TML / Opinnot /

T-110.4200/4206 Information security technology

Exam area, year 2007

The exam area is following:

Central things:

• Lecture slides
• Additional material delivered in the handouts
• The following parts of the book:
  • Chapters 1-4 in whole.
  • Sections 5.1-5.3 and 5.7.4 from chapter 5.
  • Chapters 6-8 in whole.
  • Sections 9.2, 14.6
  • Chapters 18-19 in whole.
  • Section 20.4
  • Chapter 23 in whole.

Quite important in this course, but you do not need to remember the details:

• Following parts of the book:
  • Sections 10.1-10.2
  • Chapters 13, 15, 17
  • Sections 20.1-20.3
  • Chapter22

You should also browse through the rest of the book, to get a general view of the areas.

---

Guidelines for the exam

Question formats

• Concepts and acronyms
  • Q: Firewall (1p)
    • A: A device which limits traffic between two networks
    • A: An implementation of the security policy, controls information flows
  • Q: MAC (1p)
    • A: Mandatory Access Control, the system enforces access rules
    • A: Message Authentication Code, a cryptographic checksum (keyed hash)
    • A: Message Authentication Code, ensures data integrity in communications
  • A short explanation of the concept or acronym is enough

• Justify the following statements either correct or false
  • Q: Bell - LaPadula is a model for information integrity (1p)
    • A: False, it is a model for information confidentiality
  • Q: All systems should have antivirus protection (1p)
    • A: Correct, as viruses may be transmitted over any media, like diskettes or e-mail
    • A: False, a dedicated system like an Unix database server is not likely to have viruses
  • Both the correct and false answer may be accepted for a particular question, the key is in being able to justify your position

• Several short questions, like "how does a packet filtering firewall work? (3 p)"
  • A written reply, with a diagram if possible
  • Also questions which require applied knowledge, like "What would happen if message authentication codes (crypto checksums) were removed from a crypto protocol, like SSH, SSL or IPSec?".

• Essay
  • Requires you to show that you can discuss a subject in an intelligent manner. Bullet points or diagrams are not sufficient here, you should aim to write something that looks like an article, which could be published in a magazine.

What to answer

• Points will not be given for answers, which:
  • Discuss the subject without actually answering the question
  • Are correctly remembered from the course book, but do not actually answer the question
  • Contain the right terms, but do not form meaningful sentences in English, Finnish or Swedish
• We try to ask questions which require applied knowledge, which means that just blindly memorizing the slides and book should not get you through the exam. Knowing the meaning of a technology or concept is worth more points than getting the name exactly right.

---

This page is maintained by the assistants of computer security, course newsgroup: opinnot.tik.tietoturva
URL: http://www.tml.hut.fi/Opinnot/T-110.4200/2006/examarea.html