Final Study Guide

This is simply a guide of topics that I consider important for the final. I don’t promise to ask you about them all, or about any of these in particular; but I may very well ask you about any of these, as well as anything we discussed in class, in the discussion section, or that is in the readings (including the chapters).

  1. Anything from before the midterm
  2. Cryptography
    1. Public key cryptography
    2. Cryptographic checksums (one-way hashes)
    3. Digital signatures
  3. Cryptographic Techniques
    1. Interchange, session keys
    2. Needham-Schroeder
    3. Key generation, random numbers
    4. Certificates and infrastructure; public key infrastructure
    5. Networks and ciphers
    6. PGP, TLS protocols
  4. Network Security
    1. Firewalls
    2. DMZs
    3. Denial of service attacks, countermeasures
  5. Intrusion detection
  6. Authentication
    1. Passwords (selection, storage, attacks, aging)
    2. One-way hash functions (cryptographic hash functions)
    3. UNIX password scheme, what the salt is and its role
    4. Password selection, aging
    5. Challenge-response schemes
    6. Biometrics and other validation techniques
  7. Access Control
    1. ACLs, C-Lists, lock-and-key
    2. UNIX protection scheme
    3. Multiple levels of privilege
    4. Lock and key
    5. MULTICS ring protection scheme
  8. Malware
    1. Types of malware
    2. Countermeasures

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 153, Computer Security
Version of June 2, 2018 at 12:36AM

You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh