CS 290W Final Exam KEY

Fall 1999

Purdue University

Items in RED are answers.

  1. Which is the best definition of a file?
    1. it is the same as an icon on the desktop, that, when doubled clicked on, reveals the information within.
    2. it is an ordered stream of bytes that can be identified by the operating system via some name (or handle).
    3. an input process
    4. a byte stream sent to the monitor
    5. a byte stream associated with keyboard entry
  2. What is STDIN?
    1. byte stream sent to keyboard
    2. byte stream sent from the keyboard
    3. byte stream sent to the monitor
    4. byte stream sent from the monitor
    5. both a. and b.
  3. What does it mean if your Perl script contains: $GetLine = <STDIN>
    1. Perl is waiting for you to type something, followed by an end-of-line character
    2. Perl is assigning the file named STDIN to the scalar
    3. Perl is assigning the file named STDIN to the array
    4. none of the above
  4. Which is the best definition of a Unix pipe?
    1. it checks user data for illegal meta characters.
    2. it uses addition to add integers in one file to another file
    3. it sends a stream of bytes to another program
    4. it chops the end-of-line character from a stream

    Review the table, named myFavs, below, and then answer the questions following the table.

     

    ID

    Name

    1001

    John Candy

    345

    Chris Rock

    9856

    David Spade

    139555

    Chris Farley

  5. Consider creating myFavs in Perl, version 5, via a hash (or associative array). To create the hash, declare it this way:

    1. %myFavs = (10001, 'John Candy', 345, 'Chris Rock', 9856, 'David Spade', 139555, 'Chris Farley');
    2. @myFavs = (10001, 'John Candy', 345, 'Chris Rock', 9856, 'David Spade', 139555, 'Chris Farley');
    3. %myFavs = (10001 => 'John Candy', 345 => 'Chris Rock', 9856 => 'David Spade', 139555 => 'Chris Farley');
    4. both a. and b. will work
    5. both a. and c. will work
  6. To assign a value stored in the hash to a scalar, do this:
    1. $andYouAre = $myFavs{"9856"};
    2. $andYouAre = %myFavs{"9856"};
    3. $andYouAre = @myFavs{"9856"};
    4. $andYouAre = myFavs{"9856"};
  7. When you delete a pair from the hash, what is returned?
    1. the value assigned to the key (or ID)
    2. the key
    3. the index of the value in the hash
    4. the number of pairs in the hash
    5. nothing is returned
  8. To add another pair to the hash, do this:
    1. add($myFavs(21, Sinbad));
    2. $myFavs{21} = "Sinbad";
    3. %myFavs{21} = "Sinbad";
    4. @myFavs(21) = "Sinbad";
  9. What does SSI do?
    1. causes the server to process html pages before rendered in the browser
    2. if the html file contains SSI directives, the server will process the directives, insert the results into the html file, then send the html page over the network to the client
    3. insert results of SSI directives into an html page
    4. both a. and c.
    5. all of the above
  10. Why should the programmer, who uses SSI in their html files, configure his/her directories/files to use SSI? (This assumes the Web server is already configured by sys admin to process SSI directives.)
    1. so that the SSI can actually work...won't work without the programmer's configuration
    2. to let the server know which html files need SSI processing. Otherwise the server might check every html page for SSI directives, therefore dragging the server down
    3. so that the SSI directives can be recognized by the operating system
    4. so that you don't crash the Web server or receive "Internal Server Errors"
  11. To see if a programmer has used SSI, just "View, Source," to see the SSI directives embedded in comments.
    1. true
    2. false
  12. What are some good reasons to use SSI?
    1. good to use when you have common info that will be used on all pages
    2. good for content that changes and is displayed on a number of pages
    3. good to use to make code more readable
    4. two of the above are true
  13. Because of a bug on mentor, the programmer had to use which SSI directive to invoke a cgi script?
    1. <!--#exec cmd="/usr/bin/who"-->
    2. <!--#exec cgi="/usr/bin/who"-->
    3. <!--#exec "/usr/bin/who"-->
    4. <!--#exec http://www.mentor.cc.purdue.edu/usr/bin/who"-->
  14. SSI is highly recommended because of the security it offers.
    1. true
    2. false
  15. What is a complaint about XSSI?
    1. it is not supported by most Web servers
    2. the directives are too cryptic
    3. the drag to the server is increased, resulting in a longer wait for the user
    4. Just kidding. I have no complaint. I recommend XSSI over SSI.
  16. To allow access to secure documents for employees distributed around the globe, the best method(s) would be to:
    1. limit access via hostname
    2. use password protection
    3. use user authentication
    4. two of the above are correct
    5. all of the above are correct
  17. Regarding password protection files, which file does the Web server search for first?
    1. .htaccess
    2. .htpasswd
    3. .htgroup
    4. .cshrc
  18. You must have an .htgroup file to accompany the .htaccess and .htpasswd file
    1. true
    2. false
  19. You must have an .htaccess file, at least on mentor, if you care to protect your site, files.
    1. True

      2. OR

    2. false
  20. Say you have a .htpasswd file that has a user name and a password in it, something like:

teacher: RU949UNEQWEQ23

Now say I want to add another user name, say cat, and password. The Unix command I use is this:
    1. htpasswd -c .htpasswd cat
    2. .htpasswd -c .htpasswd cat
    3. htpasswd -c htpasswd cat
    4. htpasswd -c .htpassword
    5. none of the above
      1. The file permissions on all .ht* files must at least be set to:
    1. read and execute
    2. read by group and all others
    3. read on .htaccess and .htgroup, execute on .htpasswd (don't want people to see the passwords)
    4. read, write, and execute by owner
  1. What is the difference between AuthType Basic and AuthType Digest?
    1. Digest is more commonly used
    2. Basic is more secure
    3. Digest is more secure
    4. a. and b.
  2. Regarding your www directory on mentor or on cs machines, how many .htaccess files can you have?
    1. one
    2. one per directory
    3. one per file
    4. as many as you'd like, including on files and directories
  3. How do you "turn off" password protection?
    1. set the .ht* files to read only by owner
    2. set the html file permissions to execute only
    3. set the .ht* files to read only
    4. rename the .ht* files
    5. two of the above are true
  4. CGI is a fairly secure environment, and that is why we use it.
    1. true
    2. false
  5. The main concern(s) about CGI is:
    1. hackers
    2. Saltines
    3. user input
    4. a. and c.
  6. What are some places where malicious user input could come from?
    1. fill-out forms
    2. query strings
    3. hidden fields
    4. a. and c.
    5. all of the above
  7. How can the user invoke a CGI script without filling out a form?
    1. they can't
    2. via the GET method
    3. via the Post method
    4. via a text field
  8. The best thing to do to disallow malicious user input from a form is to verify input via some sound programming techniques in your scripts
    1. true, the best you can hope for
    2. false, doesn't work against these hardy, malicious crackers
  9. The two safest Unix commands to use are popen and system.
    1. true
    2. false
  10. A meta character is a special character or sequence of characters that have a special function in a given environment or programming language.
    1. true
    2. false
  11. Perl has it's own set of meta characters.
    1. true, each environment and/or programming language usually does
    2. false, all environments and programming languages use the same set for consistency
  12. Meta characters are used to create variables, lists, hashes. They are also used as function calls and in regular expressions, like the wildcard character.
    1. true, meta characters serve many purposes
    2. false, meta characters are only used for non printable characters, like newline (\n)
  13. What damage could a user do when entering HTML directives into a user input form?
    1. mess up the layout of your web page
    2. invoke a call to the system
    3. none, HTML directives are safe. Meta characters are the only culprit
    4. a. and b.
  14. TCP/IP is a secure environment. It was designed with security in mind, and that is why it is widely used.
    1. true
    2. false
  15. The system command in Unix is the only command that can open a new shell
    1. true
    2. false
  16. The computer science department's cgi server is less secure than mentor's cgi server, and that is why students have their accounts on mentor.
    1. true
    2. false
  17. Where are the databases, that you used for your last project, stored?
    1. on mentor
    2. on cs machines
    3. the 290w and admin databases are on the cs machines, the 290 read/write is on mentor
    4. the admin database is on a cs machine and the 290 and 290w are on mentor
  18. Say I am adding content to my table, millerjv, in the 290 tablespace. I want to add my name: 'Miller', my ID number: 121, and my phone number: 485-0015. I issue the following to sqlplus: insert into millerjv values('Miller', 121, 485-0015);

    19. Now I do: select * from millerjv. What will be the output?

    a. Miller, 121, 485-0015

    b. Miller, 121, 470

    c. miller, 121, 485-0015

    d. trick question, the 290 tablespace cannot be modified. It is read only.

  19. What does "rollback" do?
    1. deletes the table
    2. deletes a whole session's worth of entries
    3. deletes the last entry
    4. assigns the last table descriptor to the new table
  20. The reason varchar2 is more widely used is because:
    1. it does not pad out with spaces if the value is not as wide as the declared type
    2. it does pad out with spaces if the value is not as wide as the declared type
    3. var is buggy
    4. none of the above
  21. Why is data management important?
    1. sake of security to the databases
    2. to ensure data accuracy
    3. to ensure data is available and is timely
    4. all of the above
    5. a. and c.
  22. What is the key advantage of a relational database?
    1. data security
    2. data maintenance
    3. ability to link multiple files or tables
    4. all of the above
  23. What is the disadvantage of a relational database?
    1. more complex piece of software...to learn, use, and maintain
    2. requires more powerful computers
    3. relationships are very limited
    4. a. and b.
    5. a. and c.
  24. The &ora_do command:
    1. allows you to create a table
    2. allows you to alter a table
    3. allows you to insert data into a table
    4. all of the above
    5. none of the above
  25. The fDisplay subroutine that we used in our Perl script retrieved:
    1. one row of the table at a time
    2. assigned all queried values in an array
    3. assigned each field to a scalar
    4. all of the above

     

  26. To retrieve values from our table, we issued the SQL commands in which Oraperl function:
    1. &ora_login
    2. &ora_connect
    3. &ora_open
    4. &ora_query
  27. If a table, millerjv, has a column filled with all the names of the USA states and you want to find all states that have an "I" somewhere in it's name, you can do that via this SQL command:
    1. select * from millerjv where state like '%I%';
    2. select * from millerjv where state = '%I%';
    3. select * from millerjv where state like '_I_';
    4. select * from millerjv where state = '_I_';
    5. none could be right, because SQL commands are case sensitive
  28. Using CGI.pm, "print header" does this for you:
    1. sets your title for your html page
    2. sets the content-type
    3. sets the full html template: <html><head><title></title></head><body></body></html>
    4. none of the above. There is no "print header" in CGI.pm. It is available in cgi-lib.pl!
  29. CGI.pm is to Perl 4 as cgi-lib.pl is to Perl5.
    1. true
    2. false