CS 469: Security Engineering-Final Review




The final will cover all the material presented in class, homework and readings. The final is comprehensive and will include material also covered in the midterm.  The concepts below are guidelines, but the exam will cover everything. The key is to UNDERSTAND concepts.. not just memorize answers to each of these questions.

This may be updated frequently. Please hit refresh. Last updated: Dec 10, 2013

Everything from the midterm review

Public/Private Keys
- What is a public key? Private key?
- Explain how public / private keys are used for authenticity
- Explain how public / private keys are used for privacy
- How are prime numbers used for public/private keys? Explain at a high level the algorithm needed for public/private key based encryption (prime numbers, factoring, etc...)


Network Intrusion Detection
- Explain network vs host based IDS
- Explain how signature vs anomaly based systems work
- Explain the advantages/disadvantages of signature vs anomaly detectors
- How are nearest neighbors used to compute strangeness in TransAD?
- TransAD uses multiple "micro-models" in an ensemble. How do these models sanitize (i.e. remove attack packets) from the baseline traffic?

Signatures and Certificates
- Explain the technical reasons digital signatures have the following properties:  unforgeable, authentic, no repudiation, tamperproof, not reusable
- If we have technology to implement asymmetric encryption, why do we need certificates? What purpose do they serve?
- Define chain of trust
- Define certificate authority? What does it take to be one? Technical requirements? Other "social" requirements?
- Given a certificate format {Y, K_y, ....} presented to Z from Y what steps does Z take to verify it, and what does Z learn?


Identity Management
- Define atomic authorization
- Define PII (the acronym) and give examples
- In the context of covert channels, define: reliability, resilience, attribution, secrecy
- How can we remove covert information stored in images (steganography)?


More on Covert Channels

- Give an example of using a timing channel
- Give an example of using a storage channel
- Does steganography create a covert channel? What would make it covert? overt?



Availability

- Define availability
- Define DoS, DDoS
- Describe a SYN flood attack. Is it a problem today? Why or why not?
- Difference between IDS and IPS systems? What are the advantages/disadvantages of each?

PGP
- What is the point of PGP, everyone knows the algorithms already... what does it do for us?
- Why does PGP use compression?
- Should we compress and then encrypt or encrypt and then compress? Why?
- Why does PGP use a session key to encrypt messages instead of the private key?
- How does PGP do key management? How did we implement this in homework?

Moving Target Defense
- Describe what is a moving target defense? What moves?
- What is the goal, how does it help?
- Why is it more feasible today than in the past?


Fuzzing
- What is fuzzing?
- How does it differ from user testing?
- Describe briefly the following types of fuzzer: "dumb", "smart", "evolutionary"
    - What are advantages/disavantages of each and how do they differ
- How does code coverage help us use fuzzers more effectively? (There are several ways.. .don't forget to re-read the example!)



Secure Engineerin
g
- Why is it important to have a development methodology?
- What are some common types of attackers of a system?
- Describe the security principles (provide example where you can):
- What is phishing? How do you combat it?

Student Projects
- What is a TCP Veto attack?
- Give two examples of malicious uses of the windows registry.
- What are some of the risks of using your own network box to login to UAC once for everything on your own private network?
- What is a firewall redundancy? conflict?
- Explain the LSB method of steganography
- What are some uses of a botnet?
- What are two ways to subvert SnapChat's metapolicy? (the commercial implementation... not the one you saw in class)
- Who has the most friends in our class? (Just kidding.. .this won't be on the exam, but the he did get a lot of friend requests)
- What are some of the risks people see in using online password vaults?
- What are some of the layers of defense in the Android operating system a malware must subvert?
- Define cracking