Final Exam Topics (modified from whole-course list) -------------------------------------------------- The final exam will be comprehensive over the full course, but will focus primarily on material presented after the midterm, which is marked with a * in the following list. Fundamental notions - Explain how security goals can be categorized into Confidentiality, Integrity, and Availability; give examples of each category; analyze specific goals into the appropriate category. - Explain why security is defined relative to a set of assumptions. - Explain the concepts of Threat, Vulnerability, and Control; give examples. - Discuss the relationship between the concepts of security and correctness. Authentication - Describe common vulnerabilities related to passwords, and best practices for password guidelines. - Calculate the probability of breaking a password by brute force, given suitable assumptions. - Describe several biometric techniques for authentication. - Describe several token-based techniques for authentication. Software Security - Define, and give examples of, the Saltzer and Schroeder design principles for secure software: least privilege, economy of mechanism, open design, complete mediation, fail-safe defaults, separation of privilege, least common mechanism, ease of use. - Explain, and give examples of, the CERT Top 10 Secure Coding Practices: validate input, heed compiler warnings, architect and design for security policies, keep it simple, default to deny, adhere to the principle of least privilege, sanitize data sent to other systems, practice defense in depth, use effective QA techniques, adopt a secure coding standard. - Explain how choice of programming language can affect software security. - Explain in detail how simple buffer overflow attacks work. - Describe several techniques used to discover and exploit software vulnerabilities, including fuzzing and symbolic execution. - Describe several countermeasures that can mitigate the risk of overflow attacks. - Explain the idea of "penetrate-and-patch," and its limitations as a security technique. - Define the concepts of virus, trojan horse, and worm, with historically important examples. - Explain how virus detection works, and its limitations. * Explain the use of cryptographic checksums over software. Access Control - Define the basic access control concepts of subject, object, and access mode; give examples. - Define the concept of mediation, and describe different ways of achieving it. - Define the concept of reference monitor. - Explain hardware approaches to access control, including segments, paging, and tagging. - Explain the concept of an access control matrix (ACM), show how ACMs can be used to model security policies, and how to use an ACM to determine whether an access is secure relative to a policy. - Explain the idea of an access control list (ACL) and its relationship to an ACM. - Explain the concept of capabilities, and their relationship to an ACM. - Explain in detail what access control mechanisms are available in Unix. - Explain what Java stack inspection is used for, and how it works. Discuss its limitations. - Explain and apply the Bell-LaPadula confidentiality model in the context of a multilevel security policy. * Explain the concept of covert channels, and give examples. Cryptography - Define basic cryptographic terms: plaintext, ciphertext, encode, decode, substitution, transposition, symmetric key, public key, one-time pad, hash. - Describe the architecture and mathematical basis of the symmetric key systems DES and AES. - Describe the architecture and mathematical basis for the public key system RSA. - Compare and contrast the domain of applicability, security, computational cost, and real-world adoption of DES, AES, and RSA. * Describe the architecture and mathematical basis for the cryptographic hash mechanisms MD-4/5 and SHA. * Discuss the domain of applicability, security, computational cost, and real-world adoption of cryptographic hash mechanisms. Network and Web Security * Explain port scanning and its security implications. * Describe several different types of firewalls, their uses, and their relative pros and cons. * Compare and contrast link encryption and end-to-end encryption in networks. * Explain what virtual private networks (VPN's) are for and how they work. * Explain what a key exchange protocol is for, and give one or more practical examples. * Explain what an authentication protocol is for, and give one or more practical examples. * Describe "man-in-the-middle" attacks, replay attacks, and session hijack attacks, and how they can be controlled. * Describe the purpose and architecture of SSL/TLS. * Describe the purpose and architecture of the Kerberos protocol. * Explain the Dolev-Yao model for cryptographic protocols. * Describe the purpose and implementation of digital signatures and hash-based message authentication codes. * Describe the nature and use of Public Key Infrastucture (PKI) certificates. * Describe several common web-based attacks, including click-jacking, cross site scripting and SQL injection. * Define and give examples of "denial of service" attacks. * Explain what Botnets are and how they work. * Describe the applicability and mechanisms of several types of intrusion detection systems.