17p = 17p=17, g=3g = 3g=3, x=15x = 15x=15
• y=315mod 17=6y = 3^{15} \mod 17 = 6y=315mod17=6
Message: m=13m = 13m=13
Random k=7k = 7k=7
• c1=37mod 17=11c_1 = 3^7 \mod 17 = 11c1=37mod17=11
• c2=13⋅67mod 17=13⋅15=195mod 17=8c_2 = 13 \cdot 6^7 \mod 17 = 13 \cdot 15 =
195 \mod 17 = 8c2=13⋅67mod17=13⋅15=195mod17=8
Ciphertext: (11,8)(11, 8)(11,8)
Decryption:
• c1x=1115mod 17=2c_1^x = 11^{15} \mod 17 = 2c1x=1115mod17=2
• 2−1mod 17=92^{-1} \mod 17 = 92−1mod17=9
• m=8⋅9=72mod 17=13m = 8 \cdot 9 = 72 \mod 17 = 13m=8⋅9=72mod17=13

6. Applications
• Used in PGP, GnuPG
• Secure key exchange protocols

26. Describe message authentication and the Modification Detection Code (MDC).
 1. Message Authentication
Definition:
Ensures that the message:
• Is from a legitimate source (authenticity)
• Has not been altered (integrity)

2. Techniques
• Message Authentication Code (MAC)
• Digital Signature
• Hash-based authentication

3. Modification Detection Code (MDC)

Definition:
A one-way hash function used to detect message changes by comparing hash values.

4. Working
1. Sender computes hash H(M)H(M)H(M) and sends message + MDC
2. Receiver computes H(M′)H(M')H(M′) and compares with MDC
If hashes match → message is intact.

5. Properties of a Good MDC

• Collision-resistant
• Pre-image resistant
• Efficient to compute

6. Examples
• SHA-256, SHA-512
• Used in:
o Software integrity verification
 o File sharing systems (e.g., torrent hash)

27. Explain the AFS algorithm with features and block diagram.

1. AFS Overview
AFS (Andrew File System) is a distributed file system developed at Carnegie Mellon
University. It provides location transparency and security in accessing remote files.

2. Features
• Client-server architecture
• Strong authentication using Kerberos
• File caching
• Access control via ACLs (Access Control Lists)

3. AFS Security
AFS uses encrypted tokens issued by Kerberos for:
• User authentication
• File access control

4. Block Diagram
scss
CopyEdit
[User] -- Request --> [AFS Client] -- Request --> [AFS Server]
<-- Data (Encrypted using tokens) <--

5. Use Cases
• University campus networks
• Secure research data sharing
28. Discuss man-in-the-middle attack and Diffie-Hellman key exchange with example.

1. Man-in-the-Middle Attack (MITM)

Definition:
An attacker intercepts and possibly alters communication between two parties without their
knowledge.

2. Process
1. Alice sends message to Bob.
2. Eve intercepts, modifies, and forwards it.
3. Both believe they’re communicating securely.

3. Example
Alice → Eve → Bob
Eve decrypts and reads messages, may alter them.

4. Diffie-Hellman Key Exchange

Purpose:
Securely share a secret key over a public channel.

5. Steps
1. Public: Prime ppp, generator ggg
2. Alice picks private aaa, sends A=gamod pA = g^a \mod pA=gamodp
3. Bob picks bbb, sends B=gbmod pB = g^b \mod pB=gbmodp
4. Both compute shared key:
• Alice: K=Bamod pK = B^a \mod pK=Bamodp
• Bob: K=Abmod pK = A^b \mod pK=Abmodp

6. Example
• p=23p = 23p=23, g=5g = 5g=5
 • Alice picks a=6a = 6a=6, A=56mod 23=8A = 5^6 \mod 23 = 8A=56mod23=8
• Bob picks b=15b = 15b=15, B=515mod 23=2B = 5^{15} \mod 23 = 2B=515mod23=2
• Shared key:
o Alice: 26mod 23=182^6 \mod 23 = 1826mod23=18
o Bob: 815mod 23=188^{15} \mod 23 = 18815mod23=18

7. MITM Risk in DH
• Without authentication, attacker can intercept AAA and BBB and send own values.
• Use digital signatures or certificates to prevent MITM.

29. Explain Fermat's and Euler's theorems in detail.

(Already answered in Short Question 9 – repeated here with more detail.)

Fermat's Little Theorem

If ppp is prime and a≢0mod pa \not\equiv 0 \mod pa ≡0modp, then:
ap−1≡1mod pa^{p-1} \equiv 1 \mod pap−1≡1modp
Proof Sketch:
Multiply the numbers a,2a,3a,...,(p−1)amod pa, 2a, 3a, ..., (p-1)a \mod
pa,2a,3a,...,(p−1)amodp
They are permutations of 1,2,...,p−11, 2, ..., p-11,2,...,p−1
ap−1⋅(1⋅2⋅...⋅(p−1))≡(1⋅2⋅...⋅(p−1))mod pa^{p-1} \cdot (1 \cdot 2 \cdot ... \cdot (p-1)) \equiv
(1 \cdot 2 \cdot ... \cdot (p-1)) \mod pap−1⋅(1⋅2⋅...⋅(p−1))≡(1⋅2⋅...⋅(p−1))modp
Divide both sides by the factorial term to get result.

Euler’s Theorem
If aaa and nnn are coprime, then:
aϕ(n)≡1mod na^{\phi(n)} \equiv 1 \mod naϕ(n)≡1modn
Where:
• ϕ(n)\phi(n)ϕ(n): Number of integers < n that are coprime to n.
Example:
• n=10n = 10n=10, ϕ(10)=4\phi(10) = 4ϕ(10)=4
• a=3⇒34=81mod 10=1a = 3 \Rightarrow 3^4 = 81 \mod 10 = 1a=3⇒34=81mod10=1

Applications
• RSA encryption
• Modular inverse computation
• Public key algorithms
 Research & Methodology
According to the Far Western University CSIT 6th Semester syllabus
• Very Short Questions (3 Marks Each)
• Short Questions (10 Marks Each)
• Long Questions (12 Marks Each)

Very Short Questions (3 Marks Each)

1. Define research problem.

Definition:
A research problem is a clear, concise, and specific issue, situation, or gap in knowledge that
a researcher aims to address through systematic investigation.

Characteristics:
• Focuses on a real-world issue
• Has research significance
• Can be studied through scientific methods

Example:
Increased dropout rates in rural schools of Nepal due to lack of transportation can be a
research problem.

2. What is research?

Definition:
Research is a systematic, logical, and objective investigation to discover new facts, verify
existing knowledge, or solve problems by applying scientific methods.

Purpose:
• To explore (new ideas),
• To describe (current situations),
• To explain (causes and effects),
• To predict (future outcomes)
 Example:
Analyzing the effect of internet addiction on academic performance of CSIT students.

3. List major steps in the research process.

The major steps include:

1. Identifying the research problem
2. Reviewing literature
3. Formulating hypotheses or objectives
4. Designing research methodology
5. Data collection
6. Data analysis and interpretation
7. Report writing and presentation

4. Define scientific research.

Definition:
Scientific research is a systematic and objective process of collecting, analyzing, and
interpreting data to answer questions or solve problems based on empirical evidence and
logical reasoning.

Features:
• Empirical
• Measurable
• Replicable
• Follows scientific method

5. List types of research: exploratory vs descriptive.

Types:
1. Exploratory Research:
o Conducted to explore a new problem or area where little information is
available.
o Flexible and open-ended.
 o Example: Studying impact of AI on traditional job markets.
2. Descriptive Research:
o Describes characteristics of a population or phenomenon.
o Structured with defined objectives.
o Example: Survey on internet usage habits of university students.

Short Questions (10 Marks Each)

6. Explain the necessity of research.

Importance of Research:
1. Solves societal and technical problems:
o Research identifies causes and suggests solutions to challenges.
2. Generates new knowledge:
o Contributes to academic fields and industries.
3. Guides decision-making:
o Data-driven policies and strategies rely on research.
4. Improves educational quality:
o Encourages analytical thinking and innovation in students and teachers.
5. Validates existing theories:
o Confirms or contradicts past assumptions.
6. Supports economic and technological development:
o Fuels innovation and national growth.

Real-World Examples:
• Government using research to formulate climate change policy.
• Companies using market research to improve products.

7. Describe report writing and its major components.

Definition:
Report writing is the structured presentation of research findings in a clear, concise, and
formal manner.

Major Components:
1. Title Page
2. Abstract
3. Acknowledgements
4. Table of Contents
5. Introduction
6. Literature Review
7. Methodology
8. Data Analysis
9. Findings and Discussion
10.Conclusion and Recommendations
11.References/Bibliography
12.Appendices

Purpose:
• Communicates the purpose, process, and outcome of research
• Serves as a reference for future studies or decision-making

8. What are hypotheses? Explain their characteristics.

Definition:
A hypothesis is a testable statement or educated guess about the relationship between two
or more variables.

Characteristics:
1. Clear and specific
2. Testable and falsifiable
 3. Based on theoretical framework
4. Relates variables
5. Directional or non-directional

Types:
• Null Hypothesis (H₀): No effect or relationship
• Alternative Hypothesis (H₁): There is an effect or relationship

Example:
H₀: Internet usage does not affect academic performance.
H₁: Increased internet usage negatively affects academic performance.

9. State objectives of an interview in data collection.

Objectives of Using Interviews:

1. Collect in-depth qualitative data
2. Understand attitudes, behaviors, and motivations
3. Clarify ambiguous responses from surveys
4. Explore new issues during conversation
5. Validate or challenge existing findings

Example Scenarios:
• Interviewing teachers to understand challenges in online teaching.
• Discussing patient experiences in healthcare service delivery.

10. What are ethical issues in research? Describe informed consent.

Ethical Issues:
1. Plagiarism
2. Fabrication of data
3. Privacy and confidentiality
 4. Misuse of information
5. Harm to participants

Informed Consent:
A process in which participants are informed about:
• Purpose of the study
• What is expected from them
• Any potential risks or benefits
They must voluntarily agree to participate.

11. Differentiate between primary and secondary data sources.

Feature Primary Data Secondary Data

Definition First-hand data collected directly Data previously collected by others

Source Interviews, surveys, observations Books, journals, reports, websites

Accuracy High (if collected properly) May vary

Cost & Time Expensive and time-consuming Cheaper and faster

Examples:
• Primary: Conducting interviews with students
• Secondary: Using government education reports

12. What are the important steps in conducting research?

Step-by-Step Research Process:

1. Define the research problem
2. Review related literature
3. Formulate hypothesis or objectives
4. Choose research design
5. Select sample and data collection methods
6. Collect data
 7. Analyze and interpret data
8. Draw conclusions
9. Prepare and present the report

13. Describe different types of research with examples.

Types of Research:
1. Basic (Pure) Research:
o Expands knowledge
o Example: Studying black holes in physics
2. Applied Research:
o Solves practical problems
o Example: Researching a vaccine for COVID-19
3. Descriptive Research:
o Describes characteristics of population
o Example: Census data
4. Analytical Research:
o Explains causes using existing data
o Example: Analyzing sales data to predict trends
5. Exploratory Research:
o Investigates new or vague problems
o Example: Exploring AI impact on ethics
6. Quantitative vs Qualitative:
o Quantitative: Numerical data (surveys, experiments)
o Qualitative: Descriptive data (interviews, case studies)

14. Briefly explain research design and its elements.

Definition:
Research design is the blueprint or plan for conducting research.
 Elements:
1. Purpose of the study – exploratory, descriptive, etc.
2. Sampling design – method of selecting participants
3. Data collection methods – surveys, interviews
4. Measurement techniques – scales, questionnaires
5. Data analysis plan – statistical tools to be used
6. Timeframe and budgeting

15. What is the research problem? Provide guidance for selecting a good one.

Definition:
A research problem is a specific, well-defined issue that a researcher intends to address
through investigation.

Criteria for Good Research Problem:

1. Clarity: Easily understandable and specific
2. Researchable: Can be studied using scientific methods
3. Significance: Has academic or practical value
4. Feasibility: Within resources and time
5. Ethical acceptability: No harm to subjects

Tips for Selection:

• Read relevant literature
• Discuss with peers/teachers
• Observe current trends
• Consider your interest area

Long Questions (12 Marks Each)

16. Design a research study on social media's impact on academic performance. Include
research questions, hypotheses, methodology, and limitations.

“The Impact of Social Media Usage on Academic Performance among CSIT Students”

1. Introduction
Social media is deeply integrated into the daily lives of university students. While it
facilitates communication and access to educational resources, excessive or mismanaged
usage may distract students and harm academic performance.

2. Research Questions
1. Is there a significant relationship between social media usage and students’ academic
performance?
2. How does time spent on platforms like Facebook, TikTok, and Instagram affect GPA?
3. What types of social media usage (educational vs non-educational) are more
prevalent among students?

3. Hypotheses
• Null Hypothesis (H₀):
There is no significant relationship between social media usage and academic
performance.
• Alternative Hypothesis (H₁):
There is a significant negative impact of social media usage on academic
performance.

4. Objectives
• To measure time spent on social media by students.
• To assess academic performance using GPA.
• To identify correlation between usage patterns and GPA.

5. Methodology
a. Research Design:
Descriptive and Correlational Research
b. Population:
BSc CSIT students of Far Western University
c. Sample Size:
100 students selected using stratified random sampling (ensuring representation from each
semester)
d. Data Collection Methods:
• Structured Questionnaire (Time spent on social media, purpose, platforms used)
• Academic records (self-reported GPA)
e. Tools of Analysis:
• Descriptive statistics (mean, median)
• Correlation coefficient (Pearson’s r)
• Regression analysis

6. Expected Outcomes
• High social media usage may correlate with lower academic performance.
• Academic use of social media (e.g., YouTube lectures) may have positive effects.

7. Limitations
• Self-reported data may be biased.
• Limited to CSIT students—results not generalizable.
• Cannot prove causation, only correlation.

8. Ethical Considerations
• Informed consent will be taken.
• Confidentiality of participant data ensured.

17. Explain the significance of scientific method in research.

 Definition
The scientific method is a logical, step-by-step approach used in research to observe
phenomena, form hypotheses, collect data, and draw conclusions that are empirical,
systematic, and reproducible.

Importance of Scientific Method

1. Objectivity:
o Removes personal bias; findings based on evidence.
2. Reliability:
o Reproducible and consistent results.
3. Precision and Clarity:
o Systematic procedures enhance clarity in communication.
4. Problem Solving:
o Useful in addressing real-world issues logically.
5. Generalization:
o Findings can be extended to wider populations.

Steps in Scientific Method

1. Observation: Identifying a phenomenon or problem
2. Problem Formulation: Define the research question
3. Hypothesis Formation: Predict outcome
4. Experimentation/Data Collection: Gather information
5. Data Analysis: Use statistical tools
6. Conclusion: Accept/reject hypothesis
7. Reporting: Document and share findings

Example in Research
Problem: Do long hours of mobile usage affect student concentration?
 • Hypothesis: Yes, it reduces concentration.
• Method: Survey + performance test
• Result: Data supports the hypothesis
• Conclusion: Mobile addiction correlates with lower concentration

18. Discuss the difference between exploratory and descriptive research.

Criteria Exploratory Research Descriptive Research

Explore new or poorly understood

Purpose Describe characteristics or functions
problems

Structure Unstructured or loosely structured Well-structured and defined

Hypotheses Not required at early stage Usually defined and tested

Data Interviews, focus groups,

Surveys, questionnaires, case studies
Collection observation

Generate ideas, insights, or Provide detailed data on who, what,

Outcome
hypothesis when, how

Survey on internet usage among

Example Investigating AI impact on rural jobs
students

Use in Research Process:

• Exploratory: Early phase when little is known
• Descriptive: Later phase to explain known variables

19. Describe the structure of a research report. List precautions during report writing.

Structure of a Standard Research Report:

1. Title Page: Clear and concise title
2. Abstract: Summary of objectives, methods, results, and conclusion
3. Acknowledgements: Recognition of contributors
 4. Table of Contents: Organized layout
5. Introduction: Background and problem statement
6. Literature Review: Summary of past studies
7. Methodology: Design, population, sampling, data collection
8. Data Analysis: Presentation using charts/tables/statistics
9. Findings: Key results of the study
10.Discussion: Interpretation and implications
11.Conclusion and Recommendations: Summary and future directions
12.References/Bibliography: Cited sources in proper format
13.Appendices: Supplementary materials (questionnaires, raw data)

Precautions During Report Writing

1. Clarity and Simplicity: Avoid jargon, be direct
2. Logical Flow: Each section should connect smoothly
3. Objectivity: Avoid personal opinions unless justified
4. Accuracy: Use precise data and references
5. Proper Citation: Prevent plagiarism by citing all sources
6. Revisions: Proofread and edit before submission

20. Explain the ethical considerations in research with examples.

Ethical Considerations
1. Informed Consent: Participants must be aware of the research purpose and
voluntarily participate
Example: Consent form signed before medical survey
2. Confidentiality and Anonymity: Personal information must be protected
Example: Survey responses stored without names
3. Plagiarism Avoidance: Credit all sources
Example: Use APA, MLA, or IEEE citation styles
4. Honest Reporting: Do not fabricate or falsify data
Example: Report actual survey results even if unexpected
5. Avoid Harm: Physical, psychological, or emotional harm must be avoided
Example: Avoid sensitive questions in trauma research
6. Voluntary Participation: No pressure to join or stay
Example: Allow participants to withdraw at any time

Importance of Ethics
• Builds trust
• Ensures validity and reliability
• Protects dignity of participants
• Promotes integrity in scientific community
 Subject: Java Programming I
(Far Western University – BSc CSIT 6th Semester)
Very Short Questions (3 Marks Each)

1. What is JVM?

Definition:
The Java Virtual Machine (JVM) is a part of the Java Runtime Environment (JRE) that
enables Java bytecode to be executed on any machine, making Java a platform-
independent language.

Key Functions of JVM:

1. Loads bytecode generated by Java compiler (.class file)
2. Verifies bytecode for security and format correctness
3. Interprets/executes or JIT-compiles the bytecode
4. Manages memory (heap, stack)
5. Handles exceptions and garbage collection

Example:
java
CopyEdit
public class Hello {
public static void main(String[] args) {
System.out.println("Hello, JVM!");
}
}
• Compiled to: Hello.class (bytecode)
• Run using: java Hello → JVM executes

2. List characteristics of Java programming language.

 Characteristics of Java:
1. Object-Oriented: Everything is based on classes and objects.
2. Platform Independent: “Write Once, Run Anywhere” due to JVM.
3. Simple and Familiar: Syntax similar to C/C++.
4. Secure: Sandboxed environment and runtime checks.
5. Robust: Strong memory management and exception handling.
6. Multithreaded: Supports concurrent execution.
7. Architecture Neutral: No hardware-specific features.
8. Interpreted and Compiled: Uses bytecode for performance and portability.

3. What is the purpose of the Scanner class?

Definition:
The Scanner class in Java is used to read input from various input sources like keyboard,
files, strings, etc.

Key Uses:
• Reading different data types: int, float, String, etc.
• Simplifies input operations compared to older methods (BufferedReader)

Example:
java
CopyEdit
import java.util.Scanner;

public class InputDemo {

public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
System.out.print("Enter your name: ");
String name = sc.nextLine();
 System.out.println("Hello, " + name);
}
}

Short Questions (10 Marks Each)

4. Write a Java program to take name, age, and roll number input using Scanner class.

Program:
java
CopyEdit
import java.util.Scanner;

public class StudentInfo {

public static void main(String[] args) {
Scanner sc = new Scanner(System.in);

System.out.print("Enter Name: ");

String name = sc.nextLine();

System.out.print("Enter Age: ");

int age = sc.nextInt();

System.out.print("Enter Roll Number: ");

int roll = sc.nextInt();

System.out.println("\n--- Student Details ---");

System.out.println("Name: " + name);
System.out.println("Age: " + age);
System.out.println("Roll No: " + roll);
 }
}

Output:
yaml
CopyEdit
Enter Name: Sita
Enter Age: 21
Enter Roll Number: 103

--- Student Details ---

Name: Sita
Age: 21
Roll No: 103

5. Differentiate between constructor and method.

Feature Constructor Method

Purpose Initializes an object Performs operations or actions

Name Same as class name Any valid identifier

Return Type No return type Must specify return type (void, int)

Call Automatically when object is created Called explicitly by object

Overloading Yes (Constructor Overloading) Yes (Method Overloading)

Example:
java
CopyEdit
class Car {
String brand;
 // Constructor
Car(String b) {
brand = b;
}

// Method
void show() {
System.out.println("Brand: " + brand);
}
}

6. Explain the use of super keyword in Java.

Definition:
The super keyword in Java refers to the immediate parent class and is used for:
1. Accessing parent class constructor
2. Accessing parent class fields or methods that are overridden

Example:
java
CopyEdit
class Animal {
String type = "Animal";

void display() {
System.out.println("This is an animal.");
}
}

class Dog extends Animal {

 String type = "Dog";

void printInfo() {
System.out.println(super.type); // Access parent variable
super.display(); // Call parent method
}
}

7. Write a Java program to input three numbers and find the greatest.

Program:
java
CopyEdit
import java.util.Scanner;

public class GreatestNumber {

public static void main(String[] args) {
Scanner sc = new Scanner(System.in);

System.out.print("Enter three numbers: ");

int a = sc.nextInt();
int b = sc.nextInt();
int c = sc.nextInt();

int greatest;
if(a >= b && a >= c)
greatest = a;
else if(b >= a && b >= c)
greatest = b;
else
 greatest = c;

System.out.println("Greatest number is: " + greatest);

}
}

8. What is inheritance? List its advantages with examples.

Definition:
Inheritance is an object-oriented principle where a class (child/derived class) inherits fields
and methods from another class (parent/base class).

Advantages:
1. Code Reusability
2. Method Overriding
3. Polymorphism
4. Extensibility

Example:
java
CopyEdit
class Animal {
void eat() {
System.out.println("Animal eats");
}
}

class Dog extends Animal {

void bark() {
System.out.println("Dog barks");
 }
}

public class Test {

public static void main(String[] args) {
Dog d = new Dog();
d.eat(); // inherited
d.bark(); // own method
}
}

Continuing automatically with remaining short questions...

You said:
yes
ChatGPT said:
Continuing with the remaining Short Questions (10 Marks Each) from Java Programming I:

9. Explain the difference between interface and abstract class with examples.

Feature Abstract Class Interface

Inheritance Supports single inheritance Can implement multiple interfaces

Can have abstract and Only abstract methods (until Java 7),
Method Type
concrete methods default/static methods in Java 8+

Keyword Used abstract interface

Variables Can be instance variables Public static final (constants)

Constructor
Can have constructors Cannot have constructors
Support

Abstract Class Example:

java
CopyEdit
abstract class Animal {
abstract void sound();
void eat() {
System.out.println("Animal eats food");
}
}

class Dog extends Animal {

void sound() {
System.out.println("Barks");
}
}

Interface Example:
java
CopyEdit
interface Vehicle {
void run();
}

class Bike implements Vehicle {

public void run() {
System.out.println("Bike runs");
}
}

10. Write a program to demonstrate method overloading and method overriding.

 Method Overloading (Same method name, different parameters)
java
CopyEdit
class MathOperation {
int add(int a, int b) {
return a + b;
}

int add(int a, int b, int c) {

return a + b + c;
}
}

Method Overriding (Subclass redefines parent class method)

java
CopyEdit
class Animal {
void sound() {
System.out.println("Animal makes sound");
}
}

class Dog extends Animal {

void sound() {
System.out.println("Dog barks");
}
}

Main Program:
java
CopyEdit
public class Demo {
public static void main(String[] args) {
MathOperation op = new MathOperation();
System.out.println(op.add(5, 10)); // Overloaded method
System.out.println(op.add(5, 10, 15));

Animal a = new Dog(); // Overridden method

a.sound(); // Outputs "Dog barks"
}
}

11. Describe exception handling and provide an example.

Definition:
Exception Handling in Java is a mechanism to handle runtime errors so that the normal flow
of the program can be maintained.

Keywords:
• try: Block of code that might throw exception
• catch: Handles exception
• finally: Always executed (optional)
• throw: Manually throw exception
• throws: Declares an exception

Example:
java
CopyEdit
public class ExceptionDemo {
public static void main(String[] args) {
try {
int result = 10 / 0; // ArithmeticException
} catch (ArithmeticException e) {
System.out.println("Error: Cannot divide by zero");
} finally {
System.out.println("Execution completed");
}
}
}

12. What is garbage collection? Explain with respect to Java.

Definition:
Garbage Collection (GC) in Java is the process of automatically reclaiming memory by
destroying objects that are no longer referenced.

How It Works:
• JVM automatically runs the garbage collector.
• It finds unreferenced objects and frees their memory.

Example:
java
CopyEdit
public class GarbageExample {
public static void main(String[] args) {
GarbageExample obj1 = new GarbageExample();
obj1 = null; // eligible for garbage collection
 System.gc(); // request JVM to run GC
}

protected void finalize() {

System.out.println("Garbage collected");
}
}

Advantages:
• Prevents memory leaks
• Improves application performance
• Reduces manual memory management burden

13. How are arrays created in Java? Provide examples.

Definition:
An array in Java is a container object that holds a fixed number of values of a single type.

Syntax:
java
CopyEdit
type[] arrayName = new type[size];

Examples:
java
CopyEdit
// Integer array of size 5
int[] arr = new int[5];
// Assign values
arr[0] = 10;
arr[1] = 20;

// Initialization at declaration
String[] fruits = {"Apple", "Banana", "Cherry"};

// Print elements
for(String f : fruits) {
System.out.println(f);
}

14. What is autoboxing?

Definition:
Autoboxing is the automatic conversion of a primitive type into its corresponding wrapper
class.

Example:
java
CopyEdit
int num = 10;
Integer obj = num; // autoboxing

System.out.println(obj); // prints 10
Similarly, Unboxing is the reverse:
java
CopyEdit
Integer val = 100;
int x = val; // unboxing

Use Case:
Autoboxing allows primitives to be used where objects are expected, e.g., in collections like
ArrayList<Integer>.

Long Questions (12 Marks Each)

15. Write a Java program to input student details and display them using Scanner and
BufferedReader classes.

Using Scanner:
java
CopyEdit
import java.util.Scanner;

public class StudentScanner {

public static void main(String[] args) {
Scanner sc = new Scanner(System.in);

System.out.print("Enter Name: ");

String name = sc.nextLine();

System.out.print("Enter Roll Number: ");

int roll = sc.nextInt();

System.out.print("Enter Age: ");

int age = sc.nextInt();
 System.out.print("Enter GPA: ");
double gpa = sc.nextDouble();

System.out.println("\n--- Student Details ---");

System.out.println("Name: " + name);
System.out.println("Roll No: " + roll);
System.out.println("Age: " + age);
System.out.println("GPA: " + gpa);
}
}

Using BufferedReader:
java
CopyEdit
import java.io.*;

public class StudentBufferedReader {

public static void main(String[] args) throws IOException {
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));

System.out.print("Enter Name: ");

String name = br.readLine();

System.out.print("Enter Roll Number: ");

int roll = Integer.parseInt(br.readLine());

System.out.print("Enter Age: ");

int age = Integer.parseInt(br.readLine());
 System.out.print("Enter GPA: ");
double gpa = Double.parseDouble(br.readLine());

System.out.println("\n--- Student Details ---");

System.out.println("Name: " + name);
System.out.println("Roll No: " + roll);
System.out.println("Age: " + age);
System.out.println("GPA: " + gpa);
}
}

16. Explain Java with respect to WWW and the Internet, highlighting key features.

Java and the Web:

Java was designed with the Internet and Web in mind. It supports network-based
programming, distributed systems, and dynamic content via applets, servlets, JSPs, and
more.

Key Features:
1. Platform Independence:
o Java bytecode can run on any OS with JVM.
o Ideal for web applications accessed across platforms.
2. Applets and Web Integration:
o Java Applets (deprecated now) could be embedded in browsers.
3. Security:
o Java provides a secure runtime environment (sandbox model, classloader,
bytecode verifier).
4. Networking Support:
o Java supports TCP/IP protocols via java.net package (Sockets, URL, Datagram,
etc.)
 5. Server-Side Programming:
o Java is widely used for backend web development:
▪ Servlets
▪ JavaServer Pages (JSP)
▪ Spring Framework
6. Support for Distributed Computing:
o RMI (Remote Method Invocation)
o CORBA integration
7. Multithreading:
o Java can handle multiple client requests using multithreading in web servers.

Conclusion:
Java’s strong support for networking, portability, and security has made it a pillar of web
development technologies for both client and server sides.

17. Describe threads in Java and demonstrate thread priorities.

What is a Thread?
A thread is a lightweight subprocess, a small unit of a process. Java supports
multithreading, allowing multiple threads to run concurrently.

Creating Threads:
1. Extending Thread class
2. Implementing Runnable interface

Example Using Runnable:

java
CopyEdit
class MyThread implements Runnable {
 public void run() {
System.out.println("Thread running: " + Thread.currentThread().getName());
}
}

public class ThreadPriorityDemo {

public static void main(String[] args) {
Thread t1 = new Thread(new MyThread(), "Thread A");
Thread t2 = new Thread(new MyThread(), "Thread B");

t1.setPriority(Thread.MIN_PRIORITY); // 1
t2.setPriority(Thread.MAX_PRIORITY); // 10

t1.start();
t2.start();
}
}

Thread Priority:

Priority Constant Value

Thread.MIN_PRIORITY 1

Thread.NORM_PRIORITY 5

Thread.MAX_PRIORITY 10

Higher priority threads are more likely to run first, but thread scheduling is JVM-
dependent.

18. Write a Java program illustrating function overriding.

Method Overriding:
Occurs when a subclass provides a specific implementation of a method that is already
defined in its parent class.

Example Program:
java
CopyEdit
class Animal {
void sound() {
System.out.println("Animal makes sound");
}
}

class Cat extends Animal {

@Override
void sound() {
System.out.println("Cat meows");
}
}

public class OverrideDemo {

public static void main(String[] args) {
Animal a = new Cat(); // polymorphism
a.sound(); // Cat meows
}
}

19. Compare constructor and method with suitable examples.

(Already explained in Short Q5. Here's extended explanation and comparison.)
 Constructor
• Invoked automatically when object is created.
• Cannot have return type.
• Initializes an object.
java
CopyEdit
class Car {
String brand;

Car(String b) {
brand = b;
}
}

Method
• Called explicitly.
• Must have a return type.
• Performs specific task.
java
CopyEdit
class Car {
void show() {
System.out.println("This is a car.");
}
}

Comparison Table:
Feature Constructor Method

Name Same as class name Any valid identifier

Return type None Must have return type

Call Automatically Explicitly

Use Initializes object Defines behavior

20. Explain the significance of packages and how to create custom packages in Java.

What is a Package?
A package is a namespace that organizes a set of related classes and interfaces.

Types:
1. Built-in packages: java.util, java.io, java.lang
2. User-defined (custom) packages

Benefits:
• Avoids name conflicts
• Easier maintenance
• Code modularity and reusability
• Access control

Creating and Using a Custom Package

Step 1: Create Package

java
CopyEdit
// File: MyPackage/Student.java
package MyPackage;
public class Student {
public void show() {
System.out.println("Student in MyPackage");
}
}

Step 2: Use in Another Program

java
CopyEdit
// File: Main.java
import MyPackage.Student;

public class Main {

public static void main(String[] args) {
Student s = new Student();
s.show();
}
}

Compiling:
bash
CopyEdit
javac -d . Student.java
javac Main.java
java Main
 Subject: Software Engineering

Very Short Questions (3 Marks Each)

1. Define Software Engineering.

Definition:
Software Engineering is the application of engineering principles to the design,
development, testing, deployment, and maintenance of software systems.

Key Aspects:
• Systematic and disciplined approach
• Ensures software is reliable, efficient, scalable, and cost-effective
• Emphasizes planning, documentation, quality control, and project management

Example:
Developing a hospital management system using SDLC models like Waterfall or Agile.

2. What is SDLC (Software Development Life Cycle)?

Definition:
The Software Development Life Cycle (SDLC) is a structured process used for developing
software in a systematic, phased approach.

Phases of SDLC:
1. Requirement Analysis
2. System Design
3. Implementation (Coding)
4. Testing
5. Deployment
6. Maintenance

3. List characteristics of good software.

Key Characteristics:
 • Correctness: Meets user requirements
• Reliability: Performs without failure
• Efficiency: Optimal use of resources
• Usability: Easy to learn and use
• Maintainability: Easy to fix bugs and add features
• Portability: Works across platforms
• Security: Protects against threats

4. What is software prototyping?

Definition:
Prototyping is the process of building a working model of a software system that helps
users and developers visualize functionality and gather feedback before final development.

Types:
• Throwaway
• Evolutionary
• Incremental
• Extreme Prototyping (for web apps)

5. Define cohesion and coupling.

Cohesion:
• Degree to which elements of a module belong together
• High cohesion is desirable

Coupling:
• Degree to which one module depends on other modules
• Low coupling is desirable

Short Questions (10 Marks Each)

6. Explain Waterfall model with its advantages and disadvantages.

 Waterfall Model:
A linear sequential model where each phase is completed before the next begins.

Phases:
1. Requirement Analysis
2. System Design
3. Implementation
4. Testing
5. Deployment
6. Maintenance

Diagram:
nginx
CopyEdit
Requirements → Design → Implementation → Testing → Deployment → Maintenance

Advantages:
• Simple and easy to manage
• Well-documented
• Clear milestones

Disadvantages:
• Inflexible to change
• Late error discovery
• Not suitable for complex or evolving requirements

7. Differentiate between black box and white box testing.

Feature Black Box Testing White Box Testing

Knowledge
No knowledge of code Requires code knowledge
Required
Feature Black Box Testing White Box Testing

Focus Functional behavior Internal logic and paths

Tester Independent testers Developers or QA

Equivalence partitioning,
Techniques Statement, branch, path coverage
boundary value

Checking loop conditions and code

Example Login functionality test
branches

8. Explain Spiral model with diagram.

Spiral Model:
A risk-driven process model that combines iterative development with systematic aspects
of the Waterfall model.

Phases in Each Spiral Loop:

1. Objective setting
2. Risk assessment and reduction
3. Development and validation
4. Planning for the next iteration

Diagram:
sql
CopyEdit
Start → Planning → Risk Analysis → Engineering → Evaluation → Next Spiral

Advantages:
• Risk management
• Early customer feedback
• Flexible to change

Disadvantages:
 • Complex to manage
• Costly for small projects

9. What is software maintenance? Explain its types.

Definition:
Software maintenance involves modifying a software product after delivery to correct
faults, improve performance, or adapt to a new environment.

Types:
1. Corrective: Fixing bugs/errors
2. Adaptive: Adapting to environment changes (OS, hardware)
3. Perfective: Improving performance or adding new features
4. Preventive: Enhancing maintainability and preventing future issues

10. Explain software development life cycle (SDLC) with its phases.
(Already explained in Very Short Q2. Rewriting with more detail)

SDLC Phases:
1. Requirement Analysis: Understanding what the user needs
2. Design: Creating architecture and system design documents
3. Implementation: Writing code based on design
4. Testing: Verifying and validating software
5. Deployment: Releasing to users
6. Maintenance: Post-release bug fixes and updates

Long Questions (12 Marks Each)

11. Explain Agile model with principles and phases.

Agile Model:
Agile is an iterative and incremental software development model focused on flexibility,
collaboration, and customer satisfaction.

Agile Manifesto Principles:

1. Individuals and interactions over processes and tools
2. Working software over documentation
3. Customer collaboration over contract negotiation
4. Responding to change over following a plan

Phases of Agile:
1. Concept and Inception
2. Planning
3. Design
4. Development
5. Testing
6. Release
7. Feedback and iteration

Agile Practices:
• Daily stand-ups (Scrum)
• Sprint Planning and Reviews
• Continuous Integration
• Pair Programming
• Test-Driven Development (TDD)

Advantages:
• Quick delivery of working software
• Customer feedback included
• Adapts to change well
 Disadvantages:
• Less predictability
• Requires high customer involvement
• Not ideal for large, rigid systems

12. What is software testing? Explain different levels and types.

Definition:
Software testing is the process of evaluating a software product to detect differences
between existing and required conditions (bugs, errors).

Levels of Testing:
1. Unit Testing: Test individual components/modules
2. Integration Testing: Test combined components
3. System Testing: Complete application testing
4. Acceptance Testing: Verifying against user needs (UAT)

Types of Testing:
• Manual Testing
• Automated Testing

Test Classifications:

Type Purpose

Functional Tests business logic (e.g., login)

Non-Functional Performance, usability, reliability

Regression After code changes, to ensure nothing breaks

Smoke/Sanity Basic build validation

Load/Stress System behavior under heavy usage

 Subject: Web Technology II
(Far Western University – BSc CSIT 6th Semester)

Very Short Questions (3 Marks Each)

1. What is AJAX?

Definition:
AJAX (Asynchronous JavaScript and XML) is a web development technique used to send
and receive data from a server asynchronously without refreshing the web page.

Key Points:
• Improves user experience by updating only parts of the page
• Uses: XMLHttpRequest, Fetch API, or jQuery AJAX
• Can use JSON instead of XML

Example (Using JavaScript):

javascript
CopyEdit
fetch('data.json')
.then(response => response.json())
.then(data => console.log(data));

2. What is the difference between GET and POST methods in forms?

Feature GET POST

Data visible In URL In request body

Security Less secure More secure

Feature GET POST

Use Data retrieval Data submission

Size limit Yes (URL length) No size restriction (mostly)

3. What is session in PHP?

Definition:
A session in PHP is used to store user information across multiple web pages (e.g., login
status, cart info).

Example:
php
CopyEdit
session_start();
$_SESSION['user'] = "Ram";
echo $_SESSION['user'];
• session_start() must be called before output.
• Session data is stored on the server.

4. Define DOM.

DOM (Document Object Model):

The DOM is a programming interface for web documents that represents HTML/XML as a
tree structure where each node is an object.

Example:
HTML:
html
CopyEdit
<p id="demo">Hello</p>
JavaScript:
javascript
CopyEdit
document.getElementById("demo").innerHTML = "Hi!";

5. What is the purpose of the DOCTYPE declaration?

Purpose:
<!DOCTYPE html> tells the browser the HTML version to render. It ensures standards mode,
avoiding quirks in layout.

Short Questions (10 Marks Each)

6. Explain PHP form handling with GET and POST methods.

PHP Form Handling Process:

1. Create HTML form:
html
CopyEdit
<form method="POST" action="submit.php">
<input type="text" name="username">
<input type="submit" value="Send">
</form>
2. submit.php:
php
CopyEdit
<?php
$name = $_POST['username']; // use $_GET[] if method="GET"
echo "Welcome, $name!";
?>

Differences:
 • $_GET[]: Data visible in URL, less secure
• $_POST[]: Data sent in HTTP body, more secure

7. Differentiate between client-side and server-side scripting.

Feature Client-Side Server-Side

Executes on Browser (client machine) Server

Languages HTML, CSS, JavaScript PHP, Python, Node.js, ASP.NET

Security Less secure More secure

Use UI interactions, validation Database access, file handling

Example Input field validation Login authentication, data storage

8. Explain the working of cookies in PHP.

Cookies:
Cookies are small text files stored on the user's browser to remember information.

Syntax:
Set Cookie:
php
CopyEdit
setcookie("user", "Ram", time() + 3600); // 1-hour expiry
Access Cookie:
php
CopyEdit
echo $_COOKIE['user'];

Notes:
• Cookies are stored on client-side
• Can be used for preferences, sessions (light usage)
9. Explain the use of JavaScript in web development.

JavaScript Uses:
1. DOM Manipulation:
javascript
CopyEdit
document.getElementById("demo").style.color = "red";
2. Form Validation:
javascript
CopyEdit
if (name == "") alert("Name required");
3. AJAX Requests
4. Interactive UI:
o Sliders, popups, modals
5. Event Handling:
javascript
CopyEdit
button.onclick = function() { alert("Clicked!"); }

10. Describe the difference between XML and JSON.

Feature XML JSON

Syntax Tag-based Key-value pairs

Readability Verbose More readable

Data Type Strings only Supports objects, arrays

Usage Legacy systems, configuration Modern APIs, AJAX

Example:
JSON:
json
CopyEdit
{ "name": "Ram", "age": 22 }
XML:
xml
CopyEdit
<student><name>Ram</name><age>22</age></student>

Long Questions (12 Marks Each)

11. Explain AJAX with example and how it is used in PHP.

AJAX:
AJAX enables asynchronous data communication between client and server without page
reload.

Flow:
1. JavaScript triggers an AJAX request
2. Request sent to server (e.g., PHP file)
3. PHP processes and returns response
4. JavaScript updates webpage dynamically

Example:
HTML + JavaScript:
html
CopyEdit
<input type="text" id="name">
<button onclick="loadData()">Submit</button>
<p id="result"></p>
<script>
function loadData() {
var name = document.getElementById("name").value;
fetch("getdata.php?name=" + name)
.then(res => res.text())
.then(data => document.getElementById("result").innerHTML = data);
}
</script>
getdata.php:
php
CopyEdit
<?php
$name = $_GET['name'];
echo "Welcome, " . $name;
?>

12. Explain session management in PHP with example.

What is a Session?
A session stores user-specific data between multiple pages.

Working:
1. Call session_start() at top
2. Use $_SESSION['key'] to store or retrieve

Example:
php
CopyEdit
// login.php
session_start();
$_SESSION['user'] = "admin";
echo "Logged in";

// dashboard.php
session_start();
echo $_SESSION['user']; // Displays "admin"

Advantages:
• Server-side storage
• Secure and persistent until destroyed or expired