OCR J277 Mark Scheme

OCR	GCSE (9-1) Computer Science Mark Scheme J277/02: Unit 2.3 Defensive Design & Testing

Question	Answer	Marks	Guidance
1ai	SQL Injection	1	Do not accept "hacking" or "virus". Must be specific.
1aii	Sanitisation removes/strips dangerous characters (like ; or ') (1) so the input is treated as text/string rather than a command (1).	2	Ghost Topic: Frequently confused with Validation. Validation checks if data is sensible; Sanitisation modifies it for safety.
1b	Validation: Checking data is sensible/reasonable/meets criteria (1). Verification: Checking data matches the original source / is copied correctly (1).	2	"Checking if data is correct" gets 0 marks.
2	(a) To check the highest value that results in a Fail (1). (b) Output "Fail" (1). (c) 40 (1). (d) To check that data outside the valid range (upper limit) is rejected (1). (e) Error message displayed / Asks for input again (1).	5	(c) 41 is NOT a boundary. (e) Do NOT accept "Crash" or "Nothing happens".
3a	Line 05 (1). Correction: `elif len(pWord) < 8:` (1)	2	Missing colon : is a common syntax error.
3b	Line 07 (1). Explanation: It returns True when the password is too short / it should return False (1).	2	Ghost Topic: Length checks on strings often trip students up more than range checks on numbers.
4	`attempts = 0 auth = False while attempts < 3 and auth == False: pwd = input("Enter password: ") if pwd == "Secret123": print("Access Granted") auth = True else: attempts = attempts + 1 if auth == False: print("Account Locked")`	6	1 mark each for: Init counter, Loop condition, Input inside loop, Correct IF check, Increment counter, Success handling, Failure handling.
5a	1. Indentation: Shows the structure/hierarchy of the code (2). 2. Meaningful Variable Names: Using `attempts` instead of `x` (2). (Alternative: Subprograms/Modules).	4	Ghost Topic: Forces recall of structural maintainability beyond just "Comments".
5b	1. Iterative Testing (1). 2. Final / Terminal Testing (1).	2
6a	Runtime Error / Execution Error	1	Do not accept "Logic Error" for division by zero crashes in J277.
6b	`if num2 == 0: print("Cannot divide by zero") else: print(num1 / num2)`	3	1 mark for checking divisor, 1 for error message, 1 for valid division logic.