System Architecture Sample exam 2
Question 1. (8 + 8 + 4 + 4 = 24 Marks)
The following questions relate to requirements:
Figure 1 – Architecture Work Product Dependencies
1) Choose 2 of the key Non-Functional Requirements ? System Qualities. Briefly describe each of your chosen System Qualities, and what are typical metrics associated with each one. Give an example of a well-defined requirement matching your description. (4 marks for each requirement. You should use the first table provided in the following page to record your answer).
2) Briefly compare and contrast Use Case Model versus Process Model (Figure 1). Point out at least 2 differences and 2 similarities. Offer your opinion if both models should be produced during the design phase of the project or just one of these models would generally suffice. Provide the rational for your opinion. (1 mark for each similarity, 1 mark for each difference and 4 marks for discussion on one versus both models).
3) Briefly explain the purpose of enterprise architectures as input into the Systems Architecture Creation Process. (4 marks)
Requirement Description Metrics Example
4) It can be argued that a Traceability Matrix that contains forward traceability from User Requirements to System Requirements and also from System Requirements to Solution Architecture Design can be used for impact analysis of the change requests. Briefly explain the way such impact analysis would be performed. (4 marks)
Question 3. (8 +4 + 4 + 5 +5 = 26 Marks)
The following questions relate to the operational aspects of the architecture:
Consider the runtime deployment model below. Master product and pricing catalogue data is maintained on the corporate main computing facility. The lead architect made an architectural decision to replicate this data periodically to each checkout computer. The replication periodicity is twice a day.
Figure 2 – Conceptual Operational Model
1) Briefly describe two reasons (justifications) for making such architectural decision (4 Marks for each reason).
2) Briefly describe one alternative that could be considered. (4 Marks)
3) Briefly describe one trade-off that the lead architect made in opting for the data replication approach. (4 Marks)
4) Briefly describe one additional deployment unit that needs to be added at the specified level of the operational model in order to have proposed approach implemented (5 marks)
(800 actual locations
across the country)
Question 8. ((4 + 3) + 3 = 10 Marks)
1) Consider the following diagram from your lecture notes regarding Security.
a) Describe what this figure illustrates, especially focussing on Principals, Policies, Mechanism and Resources and what they are and how they are used. (4 marks)
b) What is the role of Asset Classification in developing a Security architecture? (3 marks)
2) The job of the Security Architect can be described as Managing Risk. Using the table below, illustrate the above statement and how Risk is managed by the Security Architect. (3 marks)
Question 5. (6 + 4 + 4 + 8 = 22 Marks)
The following questions relate to performance engineering and disaster recovery:
Figure 3 – Stress and Volume testing results
1) The project team had performed stress and volume testing and the results are depicted in Figure 3 – Stress and Volume testing results. Could any conclusions be made about scalability of the system based upon results of the test? Provide reasoning for your answer. (6 Marks)
2) The project team was tasked to design a roster scheduling system for large hospital network.
? The solution design phase was concluded on time and within budget with all deliverables produced and signed off.
? The build phase completed on time and the system passed all functional tests.
? The stress and volume (S&V) testing was undertaken to ensure the roster can be produced within an 8 hours batch window.
? After 20 hours from the start of the S&V test, the batch run has not completed.
? The progress analysis was undertaken resulting in realisation that the batch run has another 107 hours to run.
Briefly describe two activities that the architect should have taken early in the SDLC in order to minimise and/or mitigate the risk of the debacle described above. (4 Marks for each)
3) One of the major US banks concluded that if it was to lose its main system, which managed all retail accounts, it would be out of business in 3 days. For this reason bank invested in a separate standby mainframe computer, solely for the purpose of switching over should the main computer become unavailable. During normal operation the standby computer was kept idle.
Transaction Volume or LoadResponse timeVolume for:Single thread testVolume for:Target volume testVolume for:Stress testTargetresponsetimeVolume at whichsystem fails orgoes into serialexecutionResponse timeat which systemis unusableTransaction unusable
What is the key consideration that needs to be carefully designed when architecting the ?switching? from primary computer to the cold standby? (8 Marks)
Question 3. (8 + 4 + 4 + 4 = 20 Marks)
The following question relates to the Architecture Overview Diagram.
Consider the following Architecture Overview Diagram in Figure 1.
Figure 4 –Architecture Overview Diagram
a) Sketch a high-level use case model that would lead to the architecture overview diagram above. (8 Marks)
b) Select three key use cases and provide a brief description for each of those use cases (4 Marks per use case).
Question 3 (6 + 3 + 3 = 12 Marks)
The following questions relate to the Deployment model in the figure below:
1) Identify TWO key system qualities that are explicitly supported by the Deployment model in
the figure. Briefly describe the technique(s) used in the model to support those qualities, and how
they contribute to the quality. (3+3 = 6 marks)
2) Identify TWO key qualities that are not explicitly supported by the Deployment model in the
Figure below (3 marks)
3) Choose ONE system quality from (2) and describe what you may add to the Deployment
model in the Figure below to support this quality. (3 marks)
Question 5 (2 + 8 = 10 Marks)
Below is part of a Quality-Attribute Tree, as you would have constructed in your Assignment 2.
1) What specific method in architecture development uses a Quality-Attribute Tree? (2 marks) 2) Write down some appropriate items for nodes 1—4. For full marks, use items fit your system from Assignment 1. If you can’t up with specific values or examples, write down what type of thing goes in those nodes. (2+1+2+3 = 8 marks)
Question 5. (8 x 2 = 16 Marks)
The following question relates to security and specifically to the placements of nodes into zones. You are asked to complete Error! Reference source not found. indicating the recommended placement for 8 of the nodes with the rationale for your decision.
Figure 5 – Web Mail Service below depicts the architecture overview diagram of a hosted web mail service offered by an Internet Service Provider (ISP) to its customers. The diagram shows 9 nodes with their corresponding connections. Consider the following security zone classification:
? Uncontrolled –anything outside the physical and logical control of the organisation’s network including the internet or machines connected to the internet such as home and business computers or mobile devices.
? Controlled – is the area commonly referred to as the DMZ (De-Militarised Zone). It is where controls exist to restrict access but allow public and third party access on a controlled basis.
? Protected – internal network (WANs and LANs) where access is limited. This zone is restricted to users that are trusted (e.g. employees and contractors and other internal staff).
Figure 5 – Web Mail Service
DB SERVERAPP SERVERHTTP ServerWEB MAIL APPSMTPGATEWAYCORPORATE EMAILGATEWAYMESSAGEDATACUSTTHIN CLIENTEMAIL APPCUSTTHICK CLIENT EMAIL APPADMIN BROWSERODBCSSLSSLPOP3SMTPLDAPSMTPCORPORATETHICK CLIENT EMAILAPPSMTPUSERREGISTRY
The ISP has the following access path policy between zones in Figure 6 (“yes” indicates access path can be created and “no” indicates that any access path is forbidden):
Table 1 – inter-zone connection policy To Uncontrolled Controlled Protected From
Complete the table below for the 8 remaining node with the recommended security zone placement and your rationale for the placement decision:
Table 2 – Node placement Node Name Security zone placement Rationale
Cust thin client eMail App
Customers can access Web Mail application from any computer anywhere on internet.
Cust thick client eMail App
Corporate eMail Gateway
Corporate thick client eMail App