1. Application software often requires a user to input information into a system. This might include input like:
2. Defensive design is the practice of…
3. During the defensive design process, methods are put in place to …
4. Which of the following should NOT occur, if your defensive design procedures have been effective?
5. Large companies like SONY have been subject to huge attacks. Their systems were clearly not as _______ as they thought they were.
6. Input Validation is one way of ensuring defensive design. What is validation?
7. An example of data validation is:
8. Some validation methods include:
9. Another method for validating data and stopping attacks is to clean up the data that is inputted so that it is ready for the application to use. This is called:
10. Data sanitisation trims or strips strings, removing unwanted characters from strings for example:
11. Data sanitisation would ensure that …
12. One example of defensive design and anitipating misuse is:
13. Another example of anticipating misuse is what twitter does - in this case:
14. ______________ is a coding method to check that a user is who they say they are and allowed to accesses the program.
15. The simplest form of authentication could be:
16. Authentication methods include :
17. Authentication also occurs when you access a website, you request access to the ___________ which hosts the page.
18. What is one example of where authentication is required?
19. Maintainability is also important if a program is going to be robust. Two ways of ensuring maintainable programs is to have good:
20. Converting large numbers to smaller numbers is a method for planning for misuse