Web Programming Module Exam Pro Academy EXAM PRO ACADEMY SERIES Bachelor Degree in Business of Information Technology Module: Web Programming Date: Thursday, 21st July 2022 Time Allowed: 3 Hours Examiner: Prof. Hamisi K. Mnyonge INSTRUCTIONS: • Attempt all seven (7) questions. • Each question has two parts (a) and (b); answer both. • Use proper HTML, CSS, and JS syntax in coding questions. • Comment your code clearly. • No reference materials or internet access are allowed. Question 1: HTML & CSS (Practical) a) Create a responsive HTML page titled ‘‘My Secure Profile’’ with: • A navigation bar • A user profile section (image, name, short bio) • A form to update user details b) Write custom CSS to: • Use Flexbox for layout • Apply a media query to change background color below 600px screen width Question 2: JavaScript (Practical) a) Write JS code to validate: • Email must contain “@” and end with “.com” • Password must be at least 8 characters and include at least one number b) Store the validated credentials in localStorage and alert success. 1 Web Programming Module Exam Pro Academy Question 3: Database + Backend (Practical) a) Design a database schema with tables: • users(id, username, email, password) • activity logs(id, user id, action, timestamp) b) Write pseudo-code in PHP or Node.js to: • Log user login to activity logs • Retrieve and display logs for a specific user Question 4: Internet Security (Practical) a) Create a login form using HTML & JS simulating HTTPS (mention importance in comments). b) Implement CSRF protection using a random token saved in session (provide sample code). Question 5: Security & Privacy + JavaScript (Practical) a) Write a JS snippet to hash passwords using SHA-256 before form submission. b) Simulate a browser warning when the privacy policy checkbox is not checked. Question 6: Short Answer (Theory) a) Mention and explain five internet privacy threats for web developers. b) Explain the difference between symmetric and asymmetric encryption with real-life examples. Question 7: Case Study (Theory) Case Study: ZakaTech Solutions launched an e-commerce platform without HTTPS. Pass- words were stored in plain text, no validation was performed, and JS was hosted without integrity checks. a) Identify and explain four major security vulnerabilities and how attackers might exploit them. b) Propose an actionable secure redesign strategy addressing: 2 Web Programming Module Exam Pro Academy • Frontend form validation • Secure password storage • Secure data transmission • JS integrity checking — END OF EXAM — 3