Final Review Guide
¡ñ Finals Week Monday, June 6th, 11:30am – 2:30pm
¡ñ On Gradescope
Copyright By PowCoder代写 加微信 powcoder
¡ñ Zoom + Camera
¡ñ Open course material (notes, lecture slides, discussion slides, etc.)
¡ñ Close Internet (no Google, etc.)
¡ñ Use Piazza for clarification
¡ñ Final will cover everything
¡ð Should be able to re-do and explain everything
¡ð What is it attacking? What is its goal?
¡ð Prerequisites?
¡ð How does it work?
¡ð How to mitigate?
¡ñ Mitigation
¡ð What is it mitigating?
¡ð How does it work?
¡ð Any trade-off? ¡ñ Concept
¡ð Definition
¡ð Example
The Security Mindset
¡ñ Properties (CIA triad)
¡ñ Adversaries, Risk assessment (Threat Model)
¡ñ Countermeasures
¡ñ Costs/benefits
¡ñ Should be able to analyze these for most attacks/defenses learned in this quarter
Low Level Security
¡ñ Stack layout
¡ñ Stack vs. Heap vs. Data vs. Text
¡ñ Some x86 instructions
¡ñ Purpose of common registers
¡ñ C function calls
¡ñ Exploits in PA1
¡ð What are the bugs?
¡ð How to exploit those bugs?
¡ñ Should be able to re-do PA1
Low Level Security Common Attacks and Defenses
¡ñ Return-Oriented-Programming (ROP)
¡ñ User-After-Free (UAF), Dangling pointer
¡ñ Canaries
¡ñ Should be able to describe
¡ð Their purpose
¡ð How they works
More Low Level Defense (Not on final)
¡ñ Control-Flow Integrity
¡ð Makes sure control can only flow to legitimate places
¡ð Coarse grained vs. Fine grained
¡ñ Shadow Stack
¡ð Separate control stack and data stack
¡ñ Both are supported by latest CPU hardware
¡ñ Six Principles of Secure System Design
¡ð Definition
¡ð Example
¡ñ Process memory isolation
¡ñ Unix permission system (ACL and uids)
¡ñ ACL vs. Capabilities
¡ñ Software-Fault-Isolation (SFI)
¡ð Browser
¡ñ Should be able to give definition and examples
Side Channel
¡ñ Cache timing side channel attacks ¡ð Basic idea
¡ñ Mem and Time hack in PA2
¡ð Should be able to describe steps
¡ñ Mitigation
¡ð Name a few
¡ð Methods
¡ð Common/security-related headers
¡ð Common status code ¡ñ Cookie
¡ð Purpose
¡ð How to set and use
¡ð SameSite
¡ñ Browser
¡ñ Load and execute content
¡ñ Frame and iFrame
¡ñ Document Object Model (DOM)
¡ñ DOM and JS
¡ñ Same Origin Policy (SOP)
¡ð Just some common tags and attributes
Web Attacks and Defenses
¡ñ Phishing
¡ñ Client-Side Injection
¡ð Cross Site Scripting (XSS) ¡ñ Server-Side Injection
¡ð SQL Injection
¡ö SQL basics
¡ö Mitigations
¡ñ Cross Site Request Forgery (CSRF)
¡ñ Should be able to do these by hand
¡ð Application
¡ð Transport
¡ð Network
¡ð Physical
¡ð Addresses
¡ð IPv4 vs. IPv6
¡ð 3-Way Handshake
¡ñ Basics of other protocols mentioned (ARP, BGP, UDP, etc.)
¡ð Purpose and layer ¡ñ Common ports
¡ð Purpose
¡ð Hierarchy
¡ñ Basics of attacks
¡ð Eavesdropping
¡ð Injection
¡ð Spoofing
¡ð Misdirection
¡ñ Basics of defenses (basic idea + pro/con) ¡ð Firewalls
¡ö Default allow/deny
¡ð Honeypots ¡ñ NAT
¡ð Purpose
¡ð Pro/Con
¡ñ Symmetric-key
¡ð Block Ciphers
¡ð Hash Function (MD5, SHA1, SHA2, SHA3)
¡ð What property do they give?
¡ñ Public-key (should be able to do these by hand)
¡ð Diffie- Exchange
¡ð RSA Signatures
¡ð Bleichenbacher RSA Signature Forgery
¡ñ TLS, SSH, IPsec
¡ñ Constructing a secure encrypted channel
¡ñ Public Key
¡ð Trust On First Use (TOFU)
¡ð Certificate Authority (CA)
¡ð Web of Trust (e.g., PGP)
¡ñ TLS + DH key exchange
Authentication
¡ñ Protecting Password
¡ñ One-Time Passcode ¡ñ Biometrics
¡ñ Good/Bad Examples + possible attack
Privacy & Law
¡ñ Kinds of privacy
¡ñ Anonymous Communication Challenges
¡ñ Principles
¡ñ CFAA, DMCA, etc.
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com