CS 416 Exam 3

Spring 2011

See the solutions (6 per page).

    Part I – 11 Points

  1. 4 points
    Why does an IP driver need to use ARP, the address resolution protocol?
  2. 3 points
    Why is the use of the socket buffer (sk_buff) crucial for the efficient implementation of a network stack?
  3. 4 points
    Why is file sharing problematic under AFS?
  4. PART II – 69 points – 3 points each

    For each statement, select the most appropriate answer. You may omit one question. Please clearly indicate the question you choose to omit.

  5. A loop device is a:
    (a) network driver that echoes every packet sent to it.
    (b) block device driver that makes any regular file look like a block device.
    (c) file system driver that makes any file look like a file system.
    (d) character driver that echoes any byte written to it (a read returns the results of the write).
  6. The device file system (devfs):
    (a) presents a file system view of all registered block & character devices.
    (b) is a special file system that allows the user to create device files.
    (c) allows network interfaces to be accessed as regular files.
    (d) is a file system that contains all the device drivers for an operating system.
  7. CSMA/CD (Carrier Sense Multiple Access with Collision Detection) is a technique for:
    (a) an Ethernet controller to send multiple packets concurrently.
    (b) an Ethernet controller to manage multiple physical Ethernet connections.
    (c) an Ethernet controller to send a packet out onto the network.
    (d) multiple processors to share a single Ethernet controller.
  8. In the Internet Protocol (IP), a port number is present at the:
    (a) network layer.
    (b) transport layer.
    (c) presentation layer.
    (d) application layer.
  9. Which socket-related system call is not needed in a connection-oriented client?
    (a) socket
    (b) bind
    (c) accept
    (d) connect
  10. TCP/IP differs from UDP/IP in that TCP/IP:
    (a) requires the use of port numbers.
    (b) detects errors in a packet.
    (c) provides guaranteed bandwidth.
    (d) provides in-order packet delivery to the application.
  11. In contrast to the older non-NAPI implementation, the Linux NAPI approach to getting data from a network interface card:
    (a) coalesces multiple packets into a single socket buffer (sk_buff).
    (b) generates a single socket buffer (sk_buff) for each received packet.
    (c) uses interrupts from the network controller for instant response instead of relying on polling.
    (d) uses a combination of interrupts and polling.
  12. The network device driver is responsible for which layer of the OSI stack?
    (a) Data link.
    (b) Network.
    (c) Transport.
    (d) Presentation.
  13. The interface definition language (IDL) was created to:
    (a) enable the use of remote procedure calls with languages such as C, C++, Java, etc.
    (b) extend the syntax of conventional languages (such as C, C++, Java) to support remote procedure calls.
    (c) serve as a high-level programming language that understands remote procedure calls.
    (d) serve as a system call interface between user processes and kernel RPC facilities.
  14. Remote procedure calls rely on marshaling parameters. Marshaling means:
    (a) transforming the parameters into a form suitable for network transmission.
    (b) sending the parameters over the network to a remote server.
    (c) having the remote server extract the parameters from the network message.
    (d) having the remote server place the parameters on the stack to make a procedure call.
  15. What facilities does the operating system kernel provide to allow user processes to use remote procedure calls?
    (a) Interface definition language.
    (b) Remote procedure system call.
    (c) Sockets.
    (d) All of the above.
  16. An NFS client invalidates locally-cached data via:
    (a) callbacks: receiving a message from the server informing it to invalidate the data.
    (b) tokens: getting tokens from a server telling the client how it may cache data.
    (c) disabling caching for all remote data.
    (d) validation: checking the timestamp on a remote file.
  17. Privilege separation is when:
    (a) users on a system get unique user IDs and privilege levels.
    (b) a process is split into components with limited privileges.
    (c) a process cannot create data that processes running at lower privilege levels can access.
    (d) a process cannot interact with any other process or data at another privilege level.
  18. A capability list is a list of:
    (a) per-user permissions associated with an object.
    (b) permissible operations on objects associated with a user.
    (c) system capabilities associated with a process.
    (d) permissible operations for a specific user and object.
  19. A Multi-Level Secure model:
    (a) uses multi-factor authentication to access system objects.
    (b) allows a process to assign a classification level to objects that it creates.
    (c) allows a process to assign multiple classification levels to objects it creates.
    (d) limits the ability of a process to create objects that another process can access.
  20. The Bell-LaPadula model is an example of:
    (a) applications using cryptographically secure communications.
    (b) an access control matrix.
    (c) mandatory access control.
    (d) discretionary access control.
  21. To authenticate himself to Alice, Bob would encrypt a nonce sent by Alice with:
    (a) his private key.
    (b) his public key.
    (c) Alice’s private key.
    (d) Alice’s public key.
  22. To send a secure message to Alice, Bob would encrypt the message with:
    (a) his private key.
    (b) his public key.
    (c) Alice’s private key.
    (d) Alice’s public key.
  23. Which is NOT a technique that the operating system can use to guard against buffer overflow attacks?
    (a) Address space layout randomization (ASLR).
    (b) Non-executable stacks.
    (c) Stack canaries.
    (d) All of the above are viable operating system techniques to guard against buffer overflow attacks.
  24. A DES key is 56 bits. A triple-DES key is:
    (a) 56 bits.
    (b) 112 bits.
    (c) 168 bits.
    (d) Any of the above.
  25. The Diffie-Hellman algorithm is:
    (a) a public key encryption algorithm.
    (b) a combined key exchange and public key encryption algorithm.
    (c) a symmetric encryption algorithm.
    (d) not an encryption algorithm but allows two parties to compute a common key.
  26. Which of the following is FALSE about the Secure Sockets Layer (or Transport Layer Security)?
    (a) Public key cryptography is used for authentication.
    (b) Symmetric cryptography is used for data communication.
    (c) A one-way hash function is used to store keys.
    (d) A session key is established for data exchange.
  27. What best describes Kerberos?
    (a) A database that keeps track of malicious IP addresses/machines.
    (b) An authentication service that uses a trusted third party that holds all the passwords.
    (c) A program developed in 1989 that used SYN flooding to attack specific machines.
    (d) The first anti-virus program that used virus-scanning to find a signature of a virus.
  28. A digital certificate is:
    (a) a hash of a digital document that is encrypted with your private key.
    (b) a digital document that is encrypted with your public key.
    (c) your identity and your private key, digitally signed.
    (d) your identity and your public key, digitally signed.
  29. PART III – 20 points – 2 point each

    For each statement, specify whether it is true or false by circling the correct choice.

  30. Ethernet is an example of a broadband network.
          True        False
  31. FUSE, the file system in user space, uses a loop device to bridge the VFS layer to a user process.
          True        False
  32. Sockets support the ability to use file system read and write system calls because sockets are implemented under the VFS layer.
          True        False
  33. NFS uses the download/upload model for remote file access.
          True        False
  34. The Password Authentication Protocol with stored hashed passwords provides network-safe authentication.
          True        False
  35. A prominent feature of the original NFS design is that the servers keep no state.
          True        False
  36. Secure Sockets Layer (SSL, or Transport Layer Security) is an example of a hybrid cryptosystem.
          True        False
  37. A Kerberos ticket (sealed envelope) contains the session key.
          True        False
  38. Kerberos uses public key cryptography to provide secure communication on insecure networks.
          True        False
  39. A socket is simply a number included at the start of each IP packet.
          True        False