02 Section 6 - Defensive Design

Question 1

How do programmers protect their programs?

Answer 1

Through defensive design

Question 2

How do programmers protect their programs through defensive design?

Answer 2

• anticipate how users might misuse the program, then attempt to prevent it from happening
• ensure their code is well-maintained
• reduce the number of errors in the code through testing

Question 3

What is the easiest way that a user can accidentally or intentionally misuse a program?

Answer 3

Inputs

-when entering data into a program

Question 4

What are the two ways you can use to prevent users from entering something you don’t want them to?

Answer 4

Input sanitisation

Input validation

Question 5

What is input sanitisation?

Answer 5

removing any unwanted characters before passing data through the program

Question 6

What is input validation?

Answer 6

checking if data meets certain criteria before passing it into the program
(e.g. checking an email address has an @ symbol and a suitable ending {.com .co.uk …})

Question 7

What are examples of types of validation checks?

Answer 7

Range check
Presence check
Check digit
Format check
Look-up table
Length check

Question 8

What is a range check?

Answer 8

Checks the data is within a specific range

Question 9

What is a presence check?

Answer 9

Checks that data has actually been entered

Question 10

What does a check digit do?

Answer 10

Checks numerical data has been entered accurately

Question 11

What is a format check?

Answer 11

Checks the data has the correct format

Question 12

What does a look-up table do?

Answer 12

Checks the data against a table of acceptable values

Question 13

What is a length check?

Answer 13

Checks the data is the correct length

Question 14

How can authentication help protect a program?

Answer 14

It can confirm the identity of a user before they’re allowed to access certain pieces of data or feature of the program. (commonly done by using usernames and passwords)

Question 15

What are ways to increase the security of a password-based authentication system?

Answer 15

• force users to have strong passwords and get them to change them regularly
• limit the number of failed authentication attempts before access to account is lost
• ask for a random selection of characters from the password on each authentication

Question 16

What can be the issue with too high of a level of authentication in a program?

Answer 16

Too much authentication can affect a program’s functionality and put people off using it

Question 17

How is a well-maintained program an important part of a defensive design?

Answer 17

A well-maintained program makes it easy for other programmers to understand what the code does. They should also be able to change parts of the source code without the risk of causing problems elsewhere in the code.

Question 18

What features improve the maintainability of code?

Answer 18

Comments
Indentation
Variables and sub programs
Only use global variables when necessary

Question 19

How can comments improve the maintainability of a program?

Answer 19

They are useful for explaining what the key features of a program does
-well written, clear comments are essential for helping other programmers understand your program

Question 20

How can indentation improve the maintainability of a program?

Answer 20

They can separate different statements in a program

-allows programmers to see the flow of a program easier and pick out different features

Question 21

How can variables and sub programs improve the maintainability of a program?

Answer 21

They should be named so that they refer to what they actually are
-helps programmers to keep track and recognise what the variables are through the program

Question 22

Hoe can only using global variables when necessary improve the maintainability of a program?

Answer 22

Variables with a local scope will only affect the sub programs that they are declared in
-other programmers will know that changing these variables won’t affect other parts of the program