Final Study Guide

This is simply a guide of topics that I consider important for the final. I don’t promise to ask you about them all, or about any of these in particular; but I may very well ask you about any of these, as well as anything we discussed in class, in the discussion section, or that is in the readings.
  1. Anything from the midterm; see the Midterm Study Guide

  2. Mobile computing
    1. Threats to security
    2. About Android security: permissions
    3. Countermeasures: controls, sandboxing

  3. Anti-malware software
    1. How anti-malware programs work
    2. Malware signatures
    3. Malware behavioral detectors
    4. How and when to do an anti-malware scan
    5. Limitations of anti-malware software

  4. Digital rights management
    1. Types of access controls: DAC, MAC, ORCON
    2. Digital Millenium Copyright Act (DMCA)
    3. Approaches: cryptographic, system modification
    4. Problems with implementing DRM
    5. preventing or limiting piracy

  5. Electronic voting
    1. Goals as compared to the use of paper
    2. Different types of e-voting systems
    3. Safeguards and certification

  6. Insider problem
    1. Security perimeter
    2. Definition of insider
    3. Countermeasures

  7. Computer forensics

  8. Cyberwarfare

  9. Cyberphysical systems
    1. Power grid: traditional vs. smart grid, meters
    2. Stuxnet

  10. Privacy and anonymity
    1. What to anonymize
    2. k-anonymity, ℓ-diversity
    3. Data sanitization
    4. Repudiation, non-repudiation

You can also obtain a PDF version of this. Version of December 5, 2013 at 12:38PM