ppt

Download Report

Transcript ppt 

Midterm 2 Exam Review
• Release questions via webcourse “assignment” around 2pm,
Wednesday Mar. 28th, due via webcourse at 2pm, next day
• Submit format:
– Word file, PDF file
– Scanned answer sheets
• Make sure your writing is large and readable, file names show page number
– Photos of your answer sheets if you have no scanner
• Make sure it is readable, file names show page number
• You can resubmit, so submit first version early!
– Don’t wait until the last one hour to submit!
– No excuse of not being able to submit! (unless webcourse is down for
the all day on Mar. 29th)
• From 2pm to 3:45pm on Mar. 28th, you can call me for any
questions related to exam problems
– Office number: 407-823-5015 (HEC 243)
Exam Coverage
• All questions in previous three homework
and the email spam assignment
• All questions in mid-term 1 exam
• All examples given in this review lecture
• Try to go over my lecture notes after midterm 1 exam
– Use textbook as reference
Question Types
– Knowledge questions
– True or false statement (explain why)
– Protocols
– Calculations
Knowledge Question Examples
• What port is used by SMTP protocol? By HTTP protocol?
By HTTPS protocol?
• When a user reads his/her email, is the “From:” field
shows the email address from “Mail from:” command, or
from the “from:” line in Data command?
• What is RBL? (realtime blackhole list)
• What are the two sender verification techniques
introduced in class? Which one use public key?
• What is the biggest hurdle for “pwdHash” to be really
implemented?
• Why in KaZaA there are so many virus-infected files?
• What is the major differences between polymorphic virus
and metamorphic viruse?
Knowledge Question Examples
• What is IRC?
• Among Agobot, SDBot, SpyBot, GT Bot, which one has
no malicious code in it?
• Why centralized C&C botnets are very hard to shut down
by defenders? Why peer-to-peer botnets are even harder
to shut down?
• What are the two running mode of rootkits?
• Why rootkitrevealer can detect rootkits that hide
malicious files on hard drive?
• What is a Trojan horse? Adware? Spyware?