TU Wien:Introduction to Security VU (Weippl)/Prüfung 2009-05-28
Jump to navigation Jump to search
Prüfungsfragen (Gruppe B) waren:
- What is Social Engineering, give 2 concrete examples.
- What is the most effective defence against Social Engineering.
- Name 2 Methods of guessing passswords in an automated way.
- Name 2 DNS Record types and describe their purpose.
- Describe Ping Sweep and half open TCP scan. What can an attacer find out using these techniques?
- What is a rootkit and how do you detect it.
- How does a block cipher work, name a secure and an insecure block cipher.
- What are the characteristics of asymetric cryptosystems.
- What is the goal of crypthographic hash functions.
- What is the clear text of the following Caesar cipher with key = 8? Cipher: BZIOQKWUQF
- How does 3DES work? Is it secure?
- What are the 4 requirements on digital signatures?
- Name 3 pros of risk analysis.
- What are the 3 different strategies for risk reduction? Describe them.
- What is a buffer overrun? What can an attacker do with it?
- Name 3 techniques that reduce the risk of a buffer overrun in your code.
- What is a hash?
- Name six good practices in secure coding.