AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

1. Describe client-side scripting and its application to dynamic web page design.

A client-side dynamic web page processes the web page using HTML scripting running in the browser as
it loads. JavaScript and other scripting languages determine the way the HTML in the received page is
parsed into the Document Object Model, or DOM, that represents the loaded web page. The same
client-side techniques can then dynamically update or change the DOM in the same way. Even though a
web page can be dynamic on the client-side, it can still be hosted on a static hosting service such as Git
Hub Pages or Amazon S3 as long as there isn't any server-side code included.

A dynamic web page is then reloaded by the user or by a computer program to change some variable
content. The updating information could come from the server, or from changes made to that page's
DOM. This may or may not truncate the browsing history or create a saved version to go back to, but
a dynamic web page update using Ajax technologies will neither create a page to go back to, nor
truncate the web browsing history forward of the displayed page. Using Ajax technologies the
end user gets one dynamic page managed as a single page in the web browser while the actual web
content rendered on that page can vary. The Ajax engine sits only on the browser requesting parts of its
DOM, the DOM, for its client, from an application server.

2. Provide a short description of each of the following:

a. events and event handlers

In programming, an event is an action that occurs as a result of the user or another source, such as a
mouse click. An event handler is a routine that deals with the event, allowing a programmer to write
code that will be executed when the event occurs.

b. internet operation related to servers and clients

The machines that provide services to other machines are servers. And the machines that are used to
connect to those services are clients. There are Web servers, e-mail servers, FTP servers and so on
serving the needs of Internet users all over the world.

c. internet protocols

The Internet Protocol (IP) is the principal communications protocol in the Internet protocol suite for

relaying datagrams across network boundaries. Its routing function enables internetworking, and
essentially establishes the Internet.

IP has the task of delivering packets from the source host to the destination host solely based on the IP
addresses in the packet headers. For this purpose, IP defines packet structures that encapsulate the data
to be delivered. It also defines addressing methods that are used to label the datagram with source and
destination information.

PAGE: 1 to 9
AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

d. standard generalised markup language (SGML)

Standard generalized markup language (SGML) is a text markup language that serves as a superset of
widely used markup languages like HTML (hypertext markup language) and XML (extensible markup
language).

SGML is used for marking up documents and has the advantage of not being dependent on a specific
application. It is derived from GML (generalized markup language), which allowed users to work on
standardized formatting styles for electronic documents.

e. associated standards

W3C standards define an Open Web Platform for application development that has the unprecedented
potential to enable developers to build rich interactive experiences, powered by vast data stores, that
are available on any device. Although the boundaries of the platform continue to evolve, industry
leaders speak nearly in unison about how HTML5 will be the cornerstone for this platform. But the full
strength of the platform relies on many more technologies that W3C and its partners are creating,
including CSS, SVG, WOFF, the Semantic Web stack, XML, and a variety of APIs.

3. Outline three security restrictions that protect servers.

 Firewall
Firewall will restrict access to everything except the specific services you need to remain open.
Exposing only a few pieces of software reduces the attack surface of your server, limiting the
components that are vulnerable to exploitation.
 VPC Network
We can set up internet gateways as the single point of access between your VPC network’s
resources and the public internet, giving you more control and visibility into the public traffic
connecting to your resources.
 SECURE SHELL( SSH)
It provides several alternative options for strong authentication, and it protects the
communications security and integrity with strong encryption. It is a secure alternative to the
non-protected login protocols (such as talent, rlogin) and insecure file transfer methods (such
as FTP).

4. For each of the server threats given below give a common vulnerability that could make your server
susceptible to that threat and possible security restriction.

a. Denial of service

PAGE: 1 to 9
AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

Common vulnerability:  Volumetric Attacks

The most common DDoS attack overwhelms a machine’s network bandwidth by flooding it with false
data requests on every open port the device has available. Because the bot floods ports with data, the
machine continually has to deal with checking the malicious data requests and has no room to accept
legitimate traffic. UDP floods and ICMP floods comprise the two primary forms of volumetric attacks.

UDP stands for User Datagram Protocol and refers to the simple transmission of data without checking
its integrity. The UDP format lends itself well to fast data transmission, which unfortunately makes it a
prime tool for attackers.

ICMP stands for Internet Control Message Protocol, referring to network devices that communicate with
one another. An attack focused on ICMP relies on attacking nodes sending false error requests to the
target. The target has to deal with these requests and cannot respond to real ones, similar to how a UDP
attack works.

Possible security restriction: Secure Your Network Infrastructure.

Mitigating network security threats can only be achieved with multi-level protection strategies in place.

This includes advanced intrusion prevention and threat management systems, which combine firewalls,
VPN, anti-spam, content filtering, load balancing, and other layers of DDoS defense techniques.
Together they enable constant and consistent network protection to prevent a DDoS attack from
happening. This includes everything from identifying possible traffic inconsistencies with the highest
level of precision in blocking the attack.

Most of the standard network equipment comes with limited DDoS mitigation options, so you may want
to outsource some of the additional services. With cloud-based solutions, you can access advanced
mitigation and protection resources on a pay-per-use basis. This is an excellent option for small and
medium-sized businesses that may want to keep their security budgets within projected limits.

In addition to this, you should also make sure your systems are up-to-date. Outdated systems are
usually the ones with most loopholes. Denial of Service attackers finds holes. By regularly patching your
infrastructure and installing new software versions, you can close more doors to the attackers.

Given the complexity of DD OS attacks, there’s hardly a way to defend against them without appropriate
systems to identify anomalies in traffic and provide instant response. Backed by secure infrastructure
and a battle-plan, such systems can minimize the threat. More than that, they can bring the needed
peace of mind and confidence to everyone from a system admin to CEO.

b. Profiling

Common vulnerability:

PAGE: 1 to 9
 AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

Possible security restriction:

c. Worms, Viruses, Trojan horses

Common vulnerability:

Possible security restriction:

d. Unauthorized Access

Common vulnerability:

Possible security restriction:

e. Elevation of Privileges

Common vulnerability:

Possible security restriction:

5. Describe at least four ways that client-side scripting differs from server-side scripting.

Client-side scripting Server-side scripting

Client-side scripting is used at the front end which

Server-side scripting is used at the backend, where
users can see from the browser. the source code is not viewable or hidden at the
client side (browser)
Client-side scripting does not need any server When a server-side script is processed it
interaction. communicates to the server
Client-side script can effectively minimize the load Server-side scripting is useful in customizing the
to the server. web pages and implement the dynamic changes in
the websites
Client-side script is visible to the users. Server-side scripting is more secure than client-
side scripting as the server side scripts are usually
hidden from the client end
6. Discuss the basic principles of good web design and open platform programming according to W3C.

The basic principles of good web design are

i. Don’t make user think: By reducing cognitive load you make it easier for visitors to grasp the idea
behind the system. Once you’ve achieved this, you can communicate why the system is useful and
how users can benefit from it. People won’t use your web site if they can’t find their way around it.
ii. Don’t squander user’s patience: remove all barriers, don’t require subscriptions or registrations
first. A user registration alone is enough of an impediment to user navigation to cut down on
incoming traffic.
iii. Manage To Focus User’s Attention: the less thinking needs to happen behind the scenes, the
better is the user experience which is the aim of usability in the first place.

PAGE: 1 to 9
 AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

iv. Strive For Simplicity: the best site design is a pure text, without any advertisements or further
content blocks matching exactly the query visitors used or the content they’ve been looking for.
This is one of the reasons why a user-friendly print-version of web pages is essential for good user
experience.

7. Summaries the principles of web analysis and design.

i. Simple Is the Best

The over-designed website may not work. Putting too many elements on the page may lead to
distracting visitors from the main purpose of your website. Simplicity always works in an
effective web page design. Clean and fresh designs of your website not only make the website
appealing but also help the user to navigate from one page to another seamlessly. Loading a
website having design features that do not serve the purpose may be frustrating. Keep your
design as simple as possible so that the visitors can feel it easy-to-use and can find their ways
easily.

ii. Consistency
Consistency in website design matter a lot. Give your attention to match design elements
throughout each of the pages. It can be understood that your fonts, sizes, headings, sub-
headings, and button styles must be the same throughout the website. Plan everything in
advance. Finalize the fonts and the right colors for your texts, buttons, etc, and stick to them
throughout the development. CSS (Cascading Style Sheets) would come in handy to keep the
complete information about design styles and elements.

iii. Typography & Readability

No matter how good your design is text still rules the website as it provides users the desired
information. Since search engine crawlers are very much familiar with this data, it becomes an
integral part of SEO activities. You should keep your typography visually appealing and readable
for visitors, along with the tricky use of keywords, meta-data, and other SEO-sensitive elements.
Consider using fonts that are easier to read. The modern sans-serif fonts as Arial, Helvetica, etc.
can be used for the body texts. Make proper combinations of typefaces for each and every
design element such as headlines, body texts, buttons, etc.

iv. Mobile Compatibility

Keeping in mind the ever-growing usage of smart phones, tablets and iphablets, web design
must be effective for various screens. If your website design doesn’t support all screen sizes, the
chance is that you’ll lose the battle to your competitors. There are a number of web design

PAGE: 1 to 9
 AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

studios or service points from where you can turn your desktop design into a responsive and
adaptive one for all screen sizes.

v. Color Palette and Imagery

A perfect color combination attracts users while a poor combination can lead to distraction. This
necessitates you to pick a perfect color palette for your website which can create a pleasing
atmosphere, thus leaving a good impact on visitors. Enhance users’ experience by selecting a
complementary color palette to give a balanced-look to your website design. Remember to use
white spaces as they avoid your website from visual clutter and mess. Also, avoid using too
many colors. 3 or 4 tones for the whole website are ample to give an appealing and clear design.
The same is the case with images. Don’t use multiple vibrant images

vi. Easy Loading

No one likes the website that takes too much time to load. So take care of it by optimizing image
sizes, combing code into a central CSS or JavaScript file as it reduces HTTP requests. Also,
compress HTML, JavaScript, and CSS for enhanced loading speed.

vii. Easy Navigation

Study shows that visitors stay more time on the websites having easy navigation. For effective
navigation, you may consider creating a logical page hierarchy, using bread scrums, and
designing clickable buttons. You should follow the “three-click-rule” so that visitors can get the
required information within three clicks.

viii. Communication
The ultimate purpose of the visitors is to get information, and if your website is able to
communicate your visitors efficiently, most probably they would spend more time on your
website. Tricks that may work to establish effortless communication with the visitors are –
organizing information by making good use of headlines and sub-headlines, cutting the waffle,
and using bullet points, rather than long gusty sentences.

8. Describe programming control and three types of programming control and design structures.

A control structure is like a block of programming that analyses variables and chooses a direction in
which to go based on given parameters .Flow of control through any given function is implemented with
three basic types of control structures:

i. Sequential: default mode. Sequential execution of code statements (one line after another) -- like
following a recipe.

PAGE: 1 to 9
 AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

ii. Selection: used for decisions, branching -- choosing between 2 or more alternative paths. In C++,
these are the types of selection statements:
o if
o if/else
o switch

iii. Repetition: used for looping, i.e. repeating a piece of code multiple times in a row. In C++, there are
three types of loops:
o while
o do/while
o for

9. Explain the following web programming concepts:

i. Authentication: Authentication is the act of proving an assertion, such as the identity of a computer
system user. In contrast with identification, the act of indicating a person or thing's identity,
authentication is the process of verifying that identity.
ii. Web Security: Web application security is a branch of information security that deals specifically
with security of websites, web applications and web services. At a high
level, web application security draws on the principles of application security but applies them
specifically to internet and web systems.
iii. Hypertext transfer protocol (HTTP): HTTP is the protocol used to transfer data over the web. It is part
of the Internet protocol suite and defines commands and services used for transmitting webpage
data. HTTP uses a server-client model.
iv. Session Management: The Session management specification defines a mechanism for an Open ID
Connect provider to inform client-side JavaScript-based applications that a user has signed out.
v. Stateless programming: Stateless programming is a paradigm in which the operations (functions,
methods, procedures, whatever you call them) you implement are not sensitive to the state of the
computation.

10. Outline the concept of object-oriented programming.

i. Class
ii. Object
iii. Inheritance
iv. Encapsulation
v. Abstraction
vi. Polymorphism

PAGE: 1 to 9
AMRIT DHIMAL ANIE190057 ICT50118 DIPLOMA IN IT

11. Identify the function of a web browser and list three web browsers.

Web browser is software that allows viewing websites on the World Wide Web.

 Internet Explorer
 Mozilla Firefox
 Google Chrome 

PAGE: 1 to 9