1. In the context of security,

    • what is a vulnerability?

    • what is an exploit?

    • what is a malware?

  2. Describe how a buffer overflow vulnerability can be used as an exploit to call a function.

  3. List three OS/compiler features that make buffer overflow exploits more difficult.

  4. Name three categories of security threats.

  5. Give an example of an application that requires integrity and availability, but not confidentiality.

  6. What is cryptography?

  7. What is software hardening?

  8. What is the difference between a trusted system and a secure system?

  9. What is the principle of least authority?

  10. What is a protection domain?

  11. In the context of protection domains, give an example of an object, a domain, and a right.

  12. Consider the following protection domain.

    ProtectionDomain

    • Represent the protection domains above as protection matrix

    • Represent the protection domains above using an Access Control List

    • Represent the protection domains above using Capabilities. Assume each user is running a single process with the same file needs as the diagram.

    • Why aren’t protection matrices used for storing protection rights?

  13. In the domain of cryptography, what is authentication?

  14. What is Kerckhoff’s Principle?

  15. What major limitation of secret-key cryptography does public-key cryptography solve?

  16. What property does secret-key cryptography have?

  17. What property does public-key cryptography have?

  18. What property does one-way function cryptography have?

  19. Secure Hash Algorithms are an example of one type of cryptographic function?

  20. How does a signature block work for digitally-signed documents?

  21. What is the purpose of a certificate authority? E.g. what problem do they solve?

  22. List 3 basic principles of identity authentication.

  23. Describe how passwords can be stored securely within a system file.

  24. Describe how a leaked password file could be used to break into other systems, even if the password file is encrypted.

  25. What is meant by security through obscurity?

  26. Suppose a system takes stores 8 character passwords. Assume that the password is not a dictionary and contains lowercase letters and digits. How many passwords would we need to test if we use brute force to guess the password. How many passwords would we need to test if we store these passwords with 12 bits of salt. Suppose a 1000 passwords can be tested in 1 second. How long will it take to break this system using brute force?

  27. Give three examples of insider attacks.

  28. What is a botnet?

  29. What is a trojan horse?

  30. What is a drive-by-download?

  31. What is ransomware?

  32. Name five different types of viruses.

  33. Describe how the Morris worm worked.

  34. Why did the Morris worm sometimes bring down computers so they could not be used at all?

  35. What is a rootkit?

  36. Give an example of a rootkit.

  37. What is spyware?

  38. Give some examples of how spyware might modify your computer.

  39. Give 4 examples of defenses against malware.

  40. Sketch code that implements an overwrite virus on a machine in which permissions are not setup correctly for user accounts.