T8 - Defensive design

Question 1

Data validation use

Answer 1

-ensures that data entered is of the right type
-conforms to a set of rules
-only check that the data entered
is reasonable

Question 2

Data validation cannot ensure

Answer 2

hat the user has not entered a wrong value, or made a spelling mistake in a name

Question 3

Range check

Answer 3

-number or date is within correct/sensible range

Question 4

length check

Answer 4

checks that text entered is of correct length
-not too short/long

Question 5

type check

Answer 5

check data is correct type (interger/boolean)

Question 6

Presence check

Answer 6

ensures data has been entered
-detects blank regions

Question 7

eg of length check

Answer 7

password must be between 5 and 12 characters

Question 8

Verification

Answer 8

is used to double-check that the data has been typed in correctly

Question 9

Verification eg

Answer 9

a user setting a new password may be asked to type it in twice

Question 10

Double-entry verification:

Answer 10

If the two passwords don’t match, they will be asked to enter the password again

Question 11

Authentication routines

Answer 11

are used to make sure a person is who they claim to be

Question 12

Brute-force attack:

Answer 12

software programs try out every combination of letters, numbers and special characters

Question 13

ways to prevent brute force attack

Answer 13

Use a password of 8 characters or more to make it more difficult to hack!

Question 14

maintaining code meaning

Answer 14

improve the code, fix bugs or add new features to the program

Question 15

factors that make maintenance easier

Answer 15

• The use of sub programs
• Using appropriate naming conventions
• Indentation
• Commenting

Question 16

Sub programs:

Answer 16

can take inputs (through parameters) and if necessary return a value

Question 17

eg of sub programs

Answer 17

include functions and procedures

Question 18

pros of sub programs

Answer 18

reused multiple times in the program or by other programs

Question 19

pros of using meaningful names for variables

Answer 19

= easy to understand

Question 20

Indentation:

Answer 20

makes it possible to easily see which lines of code are part of different structures

Question 21

Comments in code pros:

Answer 21

• help other programmers to understand your code
  -help you understand your code when you go back to it at a later time

Question 22

Comments should mention:

Answer 22

-Parts of a program/algorithm that are difficult to understand
-At the start of a function or procedure to explain what it does

Question 23

Input validation

Answer 23

– checking input meets certain rules, e.g. the type of data

Question 24

Anticipating misuse

Answer 24

– preventing too many entries of a password to make it harder for hackers to guess

Question 25

Authentication

Answer 25

– entering data twice or checking from an alternative source

Question 26

Use of sub programs

Answer 26

– creates reusable code where bugs can easily be fixed

Question 27

Naming conventions

Answer 27

– good use of variables and sub program names makes programs easier to read

Question 28

Indentation

Answer 28

– makes programs easier to read

Question 29

Commenting

Answer 29

– helps programmers understand what a program does and how it does it