



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Computer Security 6, Exercises - Computer Science - Prof. David Wagner.pdf, University of California (CA) - UCLA, United States of America (USA), Prof. David Wagner, Computer Science, Computer Security, Firewalls and Network Threats, Zero-Knowledge Proofs, Firewall Deployments
Typology: Exercises
1 / 5
This page cannot be seen from the preview
Don't miss anything!




PRINT your name: , (last) (first)
SIGN your name:
PRINT your Unix account name:
PRINT your TA’s name:
You may consult any books, notes, or other paper-based inanimate objects available to you. Calculators and computers are not permitted. Please write your answers in the spaces provided in the test; in particular, we will not grade anything on the back of an exam page unless we are clearly told on the front of the page to look there.
Please be concise.
If you have questions, make a best guess and state your assumptions.
You have 50 minutes. There are 4 questions, of varying credit (100 points total). The questions are of varying difficulty, so avoid spending too long on any one question.
Do not turn this page until your proctor tells you to do so.
List and explain three network threats that a firewall does not protect against. (If a threat only applies to certain types of firewalls, then explain why this is the case.)
(a) Threat #
(b) Threat #
(c) Threat #
Explain the strengths and weaknesses of each of the following firewall deployment scenarios in defending servers, desktop machines, and laptops against network threats.
(a) A firewall at the network perimeter.
(b) Firewalls on every end host machine.
(c) A network perimeter firewall and firewalls on every end host machine.
(a) List two examples of covert channels, other than the three examples given in the lecture notes: existence of a file, system paging behavior, and system load. Explain how an adversary could take advantage of each of your examples.
(b) Two professors are running applications on a classified multi-user system. Professor Tygar is running the Quake game, and Professor Wagner is running a Top Secret application. Who should get higher priority on a multi-user machine? Explain your answer.
(c) Why is it difficult to implement systems supporting covert channel prevention that perform well? Ex- plain your answer.