Back to NSW Software Engineering
NSW · NESAQ&A
Software EngineeringQ&A by dot point
A short Q&A bank for every NSW Software Engineering syllabus dot point. Each question and answer is drawn directly from our worked dot-point page, so you can scan key concepts before opening the long-form answer.
Module 2: Programming for the Web
- Design and consume RESTful APIs that exchange JSON, including resource modelling, request methods and status codes12Q&A pairs
- Describe the client-server architecture of the web, including the roles of the browser, web server, application server and database7Q&A pairs
- Identify and mitigate cross-site scripting (XSS), cross-site request forgery (CSRF) and SQL injection vulnerabilities10Q&A pairs
- Design a relational database schema and write SQL statements to create tables, insert data, query with joins, and update or delete rows13Q&A pairs
- Construct front-end pages using HTML for structure and CSS for presentation, including semantic markup and responsive design10Q&A pairs
- Explain the HTTP protocol, including request methods, status codes and headers, and the role of HTTPS in securing web traffic9Q&A pairs
- Use JavaScript in the browser to manipulate the DOM, handle events and make asynchronous requests13Q&A pairs
- Implement server-side programming, including routing, handling requests, generating responses and integrating with a database10Q&A pairs
Module 1: Secure Software Architecture
- Explain the role of authentication and authorisation in restricting access to a system, and identify common implementation methods including multi-factor authentication and role-based access control8Q&A pairs
- Describe how the confidentiality, integrity and availability (CIA) triad is applied to the design of secure software7Q&A pairs
- Compare symmetric and asymmetric encryption, and describe their roles in securing data in transit and at rest9Q&A pairs
- Describe how hashing and salting protect stored passwords, and identify weaknesses in storing passwords in plain text or with reversible encryption10Q&A pairs
- Apply input validation, sanitisation and output encoding to defend against injection attacks12Q&A pairs
- Identify the OWASP Top 10 web application security risks and describe mitigations for each15Q&A pairs
- Describe the secure development lifecycle, including threat modelling, secure coding practices, security testing and ongoing monitoring9Q&A pairs
Module 3: Software Automation
- Identify the ethical implications of automation and artificial intelligence, including accountability, transparency, employment effects and the use of personal data8Q&A pairs
- Distinguish machine learning from classical programming, and define the roles of model, features, training data and predictions9Q&A pairs
- Describe applications of machine learning in industry, including image recognition, natural language processing, recommendation systems and predictive maintenance10Q&A pairs
- Describe the basic structure of a neural network, including neurons, layers, weights, activation functions and training by backpropagation13Q&A pairs
- Compare supervised, unsupervised and reinforcement learning, and identify a typical application of each9Q&A pairs
- Explain how the quality and representativeness of training data affect a model, including the risks of bias and overfitting12Q&A pairs
Module 4: Software Engineering Project
- Apply code review and quality practices, including peer review, style guides, linters and static analysis11Q&A pairs
- Set up continuous integration and deployment pipelines that build, test and release software automatically12Q&A pairs
- Produce technical and user-facing documentation across the software engineering lifecycle, including README files, API documentation, design documents and user manuals12Q&A pairs
- Use project management tools to plan, track and communicate work across a software team, including issue trackers, Kanban boards and Gantt charts8Q&A pairs
- Compare software development methodologies, including waterfall, agile and scrum, and identify when each is appropriate13Q&A pairs
- Describe testing strategies, including unit testing, integration testing, system testing and user acceptance testing11Q&A pairs
- Use version control to manage source code, including commits, branches, merges, pull requests and remote repositories13Q&A pairs