Midterm Study Guide

This is simply a guide of topics that I consider important for the midterm. I don’t promise to ask you about them all, or about any of these in particular; but I may very well ask you about any of these, as well as anything we discussed in class, in the discussion section, or that is in the readings.

  1. What is security?
    1. Confidentiality
    2. Integrity
    3. Availability

  2. Security policy and security mechanisms

  3. Laws and customs

  4. Assurance
    1. What it is
    2. Trust, assumptions, assurance

  5. Principles of secure design

  6. Malware
    1. Trojan horses
    2. Computer viruses
    3. Computer worms
    4. Rabbits, bacteria, logic bombs

  7. Attacks
    1. E-mail security
    2. Tracking people over the web
    3. Cookies and how they work
    4. Social engineering

  8. Cryptography
    1. Classical cryptosystems
    2. Public-key cryptosystems
    3. Cryptographic checksums
    4. Digital signatures
    5. Types of attacks on ciphers

  9. Authentication
    1. Attributes that identify you
    2. Passwords
    3. Challenge-response
    4. Biometrics
    5. Multi-factor authentication

  10. Identity
    1. User identity
    2. Host identity
    3. Web identity
    4. Certificates and cryptographic key infrastructure

  11. Email and privacy
    1. How to do secrecy, integrity, authentication
    2. Remailers (cypherpunk type 1, mixmaster)

  12. Firewalls
You can also obtain a PDF version of this. Version of October 24, 2013 at 11:22PM