cs-465:exam-2 [CS Wiki]

This shows you the differences between two versions of the page.

--- cs-465:exam-2 [2015/12/03 14:16]
fred
+++ cs-465:exam-2 [2017/12/04 15:38] (current)
seamons
@@ Line 1: / Line 1: @@
 '''Exam 2'''
-Date: Tues Dec 8th
 Location: In Class
@@ Line 15: / Line 15: @@
 * know record format
 * know what data is exchanged at what phases and it’s composition.
-* session resumption and how it works, and why we do it
 * be able to explain the parts of a cipher name e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-Multi-Factor Authentication
 Buffer Overflow Attacks
@@ Line 43: / Line 38: @@
 * Lamport's Hash - how does it work? how to attack it?
 * Salts - what and why?
-Attacks against, and countermeasures for programs that hold passwords
-SQL injection, prevention and mitigation techniques
-Web App Vulnerabilities, prevention and mitigation techniques
-Command Injection Vulnerabilities, prevention and mitigation techniques
-Usability as a security problem - be prepared to give examples and explain
 Ken Thompson compiler hack - how it works
 Principle of Least Privilege  and how it relates to Defense in Depth
 ANYTHING in any of your projects, or homework assignments.
+Review Exam 1 problems
+* MAC/HMAC, hashes and how they are implemented, and how they are not the same
+* digital signatures
 Remaining topics are for final exam
@@ Line 75: / Line 55: @@
 * How to defend against it?
-Review Exam 1 problems
-* MAC/HMAC, hashes and how they are implemented, and how they are not the same

cs-465/exam-2.1449177364.txt.gz · Last modified: 2015/12/03 14:16 by fred

Back to top