Daffodil International University

Department of Software Engineering

General Instructions:

● The examination will start at 03:00 pm and will finish at 5:00 pm.

● Students are allowed to use resources such as lecture notes, books, research papers, the
Internet etc. but are not allowed to communicate and share anything related to the exam with
other human beings or intelligent machines. Any violation of this policy will lead to the
award of zero (0) marks for all the involved parties.

● Total Time for this Exam is 2 hours. In this time, you will have to first access this question
paper, read through it, write down the answers on your provided answer script template,
rename it with your Student ID, convert it into PDF format and submit the PDF file in BLC.

● THE LAST SUBMISSION TIME ON BLC IS 5:00 PM. SO YOU MUST SUBMIT YOUR
ANSWER SCRIPT ON TIME. Manage your time wisely, you should need around 1 hour 30
minutes to read and answer the questions of this paper. The remaining 30 minutes time is
allocated for all the other aforementioned tasks that you will need to carry out.

● IF ANYONE FAILS TO SUBMIT THE ANSWER SCRIPT ON TIME, YOUR MARKS WILL BE
DEDUCTED AS PER THE EXAMINATION POLICY PUBLISHED PRIOR TO THE MID
TERM EXAMINATION, FALL 2020 BY THE FSIT EXAMINATION COMMITTEE, DIU.

● Texts in square brackets indicate Total Marks, Course Learning Outcomes (CLO) and
Bloom's Taxonomy Levels.

● You will only get marks if you mention relevant clause with proper justification. If you
mentioned any irrelevant clause and justification then your marks will be deducted.

● Your justification will be your own writing which need to be unique and without plagiarism.

Page 1 of 4
Case-1: Read the following and answer all the questions

A series of serious incidents occurred in an organization (CS Ltd.) which used to support a pool
of financial organizations like banks by serving them ensuring with digital security (cyber
security). Under their service clauses the banks used to get supportive software, maintenance
and time to time upgrade in systems as per requirement of current trade and trend. The matters
firstly raised by one of their client banks that they found complaints from their accounts holders
facing wrong withdrawal messages from accounts which they had not carried out. Within few
weeks other financial organizations also brought some matters to the CS Ltd. that their officials
facing troubles to login to systems, sometimes attacked by viruses and also threats of ransom
form external hacker parties. Some parties complained that the cyber criminals had been able to
break into the main server, identify the confidential data of rich clients and threatened them to
compromise against huge amount of money.

The sudden pressure became huge on to the CS Ltd. as they had shortage of technical support
to serve at a time so many organizations that they were serving for. CS Ltd. learned a good
lesson from the series of incidents and had to safe their name by investing huge amount of
money to buy instant support and readymade solution from international IT firms. After a
thorough investigation, CS Ltd. could found some reasons behind their huge loss and the worst
experience ever.

Findings were as follows:

 The CS Ltd. had been serving too many organizations with their limited number of
technical hands.
 All the time staffs were kept under huge pressure of routine works of supporting all client
organizations.
 The rate of their staff transition (leaving company) became double than the usual rate of
normal tendency.
 They were unaware about the knowledge of their leaving staffs and not to take
countermeasures always.
 There had been possibilities of hacker groups to contact to the ex-technical support staffs
who used to know detail security loopholes.
 The CS Ltd. have almost never warned their client organizations about the new trend of
digital threats and how to deal with the confidential information of clients.
 The top level management of CS Ltd. had never thought about the subordinates’
motivation and working environment.
 Lastly, they hardly arranged ethical training for staffs or clients’ about how to work
together and to keep themselves safe from internal/external cyber-attacks.

Page 2 of 4
Questions:

1. Identify the offences (Digital Security Act, 2018) of the external hackers and others in this
case? [5 Marks] [CLO 5, Level 2]
2. If the above offences are committed, identify what punishment may be given to them
according to the Digital Security Act 2018. [5 Marks] [CLO 5, Level 2]

3. According to this scenario justify some related clauses following “Software Engineering:
Code of Ethics”. [5 Marks] [CLO 3, Level 6]
4. Propose which parts can be brought under intellectual property right.
[5 Marks] [CLO 4, Level 5]

Case-2: Read the following and answer all the questions

“Mr. Bean”, a senior writer who writes a fictional story about how IOT can be a threat of our life if
we are not able to secure it properly. He wrote “John lives in a modern world. His home is built
with a lot of IoT (Internet of Things) devices. His refrigerators, air conditioner, TV his home door
are connected to internet for remote access and control. Recently he has connected his car to
IoT to use and AI software that could save him from accident and to help driving the car under
tough condition.

One morning when John returned from his work he saw his refrigerator’s temperature has gone
high. Some food items have rotten. If he would have taken it he could have attacked by food
poisoning. He thought his fridge needs service. Later he found that the fridge is ok, however the
software was working wrong. Someone has changed the setting without touching the fridge.
Next day when he entered in his home he saw his bed room has been damaged. Items are
scattered everywhere. When he checked his door opening history he found that only he has
entered in his room. He did not know someone has entered through his door by remotely
opening it and changed the doors log/ history so that no one can find out.

Later on, John decided to visit his mom’s house in the country side. When he was driving on the
highway, the hacker started to progressively take control of the car. First the hacker activated
the vents and windshield wipers to distract driving. Next, the transmission was cut and finally,
the hacker remotely activated the breaks. John got hit by a truck and the car caught on fire. John
died on the road. Everyone knows it was a road accident.”

Page 3 of 4
Questions:

1. Identify the offences (Digital Security Act, 2018) of the external hackers and others in this
case? [5 Marks] [CLO 5, Level 2]

2. If the above offences are committed, identify what punishment may be given to them
according to the Digital Security Act 2018. [5 Marks] [CLO 5, Level 2]

3. Illustrate (own words) why we need Intellectual Property Right? Define patent and what are
the things that can be patented? [5 Marks] [CLO 4, Level 3]

4. Compose a short note (own words) about “Geographical Indications”.

[5 Marks] [CLO 4, Level 5]

Page 4 of 4