OCR J277/02 Unit Test - Defensive Design & Testing

OCR

Oxford Cambridge and RSA
GCSE (9-1) Computer Science

Algorithms & Programming

J277/02

Topic: Unit 2.3 Defensive Design & Testing

Time allowed: 45 minutes

Centre number						Candidate number
First name						Last name

INSTRUCTIONS

Use black ink.
Answer all the questions.

INFORMATION

The total mark for this paper is 28.
The marks for each question are shown in brackets [ ].

Turn over

1

(a) A web form allows users to enter their username. A hacker attempts to enter the following input:
Admin; DROP TABLE Users;

(i) Identify the name of the specific threat the hacker is attempting.

[1]

(ii) Explain how Input Sanitisation would prevent this threat from being successful.

[2]

(b) Define the difference between Validation and Verification.

[2]

2

A program is written to grade students based on their percentage score (0 to 100).

Scores under 40 are a "Fail".
Scores 40 and above are a "Pass".

The following test plan is created. Complete the table.

[5]

Test Type	Test Data	Reason for Test	Expected Outcome
Normal	65	To check that a typical passing score is accepted.	Output "Pass"
Boundary	39	(a) ....................................................	(b) .........................
Boundary	(c) ...........	To check the lowest score required to Pass.	Output "Pass"
Erroneous	101	(d) ....................................................	(e) .........................

Turn over

3

A programmer has written a function to validate a new password. The rules are:

Password must be at least 8 characters long.
Password must not be empty.

The code contains one Syntax Error and one Logic Error.

def validate_password(pWord):
    if len(pWord) == 0:
        print("Error: Password cannot be empty")
        return False
    elif len(pWord) < 8
        print("Error: Password too short")
        return True
    else:
        return True
                

(a) Identify the line number of the Syntax Error and write the corrected line.

[2]

Line Number: .............
Correction: ............................................................................................

(b) Identify the line number of the Logic Error and explain why it is an error.

[2]

Line Number: .............
Explanation: ...........................................................................................

4

Write an algorithm using Python or Exam Reference Language for a secure login system.
The system must:

Ask the user for a password.
Check if the input matches the stored password "Secret123".
Allow the user 3 attempts maximum.
If the password is correct, output "Access Granted" and stop.
If the password is wrong 3 times, output "Account Locked".

[6]

Turn over

5

(a) Describe two ways (other than comments) to make the code in Question 4 maintainable.

[4]

1. .....................................................................................................

2. .....................................................................................................

(b) Identify the names of these two types of testing described below.

[2]

Testing while writing code to ensure logic/loops work:
.........................................................................................................

Testing the entire system against requirements before release:
.........................................................................................................

6

Consider the following Python code intended to divide two numbers.

num1 = int(input("Enter number 1: "))
num2 = int(input("Enter number 2: "))
print(num1 / num2)
                

(a) If the user enters 10 for num1 and 0 for num2, the program crashes. State the name of this type of error.

[1]

(b) Rewrite the code using a defensive design technique (selection) to prevent this crash.

[3]

END OF QUESTION PAPER

OCR 2026