Software Engineering
Chapter: 4.5 Software Engineering Level: 1 (Recognition — MCQ, Matching, True/False with justification) Time limit: 20 minutes Total marks: 30
Section A — Multiple Choice (1 mark each) — 12 marks
Select the single best answer.
Q1. In the V-model, which activity is paired with the coding phase on the opposite (right) side?
- A) Requirements analysis
- B) Unit testing
- C) System testing
- D) Acceptance testing
Q2. Which HTTP status code correctly indicates a successfully created resource in a REST API?
- A) 200 OK
- B) 201 Created
- C) 204 No Content
- D) 400 Bad Request
Q3. Which Git object stores the content of a file (but not its name)?
- A) tree
- B) commit
- C) blob
- D) tag
Q4. In Scrum, who is responsible for maximizing the value of the product and managing the product backlog?
- A) Scrum Master
- B) Product Owner
- C) Development Team
- D) Stakeholder
Q5. "The system shall respond to any search query within 2 seconds" is an example of a:
- A) Functional requirement
- B) Non-functional requirement
- C) User story
- D) Acceptance criterion
Q6. In the TDD cycle, what happens in the Red step?
- A) Refactor the code without changing behaviour
- B) Write just enough code to pass
- C) Write a failing test before the code exists
- D) Run the full regression suite
Q7. Which architecture style deploys the application as a set of small, independently deployable services?
- A) Layered
- B) MVC
- C) Microservices
- D) Monolithic
Q8. In Kubernetes, the smallest deployable unit that can hold one or more containers is a:
- A) Deployment
- B) Service
- C) Pod
- D) Ingress
Q9. Which coverage metric requires that every possible true/false outcome of each decision is exercised?
- A) Line coverage
- B) Branch coverage
- C) Statement coverage
- D) Function coverage
Q10. Authentication vs authorization: which statement is correct?
- A) Authentication decides what you may do; authorization decides who you are
- B) Authentication verifies who you are; authorization decides what you may do
- C) They are identical concepts
- D) Authorization always happens before authentication
Q11. In a Dockerfile, which instruction specifies the base image?
- A)
RUN - B)
FROM - C)
CMD - D)
COPY
Q12. Mutation testing evaluates the quality of a test suite by:
- A) Measuring lines executed
- B) Introducing small faults and checking if tests catch them
- C) Generating random inputs
- D) Timing test execution
Section B — Matching (1 mark each pair) — 8 marks
Q13. Match each UML diagram (left) to what it primarily models (right).
| UML Diagram | Models | |
|---|---|---|
| a) Use case diagram | 1) Object interactions ordered over time | |
| b) Sequence diagram | 2) Actors and system functionality | |
| c) State machine diagram | 3) Static structure: attributes & operations | |
| d) Class diagram | 4) States of an object and transitions |
Q14. Match each Git operation to its description.
| Operation | Description | |
|---|---|---|
| a) rebase | 1) Temporarily shelve uncommitted changes | |
| b) cherry-pick | 2) Reapply commits on top of another base | |
| c) stash | 3) Binary search history to find a bad commit | |
| d) bisect | 4) Apply a single specific commit elsewhere |
Section C — True / False with justification (2 marks each: 1 verdict + 1 justification) — 10 marks
Q15. Kanban prescribes fixed-length time-boxed sprints just like Scrum. — True or False? Justify.
Q16. A "God Class" that does too much is a recognised code smell that refactoring aims to address. — True or False? Justify.
Q17. In REST, the HTTP GET method should be idempotent and safe (no side effects on the resource). — True or False? Justify.
Q18. In trunk-based development, developers maintain many long-lived feature branches for months before merging. — True or False? Justify.
Q19. Structured logging (e.g. JSON logs with key-value fields) is easier to query and aggregate than plain free-text logs. — True or False? Justify.
Answer keyMark scheme & solutions
Section A — MCQ (1 mark each)
Q1 — B) Unit testing. In the V-model each development phase maps to a testing phase on the mirror side; coding sits at the bottom and directly pairs with unit testing (detailed design ↔ integration, system design ↔ system test, requirements ↔ acceptance). (1)
Q2 — B) 201 Created. 200 is generic success, 204 means success with no body, 400 is a client error. 201 specifically signals a new resource was created (often with a Location header). (1)
Q3 — C) blob. A blob stores raw file content; the name is stored in the tree object that references the blob. Commits point to trees; tags point to commits. (1)
Q4 — B) Product Owner. The PO owns and prioritises the backlog to maximise product value. The Scrum Master facilitates process; the team builds the increment. (1)
Q5 — B) Non-functional requirement. It constrains how well (performance) the system behaves, not what function it provides. (1)
Q6 — C) Write a failing test before the code exists. Red = failing test, Green = make it pass minimally, Refactor = clean up. (1)
Q7 — C) Microservices. Defined by small, independently deployable services communicating over a network. (1)
Q8 — C) Pod. The pod is the atomic scheduling unit wrapping one or more containers sharing network/storage. (1)
Q9 — B) Branch coverage. Branch (decision) coverage requires each decision to take both true and false outcomes — stronger than line/statement coverage. (1)
Q10 — B). AuthN = identity verification ("who"); AuthZ = permission decision ("what"); authentication precedes authorization. (1)
Q11 — B) FROM. FROM sets the base image and must (usually) be the first instruction. (1)
Q12 — B) Introducing small faults and checking if tests catch them. A "killed" mutant means a test detected the change; surviving mutants reveal weak tests. (1)
Section B — Matching (1 mark per correct pair)
Q13: a→2, b→1, c→4, d→3. (4 marks)
- Use case ↔ actors/functionality; Sequence ↔ time-ordered interactions; State machine ↔ states/transitions; Class ↔ static structure.
Q14: a→2, b→4, c→1, d→3. (4 marks)
- rebase ↔ reapply commits on new base; cherry-pick ↔ apply one commit; stash ↔ shelve changes; bisect ↔ binary search for bad commit.
Section C — True/False with justification (1 verdict + 1 justification)
Q15 — FALSE. (verdict 1) Kanban is a continuous-flow method with WIP limits and no fixed sprints; time-boxed sprints are a Scrum characteristic. (justification 1)
Q16 — TRUE. (1) A God Class (large class with too many responsibilities) is a classic code smell; refactorings like Extract Class break it up to improve cohesion. (1)
Q17 — TRUE. (1) GET is defined as safe (read-only, no state change) and idempotent (repeated identical requests yield the same effect). (1)
Q18 — FALSE. (1) Trunk-based development emphasises short-lived branches and frequent integration to the trunk (often daily); long-lived branches characterise Gitflow-style workflows. (1)
Q19 — TRUE. (1) JSON/key-value structured logs can be parsed, filtered and aggregated by machines (e.g. by field), whereas free-text requires fragile regex parsing. (1)
Mark distribution
- Section A: 12 × 1 = 12
- Section B: 8 × 1 = 8
- Section C: 5 × 2 = 10
- Total = 30
[
{"claim":"Section A has 12 one-mark questions totalling 12 marks","code":"result = (12*1 == 12)"},
{"claim":"Section B matching yields 8 marks (4+4 pairs)","code":"result = (4 + 4 == 8)"},
{"claim":"Section C is 5 questions at 2 marks each = 10 marks","code":"result = (5*2 == 10)"},
{"claim":"Full paper total is 30 marks","code":"result = (12 + 8 + 10 == 30)"}
]