Chris Pollett > Old Classes > CS166
( Print View )

Student Corner:
  [Grades Sec3]

  [Submit Sec3]

  [Class Sign Up Sec3]

Lecture Notes]
  [Discussion Board]

Course Info:
  [Texts & Links]
  [Outcomes Matrix]
  [HW/Quiz Info]
  [Exam Info]
  [Additional Policies]

HW Assignments:
  [Hw1]  [Hw2]  [Hw3]
  [Hw4]  [Quizzes]

Practice Exams:
  [Mid 1]  [Mid 2]  [Final]


CS166 Fall 2012Practice Midterm 2

To study for the midterm I would suggest you: (1) Know how to do (by heart) all the practice problems. (2) Go over your notes at least three times. Second and third time try to see how much you can remember from the first time. (3) Go over the homework problems. (4) Try to create your own problems similar to the ones I have given and solve them. (5) Skim the relevant sections from the book. (6) If you want to study in groups, at this point you are ready to quiz each other. The practice midterm is below. Here are some facts about the actual midterm: (a) It is closed book, closed notes. Nothing will be permitted on your desk except your pen (pencil) and test. (b) You should bring photo ID. (c) There will be more than one version of the test. Each version will be of comparable difficulty. (d) One problem (less typos) on the actual test will be from the practice test. (e) Answering the following three questions on the cover of the test (before you start the test) can be used to get one point back on any problem you miss: How long did you study for this test? Which topic did you spend the most time studying? What kinds of practice problems did you do in addition to those on the practice test to prepare?

  1. What is the PKI trust model used by most web browsers? What does it mean for a hash function to be weak collision resistant?
  2. Briefly describe how one round of the Tiger hash function works.
  3. Explain how a (3 out of 4) Shamir secret sharing scheme would work. Give a specific example as well.
  4. What is the difference between steganography and a using watermarks. Give one example of each.
  5. Supppose with odds 1/8 a password appears in dictionary D of 10million entries. Suppose we have a salted password file of 100 passwords each of 8 bytes in length. What is the expected amount of hashes needed to crack at least one password?
  6. (a) Define Equal Error Rate. (b) Say what a password generator is. (c) What is a CSRF attack?
  7. Explain how Lampson's Access control matrix is stored when: (a) ACLs are being used, (b) when C-lists are used. What is the confused deputy problem?
  8. Briefly describe the Bell Lapadula and Biba model's and say what they are used for. Give the conditions necessary for a covert channel to exist.
  9. Explain how a TCP Ack scan can be used to port scan through a packet filter.
  10. Explain how the protocol we had from class to do simple authentication with a symmetric key works.