Scribd Logo
Upload

Welcome to Scribd!

  • Midterm Topics CS6823 - Network Security: Updated 10 Mar 2014

    Uploaded by

    Utkarsh Shrivatava
    25 views2 pages
    Midterm Syllabus

    Original Title

    Midterm+Topics

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Midterm Syllabus

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views2 pages

    Midterm Topics CS6823 - Network Security: Updated 10 Mar 2014

    Uploaded by

    Utkarsh Shrivatava
    Midterm Syllabus

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Midterm Topics

    CS6823 - Network Security


    Updated 10 Mar 2014
    All topics on the lecture slides can be tested as students are expected to google and
    research topics that are not clear, even if it was only briefly discussed in class.
    Tested materials will include:
    Lecture slides 1-5 and presentation
    Labs 0, 1, 2, 3, and 5. Note: Lab 4 is not included in the midterm.
    Reading Materials on NYU Classes
    Homework #1 and #2
    Midterm exam will be closed book, no calculator, no notes. You are only allowed
    scratch paper for mathematical calculations. Online students are allowed a word
    processor such as MS Word.
    * star donates that the topic is virtually guaranteed to be on the exam
    Topics to focus on
    L1 Risk Analysis
    CIA and Risk/Threat definitions
    Risk Management (i.e., accept, transfer, remove, mitigate)
    Risk Assessment (Quantitative and Qualitative calculations)*
    Attack Trees*
    L2 Attacks I
    No laws, no TOR on the exam
    Process of network reconnaissance (Google hacking, DNS Records, Whois,
    Ping, Traceroute, Port scanning)*
    DNS (records, forward DNS, split, zone transfer)
    TCP Three way handshake and how connections can be dropped
    Familiarity with tools- what their purpose and capabilities
    nmap (Basic commands from lab, Scan types, Bounce scan, IDLE Scan)*
    L3 Attacks II
    No Web vulnerability scanners, No Immunity Canvas
    IP Address Spoofing
    Session hijacking
    DOS/DDOS amplification attacks and defenses
    SYN Cookies*
    DNS Cache Poisoning
    Nessus
    Metasploit*
    L4 Attacks III
    No netcat and no HackerDefender (no lab 4)
    Convert channels, covert_tcp, loki2
    Logging and defenses against log tampering
    No specific details on how logging is performed (no Slide 44, 48, 49)
    No hidden files (no Slides 52-56)

    L5 Cryptography* all Crypto is applicable except Message Integrity


    All ciphers (Caesar, Zimmerman, Substitution, Vignere, Vernam)
    Methods of breaking encryption
    Shannon Characteristics of Good Ciphers
    Confusion and Diffusion
    Stream & Block Ciphers
    CBC*
    No DES or AES, No birthday attack
    Public Key Crytography (RSA and DH) *
    Modular Arithmetic*
    RSA Encryption and Decryption*
    Diffie-Hellman*
    NEW: No Hashing and Keyed Hashes (Slide 52-66)

    You might also like