CS166 Fall 2012Practice Final

To study for the final I would suggest you: (1) Know how to do (by heart) all the practice problems. (2) Go over your notes at least three times. Second and third time try to see how much you can remember from the first time. (3) Go over the homework problems. (4) Try to create your own problems similar to the ones I have given and solve them. (5) Skim the relevant sections from the book. (6) If you want to study in groups, at this point you are ready to quiz each other. The practice final is below. Here are some facts about the actual final: (a) It is comprehensive (b) It is closed book, closed notes. Nothing will be permitted on your desk except your pen (pencil) and test. (c) You should bring photo ID. (d) There will be more than one version of the test. Each version will be of comparable difficulty. (e) It is 10 problems, 6 problems will be on material since the midterm, four problems will come from the topics covered prior to the midterm. (f) Two problems will be exactly (less typos) off of the practice final, and one will be off of practice midterm. (g) Answering the following three questions on the cover of the test (before you start the test) can be used to get one point back on any problem you miss: How long did you study for this test? Which topic did you spend the most time studying? What kinds of practice problems did you do in addition to those on the practice test to prepare?

  1. What is perfect forward security? Give the Ephemeral Diffie Hellman Protocol and explain how it achieves PFS.
  2. Give an example public key authentication protocol that uses timestamps rather than nonces.
  3. Explain what SSL sessions are and how they differ from SSL connections.
  4. Give the protocol for main mode digital signature-based IKE Phase 1.
  5. Explain how Kerberized login works.
  6. Explain how Alice and Bob can obtain a session for communication using Kerberos.
  7. What is a software (a) error, (b) fault, (c) failure, (d) flaw?
  8. Explain how a buffer overflow can cause the return address of a function call to be overwritten.
  9. Give an example of a incomplete mediation attack against a web site.
  10. What is a polymorphic worm, a metamorphic worm, a flash worm. Suggest detection/mitigation strategies for each.