CSC 550: Review Questions for Exams

Exam 1 (Chapters 1-5):

  1. Briefly describe the fundamental difference between project-based and product-based software engineering.

  2. What are three important differences between software products and software product lines.

  3. Why do software product managers have to be generalists with a range of skills rather than simply technical specialists?

  4. You are a software product manager for a company developing educational software products based around scientific simulations. Explain why it is important to develop a product roadmap so that final product releases are available in the first three months of the year.

  5. Why should you develop a prototype before you start developing a new software product?

  6. Explain why it is important that software products are developed and delivered quickly. Why is it sometimes sensible to deliver an unfinished product and then issue new versions of that product after delivery?

  7. Explain why the fundamental objectives of agile software engineering are consistent with the accelerated development and delivery of software products.

  8. Give three reasons why Extreme Programming (XP) is envisaged by its developers is not widely used.

  9. You are developing a software product to help manage student admissions in a university. Your agile development team suggests that they should develop this as a number of small releases that potential customers can try and then provide feedback. Comment on this idea and suggest why it may not be acceptable to the system's users.

  10. Explain why the product owner is an essential role in a Scrum development team. How might a development team that is working in an environment where there are no external customers (e.g. a student project team) reproduce this product owner role?

  11. Why is it is important that each sprint should normally produce a 'potentially shippable' product increment? When might the team relax this rule and produce something that is not 'ready to ship'?

  12. Explain why estimating the work required to complete a product backlog item using effort in 'person-hours' or 'person-days' can lead to significant variations between the estimated effort and the actual effort to implement that item.

  13. Explain why daily scrums are likely to reduce the time that is normally required for new team members to become productive.

  14. One of the problems with self-organising teams is that more experienced team members tend to dominate discussions and therefore to influence the team’s way of working. Suggest ways to reduce this problem.

  15. Scrum has been designed for use by a team of 5-8 people working together to develop a software product. What problems might arise if you try to use Scrum for student team projects where a group work together to develop a program. What parts of Scrum could be used in this situation?

  16. Explain why it is helpful to develop a number of personas representing types of system user before you move on to write scenarios of how the system will be used.

  17. What do you think are the weaknesses of user stories when used to identify system features and how they work?

  18. Explain why domain knowledge is important when identifying and designing product features.

  19. Suggest how a development team might avoid 'feature creep' when they are faced with many different suggestions for new features to be added to a product.

  20. An architecture designed to support security may be based around a centralized model where all sensitive information is stored in one secure place or a distributed model where information is spread around and stored in many different places. Suggest one advantage and one disadvantage of each of these approaches.

  21. Why is it important to try to minimize complexity in a software system?

  22. Briefly explain how structuring a software architecture as a stack of functional layers helps to manage complexity in a software product.

  23. Under what circumstances would you try and push as much local processing as possible onto the client in a client-server architecture?

  24. Do some background reading and describe three fundamental differences between relational and NoSQL databases. Suggest three types of software product that might benefit from using NoSQL databases, explaining why the NOSQL approach is appropriate.

  25. Why should companies that are developing software products use cloud servers to support their development process?

  26. Explain the fundamental difference between virtualisation using a VM and virtualisation using a container.

  27. Explain why it is simple and fast to deploy a replica of a container on a new server.

  28. Explain what is meant by IaaS and PaaS. Explain why the distinction between these categories of services is becoming increasingly blurred and why they may be merged in the near future.

  29. What are the benefits to software product vendors of delivering software as a service. In what situations might you decide not to deliver software in this way.

  30. Using an example, explain why EU data protection rules can cause difficulties to companies that offer software as a service.

  31. What is the fundamental difference between a multitenant SaaS system and a multiinstance SaaS system?

  32. What are the key issues that have to be considered when deciding on whether to implement a multitenant or multi-instance database when software is delivered as a service?

  33. Why is cost not the most important factor to consider when choosing a cloud platform for development and software delivery?

Exam 2 (Chapters 6-10):

  1. What are the advantages of using services as the fundamental component in a distributed software system?

  2. Based on the functional breakdown of the authentication features shown in Figure 6.1, create a corresponding breakdown for two-factor authentication and password recovery.

  3. Explain why microservices should have low coupling and high cohesion.

  4. What are the principal problems with multi-tier software architectures? How does a microservices architecture help with these problems?

  5. Explain the differences between synchronous and asynchronous microservices interaction.

  6. Explain why each microservice should maintain its own data. Explain how data in service replicas can be kept consistent?

  7. Why should you use continuous deployment in a microservices architecture? Briefly explain each of the stages in the continuous deployment pipeline.

  8. Briefly describe the three main types of threat that have to be considered when planning how to make a software product secure against cyberattacks.

  9. Explain, in your own words, what you understand by an SQL injection attack. Explain how you can use data validation to avoid such attacks.

  10. What are the advantages and disadvantages of using a special-purpose device rather than a mobile phone in two-factor authentication. (Hint: think about the problems of using a mobile phone as an authentication device)

  11. What is the difference between symmetric and asymmetric encryption? Why do we need both types of encryption method?

  12. Explain why it is normally preferable to use the built-in encryption support in a database rather than implement your own application-level encryption.

  13. Explain, in your own words, how encryption keys are securely exchanged in the TLS protocol.

  14. What are the problems in maintaining confidential information that, by law, has to be kept for a number of years? How can a key management system help with these problems.

  15. Why is it difficult to establish a set of privacy standards that can be applied internationally in software products?

  16. Explain why reducing the complexity of a program is likely to reduce the number of faults in that program.

  17. Explain why it is practically impossible to avoid introducing complexity into a software product.

  18. Give two reasons why using design patterns in your code contributes to fault avoidance.

  19. An alternative to using regular expressions to check that an input string is valid is to write your own code to check the input. What are the advantages and disadvantages of using this approach?

  20. Explain why the use of ACID transaction management in a database management system helps to avoid system failures.

  21. Explain why you can never be completely confident that all of the faults in a software product have been revealed by program testing.

  22. What are the important distinctions between unit testing and feature testing?

  23. Explain why it is easier to develop automated unit tests than automated feature tests.

  24. What is regression testing and why is it important? Explain why automated testing makes regression testing straightforward.

  25. Explain why it is essential to have a refactoring stage in the test-driven development process.

  26. Explain why software security testing is more difficult than functional testing.

  27. Explain why adopting DevOps provides a basis for more efficient and effective software deployment and operation.

  28. Briefly explain why it is essential to use a code management system when a team of developers are involved in creating a software system? What are the benefits of using a code management system if only a single developer is involved?

  29. What is the fundamental difference between distributed and centralised code management systems? How does this difference lead to the most significant benefits of distributed code management systems?

  30. What does creating a new branch in a code management system mean? What problems can arise when more than one developer is working on the same code and they try to merge their changes with the project master branch?

  31. Explain how the use of Git and Github simplifies the process of managing open source development where there may be many developers working on the same code.

  32. What is issue management and why is it important for software product development?

  33. Explain why there is more to system integration than simply recompiling the code of the software.

  34. Why does the use of continuous integration make it easier to find bugs in the software that you are developing?

  35. What are the differences between continuous integration, continuous delivery and continuous deployment?

  36. What are process metrics and service metrics. Give examples of each of these types of metric. Explain why service metrics are easier to collect and potentially more accurate than process metrics.