TU Wien:Introduction to Security VU (Weippl)/Prüfung 2011-12-12
Jump to navigation Jump to search
Hier mal was ich noch im gedaechtnis habe, es gab 2 gruppen
- What are the three rules specified by the BLP model?
- Define buffer overflow.
- Describe what a NOP sled is and how it is used in a buffer overflow attack.
- State the similarities and differences between command injection and SQL injection attacks.
- Define a cross-site scripting attack. List an example of such an attack.
- List and describe some measures for dealing with power loss.
- What principles should be followed in designing personnel security policies?
- Define asset, control, threat, vulnerability and risk.
- List and briefly define the three braod classes of controls and the three categories each can include and give an example for each.
- Describe 3DES, is it still secure?
- What's a Hash function and how is it used? Give an example.
- irgendwas mit RSA
andere Gruppe hatte (was ich gehoert habe)
- List and briefly define the four steps in the iterative security management process.
- Briefly explain Diffie-Hellman key exchange (statt RSA)
die liste is unvollstaendig