INMT 443 Exam 3 questions n answers
graded A+
What languages are primarily used for front end coding? - correct answer ✔✔ JavaScript and
HTML
Application architecture - correct answer ✔✔ supporting infrastructure that enables the
execution and use of software applications
presentation layer - correct answer ✔✔ provides that user interfaces and the look and feel of
the application, receives inputs, provides outputs. Classic app or web architecture, front event
where users input and get output
business layer - correct answer ✔✔ applies business logic to user inputs and outputs. Where
calculations and data is pulled in
data layer - correct answer ✔✔ manages storage of application related and user data, typically
in a database. Where data is connected to databases to pull data into objects and lists.
two tier architecture - correct answer ✔✔ client and server model
three tier architecture - correct answer ✔✔ client, middle, and server model
input risks - correct answer ✔✔ SQL injection, Cross-site scripting, session hijacking
Benefits of application architecture - correct answer ✔✔ - making changes or errors in one
section does not affect the other sections
, - allows for validation to secure each section
- can test separate sections which is good for building
how to prevent some SQL injection - correct answer ✔✔ input validation
Scripting languages - correct answer ✔✔ runs sequentially / runs as it reads it. Ex. HTML,
JavaScript
Complied language - correct answer ✔✔ programming language, such as C and C++. You have
to package it all up before it will run
what does XSS stand for - correct answer ✔✔ cross site scripting
what can XXS do - correct answer ✔✔ - redirect to a page that looks like the page it should be
but fake
- can run scripts that input things that it shouldn't
session hijacking (script injection) - correct answer ✔✔ -hacker overwrites a sub/function
return pointer (which tells the computer where to return once the function/sub is complete)
-attacker can set the value to point an address of his/her choosing
-more likely with C, C++
-less likely with C#, Java, Perl
blacklist - correct answer ✔✔ rejecting known bad data / characters. Not the best method
cause you are constrained only to what you know is bad
whitelist - correct answer ✔✔ accepting only valid data
graded A+
What languages are primarily used for front end coding? - correct answer ✔✔ JavaScript and
HTML
Application architecture - correct answer ✔✔ supporting infrastructure that enables the
execution and use of software applications
presentation layer - correct answer ✔✔ provides that user interfaces and the look and feel of
the application, receives inputs, provides outputs. Classic app or web architecture, front event
where users input and get output
business layer - correct answer ✔✔ applies business logic to user inputs and outputs. Where
calculations and data is pulled in
data layer - correct answer ✔✔ manages storage of application related and user data, typically
in a database. Where data is connected to databases to pull data into objects and lists.
two tier architecture - correct answer ✔✔ client and server model
three tier architecture - correct answer ✔✔ client, middle, and server model
input risks - correct answer ✔✔ SQL injection, Cross-site scripting, session hijacking
Benefits of application architecture - correct answer ✔✔ - making changes or errors in one
section does not affect the other sections
, - allows for validation to secure each section
- can test separate sections which is good for building
how to prevent some SQL injection - correct answer ✔✔ input validation
Scripting languages - correct answer ✔✔ runs sequentially / runs as it reads it. Ex. HTML,
JavaScript
Complied language - correct answer ✔✔ programming language, such as C and C++. You have
to package it all up before it will run
what does XSS stand for - correct answer ✔✔ cross site scripting
what can XXS do - correct answer ✔✔ - redirect to a page that looks like the page it should be
but fake
- can run scripts that input things that it shouldn't
session hijacking (script injection) - correct answer ✔✔ -hacker overwrites a sub/function
return pointer (which tells the computer where to return once the function/sub is complete)
-attacker can set the value to point an address of his/her choosing
-more likely with C, C++
-less likely with C#, Java, Perl
blacklist - correct answer ✔✔ rejecting known bad data / characters. Not the best method
cause you are constrained only to what you know is bad
whitelist - correct answer ✔✔ accepting only valid data
