SY306 Final Exam: Thursday May 4, 2017 1330-1630 in Michelson 222

SY306 Written Final Exam Policy

1. The final exam is comprehensive. For this exam you may use the following (but these may not be shared with other students):
   • Your course handouts (with your written notes), including sample code
   • Other handwritten notes you have brought
   • Your printed labs from this course
   • Your past exams
2. You may not use:
   • The textbook or any other book
   • Any printed materials not specifically listed above
3. No calculators/computers/smart phones are permitted.

SY306 Final Exam Topics (Everything covered in the course)

1. HTML5: general HTML, tags, attributes, img, tables, forms with get and post
2. CSS: inline, embedded stylesheet, external stylesheet, CSS properties and values, CSS selectors (automatically applied and manually applied - class and id selectors), cascading
3. JavaScript intro
4. JavaScript functions, arrays, objects
5. Dynamic HTML, events, eventHandlers, document.getElementById
6. Regular expressions
7. Intro to cookies (Third party cookies)
8. CGI
9. Server side scripting with Python
10. Cookies (JS and Python): key-value pairs, expires, path, domain, secure, http-only
11. Input validation, input sanitization
12. Samy worm, injection attackes, cross-site scripting (XSS) attacks
13. SQL: relational model, CREATE, ALTER, DROP, INSERT, DELETE, UPDATE,
14. SQL SELECT..from..where..order by.. limit..union; joins
15. Python and MySQL, connect, execute, process results, commit, close connection, parametrized queries
16. Session variables
17. SQL injection - attack steps, defense
18. Database security, grant, revoke
19. Web protocols: http request, response, https
20. Cross-site request forgery - attack steps, pre-requisites of attack, defense methods
21. HTTP authentication: Basic, digest, differences, problems

Tips

• Make sure you have a conceptual understanding of the above topics. In lab, you probably did a lot of trial and error until you got the solution right.
  In this exam, you will need to look at a piece of code and predict it's behavior. The only way to do that is by understanding all concepts covered


• You should only have to consult your notes to double check on things you already know. You'll most likely run out of time if you spend the entire hour fumbling through notes


• Create an index to reference your notes. This will help you save time and also serve as an organized way to review notes


• Ensure you can complete all in-class exercises on your own


• Everything covered in class or lab is fair game.