Physical Information Security Fall 2009 CS461/ECE422 Computer Security I.
Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is...
-
Upload
matthew-horn -
Category
Documents
-
view
214 -
download
1
Transcript of Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is...
![Page 1: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/1.jpg)
Final Exam Review
CS461/ECE422 Fall 2010
![Page 2: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/2.jpg)
Exam guidelines
A single page of supplementary notes is allowed Closed book No calculator Students should show work on the exam. They
can use supplementary sheets of paper if they run out of room.
Students can use scratch paper if desired.
![Page 3: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/3.jpg)
Topic Distribution
The final is cumulative Material from the first two exams Plus material from after Thanksgiving
Follows same structure as midterm exams But longer Aiming for 1.5-2 hours
![Page 4: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/4.jpg)
Exam Logistics
8am Thursday, December 16 1320 DCL
Conflict exam as needed
![Page 5: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/5.jpg)
Course Goals
Introduction to computer security information Basis for deeper study Ability to interpret security articles/information more
critically Improve your security awareness as a computer
professional Some fun party tricks
![Page 6: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/6.jpg)
Topics First Half
Introductory definitions Security Policies Risk Analysis Historical Cryptography Symmetric Cryptography Public or Asymmetric Cryptography Authentication Key Management
![Page 7: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/7.jpg)
Topics Second HalfAccess Control
– Access Control Matrix– Discretionary OS models– Database Access Control– Mandatory Models
Assured Systems Design and development Evaluation
Malware Network Security Controls and Architecture
![Page 8: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/8.jpg)
Topics Third Portion
Security and Law Physical Security
Forensics EMSEC SSL and IPSec
![Page 9: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/9.jpg)
Law and Security
Different laws apply for service providers, law enforcement, intelligence, war fighter
Privacy 4th amendment Wiretapping and ECPA CALEA FISA
![Page 10: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/10.jpg)
Law and Security
Crime CFAA Economic Espionage Act International laws
Cryptography and the law Computer Use and Configuration– FISMA– SOX– GLB– HIPAA
![Page 11: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/11.jpg)
Physical Security
Must consider physical world in security planning
Forensics/Spying Chain of custody Finding data on disk Paper disposal
![Page 12: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/12.jpg)
EMSEC
Emanations Scanning TEMPEST
Use AM radio to detect screen radiation Hide information in dither Tempest fonts Protections
Shielding Physical separation. red/back
RFID
![Page 13: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/13.jpg)
SSL and IPSec
Examples of crypto techniques and protocols used in the real world
SSL – transport layer Session vs connections Handshake protocol
Authenticate and agree upon common data Compression, encryption, and integrity
IPSec – network layer Tunnel and transport mode AH/ESP Nested tunnels Encryption and integrity
![Page 14: Final Exam Review CS461/ECE422 Fall 2010. Exam guidelines A single page of supplementary notes is allowed Closed book No calculator Students should show.](https://reader036.fdocuments.us/reader036/viewer/2022082819/56649f1c5503460f94c3323d/html5/thumbnails/14.jpg)
Thanks for participating!Good Luck!