Software Development

Practice Exam
Question 1: GPT Prompt Design
Design a GPT prompt for a password validation and generation system. The system should analyze password strength,
identify weak patterns, and generate secure alternatives.

Example input:

Current password: Password123!

Required: minimum 12 chars, mix of cases, numbers, symbols
Forbidden: common words, sequential numbers, repeated chars

Expected output:

Analysis:
- Length: OK (10 chars)
- Common word detected: "Password"
- Sequential numbers: "123"
- Recommendation: kH9$mP2&nL5@vQ

Solution:
Create a password management system with these specifications:

1. Validation Requirements:
- Length and complexity checks
- Common pattern detection
- Dictionary word scanning
- Character distribution analysis

2. Core Features:
- Password strength scoring
- Pattern identification
- Secure generation rules
- Historical comparison

3. Technical Details:
- Regular expression validation
- Entropy calculation
- Dictionary lookup
- Pattern matching

4. Output Format:
- Detailed strength analysis
- Specific weakness highlights
- Alternative suggestions
- Security recommendations

Include input validation and error handling.

Question 2: Code Analysis

Review this password manager code and identify issues:
class PasswordManager:
def __init__(self):
self.passwords = {}

def add_password(self, site, password):

if len(password) < 8:
return False
self.passwords[site] = password

def check_strength(self, password):

score = 0
if len(password) >= 12:
score += 1
if any(c.isupper() for c in password):
score += 1
if any(c.isdigit() for c in password):
score += 1
return score

def generate_password(self, length):

chars = "abcdefghijklmnopqrstuvwxyz0123456789"
return ''.join(random.choice(chars) for _ in range(length))

def main():
pm = PasswordManager()
while True:
print("1. Add Password")
print("2. Check Strength")
print("3. Generate Password")
print("4. Exit")

choice = input("> ")

if choice == 1:
site = input("Site: ")
pwd = input("Password: ")
pm.add_password(site, pwd)

Analysis and Solutions:

1. Input Validation Issues:
def add_password(self, site, password):
if not site or not password:
return False
if len(password) < 8:
return False
if site in self.passwords:
return False
self.passwords[site] = self._encrypt_password(password)
return True

2. Menu Bug Fix:

if choice == "1": # Compare strings, not integers

3. Password Generation Fix:

def generate_password(self, length):

if length < 12:
length = 12
chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*"
password = ''.join(random.choice(chars) for _ in range(length))
# Ensure all character types are included
if not all([any(c.isupper() for c in password),
any(c.islower() for c in password),
any(c.isdigit() for c in password),
any(c in "!@#$%^&*" for c in password)]):
return self.generate_password(length)
return password

Question 3: Program Structure

Design a secure file storage system that encrypts files before storage and manages user access.

Solution:
class SecureStorage:
"""Handles encrypted file storage and access"""
def __init__(self):
self._storage = {}
self._users = {}

def encrypt_file(file_data: bytes, key: str) -> bytes:

"""
Encrypt file data using provided key
Input: File data and encryption key
Output: Encrypted bytes
"""
pass

def store_file(filename: str, data: bytes, owner: str) -> bool:

"""
Store encrypted file with access controls
Input: Filename, data, and owner
Output: Success status
"""
pass

def grant_access(filename: str, user: str) -> bool:

"""
Grant user access to file
Input: Filename and username
Output: Success status
"""
pass

def main():
storage = SecureStorage()
while True:
choice = display_menu()
if choice == "1":
store_new_file()
elif choice == "2":
grant_file_access()

Question 4: Collaborative Development

How would you implement this secure storage system with a partner?
 Solution:
1. Work Division:

Developer 1:
Encryption/decryption
File handling
Security testing
Developer 2:
User management
Access controls
UI implementation

2. Version Control Strategy:

/secure-storage
/src
/crypto
/storage
/access
/tests
/docs

3. Development Process:

Use feature branches

Regular code reviews
Security audits
Integration testing
Documentation updates

4. Testing Plan:

Unit tests for each module

Security penetration tests
Performance testing
User acceptance testing

Would you like me to explain any part in more detail or create additional practice questions?