Midterm+Topics
2
Click here to load reader
-
Upload
utkarsh-shrivatava -
Category
Documents
-
view
214 -
download
1
description
Midterm Syllabus
Transcript of Midterm+Topics
Midterm TopicsCS6823 - Network Security
Updated 10 Mar 2014
All topics on the lecture slides can be tested as students are expected to google and research topics that are not clear, even if it was only briefly discussed in class. Tested materials will include:
Lecture slides 1-5 and presentation Labs 0, 1, 2, 3, and 5. Note: Lab 4 is not included in the midterm. Reading Materials on NYU Classes Homework #1 and #2
Midterm exam will be closed book, no calculator, no notes. You are only allowed scratch paper for mathematical calculations. Online students are allowed a word processor such as MS Word.
* star donates that the topic is virtually guaranteed to be on the exam
Topics to focus onL1 – Risk Analysis
CIA and Risk/Threat definitions Risk Management (i.e., accept, transfer, remove, mitigate) Risk Assessment (Quantitative and Qualitative calculations)* Attack Trees*
L2 – Attacks I No laws, no TOR on the exam Process of network reconnaissance (Google hacking, DNS Records, Whois, Ping, Traceroute, Port
scanning)* DNS (records, forward DNS, split, zone transfer) TCP Three way handshake and how connections can be dropped Familiarity with tools- what their purpose and capabilities nmap (Basic commands from lab, Scan types, Bounce scan, IDLE Scan)*
L3 – Attacks II No Web vulnerability scanners, No Immunity Canvas IP Address Spoofing Session hijacking DOS/DDOS amplification attacks and defenses SYN Cookies* DNS Cache Poisoning Nessus Metasploit*
L4 – Attacks III No netcat and no HackerDefender (no lab 4) Convert channels, covert_tcp, loki2 Logging and defenses against log tampering No specific details on how logging is performed (no Slide 44, 48, 49) No hidden files (no Slides 52-56)
L5 – Cryptography* all Crypto is applicable except Message Integrity All ciphers (Caesar, Zimmerman, Substitution, Vignere, Vernam) Methods of breaking encryption
Shannon Characteristics of Good Ciphers Confusion and Diffusion Stream & Block Ciphers CBC* No DES or AES, No birthday attack Public Key Crytography (RSA and DH) * Modular Arithmetic* RSA Encryption and Decryption* Diffie-Hellman* NEW: No Hashing and Keyed Hashes (Slide 52-66)
