3.2.7 Robust and secure programming

Cards (63)

What does robust programming aim to handle without crashing or producing incorrect results?
Unexpected inputs or situations
Input validation checks that inputs are within expected ranges or formats. 
True
Secure programming aims to protect against security vulnerabilities
What is the principle of least privilege in secure coding practices?
Restrict user access
Error handling is a key technique in robust programming
Steps in a try-catch error handling process
1️⃣ Code that may throw an exception is enclosed in a try block
2️⃣ The catch block specifies how to handle the exception
3️⃣ The program continues running without crashing
Encryption and access control are techniques used to protect sensitive data.
Error handling ensures a program continues running instead of crashing. 
True
A common error handling approach is using try-catch
What is the purpose of throwing custom exceptions in error handling?
To signal specific error conditions
Why is input validation important in robust programming?
To prevent crashes
Input sanitation involves removing or escaping malicious characters
Steps for handling user inputs securely:
1️⃣ Input validation
2️⃣ Input sanitation
3️⃣ Output sanitization
One common method for output sanitization is HTML entity encoding
What are three examples of data protection methods?
Encryption, access control, data masking
Access control limits who can access specific data to authorized users and processes. 
True
Non-robust programming makes software vulnerable to crashes and incorrect results.
True
Match the secure programming technique with its description:
Input validation ↔️ Check and sanitize user inputs
Encryption ↔️ Convert data into unreadable format
Secure coding practices ↔️ Follow best coding principles
Try-catch blocks allow the program to continue running instead of crashing
What is the primary purpose of try-catch blocks in error handling?
Handle exceptions
Error handling is a technique for gracefully handling unexpected situations or errors
Robust error handling is crucial for creating fault-tolerant software applications 
True
Match the error handling technique with its description:
Try-catch blocks ↔️ Use `try` to enclose code, `catch` to handle exceptions
Exception handling ↔️ Throw custom exceptions for specific errors
Logging and monitoring ↔️ Track errors to aid in debugging
Input validation ↔️ Ensure inputs are within expected ranges
Why are input validation and sanitation crucial in robust programming?
Handle user inputs safely
Input validation checks that inputs are within the expected ranges
Input validation prevents errors and ensures program stability 
True
HTML entity encoding converts special characters like `<` to `<`, rendering them as text
A VPN creates an encrypted tunnel for secure data transmission over public networks 
True
Both firewalls and VPNs are essential for maintaining network security
True
Bug fixes resolve errors and issues in the software
Neglecting software updates can increase security risks and software instability 
True
Robust programming ensures software is fault-tolerant
What is the purpose of using try-catch blocks in error handling?
Handle exceptions gracefully
Input validation in secure programming prevents injection attacks. 
True
What is the primary role of logging and monitoring in error handling?
Track errors for debugging
Non-robust programming is vulnerable to crashes and incorrect outputs. 
True
What is the primary purpose of a try-catch block in robust programming?
Handle exceptions gracefully
What is the purpose of error handling in robust programming?
To handle unexpected situations
Try-catch blocks use 'try' to enclose code that may throw an exception and 'catch' to handle it. 
True
Match the error handling technique with its description:
Try-catch blocks ↔️ Handle exceptions in code
Exception handling ↔️ Signal specific error conditions
Logging and monitoring ↔️ Track errors for debugging