CS 419 Exam info

When & where

The first exam will be held in our regular classroom on February 25, 2019. It will take up about half the lecture, starting approximately during the second half of the class period. Please be sure to arrive on time and do not plan on coming in just to take the exam. If you arrive after the exam has started, you will not be allowed to take it.

Be sure to bring a pencil!

Exam rules

Be sure to arrive on time. If you arrive after the exam starts, you will not be allowed to take it.

This will be a closed book, closed notes exam. Calculators, phones, augmented reality glasses, laptops, and tablets are neither needed nor permitted. If you have these devices, you must turn them off, put them out of sight, and not access them for the duration of the exam.

No other electronic devices are permitted except for hearing aids, pacemakers, electronic nerve stimulators, other implanted medical devices, or electronic watches that function only as timekeeping devices or chronographs.

Bring a couple of pens or pencils with you. The exam will be scanned, so use a pen only if you are supremely confident in not changing your mind. An extra pencil is affordable fault tolerance. If you want to splurge, the Palomino Blackwing 602 is considered by many to be one of the finest pencils available. The company advertises its key virtue as "half the pressure, twice the speed." If that claim is really true, using this product might help you complete the exam quicker. If you do not choose bring several extra pencils, you may want to bring a pencil sharpener. Palamino makes a companion Blackwing Long Point Sharpener. This, too, is pricey at $11.00. For a bit less money, you can get what looks like a clone: the Alvin Kum Long Point Pencil Sharpener. Both of these feature two-step sharpening: one for the wood case and another for the graphite core of the pencil. A truly beautiful sharpener is the El Casco Pencil Sharpener, but bringing this to class is really overkill, as is spending over $300 on a pencil sharpener. If you would like to learn the craft of pencil sharpening, there are several books available. The best of these may be How to Sharpen Pencils: A Practical & Theoretical Treatise on the Artisanal Craft of Pencil Sharpening for Writers, Artists, Contractors, Flange Turners, Anglesmiths, & Civil Servants by David Rees. Do not be intimidated by the omission of "students" in the title. You can read more about it at artisinalpencilsharpening.com. A video by David Rees is here. You are welcome to bring a full pencil sharpening travel kit to the exam but be aware that a proper sharpening routine may consume too much time during the exam and may be messy.

Past exams

You can use my recent exams as a guide to what this exam may look like. Expect a bunch of multiple-choice questions.

Get past 419 exams here.

Study guide

You are responsible for the material from the first four lectures and recitations.

I've prepared a study guide that attempts to cover most of the material you should know. It is not a substitute for the lectures, lecture material, and other reading matter. My goal is to put most of the information you need to know in as concise a form as possible, with more elaboration in areas where textbook coverage may be lacking.

Topics

Topics that you should know and may be on the exam include:

Introduction

  • What is computer security? Know the terms
    • Confidentiality
    • Understand how privacy relates to confidentiality
    • Integrity
      • Data integrity
      • origin/destination (endpoint) integrity
      • system integrity
    • Availability
  • Security goals
    • Prevention
    • Detection
    • Recovery
  • Policy vs. Mechanism
  • Definitions
    • Vulnerability
    • Attack
    • Threat categories (know but don't memorize)
      • Disclosure
      • Deception
      • Disruption
      • Usurpation
  • Examples of threats
    • Snooping
    • Modification
    • Alteration
    • Repudiation of origin
    • Denial of receipt
    • Delay
    • Denial of service
  • You don't need to know the threat matrix or types of attackers/adversaries
  • What is a trusted computing base?

Access control

  • What is protection?
  • What is access control?
  • Basic OS and hardware mechanisms for protection
    • Hardware timer
    • Process scheduler
    • Memory management unit (MMU)
    • user vs. kernel mode execution
    • You do not need to know about rings of privilege levels or call gates
    • Purpose of authentication
    • Subjects vs. objects
  • Unix access control model
    • root user
    • User, group, other
    • Read, write, execute permissions
    • Order of checking
    • You don't need to know windows domains
    • What do permissions mean for directories (e.g., execute?)?
    • You don't need to remember /etc/passwd and /etc/group but know that there's a file that stores a user' login, user ID, and a user's default group ... and another that stores a list of groups and user names that belong to each group
    • You don't need to remember syntax but know:
      • chmod - change permissions of a file
      • chown - change ownership of a file
      • chgrp - change group of a file
      • umask - initial (default) permissions of a file
      • possible race condition with using umask
    • setuid - what does it do? What are the risks?
  • Access control lists (ACLs)
    • Know the purpose of ACLs
    • You don't need to know any syntax for setting them
  • Principle of least privilege
  • Privilege separation
  • Access control matrix
    • What's a row annd what's a column?
    • I will not ask about access transitions
    • I will not ask about domain transfers
    • Implementation problems of ACLs
    • Implementation problems of capability lists
  • Mandatory Access Control (MAC)
    • DAC vs. MAC
    • Bell-LaPadula Model
      • Simple Security Property
      • *-Property
      • Discretionary Security Property
      • I will not ask about Bell-LaPadula tranquility principles
    • Biba Integrity Model
      • Difference from Bell-LaPadula
      • Simple Integrity Property
      • *-Property
    • Type Enforcement (TE) Model
      • Just the concept
    • Role-Based Access Control (RBAC) Model
      • Just the concept
  • Multilateral security
    • What is the concept?
    • What is a compartment?
    • What does a lattice model represent?
  • Chinese Wall model
    • What is the goal?
    • What is a conflict class?
    • I will not ask you about the Simple security property and *-property but understand when a subject will or will not be granted access to an object.
    • I will not ask you about unsanitized data

Code injection attacks

  • What is a buffer overflow?
  • Why are setuid programs attractive targets?
  • Stack overflow
    • Role of stack pointer
    • Return address overwrite
    • NOP slide = landing zone
  • Off-by-one stack overflow
    • What is a frame pointer?
    • Taking control
  • Heap overflow
    • What is the risk?
  • Format string attacks
    • What creates the vulnerability?
    • Understand how you can read the stack
    • Understand how you can write to memory via printf
  • Defenses
    • Safe vs. dangerous functions (e.g., strncpy vs. strcpy)
    • What does fuzzing do?
    • What's the problem with languages like C or C++?
    • Data Execution Protection (DEP)
      • What does it do?
      • What is a return-to-libc attack?
      • What is Return Oriented Programming (ROP)?
    • Address Space Layout Randomization (ASLR)
      • What is it?
    • Stack canaries
      • What are they?
      • When are they checked?
      • Why would a compiler re-order how variables are allocated on the stack?

Command Injection attacks

  • Command injection attacks
    • What are they?
  • SQL injection attack
    • I do not expect you to know SQL but recognize how the attack works and how interpreted languages and command interpreters in general are vulnerable
    • Prevention
      • Escaping (but error-prone)
      • Parameterized queries
  • Shell and execution environment attacks
    • system() and popen() risks
      • Understand that the attacks are essentially the same as for SQL injection
    • PATH: what is the risk?
    • LD_PRELOAD/LD_LIBRARY_PATH: what is the risk?
    • How can you attack a program via a file descriptor?
  • Importance of input sanitization (input validation)
  • Non-injection attacks
    • Understand what is meant by comprehension errors
    • Understand why parsing a filename can be tricky
    • Understand why unicode can make parsing even trickier
    • What is a TOCTTOU (Time Of Check To Time Of Use) attack?
  • Relative Attack Surface Quotient (RASQ)
    • All you need to know is in the exam review slide deck - just understand bias as a multiplier to each possible attack type; you don't need to remember the formula
    • Know what is meant by an attack vector
    • I will not ask you about root attack vectors, attack surfaces, or effective attack surface value

App Confinement

  • Why is access control not sufficient?
  • chroot
    • What does it do?
    • I will not ask you about jailkits
    • Why must it only be run as root?
    • How can you escape a chroot jail if you get root privileges?
  • FreeBSD Jails
    • Understand the goal and how they wanted to improve chroot
    • Ability to restric what root can do inside a jail
  • Linux app isolation
    • Namespaces
      • Recognize the different namespaces: IPC, network, mount (file system), process IDs, user/group IDs, network name
      • Understand the concept of the clone() system call: create a new process but specify which namespaces get shared
    • Capabilities
      • Note that these have no relation to capability lists for files
      • Know that they restrict what a proess can do with root privileges if it becomes root
      • You don't have to know the capabilities but it might be good to recognize a few of them to understand what kind of things they control
    • Control groups
      • Just know that they allow you to limit the amount of resources used by a proces (CPU, memory, file I/O, network I/O)
  • Containers
    • Security components: namespaces, cgroups, capabilities
      • Remember what these do
    • What are containers and what are the benefits?
      • Separate policy from enforcement
      • Helps avoid comprehension errors
      • How does a container differ from a virtual machine?
      • Main components: control groups, namespaces, capabilities, copy-on-write file system
      • Understand some possible security problems with containers
    • What is Docker?
    • You don't need to know Docker Hub and Docker swarm or any Docker commands
    • What's meant by container orchestration?
    • What is Kubernetes?