2023 HKDSE Information and Communication Technology Answers & Marking Scheme

\(A = 01011011_2 = 91_{10}\). \(B = 10100100_2\). The two's complement of \(B\) is \(01011100_2 = 92_{10}\), so \(B = -92_{10}\). The sum \(A + B = 91 + (-92) = -1_{10}\). (1) \(-1_{10}\) is negative, so (1) is correct. (2) No overflow occurs since we add a positive and a negative number, so (2) is correct. (3) \(-1_{10}\) in 8-bit binary is \(11111111_2\), which is \(\text{FF}_{16}\) in hexadecimal, so (3) is correct. Thus, (1), (2) and (3) are all correct.

Award 1 mark for the correct answer D. No partial marks are given.

To find the network address, perform a bitwise AND operation between the IP address and the subnet mask. The fourth octet of the IP address is 45 (00101101 in binary). The fourth octet of the subnet mask is 224 (11100000 in binary). Performing the bitwise AND: 00101101 AND 11100000 = 00100000, which is 32 in decimal. Therefore, the network address is 192.168.10.32.

Award 1 mark for the correct answer B. No partial marks.

Option A violates referential integrity because the foreign key StudentID in Enrollment must refer to an existing primary key in Student. Option B violates referential integrity if there is a matching foreign key in Enrollment (unless cascading delete is configured, but by default it violates it). Option C violates entity integrity because StudentID is part of the primary key of Enrollment, and primary keys cannot contain null values. Option D is a standard insertion of a new record with a unique primary key in the primary table Student, which does not violate any integrity constraint.

Award 1 mark for the correct answer D. No partial marks.

First, group the records by Region: North has 4 records with amounts: 1500, 800, 1000, 500. The average (AVG) for North is (1500+800+1000+500)/4 = 3800/4 = 950. South has 2 records with amounts: 2000, 1200. The average (AVG) for South is (2000+1200)/2 = 3200/2 = 1600. The HAVING clause filters out groups where AVG(Amount) <= 1100. Thus, North is excluded (950 <= 1100) and only South is included (1600 > 1100). The query returns the Region (South) and the count of records in that group (2).

Award 1 mark for the correct answer A. No partial marks.

For a relation to be in 2NF, it must be in 1NF and every non-prime attribute must be fully functionally dependent on the entire primary key. If A -> D, the non-prime attribute D is functionally dependent on A, which is a proper subset of the primary key (A, B). This is a partial dependency, which violates 2NF.

Award 1 mark for the correct answer C. No partial marks.

When i = 1, the inner loop index j ranges from 1 to 4. 1) j = 1: compare A[1] (4) and A[2] (7). No swap. Array: [4, 7, 2, 9, 5]. 2) j = 2: compare A[2] (7) and A[3] (2). Since 7 > 2, swap. Array becomes: [4, 2, 7, 9, 5]. 3) j = 3: compare A[3] (7) and A[4] (9). No swap. Array: [4, 2, 7, 9, 5]. 4) j = 4: compare A[4] (9) and A[5] (5). Since 9 > 5, swap. Array becomes: [4, 2, 7, 5, 9]. This is the final state after the first pass (i = 1).

Award 1 mark for the correct answer B. No partial marks.

The Program Counter (PC) keeps track of the memory address of the next instruction to be fetched. During the fetch phase, this address is copied from the PC to the Memory Address Register (MAR), which directly interfaces with the address bus to access the physical memory location currently being read. Therefore, option A is correct.

Award 1 mark for the correct answer A. No partial marks.

To sign a message and guarantee authenticity/non-repudiation, the sender (Alice) must encrypt the message (or its hash value) using her own private key. Since only Alice knows her private key, successful decryption with Alice's public key proves Alice sent it. To ensure confidentiality, Alice must encrypt the message using the recipient's (Bob's) public key, so that only Bob can decrypt it using his private key. Thus, the correct sequence is (1) Alice's private key and (2) Bob's public key.

Award 1 mark for the correct answer A. No partial marks.

Infrastructure as a Service (IaaS) provides virtualized computing resources, such as virtual servers, storage, and networking, over the internet. The customer is responsible for installing and managing the operating system, middleware, databases, and applications. Since the school rents virtual servers and storage but manages the operating systems and databases themselves, this is an IaaS model.

Award 1 mark for the correct answer C. No partial marks.

Statement (1) is correct: compiling translates the whole program first, while interpreting translates line-by-line during runtime. Statement (2) is incorrect: compiled programs run significantly faster than interpreted programs because they are already converted to machine code, while interpreted programs require translating overhead during execution. Statement (3) is correct: since compilers parse the entire program first, syntax errors prevent executable generation; interpreters run line-by-line, so they only halt when they actually encounter the erroneous line. Thus, (1) and (3) are correct.

Award 1 mark for the correct answer C. No partial marks.

To represent \(-37\) in 8-bit two's complement:
1. Express the absolute value \(37\) in binary: \(37 = 32 + 4 + 1 \Rightarrow 00100101_2\).
2. Find the one's complement by inverting all bits: \(11011010_2\).
3. Add 1 to find the two's complement: \(11011010_2 + 1 = 11011011_2\).
Thus, the correct option is A.

1 mark for the correct option. No marks for incorrect or multiple options selected.

Statement (1) is incorrect because registers inside the CPU are the fastest memory components, faster than cache memory.
Statement (2) is correct because cache memory holds active/frequently-accessed instructions/data close to the CPU to reduce access latency.
Statement (3) is incorrect because cache memory has a much smaller storage capacity than RAM due to high cost and physical space constraints.
Therefore, only statement (2) is correct.

1 mark for the correct option. No marks for incorrect or multiple options selected.

Private IP address ranges are designated for local networks:
- Class A: 10.0.0.0 to 10.255.255.255
- Class B: 172.16.0.0 to 172.31.255.255
- Class C: 192.168.0.0 to 192.168.255.255

Thus:
(1) 10.150.23.45 falls in the Class A private range.
(2) 172.20.100.2 falls in the Class B private range.
(3) 192.168.1.254 falls in the Class C private range.
(4) 168.192.0.1 is outside the private ranges (it is a public IP address).

Therefore, (1), (2), and (3) are private IP addresses.

1 mark for the correct option. No marks for incorrect or multiple options selected.

A digital signature is created by calculating the hash value of a message and encrypting that hash value with the sender's (Alice's) private key. The recipient (Bob) can verify the signature by decrypting it using Alice's public key. This ensures integrity (any modification of the message will result in a hash mismatch) and non-repudiation (only Alice, who holds her private key, could have created the signature).

1 mark for the correct option. No marks for incorrect or multiple options selected.

Referential integrity states that every foreign key value in a table must match an existing primary key value in the referenced table (or be NULL).
- Option A: Inserting a record into the parent table (CLASS) does not violate integrity.
- Option B: Inserting a record into the child table (STUDENT) with a ClassID that does not exist in CLASS leaves a foreign key with no matching primary key, violating referential integrity.
- Option C: Deleting a record from the child table does not affect referential integrity.
- Option D: Changing ClassName of a class in CLASS does not affect the primary key ClassID.

1 mark for the correct option. No marks for incorrect or multiple options selected.

The query groups the sales records by ItemID. `SUM(Quantity * Price)` calculates the total revenue generated by each item. The `HAVING` clause filters the aggregated groups to retain only those groups where the calculated `TotalRevenue` is strictly greater than 1000.

1 mark for the correct option. No marks for incorrect or multiple options selected.

1. The table contains atomic values, so it satisfies First Normal Form (1NF).
2. The primary key is composite: `(ProjectID, EmployeeID)`.
3. There is a partial dependency: `EmployeeID -> EmployeeName`. `EmployeeName` depends only on part of the primary key (`EmployeeID`), not the whole composite key. This violates Second Normal Form (2NF).
Therefore, the table satisfies First Normal Form (1NF) only.

1 mark for the correct option. No marks for incorrect or multiple options selected.

The pseudocode represents a Bubble Sort algorithm in ascending order.
Let's trace:
Initial state: `A = [3, 8, 2, 7, 5]`
- **First outer iteration (i = 0)**:
- `j = 0`: `A[0] > A[1]` (3 > 8 is false) -> `[3, 8, 2, 7, 5]`
- `j = 1`: `A[1] > A[2]` (8 > 2 is true) -> Swap -> `[3, 2, 8, 7, 5]`
- `j = 2`: `A[2] > A[3]` (8 > 7 is true) -> Swap -> `[3, 2, 7, 8, 5]`
- `j = 3`: `A[3] > A[4]` (8 > 5 is true) -> Swap -> `[3, 2, 7, 5, 8]`
After `i = 0`, the largest element (8) is correctly placed at the end.

- **Second outer iteration (i = 1)**:
- `j = 0`: `A[0] > A[1]` (3 > 2 is true) -> Swap -> `[2, 3, 7, 5, 8]`
- `j = 1`: `A[1] > A[2]` (3 > 7 is false) -> `[2, 3, 7, 5, 8]`
- `j = 2`: `A[2] > A[3]` (7 > 5 is true) -> Swap -> `[2, 3, 5, 7, 8]`
After `i = 1`, the array becomes `[2, 3, 5, 7, 8]`.

1 mark for the correct option. No marks for incorrect or multiple options selected.

Let's trace the recursive function call f(11, 3):
1. `f(11, 3)`: Since `11 % 2 == 1`, returns `3 + f(5, 6)`.
2. `f(5, 6)`: Since `5 % 2 == 1`, returns `6 + f(2, 12)`.
3. `f(2, 12)`: Since `2 % 2 == 0`, returns `f(1, 24)`.
4. `f(1, 24)`: Since `1 % 2 == 1`, returns `24 + f(0, 48)`.
5. `f(0, 48)`: Since `n == 0`, returns `0`.

Working backwards:
- `f(1, 24) = 24 + 0 = 24`
- `f(2, 12) = f(1, 24) = 24`
- `f(5, 6) = 6 + f(2, 12) = 6 + 24 = 30`
- `f(11, 3) = 3 + f(5, 6) = 3 + 30 = 33`

The return value is 33. (This function computes binary multiplication \(n \times k\)).

1 mark for the correct option. No marks for incorrect or multiple options selected.

Infrastructure as a Service (IaaS) provides virtualized computing resources (such as virtual machines, storage, and networks) over the Internet. The user has control over operating systems, storage, and deployed applications. Since the school is renting basic virtual machines/storage and configuring the OS and applications themselves, this matches the IaaS model.

1 mark for the correct option. No marks for incorrect or multiple options selected.

In two's complement representation, the most significant bit (MSB) is the sign bit. Since the MSB is 1, the number is negative.\nTo find its magnitude:\n1. Invert all the bits: \(10101100 \rightarrow 01010011\)\n2. Add 1 to the result: \(01010011 + 1 = 01010100_2\)\n3. Convert to decimal: \(01010100_2 = 64 + 16 + 4 = 84\).\nTherefore, the value is \(-84\).

Award 1 mark for the correct option A.

I violates referential integrity because a foreign key value must exist in the referenced table's primary key column.\nII violates referential integrity because deleting a referenced row leaves orphaned foreign keys in the referencing table.\nIII does not violate referential integrity as it only involves the `Name` attribute, which is not a foreign key.

Award 1 mark for the correct option B.

This pseudocode implements the Euclidean algorithm for finding the Greatest Common Divisor (GCD) of X and Y.\nLet's trace the values of X and Y:\n- Initially: X = 15, Y = 6\n- Loop 1: X > Y (15 > 6), so X = 15 - 6 = 9\n- Loop 2: X > Y (9 > 6), so X = 9 - 6 = 3\n- Loop 3: X < Y (3 < 6), so Y = 6 - 3 = 3\n- Now X = 3 and Y = 3. Since X == Y, the loop terminates.\nThe final value of X is 3.

Award 1 mark for the correct option A.

The subnet mask is `255.255.255.224`. The block size is \(256 - 224 = 32\).\nThe subnets are in increments of 32 for the last octet:\n- Subnet 1: .0 to .31 (Usable: .1 to .30)\n- Subnet 2: .32 to .63 (Usable: .33 to .62)\n- Subnet 3: .64 to .95 (Usable: .65 to .94)\n\nSince the computer's IP address has the last octet as 45, it belongs to Subnet 2 (.32 to .63).\nAmong the options, `192.168.10.60` has its last octet (60) within this range, so it belongs to the same subnet.

Award 1 mark for the correct option C.

To achieve both confidentiality and authentication:\n1. Alice encrypts the message with her own private key. Since only Alice has her private key, any recipient who can decrypt the message using Alice's public key knows it must have come from her (Authentication).\n2. Then, Alice encrypts the resulting ciphertext with Bob's public key. Since only Bob has Bob's private key, only Bob can perform the first stage of decryption, ensuring that nobody else can read the message (Confidentiality).

Award 1 mark for the correct option B.

First, the query groups the rows by `Category`:\n1. `IT` category group has records with amounts: 8000, 150, 5000.\n - `COUNT(*)` = 3\n - `AVG(Amount)` = (8000 + 150 + 5000) / 3 = 13150 / 3 = 4383.33\n2. `Furniture` category group has records with amounts: 1200, 800.\n - `COUNT(*)` = 2\n - `AVG(Amount)` = (1200 + 800) / 2 = 1000.00\n\nNext, the `HAVING` clause filters the groups:\n- For `IT`: `COUNT(*) > 1` (3 > 1, True) and `AVG(Amount) > 1000` (4383.33 > 1000, True). It is selected.\n- For `Furniture`: `COUNT(*) > 1` (2 > 1, True) and `AVG(Amount) > 1000` (1000 > 1000, False). It is filtered out.\n\nTherefore, only the row for `IT` is returned.

Award 1 mark for the correct option A.

Statement I is the definition of thrashing in virtual memory management.\nStatement II is correct because adding physical memory reduces the need for the OS to perform page swaps, resolving the source of thrashing.\nStatement III is incorrect because disk fragmentation relates to file storage layout, whereas thrashing is caused by insufficient physical RAM to hold the running programs' active pages. Defragmentation does not solve thrashing.

Award 1 mark for the correct option B.

During the Fetch phase, the instruction address is read from the Program Counter (PC). Immediately after the current instruction is fetched from memory, the PC is automatically incremented/updated to point to the address of the next instruction in sequence.

Award 1 mark for the correct option B.

1. 1NF: All attributes contain atomic values, so it satisfies 1NF.\n2. 2NF: The primary key is a single attribute (`LoanID`), so there are no partial dependencies (which are only possible with a composite primary key). Thus, it satisfies 2NF.\n3. 3NF: We have functional dependencies: `LoanID -> StudentID` and `StudentID -> StudentName`. Since `StudentID` is not a superkey and `StudentName` is not a prime attribute, there is a transitive dependency: `LoanID -> StudentName` (via `StudentID`). Similarly, `LoanID -> BookTitle` is a transitive dependency (via `BookID`). Therefore, it does not satisfy 3NF.\nHence, it satisfies I and II only.

Award 1 mark for the correct option B.

Platform as a Service (PaaS) provides a pre-configured environment (including operating system, database, runtime, and server environment) which allows developers to build, test, and run their code without having to manage the underlying hardware and OS infrastructure.

Award 1 mark for the correct option B.

Let's trace the algorithm step-by-step:
- Initially, A = {3, 8, 2, 9, 5, 4}.
- i = 0: Compare A[0] (3) and A[1] (8). Since 3 > 8 is false, no swap occurs. A remains {3, 8, 2, 9, 5, 4}.
- i = 1: Compare A[1] (8) and A[2] (2). Since 8 > 2 is true, swap them. A becomes {3, 2, 8, 9, 5, 4}.
- i = 2: Compare A[2] (8) and A[3] (9). Since 8 > 9 is false, no swap occurs. A remains {3, 2, 8, 9, 5, 4}.
- i = 3: Compare A[3] (9) and A[4] (5). Since 9 > 5 is true, swap them. A becomes {3, 2, 8, 5, 9, 4}.
- i = 4: Compare A[4] (9) and A[5] (4). Since 9 > 4 is true, swap them. A becomes {3, 2, 8, 5, 4, 9}.
Thus, the final array content is {3, 2, 8, 5, 4, 9}.

Award 1 mark for the correct option (B). No marks are awarded for incorrect options.

To find the number of students scoring 60 or above in each class:
1. We first filter individual student records where `Score >= 60` using the `WHERE` clause.
2. Then we group the filtered records by class using `GROUP BY Class`.
3. Finally, we use `COUNT(*)` to count the number of students in each group.
Option B is incorrect because `HAVING` can only filter groups using aggregated functions, not individual columns unless they are part of the GROUP BY clause. Option C groups by `StudentID`, which would not aggregate by class. Option D uses `SUM(Score)` which calculates the sum of scores rather than counting the number of students.

Award 1 mark for the correct option (A). No marks are awarded for incorrect options.

- Statement (1) is correct: `MemberID` in `PROJECT` is a foreign key that references the primary key `MemberID` of the `MEMBER` table.
- Statement (2) is incorrect: `MemberID` is part of a composite primary key `(ProjID, MemberID)` in `PROJECT`. Therefore, duplicate values are allowed for `MemberID` on its own, as long as each pair of `(ProjID, MemberID)` is unique.
- Statement (3) is correct: Under referential integrity constraints, a foreign key value must exist in the referenced table. Thus, a record with a non-existent `MemberID` cannot be inserted into `PROJECT`.

Award 1 mark for the correct option (B). No marks are awarded for incorrect options.

The relation `Borrow` acts as a junction (or associative) entity table to resolve a many-to-many (N:M) relationship between `Reader` and `Book`. Therefore, a reader can borrow multiple books, and a book can be borrowed by different readers over time, which makes option A correct and options B and D incorrect. Option C is incorrect because the junction table `Borrow` can and usually does contain additional fields (e.g., `BorrowDate`, `DueDate`).

Award 1 mark for the correct option (A). No marks are awarded for incorrect options.

To find the network address, we perform a bitwise AND operation between the IP address and the subnet mask. Since the first three octets of the mask are `255.255.255`, the first three octets of the network address remain `192.168.10`.
For the last octet:
- IP address last octet: \(75 = 01001011_2\)
- Subnet mask last octet: \(240 = 11110000_2\)
- Bitwise AND: \(01001011_2 \text{ AND } 11110000_2 = 01000000_2\), which is \(64\) in decimal.
Therefore, the network address is `192.168.10.64`.

Award 1 mark for the correct option (B). No marks are awarded for incorrect options.

File size (in bits) = Sampling rate \(\times\) Sampling size \(\times\) Number of channels \(\times\) Duration
- Sampling rate = \(44,100 \text{ Hz}\)
- Sampling size = \(16 \text{ bits} = 2 \text{ bytes}\)
- Channels = \(2\)
- Duration = \(2 \text{ minutes} = 120 \text{ seconds}\)
File size (in bytes) = \(44,100 \times 2 \text{ bytes} \times 2 \times 120 \text{ seconds} = 21,168,000 \text{ bytes}\).
Since \(1 \text{ MB} = 10^6 \text{ bytes}\), the file size is \(21,168,000 / 10^6 = 21.168 \text{ MB}\), which is approximately \(21.2 \text{ MB}\).

Award 1 mark for the correct option (C). No marks are awarded for incorrect options.

All three statements are correct:
- Statement (1) is correct: Cache memory is a high-speed static RAM (SRAM) that helps the CPU access frequently used data faster than from dynamic RAM (DRAM / main memory).
- Statement (2) is correct: Read-Only Memory (ROM) is non-volatile, retaining its contents when powered down, making it suitable for the system's firmware/boot loader.
- Statement (3) is correct: Random Access Memory (RAM) is volatile and requires power to maintain data.

Award 1 mark for the correct option (D). No marks are awarded for incorrect options.

To achieve both confidentiality and authenticity:
1. **Authenticity / Integrity**: Alice encrypts (signs) the document using her own private key. Since only Alice has her private key, anyone decrypting it using Alice's public key knows it must have originated from Alice.
2. **Confidentiality**: Alice then encrypts the result using Bob's public key. Since only Bob has his corresponding private key, only Bob can decrypt the outer layer.
Therefore, option A is correct. (Note: In practice, to optimize performance, symmetric key cryptography is used for the bulk document, but the logic of asymmetric key wrapping remains the same).

Award 1 mark for the correct option (A). No marks are awarded for incorrect options.

Infrastructure as a Service (IaaS) provides virtualized computing resources (servers, virtual machines, storage, and networking) over the Internet. The customer maintains full control over the operating systems, databases, and runtime environments. In contrast, Platform as a Service (PaaS) abstracts away operating system and server management, and Software as a Service (SaaS) provides ready-to-use software applications directly.

Award 1 mark for the correct option (C). No marks are awarded for incorrect options.

- Statements (1) and (2) are correct: Memory management (allocating RAM to programs) and device management (communicating with hardware components via drivers) are fundamental tasks of an operating system.
- Statement (3) is incorrect: Scanning and removing computer viruses is performed by antivirus software, which is classified as utility software, not a core service/task of the operating system itself.

Award 1 mark for the correct option (A). No marks are awarded for incorrect options.

(a) (i) File Size = \(1024 \times 1024 \times (24 / 8)\text{ bytes} = 1024 \times 1024 \times 3\text{ bytes} = 3,145,728\text{ bytes}\). Dividing by \(1024^2\) gives \(3\text{ MB}\).
(ii) An 8-bit grayscale image uses 1 byte per pixel, while 24-bit color uses 3 bytes per pixel. The ratio is \(1 : 3\).

(b) (i) \(+18\) in 8-bit binary is `00010010`. Inverting the bits gives `11101101`. Adding 1 gives `11101110`.
(ii) \(+35\) in 8-bit binary is `00100011`. Adding \(35\) and \(-18\):
00100011
+ 11101110
----------
100010001
Discarding the overflow bit gives `00010001`, which is \(17\) in decimal.

(c) ASCII uses 7 bits and can only represent 128 characters, which is insufficient for non-English languages like Chinese. UTF-8 can represent characters from almost all languages while remaining backward compatible with ASCII.

(a) (i)
- Correct calculation formula (e.g. \(1024 \times 1024 \times 3\) bytes) (1 mark)
- Correct final answer: 3 MB (1 mark)
(a) (ii)
- Correct ratio: 1 : 3 or 1/3 (1 mark)

(b) (i)
- Correct binary value: 11101110 (1 mark)
(b) (ii)
- Show correct addition of `00100011` and `11101110` with intermediate binary result (1 mark)
- Correct final binary result `00010001` and decimal equivalent 17 (1 mark)

(c)
- Explain that ASCII has a limited character set (128 characters) and cannot support Chinese (1 mark)
- Explain that UTF-8 has full multilingual support and is backward compatible with ASCII (1 mark)

(a) (i) The CIDR notation `/24` means the first 24 bits are set to 1, which corresponds to `255.255.255.0`.
(ii) There are \(32 - 24 = 8\) host bits. \(2^8 = 256\) combinations. We subtract 2 addresses: `192.168.1.0` (network address) and `192.168.1.255` (broadcast address), leaving \(254\) usable host addresses.

(b) (i) A DHCP (Dynamic Host Configuration Protocol) server automatically and dynamically assigns network configurations (IP address, subnet mask, default gateway, and DNS servers) to connecting devices, eliminating manual setup and avoiding address conflicts.
(ii) NAT (Network Address Translation) translates private IP addresses of internal devices into a single public IP address when accessing external networks, which conserves limited public IPv4 addresses and hides internal topology for security.

(c) DNS (Domain Name System). Since the site is reachable via its IP address but not its domain name, the translation service mapping domain names to IP addresses is not functioning properly.

(a) (i)
- Correct subnet mask: 255.255.255.0 (1 mark)
(a) (ii)
- Correct host number: 254 (1 mark)
- Clear explanation mentioning network address and broadcast address being reserved (1 mark)

(b) (i)
- Explain automatic assignment of IP addresses/network configuration to clients (2 marks)
(b) (ii)
- Explain translation between private and public IP addresses (1 mark)
- Mention conservation of public IP addresses or enhanced internal security (1 mark)

(c)
- Identify DNS / Domain Name System (1 mark)

(a) (i) In the `BOOKS` table, `BookID` uniquely identifies each book record, so it is the Primary Key. `PubID` references the primary key of the `PUBLISHERS` table, so it is the Foreign Key.
(ii) The relationship is one-to-many (1:N). One publisher can publish multiple books, but each book is associated with exactly one publisher (via a single `PubID` field in the `BOOKS` table).

(b) (i) The insertion will fail/be rejected by the DBMS. This action violates the Referential Integrity Constraint, which requires every foreign key value in `BOOKS` to have a matching primary key value in `PUBLISHERS`.
(ii) No. The `BookID` is the primary key of `BOOKS`. According to the Entity Integrity Constraint, no primary key attribute of a relation can choose a null value, because primary keys must uniquely identify each record and must not be null.

(a) (i)
- Identify Primary Key: BookID (1 mark)
- Identify Foreign Key: PubID (1 mark)
(a) (ii)
- State 1:N or One-to-many relationship (1 mark)
- Explanation: One publisher can publish multiple books, but a book can only have one publisher (1 mark)

(b) (i)
- State that insertion fails/error occurs (1 mark)
- Identify constraint: Referential Integrity (1 mark)
(b) (ii)
- Answer 'No' (1 mark)
- Explain based on Entity Integrity (primary key cannot be null) (1 mark)

(a) Trace table process:
- At `i = 2`, `A[2] = 15`. Since `15 > 12`, `second_largest` gets `12`, and `largest` gets `15`.
- At `i = 3`, `A[3] = 8`. Both conditions in lines 4 and 7 are false, so no change (`largest = 15`, `second_largest = 12`).
- At `i = 4`, `A[4] = 15`. Line 4 is false (`15 > 15` is false). Line 7 is also false because `15 != 15` is false. No change.
- At `i = 5`, `A[5] = 14`. Line 4 is false (`14 > 15` is false). Line 7 is true because `14 > 12` and `14 != 15`. Thus `second_largest` becomes `14`.

(b) (i) The final value is `-999999` because all elements are equal to the initial `largest` value, and the conditions in the loop will never be met.
(ii) If we didn't check `A[i] != largest`, then when encountering a duplicate of the maximum value (such as the second `15` in `[12, 15, 8, 15, 14]`), line 7 would evaluate to true because `15 > 12`, which would overwrite `second_largest` with `15`. This would make both `largest` and `second_largest` equal to `15`. The condition `A[i] != largest` prevents this, ensuring `second_largest` only holds a value strictly smaller than `largest`, i.e., the second distinct largest value.

(a)
- 1 mark for each correct row in the trace table (4 marks total):
- Row 2: largest = 15, second_largest = 12
- Row 3: largest = 15, second_largest = 12
- Row 4: largest = 15, second_largest = 12
- Row 5: largest = 15, second_largest = 14
(b) (i)
- Correct value: -999999 (1 mark)
(b) (ii)
- Explain that without the condition, duplicate maximums would overwrite `second_largest` with the maximum value (1 mark)
- Explain that `A[i] != largest` prevents `second_largest` from becoming equal to `largest` (1 mark)
- Conclude that it successfully finds the second distinct largest value (1 mark)

(a) (i) SSL (Secure Sockets Layer) or TLS (Transport Layer Security).
(ii) It encrypts the payload data transferred between the user's browser and the web server. Even if an attacker intercepts packets on a public Wi-Fi network, they only see unintelligible encrypted ciphertext, making it impossible to read plaintext passwords.

(b) CAPTCHA requires solving challenges that depend on advanced cognitive abilities or pattern recognition (e.g., reading distorted text or classifying images) which are difficult for automated computer vision systems/scripts to solve but easy for human users.

(c) (i) Asymmetric encryption uses a public and private key pair, allowing the client and server to securely negotiate and exchange a session key over an unsecure channel without having a pre-shared secret key. Doing this with symmetric encryption would expose the key if intercepted.
(ii) Symmetric encryption is computationally much faster and uses far fewer system resources, making it more efficient for encrypting the large amount of webpage content transmitted after the connection is established.

(a) (i)
- State TLS or SSL (1 mark)
(a) (ii)
- Explain that communication data is encrypted (1 mark)
- Explain that even if intercepted, attackers can only see ciphertext / cannot decrypt the data (1 mark)

(b)
- State that CAPTCHA presents challenges involving image recognition, semantic context, or distorted text (1 mark)
- Explain that these are simple for humans but extremely difficult for automated scripts/algorithms (1 mark)

(c) (i)
- State that asymmetric encryption allows secure session key exchange over insecure channels (1 mark)
- State that there is no need for a pre-shared secret key between client and server initially (1 mark)
(c) (ii)
- Explain that symmetric encryption is faster / has lower computational overhead (1 mark)

(a)
- Primary Key: `(OrderID, FoodID)`
- Reason: There is a partial functional dependency on the primary key. Some non-prime attributes depend only on a part of the primary key. For example, `FoodID -> FoodName, UnitPrice`, and `OrderID -> CustomerID, RestaurantID, OrderDate, DeliveryFee`. Since these non-key attributes are determined by only a subset of the candidate key `(OrderID, FoodID)`, the relation is not in 2NF.

(b)
- Transitive Dependencies:
1. `OrderID -> CustomerID` and `CustomerID -> CustomerName, CustomerPhone` (Thus, `OrderID -> CustomerName, CustomerPhone` is a transitive dependency).
2. `OrderID -> RestaurantID` and `RestaurantID -> RestaurantName, RestaurantAddress` (Thus, `OrderID -> RestaurantName, RestaurantAddress` is a transitive dependency).
- Explanation: Transitive dependencies mean that details like a customer's phone number or a restaurant's address are repeated for every order they make. This leads to data redundancy. If a customer changes their phone number, multiple records must be updated (update anomaly). If some records are missed, data becomes inconsistent.

(c)
The 3NF decomposition is as follows:
1. `CUSTOMER` (
under{CustomerID}
, CustomerName, CustomerPhone)
2. `RESTAURANT` (
under{RestaurantID}
, RestaurantName, RestaurantAddress)
3. `FOOD` (
under{FoodID}
, FoodName, UnitPrice)
4. `ORDER` (
under{OrderID}
, CustomerID#, RestaurantID#, OrderDate, DeliveryFee)
5. `ORDER_ITEM` (
under{OrderID#, FoodID#}
, Quantity)

(d)
1. Create a new table `COUPON` (
under{CouponID}
, DiscountValue, ...).
2. Add `CouponID` as a foreign key to the `ORDER` relation (i.e. `ORDER` (
under{OrderID}
, CustomerID#, RestaurantID#, OrderDate, DeliveryFee, CouponID#)). Since each order can use at most one coupon, this foreign key can be null if no coupon is used.

(a) [Total: 3 marks]
- Identify the composite primary key `(OrderID, FoodID)`. [1 mark]
- State that `FoodName`/`UnitPrice` depends on `FoodID` alone, or details like `CustomerName`/`DeliveryFee` depend on `OrderID` alone. [1 mark]
- Explain that a non-key attribute depending on a subset of the composite primary key constitutes a partial functional dependency, violating 2NF. [1 mark]

(b) [Total: 3 marks]
- Correctly identify at least one transitive dependency chain (e.g., `OrderID -> CustomerID -> CustomerName`). [1 mark]
- Explain that transitive dependency causes data redundancy (repeating identical non-key values). [1 mark]
- Explain that it leads to update anomalies (potential inconsistencies or need to perform multiple updates for one real-world change). [1 mark]

(c) [Total: 6 marks]
- `CUSTOMER` and `RESTAURANT` tables correctly designed with appropriate primary keys. [1 mark for both]
- `FOOD` table correctly designed with `FoodID` as PK. [1 mark]
- `ORDER` table correctly designed with `OrderID` as PK and `CustomerID`, `RestaurantID` as foreign keys. [2 marks]
- `ORDER_ITEM` table correctly designed with composite PK `(OrderID, FoodID)` and linking both to order and food tables. [2 marks]

(d) [Total: 3 marks]
- Identify that a new `COUPON` entity/relation is needed with `CouponID` as its PK. [1 mark]
- Correctly identify that a 1-to-many relationship exists between `COUPON` and `ORDER` (since one order has at most one coupon, but one coupon can be used in many orders). [1 mark]
- State that `CouponID` should be added to the `ORDER` table as an optional foreign key. [1 mark]

(a)
```sql
SELECT MemberName
FROM MEMBER
WHERE MemberType = 'Gold' AND JoinDate > '2023-01-01'
ORDER BY MemberName ASC;
```

(b)
```sql
SELECT C.ClassName, COUNT(B.BookingID) AS TotalConfirmed
FROM CLASS C LEFT JOIN BOOKING B
ON C.ClassID = B.ClassID AND B.Status = 'Confirmed'
GROUP BY C.ClassID, C.ClassName;
```
*(Note: `LEFT JOIN` must be used to ensure classes with 0 bookings are included, and the condition `B.Status = 'Confirmed'` must be inside the `ON` clause, not the `WHERE` clause, otherwise classes with no bookings would be filtered out).*

(c)
```sql
SELECT M.MemberName
FROM MEMBER M, BOOKING B, CLASS C
WHERE M.MemberID = B.MemberID
AND B.ClassID = C.ClassID
AND C.Instructor = 'Alex'
GROUP BY M.MemberID, M.MemberName
HAVING COUNT(DISTINCT C.ClassID) >= 2;
```

(d) (i)
```sql
UPDATE MEMBER
SET Balance = Balance + 20
WHERE MemberType = 'Gold'
AND MemberID IN (
SELECT B.MemberID
FROM BOOKING B, CLASS C
WHERE B.ClassID = C.ClassID
AND C.ClassName = 'Yoga Basic'
AND B.Status = 'Confirmed'
);
```
(ii)
- Constraint Type: Check Constraint (or Domain Constraints / Value Constraints)
- SQL Segment:
```sql
ALTER TABLE MEMBER ADD CONSTRAINT chk_balance CHECK (Balance >= 0);
-- OR simply as a table/column constraint during definition: CHECK (Balance >= 0)
```

(e)
```sql
CREATE VIEW V_CLASS_SUMMARY AS
SELECT C.ClassID, C.ClassName, (COUNT(B.BookingID) * 100.0 / C.MaxCapacity) AS OccupancyRate
FROM CLASS C LEFT JOIN BOOKING B ON C.ClassID = B.ClassID
GROUP BY C.ClassID, C.ClassName, C.MaxCapacity;
```

(a) [Total: 2 marks]
- Correct `SELECT` and `WHERE` filtering clauses. [1 mark]
- Correct sorting using `ORDER BY MemberName ASC`. [1 mark]

(b) [Total: 3 marks]
- Correctly use `LEFT JOIN` (with `CLASS` on the left) to retain all classes. [1 mark]
- Correct condition placement `B.Status = 'Confirmed'` within the `ON` clause. [1 mark]
- Correct `GROUP BY` clause and aggregation `COUNT(B.BookingID)`. [1 mark]

(c) [Total: 3 marks]
- Correct table joining (`MEMBER`, `BOOKING`, `CLASS`) and filter `Instructor = 'Alex'`. [1 mark]
- Correct `GROUP BY` grouping on member attributes. [1 mark]
- Correct `HAVING` clause using `COUNT(DISTINCT C.ClassID) >= 2`. [1 mark]

(d) (i) [Total: 3 marks]
- Correct basic `UPDATE MEMBER SET Balance = Balance + 20` syntax. [1 mark]
- Filter on `MemberType = 'Gold'`. [1 mark]
- Subquery correctly filtering the bookings for 'Yoga Basic' with 'Confirmed' status. [1 mark]

(d) (ii) [Total: 2 marks]
- Correctly name the constraint as "Check Constraint". [1 mark]
- Correctly write the SQL syntax containing `CHECK (Balance >= 0)`. [1 mark]

(e) [Total: 2 marks]
- Correct view creation syntax `CREATE VIEW V_CLASS_SUMMARY AS`. [0.5 mark]
- Correct inclusion of left join and grouping attributes. [0.5 mark]
- Correct formula calculation `(COUNT(B.BookingID) * 100.0 / C.MaxCapacity)`. [1 mark]

(a) (i)
- Term: Lost Update (or Race Condition / Inconsistent Retrieve)
- Description: Customer A and Customer B read the same `StockLevel` (which is 1) simultaneously. Customer A decrements it to 0 and writes back. Customer B also decrements it from 1 to 0 and writes back. As a result, both customers completed purchases, but the stock was only decremented once. One of the updates is overwritten and lost, causing an oversell.

(a) (ii)
- When Customer A starts the transaction to purchase, the database acquires an Exclusive Lock (X-lock) on the row of 'P101'. This is the Growing Phase of 2PL.
- Customer B's request for a lock on the same row is blocked and placed in a queue.
- Customer B must wait until Customer A commits the transaction and releases the lock (Shrinking Phase) before B can read the updated stock level (which is now 0), thus preventing inconsistent updates.

(a) (iii)
- Description of Deadlock: Deadlock is a situation where two or more transactions are waiting indefinitely for each other to release locks. For example, Transaction 1 locks Product P1 and waits for Product P2, while Transaction 2 locks Product P2 and waits for Product P1. Neither can proceed.
- DBMS Handling Method (either one):
1. Deadlock Detection: The DBMS maintains a wait-for graph, detects cycles periodically, and aborts (rolls back) one of the transactions (the "victim").
2. Deadlock Prevention: Apply protocols such as ordering lock acquisitions (e.g. always lock items in alphanumeric order) or using timestamp-based scheme (e.g., wound-wait or wait-die).

(b) (i)
```sql
CREATE INDEX idx_price ON INVENTORY (UnitPrice DESC);
-- OR simply:
CREATE INDEX idx_price ON INVENTORY (UnitPrice);
```

(b) (ii)
- Without an index, the DBMS must perform a Full Table Scan (O(N)), inspecting every row in the table to find matches.
- With a B-Tree index on `UnitPrice`, the index stores the values in sorted order. The DBMS can perform binary-search-like retrieval (O(log N)) to quickly locate the boundary (100) and scan the leaf nodes up to 500, avoiding a full table scan and eliminating the sorting overhead for the `ORDER BY UnitPrice DESC` clause.

(b) (iii)
- Any change to the table data (such as INSERT, UPDATE, DELETE) requires the DBMS to update the corresponding indexes, which slows down write/data manipulation operations and consumes extra disk storage space.

(c)
```sql
GRANT SELECT ON ORDER_LINE TO Lucy;
```

(a) (i) [Total: 3 marks]
- Correctly name the phenomenon as "Lost Update". [1 mark]
- Describe the initial concurrent read of the same stock value by both transactions. [1 mark]
- Describe how one transaction's update overwrites and wipes out the other transaction's update, leading to logical inconsistency (overselling). [1 mark]

(a) (ii) [Total: 2 marks]
- State that 2PL ensures a transaction acquires locks before releasing any (lock growing vs shrinking phases). [1 mark]
- Explain that Customer A's exclusive lock forces Customer B's transaction to wait/block until A's transaction is committed, ensuring isolation. [1 mark]

(a) (iii) [Total: 3 marks]
- Clear explanation of circular wait (Transaction 1 holds resource needed by Transaction 2, while Transaction 2 holds resource needed by Transaction 1). [2 marks]
- State a correct DBMS handling strategy (either deadlock detection via aborting a victim, or deadlock prevention via resource ordering). [1 mark]

(b) (i) [Total: 2 marks]
- Correct use of `CREATE INDEX` syntax. [1 mark]
- Correctly specify the table `INVENTORY` and attribute `UnitPrice`. [1 mark]

(b) (ii) [Total: 2 marks]
- Explain that it avoids a full table scan by utilizing index search (e.g. B-tree search range scan). [1 mark]
- Explain that the index is already ordered, saving sorting time for the `ORDER BY` clause. [1 mark]

(b) (iii) [Total: 1 mark]
- State that too many indexes degrade the performance of DML statements (INSERT/UPDATE/DELETE) or increase storage overhead. [1 mark]

(c) [Total: 2 marks]
- Correct use of `GRANT SELECT` privilege. [1 mark]
- Correct targeting `ON ORDER_LINE TO Lucy`. [1 mark]