1. Validation is an important part of defensive design. Fill in the blanks below.
2. For example, a user is asked to enter a mobile phone number but only enters 9 digits.
A standard UK mobile number is 11 digits. A ____________________ validation can be used to ensure that 11 digits are entered
3. This is the definition for the validation check called ' check digit': The last one or two digits in a code are used to check the other digits are correct. An example of this would be ...
4. A National Insurance number is in the form LL 99 99 99 L where L is any letter and 9 is any number. A good validation check in this instance could be a:
5. Another method for validating data and stopping attacks is to clean up the data that is inputted so that it is ready for the application to use. This is referred to as:
6. ______________ trims or strips strings, removing unwanted characters from strings
For example, Dave not dav%e, the % would be removed. This ensures that the input is correct and contains only the permitted characters, letters and symbols.
7. Look at the data below and identify the issues.
8. Defensive program design will consider and anticipate misuse. Misuse may be in the form of a brute force attack on the program. An example would be:
9. Read the paragraph and fill in the blanks below:
10. Fill in the blanks below for the paragraph that outlines the basics of web authentication. Do also have a look at the diagram.
11. Which of these is not a method for ensuring that a program is robust?
12. Why is code indented?
13. What is data validation?
14. Which of these authentication methods is most secure?
15. Which of these is not an example of validation?
16. What does a range check do?
17. When a program runs, it requires the user to enter their first name only. What, in this example, is an example of 'valid' data?
18. Which of these is NOT a method for planning for misuse?
19. What is NOT a method of authentication?
20. What is maintainability?
21. Why are 'comments' used in a program?
22. When should comments be used in a program?
23. What is defensive program design?
24. True or False: Data Validation checks the data is reasonable and valid where as Input Sanitisation removes unexpected or unrequired data.
25. A user attempts to enter an incorrect password. What method would identify this issue?