Final Fall 2017Computer Science 571 2nd Exam Prof., December 7, 2017, 6:00pm 7:20pm
Name: Student ID Number:
1. This is a closed book exam.
2. Please answer all questions on the test
Copyright By Assignmentchef assignmentchef
Cookies and Privacy Questions [10 pts]
Each question is worth 2 points.
Q1: Mention two ways to Opt Out of cookies. A1:
Any two of:
a) Select do not track in browser
b) Download opt-out cookies
c) Use cookie management tools in browser
d) View current cookies and delete what you do not need
e) Check account preferences on registration sites
f) Use browser add-ons
Q2: Cookies include a domain, path, a name/value pair and an expiration date. There are two other fields that may be included in a cookie. What are they and describe them briefly?
Secure only send over SSL, when the request is HTTPS
HttpOnly Only send over HTTP request, not accessible to JavaScript
Q3: Define 3rd party cookie?
Third party cookies are cookies that belong to domains different from the one shown in the address bar.
Q4: Define Cross Site Scripting (XSS).
A web security violation that enables attackers to inject client-side scripts into web pages
Q5: Define Cross Site Request Forgery (CSRF).
A type of malicious exploit of whereby unauthorized commands are transmitted from an authenticated user
Web Security Questions [10 pts]
Each question is worth 2 points.
Q1: What is a recent technique to construct highly secure passwords?
A1: create long passphrases using Diceware, based on rolling a dice and looking up 7,000+ words
Q2: What functionality do PGP and S/MIME provide? A2: Encryption and signing of e-mail messages
Q3: What is the main functionality of TOR?
A3: TOR is a network that provides an anonymous path between a client
(browser) and a server (web site)
Q4: Why are browser plugins inherently insecure?
A4: Because they bypass the browser sandbox, and can execute arbitrary
malicious code
Q5: Is it possible to send a virus in a cookie? A5: YES [ ] No [X]
an attack that forces an end user to execute unwanted actions on a web application in
which theyre currently authenticated.
Hi-Performance Web Questions [10 pts]
Each question is worth 2 points.
Q1. What percentage of the end-user response time is spent in the front-end? 80-90%
Q2. List 2 ways that reduce the number of HTTP requests?
Answer any two oF these:
Combine scripts
Combine Style Sheets
Use image maps
Use CSS Sprites
Q3. What 5 types of files should be GZIP-ed (i.e. compressed)?
HTML, CSS, JavaScript, JSON, XML
Q4. What 2 types of files should not be GZIP-ed?
Images and PDF
Q5. Where should CSS and scripts be placed in a HTML file?
CSS at top, scripts at bottom
HTML5 Questions [10 pts] Each question is worth 2 points.
Q1: The use of the
A1: Any 2 of header, footer, section, article, nav, aside
Q2: Which of the following capabilities are included in HTML5?
[ ] drag file in browser
[ ] interactive canvas gradient
[ ] editable content [ ] geolocation
[ ] drag and drop
[ ] storage
[X] ALL OF THE ABOVE
[You must choose the correct choice or choices. There is no partial credit]
Q3: What is the purpose of the different profiles included in the H. 264 video standard?
A3: each profile defines a set of optional features that trade complexity for file size. Q4: What is the meaning of the preload video attribute?
A4: specifies that the video will be loaded at page load and ready to run when pressing play.
Q5: If you were asked to make sure that your video files could be viewed on the large majority of browsers, what two video containers would you select?
A5: MPEG4 and WebM
JavaScript and Ajax Questions [10 pts]
Below is the HTML source code that produces the web page above. There are 4 links. When the user cursor is placed over each link, a pop-up widget is displayed viewing the contents of the Web page being hyperlinked.
$(function() {
var hits = 0;
$(#updateMessage).click(function() {
$(#counter).html(Number of clicks = + ++hits);
(1) Requires duplication of content
(2) Over time can result in synchronization of content issues (3) May work only on a specific mobile size
Q2: Name the three concepts that are the basis of Responsive Website Design? A2: All three of:
(1) fluid grids
(2) flexible images
(3) CSS3 Media Queries
There is no partial credit on question A2. You must mention all 3.
Q3: What is the CSS code (property and value) to hide content on small screens?
A3: display: none; -OR- visibility: hidden;
Q4: Please write an example of a media query.
A4: Answering screen and (max-device-width: 480px) is enough
Q5: List one property of fluid grids.
A5: Any one of these: (a) defined using relative-based dimensions (b) define a grid divided into a specific number of columns (c) each grid element is designed with proportional width and height, not in pixels
Web Performance Questions [10 pts]
Each question is worth 2 points.
Q1: When estimating Web Server performance requirements, what are the three numbers that you should be estimating?
What is the number of clients that will connect per second (the traffic) What is the average number of bytes sent to the server (request)
What is the average number of bytes sent to the client (response)
Q2: What is a web server farm?
Multiple server with load balancing hardware to distribute web requests (the load) across the servers.
Q3: What is the approach used by sites like CNN for Load Balancing?
DNS Redirection
Q4: What are the 2 main reasons that Nginx is recommended for high traffic sites. A4:
a) low memory usage and b) large number of requests per second for large concurrent connections (high traffic).
Q5: List two ways of improving Apache performance. A5:
Two of these:
a) Add additional RAM,
b) Tune MinSpareServers and MaxSpareServers
c) Enable HTTP compresions
d) Use Nginx as reverse-proxy
e) Use fast: modules liker mod_fastcgi
f) Use direct modules like mod_php
g) Load only required: module for a smaller footprtint (low memory)
JavaScript Frameworks Serverless Applications Questions [10 pts]
Each question is worth 2 points.
Q1: Name two properties of Node.js? A1:
Javascript runtime built on Chrome V8Event driven Uses non-blocking IO model
Modules handle HTTP
Modules handel networking
Provides POSIX File IO
Supported by both AWS and GCP
Q2: What architectures are supported by AngulaJS A2:
MVC (Model View Controller)
MVVM (Model View ViewModel)
Q3: What is the approach used by sites like CNN for Load Balancing? A3: Which of the following are true of Serverless Architectures?
[X] No compute resource to manage
[ ] Provisioning and scaling handled by the client
[X] Execution environment provided by service
[X] Provides authorization and authentication services [ ] All of the above
Note: there is no partial credit
Q4: What are the 2 main reasons that Nginx is recommended for high traffic sites. A4: Which of the following are true of AWS Lambda?
[X] No servers to manage [X] Continuous scaling
[ ] Subminute metering [X] bring your oen code
[ ] Complex resource model
[X] Flexible Authorization and Use
[ ] Not suitable for real-time data processing [X] Easy to build scalable backend services [ ] All of the above
Note: there is no partial credit
Q5: What is this code an example of?
exports.helloGET = function helloGET (req, res) {
res.send(Hello World!);
A5: A Google Cloud Function
Agile Development Questions [10 pts]
Each question is worth 2 points.
Q1-Q3: What is the difference between non-agile and agile regarding each of these? Complete the missing portion of the phrases.
A1: Regarding documents
Non-agile: document-driven
Agile: high bandwidth communication
A2: Process
Non-agile: serial
Agile: iterative
A3: Testing
Non-agile: test late
Agile: test early and continuously
Q4: Who make up the observers or chickens in agile development?
People that do not have deliverables in the sprint, like stakeholders, non-stakeholder, and Subject-Matter-Experts (SMEs).
Q5: What is a Scrum retrospective?
A5: Scrum team does a port-mortem after a sprint.
CS : assignmentchef QQ: 1823890830 Email: [email protected]
Reviews
There are no reviews yet.