[CT417]: Add exam notes

year4/semester1/CT417/notes/CT417-Notes.tex

@@ -1365,5 +1365,28 @@ Code implementation without a solid design is dangerous \& costly.
 \textbf{Architectural design} decisions entail overarching design decisions.
 Widely accepted solutions to these recurring architectural design problems are referred to as \textbf{architectural patterns}.
 
+\section{Exam Spoilers}
+\begin{itemize}
+    \item   Answer 3/4 questions.
+    \item   Question 1 is easy, can do without studying just need logic.
+    \item   YAML GH Action config provided: explain what it's doing
+    \item   Basic Git commands; check status, fetch stuff, rebase if necessary.
+    \item   Propose some specific step in CI/CD in order to develop app.
+    \item   Each question is different devsecops phases for the same app for a company.
+    \item   Q2: Static vs Dynamic testing.
+    \item   How SonarQube improve app development.
+    \item   Need to know what can cause a failure in dynamic tests, e.g., in OW Zap.
+    \item   Debate on whether or not it's good to have high or low test coverage.
+    \item   Q3: What is the meaning of vulnerability and countermeasure.
+    \item   What is zero day vulnerability and the five stages.
+            Answer in Jack Bower slide.
+    \item   Question on buffer overflow.
+            What is it, how to resolve it, explain how it happens, etc.
+            If you draw a picture of the stack he won't read the text, instant 5 marks.
+    \item   Last question: API first + design patterns, conceptual.
+            Why is design patterns important, benefits.
+            Benefits are the same regardless of pattern.
+            Refactor code based on a pattern; will only be within the 6 we discussed and not singleton, so one of 5.
+\end{itemize}
 
 \end{document}