Solved: A school maintains a database of students' details and teaching resources on a... [IB Computer Science (CS)]

A school maintains a database of students' details and teaching resources on a central server. This data can be accessed by all teachers in the school.

Question

SLPaper 2

A school maintains a database of students' details and teaching resources on a central server. This data can be accessed by all teachers in the school.

Teachers may need to edit resources when preparing their lessons.

When storing student details, data security is an important consideration.

The school has appointed a database administrator (DBA).

A DBA is required to carry out tasks such as ensuring there is a strategy to recover the database if it becomes corrupted and that the data is shared ethically.

Suggest how the privacy of student data can be ensured.

[3]

Verified

Solution

Method #1

${latex}$ \bullet$ Data masking or data obfuscation 1 mark

is the process of hiding original data with random characters 1 mark
e.g.: suppressing certain characters in the student address, student id etc. 1 mark

Method #2

${latex}$ \bullet$ Data encryption 1 mark

Conversion of data into non-readable gibberish creates highly secure results such as scrambling the student_ID 1 mark
The only way to gain access to the data is to unlock it with a key or password which only those authorized can access 1 mark

Explain how concurrent use of the school database is possible in this situation.

[3]

Verified

Solution

Method #1

Data masking or data obfuscation:

Is the process of hiding original data with random characters 1 mark
Example: suppressing certain characters in the student address, student ID, etc. 1 mark

Data encryption:

Conversion of data into non-readable gibberish creates highly secure results such as scrambling the student ID 1 mark
The only way to gain access to the data is to unlock it with a key or password which only those authorized can access 1 mark

Maximum 3 marks

Explain how concurrent use of the school database is possible in this situation:

The ability of a database to allow multiple teachers to affect multiple transactions 1 mark
Allowing concurrent processing while ensuring transaction isolation 1 mark
Thus, ensuring the update of one teacher does not affect the update of another teacher 1 mark
While one transaction (by a teacher) is accessing a resource from a shared folder, it places a lock, an access restriction, on the resource, controlling the level of access allowed by another transaction by another teacher A1

Describe two ways that data security in the school's database can be maintained.

[4]

Verified

Solution

Way 1

Minimizing permissions: 1 mark Restrict users to have permission only to the means to do their job. Some can view, modify and insert, while some can only view etc. 1 mark

Way 2

Auditing changes: 1 mark Log changes made to teachers and permissions through auditing. This gives a trail to follow should you have problems. Without authorization, no one gets grant of permissions. 1 mark

Award [4 max] Award [1] for identifying a way of maintaining data security and [1] for a development up to [2 max] Mark as [2] and [2]

Describe one strategy that could be used to ensure the data can be recovered if the database becomes corrupted.

[2]

Verified

Solution

Strategy #1

Back-up; 1 mark Back-up copies of the entire database are made to ensure the database can be restored to the most updated version if it becomes corrupted; 1 mark

A school maintains a database of students' details and teaching resources on a central server. This data can be accessed by all teachers in the school.

Question

SLPaper 2

A school maintains a database of students' details and teaching resources on a central server. This data can be accessed by all teachers in the school.

Teachers may need to edit resources when preparing their lessons.

When storing student details, data security is an important consideration.

The school has appointed a database administrator (DBA).

A DBA is required to carry out tasks such as ensuring there is a strategy to recover the database if it becomes corrupted and that the data is shared ethically.

Suggest how the privacy of student data can be ensured.

[3]

Verified

Solution

Method #1

${latex}$ \bullet$ Data masking or data obfuscation 1 mark

is the process of hiding original data with random characters 1 mark
e.g.: suppressing certain characters in the student address, student id etc. 1 mark

Method #2

${latex}$ \bullet$ Data encryption 1 mark

Conversion of data into non-readable gibberish creates highly secure results such as scrambling the student_ID 1 mark
The only way to gain access to the data is to unlock it with a key or password which only those authorized can access 1 mark

Explain how concurrent use of the school database is possible in this situation.

[3]

Verified

Solution

Method #1

Data masking or data obfuscation:

Is the process of hiding original data with random characters 1 mark
Example: suppressing certain characters in the student address, student ID, etc. 1 mark

Data encryption:

Conversion of data into non-readable gibberish creates highly secure results such as scrambling the student ID 1 mark
The only way to gain access to the data is to unlock it with a key or password which only those authorized can access 1 mark

Maximum 3 marks

Explain how concurrent use of the school database is possible in this situation:

The ability of a database to allow multiple teachers to affect multiple transactions 1 mark
Allowing concurrent processing while ensuring transaction isolation 1 mark
Thus, ensuring the update of one teacher does not affect the update of another teacher 1 mark
While one transaction (by a teacher) is accessing a resource from a shared folder, it places a lock, an access restriction, on the resource, controlling the level of access allowed by another transaction by another teacher A1

Describe two ways that data security in the school's database can be maintained.

[4]

Verified

Solution

Way 1

Minimizing permissions: 1 mark Restrict users to have permission only to the means to do their job. Some can view, modify and insert, while some can only view etc. 1 mark

Way 2

Award [4 max] Award [1] for identifying a way of maintaining data security and [1] for a development up to [2 max] Mark as [2] and [2]

Describe one strategy that could be used to ensure the data can be recovered if the database becomes corrupted.

[2]

Verified

Solution

Strategy #1

Back-up; 1 mark Back-up copies of the entire database are made to ensure the database can be restored to the most updated version if it becomes corrupted; 1 mark

A school maintains a database of students' details and teaching resources on a central server. This data can be accessed by all teachers in the school.

Method #1

Method #2

Method #1

Way 1

Way 2

Strategy #1

Related topics

A school maintains a database of students' details and teaching resources on a central server. This data can be accessed by all teachers in the school.

Method #1

Method #2

Method #1

Way 1

Way 2

Strategy #1

Related topics