Combined Bank, Assistant Programmer, 2023

Combined Bank

Post: Assistant Programmer ,
Exam Date: 09.06.2023

1. Given the following values, compute function point when all complexity adjustment factor (CAF) and weighting factors are average.

User Input = 50
User Output = 40
User Inquiries = 35
User Files = 6
External Interface = 4

Step 1:
As the complexity adjustment factor is average (given in the question), the scale is set to 3 for each factor.
F = 14 × 3 = 42

Step 2:
Calculate the Complexity Adjustment Factor (CAF) using the formula:
CAF = 0.65 + (0.01 × F)
Substitute F = 42:
CAF = 0.65 + (0.01 × 42) = 1.07

Step 3:
Calculate the Unadjusted Function Points (UFP) using the given values and the corresponding weights (average weighting factors):
UFP = (50 × 4) + (40 × 5) + (35 × 4) + (6 × 10) + (4 × 7)
UFP = 200 + 200 + 140 + 60 + 28 = 628

Step 4:
Calculate the Function Point (FP) using the formula:
FP = UFP × CAF
FP = 628 × 1.07 = 671.96

Final Answer:
The Function Point (FP) is: 671.96

2. Write a function to find the smallest element from an array

Algorithm to Find the Smallest Element in an Array

START

Step 1 → Initialize an array A with given values.
Step 2 → Create a variable min_value and set it to a large number (e.g., infinity) or the first element of the array.
Step 3 → Loop through each element A[i] in the array starting from the first element.
Step 4 → For each element, check if A[i] is smaller than min_value.
Step 5 → If A[i] < min_value, update min_value to A[i].
Step 6 → Repeat Steps 4 and 5 until all elements have been checked.
Step 7 → Display min_value as the smallest element of the array.

STOP

3. Consider page reference string 1, 3, 0, 3, 5, 6, 3 with 3 page frames.Find the number of page faults.

Given:

Page reference string: 1, 3, 0, 3, 5, 6, 3
Number of page frames: 3

Step-by-Step Analysis:

Explanation:

1 causes a page fault as it’s not in memory, so it’s loaded into frame 1.
3 causes a page fault and is loaded into frame 2.
0 causes a page fault and is loaded into frame 3. All three frames are now full.
3 is already in memory, so no page fault occurs (Hit).
5 causes a page fault and replaces the oldest page in memory, which is 1.
6 causes a page fault and replaces the oldest page in memory, which is 3.
3 causes a page fault and replaces the oldest page in memory, which is 0.

Total Page Faults:

6 Page Faults

4. CRC is a redundancy error technique used to determine the error. Suppose the original data is 11100 and divisor is 1001

Solution:

Step 1: Represent Data and Divisor in Polynomial Form

Data (11100):

x⁴ + x³ + x²

Divisor (1001):

x³ + 1

Step 2: Append Zeros to the Original Data

Since the divisor is 4 bits, we append 3 zeros to the original data (one less than the number of bits in the divisor). The new data is:

Data after appending zeros: 11100000

Step 3: Perform Binary Division

Now we divide the modified data 11100000 by the divisor 1001.

Division Process:

11111 ← Quotient —————————– 11100000 ← Dividend (data with zeros) 1001 ← Divisor ———————- 1110000 1001 —————- 111000 1001 ————— 11100 1001 ———— 1110 1001 ———— 111

Step 4: Determine the Transmitted Value

The remainder 111 is the CRC code. To get the transmitted value, append the remainder to the original data:

Original data: 11100 Remainder: 111

Transmitted Value: 11100111

5. Attacker steals private key of website that uses transport layer security and remains undetected what can be done with private key?

Impact of Stealing a Private Key in TLS

If an attacker steals the private key of a website that uses Transport Layer Security (TLS) and remains undetected, several serious security threats can occur.

Decryption of Encrypted Traffic: The attacker can decrypt past and future TLS sessions (if Perfect Forward Secrecy is not used).
Impersonation: The attacker can impersonate the legitimate website and perform Man-in-the-Middle (MITM) attacks.
Data Theft: Sensitive data such as usernames, passwords, cookies, and credit card details can be stolen.
Malware Injection: Malicious content can be injected while appearing as a trusted website.

Mitigation Steps:

Immediately revoke the compromised certificate.
Generate a new key pair and install a new certificate.
Enable Perfect Forward Secrecy (PFS).
Monitor logs and notify users if required.

TLS-এ Private Key চুরি হলে কী হতে পারে

যদি কোনো attacker একটি TLS ব্যবহারকারী website-এর private key চুরি করে এবং তা ধরা না পড়ে, তাহলে গুরুতর নিরাপত্তা ঝুঁকি তৈরি হয়।

Encrypted Data Decrypt করা: Perfect Forward Secrecy ব্যবহার না করলে attacker আগের ও ভবিষ্যতের TLS session decrypt করতে পারে।
Website Impersonation: Attacker আসল website সেজে Man-in-the-Middle (MITM) attack চালাতে পারে।
Sensitive Data চুরি: Username, password, cookie, credit card তথ্য চুরি হতে পারে।
Malware Injection: Trusted website-এর মতো দেখিয়ে malicious content ঢুকানো যায়।

সমাধানমূলক ব্যবস্থা:

Compromised certificate সঙ্গে সঙ্গে revoke করতে হবে।
নতুন key pair ও certificate তৈরি করতে হবে।
Perfect Forward Secrecy (PFS) চালু করতে হবে।
Log monitor করে প্রয়োজনে user-দের জানাতে হবে।

6. A & B two frames in a browser loaded from different origins. Why is it a reasonable security policy to allow A to navigate B to another origin base only on whether the display area of A contains dis-pare of B and A has the control over area.

Reasonable Security Policy for Cross-Origin Frame Navigation

Consider two browser frames A and B loaded from different origins. Allowing frame A to navigate frame B to another origin is considered a reasonable security policy only when the display area of A contains part of B and A has control over that area.

Reasons:

User Awareness: Since frame A visibly contains part of frame B, the user can see the interaction and is less likely to be tricked by hidden or invisible actions.
UI Control: If A controls the display area of B, it implies an explicit embedding relationship, making navigation intent clearer and more legitimate.
Clickjacking Prevention: This restriction prevents malicious frames from silently redirecting other frames that are not visually or structurally related.
Least Privilege Principle: A is granted limited control (navigation only), not full access to B’s content, maintaining origin isolation.
Maintains Same-Origin Security: While navigation is allowed, reading or modifying B’s data remains restricted, preserving the same-origin policy.

Allowing navigation under these controlled and visible conditions balances usability with security and prevents abuse across origins.

Cross-Origin Frame Navigation-এর জন্য যুক্তিসংগত Security Policy

ধরা যাক browser-এর দুটি frame A এবং B আলাদা origin থেকে load হয়েছে। Frame A কে frame B-কে অন্য origin-এ navigate করতে দেওয়া যুক্তিসংগত হয় শুধুমাত্র তখনই, যখন A-এর display area-এর ভেতরে B-এর একটি অংশ থাকে এবং সেই area-এর উপর A-এর নিয়ন্ত্রণ থাকে।

কারণসমূহ:

User Awareness: যেহেতু user দৃশ্যমানভাবে frame B-কে frame A-এর মধ্যে দেখতে পায়, তাই গোপনে বা অজান্তে কোনো navigation হওয়ার ঝুঁকি কমে।
UI Control: A যদি B-এর display area নিয়ন্ত্রণ করে, তাহলে এটি একটি বৈধ embedding সম্পর্ক নির্দেশ করে।
Clickjacking প্রতিরোধ: এই নিয়ম malicious frame-কে অন্য frame গোপনে redirect করা থেকে বাধা দেয়।
Least Privilege Principle: A কেবল navigation করতে পারে, B-এর data access করতে পারে না।
Same-Origin Security বজায় রাখা: Navigation অনুমোদিত হলেও data পড়া বা পরিবর্তন নিষিদ্ধ থাকে।

এই নীতিটি usability ও security-এর মধ্যে ভারসাম্য বজায় রেখে cross-origin অপব্যবহার প্রতিরোধ করে।

7. Problem solved more efficiently in adjacency list representation than adjacency matrix representation and problem solved more effective in adjacency matrix than adjacency list.

Problems Better Solved Using Adjacency List

Sparse Graphs: When the number of edges is much smaller than V², adjacency lists save memory.
Graph Traversal (BFS/DFS): Faster to iterate over only existing neighbors.
Finding all neighbors of a vertex: Direct access without scanning all vertices.
Dynamic Graphs: Easier to add/remove edges.

Problems Better Solved Using Adjacency Matrix

Dense Graphs: When most pairs of vertices are connected.
Edge Existence Check: Checking if edge (u,v) exists is O(1).
Graph Algorithms like Floyd–Warshall: Matrix-based algorithms are simpler and faster.
Small Graphs: Simpler representation when memory is not a concern.

Adjacency List ব্যবহার করে যেসব সমস্যা বেশি কার্যকরভাবে সমাধান করা যায়

Sparse Graph: Edge কম হলে memory কম লাগে।
Graph Traversal (BFS/DFS): শুধু বিদ্যমান neighbor-গুলো traverse করতে হয়।
Vertex-এর সব neighbor খোঁজা: দ্রুত পাওয়া যায়।
Dynamic Graph: Edge যোগ/বিয়োগ সহজ।

Adjacency Matrix ব্যবহার করে যেসব সমস্যা বেশি কার্যকরভাবে সমাধান করা যায়

Dense Graph: বেশিরভাগ vertex একে অপরের সাথে connected হলে।
Edge আছে কিনা পরীক্ষা: O(1) সময়ে জানা যায়।
Floyd–Warshall-এর মতো Algorithm: Matrix-based হওয়ায় কার্যকর।
Small Graph: Memory সমস্যা না হলে সহজ representation।

You must subscribe & Login to view more.

Don’t have an account? Register

Or your subscription is under review by admin. Please message on WhatsApp / Telegram.

Leave a Comment Cancel Reply

You must be logged in to post a comment.

Field Based Job Solution Topic Based QnS IT Job News / Circular

Combined Bank Post: Assistant Programmer , Exam Date: 09.06.2023

Leave a Comment Cancel Reply

Combined Bank

Post: Assistant Programmer ,
Exam Date: 09.06.2023