TU Wien:Introduction to Security VU (Weippl)/Prüfung 2011-12-12

From VoWi
Jump to navigation Jump to search

Hier mal was ich noch im gedaechtnis habe, es gab 2 gruppen

  • What are the three rules specified by the BLP model?
  • Define buffer overflow.
  • Describe what a NOP sled is and how it is used in a buffer overflow attack.
  • State the similarities and differences between command injection and SQL injection attacks.
  • Define a cross-site scripting attack. List an example of such an attack.
  • List and describe some measures for dealing with power loss.
  • What principles should be followed in designing personnel security policies?
  • Define asset, control, threat, vulnerability and risk.
  • List and briefly define the three braod classes of controls and the three categories each can include and give an example for each.
  • Describe 3DES, is it still secure?
  • What's a Hash function and how is it used? Give an example.
  • irgendwas mit RSA

andere Gruppe hatte (was ich gehoert habe)

  • List and briefly define the four steps in the iterative security management process.
  • Briefly explain Diffie-Hellman key exchange (statt RSA)

die liste is unvollstaendig