Defensive Design

Lesson Instructions

Watch and follow the YouTube video, the lesson contains three parts:

  1. Key Information and content - all you need to do here is watch and listen

  2. Learning activity - there are two activities to complete. One task is a validation matching exercise, the second is a code commenting task, where you are showing understanding of how the input sanitisation works.

  3. Consolidation - these are past exam question and are for deliberate practice to check your understanding.

Task - Validation Task

Task - Input Sanitisation Task

Input Sanitisation Task

Task - Exam Questions - Deliberate Practice

Exam Questions - Defensive Design

Mark Scheme

Question 1

Input sanitisation (1 mark)

...cleaning up input data / removing unwanted data

...by example (e.g. removing special characters / preventing SQL injection)

Validation (1 mark)

• ...checking whether input data should be allowed / is sensible / follows criteria

• ...by example (e.g. goals cannot be less than 0)

Verification (1 mark)

• ... checking whether data has been entered correctly

• ...by example (e.g. double entry / visual check)

Authentication (1 mark)

• ...ensuring only allowed / authorised users can gain access

• ...by example (e.g. usernames /passwords)

Maintainable code (1 mark)

• ...to allow other programmers to understand the code

• ...by example(e.g. comments, indentation, meaningful variable names)

Question 1 (b)

1 mark per bullet max 1

  • Easier to remember / to enter / to read

  • Faster to enter / read

  • Fewer digits to remember / to enter / to read

  • Less prone to error when entering / reading / communicating

  • Quick to convert into binary

Do not accept "easier to understand"

Question 2 (a)

  • Existence check

  • Male/Female

  • No other entry possible

Question 2 (b)

  • Range check

  • must be a (real) number

  • Must be positive