SY306 Final Exam: Thursday May 4, 2017 1330-1630 in Michelson 222

SY306 Written Final Exam Policy

  1. The final exam is comprehensive. For this exam you may use the following (but these may not be shared with other students):
  2. You may not use:
  3. No calculators/computers/smart phones are permitted.

SY306 Final Exam Topics (Everything covered in the course)

  1. HTML5: general HTML, tags, attributes, img, tables, forms with get and post
  2. CSS: inline, embedded stylesheet, external stylesheet, CSS properties and values, CSS selectors (automatically applied and manually applied - class and id selectors), cascading
  3. JavaScript intro
  4. JavaScript functions, arrays, objects
  5. Dynamic HTML, events, eventHandlers, document.getElementById
  6. Regular expressions
  7. Intro to cookies (Third party cookies)
  8. CGI
  9. Server side scripting with Python
  10. Cookies (JS and Python): key-value pairs, expires, path, domain, secure, http-only
  11. Input validation, input sanitization
  12. Samy worm, injection attackes, cross-site scripting (XSS) attacks
  13. SQL: relational model, CREATE, ALTER, DROP, INSERT, DELETE, UPDATE,
  14. SQL SELECT..from..where..order by.. limit..union; joins
  15. Python and MySQL, connect, execute, process results, commit, close connection, parametrized queries
  16. Session variables
  17. SQL injection - attack steps, defense
  18. Database security, grant, revoke
  19. Web protocols: http request, response, https
  20. Cross-site request forgery - attack steps, pre-requisites of attack, defense methods
  21. HTTP authentication: Basic, digest, differences, problems