Defensive Design

Question 1

What should never happen if programs are functioning correctly?

Answer 1

• never break

- never produce errors

Question 2

How will programmers try protect their programs?

Answer 2

Through defensive design

Question 3

What are some examples of defensive design?

Answer 3

• anticipate how users may misuse their program and then attempt to prevent it from happening again.
• ensure their code is well maintained
• reduce the number of errors in the code through testing

Question 4

What’s the easiest way for a user to accidentally or unintentionally misuse a program?

Answer 4

When entering data

Question 5

What are two ways you can prevent someone from entering something you don’t want them too?

Answer 5

Input sanitisation and input validation

Question 6

What is input sanitisation?

Answer 6

removing any unwanted characters before passing data through the program.

Question 7

What is input validation?

Answer 7

Checking if data meet certain criteria before passing it into the program. e.g. checking if an email address contains an @ symbol and has a suitable ending like .com

Question 8

What are types of input validation you can use?

Answer 8

• range check
• presence check
• check digit
• format check
• look-up table
• length check

Question 9

What is a check digit?

Answer 9

Checks numerical data has been entered accurately.

Question 10

What is a format check?

Answer 10

Checks the data has a correct format.

Question 11

What is a look-up table?

Answer 11

Checks the data against a table of acceptable values.

Question 12

What is a length check?

Answer 12

Checks the data is the correct length.

Question 13

What is a range check?

Answer 13

Checks the data is within a specified range.

Question 14

What is a presence check?

Answer 14

Checks the data has even accurately entered.

Question 15

What does the function formatName() do?

Answer 15

It goes through the character of a string and deletes the character if it’s “(“ or “)” and returns the amended string.

Question 16

What does the method removeChar(x) do?

Answer 16

Returns a new string with the character in position x removed.

Question 17

What is authentication?

Answer 17

• can confirm the identity of a user before they’re allowed to access certain pieces of data or features of the program.
• a common way is using passwords.

Question 18

How can you increase the security of a password based authentication system?

Answer 18

• force users to use strong passwords and get them to change their passwords regularly.
• Limit the number of failed authentication attempts before access to an account is lost.
• Ask for a random selection of characters from the password on each authentication.

Question 19

Why is having too much authentication an issue?

Answer 19

Can affect a program’s functionality and put people off using it.

Question 20

What are the benefits of a well-maintained program?

Answer 20

• makes it easy for other programmers to understand what the code does.
• also be able to change parts of the source code without risk of causing problems elsewhere win the code.

Question 21

What features can improve the maintainability of source code?

Answer 21

• comments
• indentation
• variables and subprograms should be named
• using global variables only when necessary

Question 22

Why are comments good to improve the maintainability of source code?

Answer 22

Useful to explain the key features of a program and well written and clear comments help other programmers understand your code.

Question 23

Why is indentation good to improve the maintainability of source code?

Answer 23

• separate different statements

- allows other programmers to see the flow of the program clearly and pick out different features

Question 24

How does naming your variables and sub programs improve the maintainability of source code?

Answer 24

• refers to what they actually are

- helps programmers keep track and recognise what the variables are throughout the program.

Question 25

How does only using global variables when necessary help improve the maintainability of a program?

Answer 25

• they could affect the rest of your code
• variables with a local scope only affects the sub programs they are declared in
• other programmers know changing these variables will affect other parts of the program

Question 26

Why does using a good amount of useful comments help your program?

Answer 26

Easy to produce a summary of what the program actually does using auto-documentation.