final-exam.pdf, Slides of Computer Networks

Net ID: University of Illinois at Urbana-Champaign. Department of Computer Science. Final Exam. CS461/ECE422 – Computer Security I.

Typology: Slides

2022/2023

Uploaded on 05/11/2023

electraxx
electraxx 🇺🇸

4.3

(12)

237 documents

1 / 16

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Net ID:
University of Illinois at Urbana-Champaign
Department of Computer Science
Final Exam
CS461/ECE422 – Computer Security I
Fall 2008
Friday, December 18, 2009
Time Limit: 3 hours
Instructions for the Student
Print your name and NetID in the space provided below; Be sure to print your
NetID in the upper right hand corner of every page. The exams may be
divided for grading.
Name:
NetID:
1. A single letter-sized page of supplementary notes is allowed. You may write on both
sides.
2. Closed book
3. Students should show work on the exam. They can use supplementary sheets of
paper if they run out of room.
4. Students can use scratch paper if desired.
5. No calculators allowed
Number of pages of the exam: 16
Number of questions on the exam: 22
Maximum grade on this exam is: 124 pts
Computer Security I
Final Exam Page 1 12/18/2009
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff

Partial preview of the text

Download final-exam.pdf and more Slides Computer Networks in PDF only on Docsity!

University of Illinois at Urbana-Champaign

Department of Computer Science

Final Exam CS461/ECE422 – Computer Security I Fall 2008 Friday, December 18, 2009 Time Limit: 3 hours

Instructions for the Student

Print your name and NetID in the space provided below ; Be sure to print your NetID in the upper right hand corner of every page. The exams may be divided for grading. Name: NetID:

  1. A single letter-sized page of supplementary notes is allowed. You may write on both sides.
  2. Closed book
  3. Students should show work on the exam. They can use supplementary sheets of paper if they run out of room.
  4. Students can use scratch paper if desired.
  5. No calculators allowed Number of pages of the exam: 16 Number of questions on the exam: 22 Maximum grade on this exam is: 124 pts Computer Security I

Problem Points Score Grader 1 3 2 3 3 3 4 3 5 3 6 3 7 3 8 3 9 3 10 3 11 3 12 3 13 6 14 12 15 12 16 12 17 9 18 7 19 9 20 9 21 9 22 3 Computer Security I

  1. You are shopping for a network security appliance for use in a high assurance environment. Based on the following evaluation information, which product would be the best for your situation? A) Product A evaluated under the Common Criteria in Canada with a security target based on the Labeled Security Protection Profile at EAL 3 B) Product B evaluated under the Common Criteria under a security target not based on a protection profile at EAL 2 in the United States. C) Product C evaluated under TCSEC at C2 in the United States D) Product D evaluated under the Common Critera with a security target based on the “Network Intrusion Prevention System Protection Profile” at EAL5 in Germany.
  2. Which of the following laws affects network and telephone service providers? It states that such service providers must have networks that enable them to comply with legal wiretap requests. A) Electronic Communication Privacy Act (ECPA) B) Foreign Intelligence Surveillance Act (FISA) C) USA PATRIOT Act D) Communications Assurance For Law Enforcement Act (CALEA)
  3. Which of the following statements is not true about partial and total orderings? A) The “is less than or equal to” relation on the set of integer values form a total order. B) The “is subset of” relation on the set of subsets of {1,2,3} form a total order. C) A total order has the anti-symmetry property. D) In the Bell-LaPadula model, the security levels plus the “dominates” relation form a partial order.
  4. What does the two-phase commit in databases protect? A) Confidentiality B) Integrity C) Availability D) All the above Computer Security I
  1. Identify the common mode that can be used with block encryption algorithms such as AES and DES that is illustrated in the diagram below. Pi is a unit of plaintext. Ci is a unit of cipher text. Ek is the block encryption algorithm operating with key k. Ri is a register value. A) Output Feedback mode (OFB) B) Cipher Block Chain mode (CBC) C) Counter mode D) Electronic Codebook mode (ECB)
  2. Which of the following is an amplification attack? A) Smurf attack B) SYN flood attack C) Chop chop attack D) Teardrop attack
  3. How would an investigator use slack space? A) Use an electron microscope to detect the magnetic remnance from past writes. B) Look for data remaining from previous times the operating system allocated the block to a file. C) Look for alternate data encodings. D) Search for unusual filename suffixes Computer Security I Ek Ek Pi-1 Pi Pi+ Ci-1 Ci C i+ Ri-
  1. Bob is buying a new cell phone. Use quantitative risk analysis to determine whether he should buy the loss protection plan. (12 points) A) The replacement cost for the phone is $200. Bob is absent-minded. He expects that he has a 30% probability of losing the phone in the course of a year. What is the annual loss expectancy for the phone? B) The mobile phone company offers loss insurance at the cost of $5 per month. If he loses the phone, the phone company will give him a new phone at no additional cost. What is the risk leverage calculation for this control? C) In Extreme Geek, Bob found a two piece electronic gadget. You stick one half on the phone and keep the other half on yourself. When looking for your phone, you press a button on one half, and the half on the phone beeps. The gadget costs $15, and Bob figures this will reduce his probability of loss by one half to 15% probability of loss per year. What is the risk leverage calculation for this control? D) Based on these calculations, how would you advise Bob? Should he pay for the loss insurance? The Extreme Geek gadget? Or nothing? Why? Computer Security I
  1. Identify the following statements as policy or mechanism. If you identify the statement as policy, list a possible enforcing mechanism, or if you identify the statement as mechanism, list a policy that the mechanism might be enforcing. ( points) A) All customers must show photo ID when purchasing alcohol if they appear 40 or younger. B) Patient information may only be accessed by the attending physician and nurse. C) Clients must select a password with at least 10 characters with at least one lower case, one upper case, one numeric, and one special character. D) Only city residents may enroll their children in Urbana schools. Computer Security I
  1. The following questions address mandatory access control under the Bell-LaPadula model. (9 points total) A) Define the dominates operator between SL1=(L1, C1) and SL2 = (L2, C2) where the sensitivity labels are defined as pairs of levels and category or compartment sets. (3 points) B) Consider the following access control matrix. You have a set of levels: low < medium < high, and a set of categories c1, c2, ... cn. Define and assign a set of sensitivity labels to the subjects and objects in the access control matrix that would match the protection state defined by the access control matrix. (6 points) X Y Z Alice Append Append Append Bob Read Read Read Carol Append,Read Computer Security I
  1. A worm uses a simple random selection to find addresses of systems to test for the presence of vulnerable services. There are approximately 2^30 infected systems across the Internet. (7 points) A) In IPv4, what is the probability of selecting an address of a vulnerable machine? (2 points) B) In IPv6, what is the probability of selecting an address of a vulnerable machine? (2 points) C) What is one technique the worm writer can use to improve his odds of finding a vulnerable machine? (3 points) Computer Security I
  1. Consider the Wired Equivalence Protocol (WEP). (9 points) A) Why is it never a good idea to reuse a key stream in stream cipher? B) Why is RC4 insecure when used in WEP but secure when used in SSL? C) Why is AES in counter mode, used in WPA2, a superior choice for encrypting wireless packets? Computer Security I
  1. The following Data Flow Diagram provides a high level view of the Fabrikam Phone 1.0 system. (9 points total) A) What is an entry point into the system? (2 points) (more parts next page) Computer Security I

| a b c d e f g h i j k l m n o p q r s t u v w x y z

A | a b c d e f g h i j k l m n o p q r s t u v w x y z B | b c d e f g h i j k l m n o p q r s t u v w x y z a C | c d e f g h i j k l m n o p q r s t u v w x y z a b D | d e f g h i j k l m n o p q r s t u v w x y z a b c E | e f g h i j k l m n o p q r s t u v w x y z a b c d F | f g h i j k l m n o p q r s t u v w x y z a b c d e G | g h i j k l m n o p q r s t u v w x y z a b c d e f H | h i j k l m n o p q r s t u v w x y z a b c d e f g I | i j k l m n o p q r s t u v w x y z a b c d e f g h J | j k l m n o p q r s t u v w x y z a b c d e f g h i K | k l m n o p q r s t u v w x y z a b c d e f g h i j L | l m n o p q r s t u v w x y z a b c d e f g h i j k M | m n o p q r s t u v w x y z a b c d e f g h i j k l N | n o p q r s t u v w x y z a b c d e f g h i j k l m O | o p q r s t u v w x y z a b c d e f g h i j k l m n P | p q r s t u v w x y z a b c d e f g h i j k l m n o Q | q r s t u v w x y z a b c d e f g h i j k l m n o p R | r s t u v w x y z a b c d e f g h i j k l m n o p q S | s t u v w x y z a b c d e f g h i j k l m n o p q r T | t u v w x y z a b c d e f g h i j k l m n o p q r s U | u v w x y z a b c d e f g h i j k l m n o p q r s t V | v w x y z a b c d e f g h i j k l m n o p q r s t u W | w x y z a b c d e f g h i j k l m n o p q r s t u v X | x y z a b c d e f g h i j k l m n o p q r s t u v w Y | y z a b c d e f g h i j k l m n o p q r s t u v w x Z | z a b c d e f g h i j k l m n o p q r s t u v w x y Computer Security I