midterm 2 exam review
DESCRIPTION
Midterm 2 Exam Review. Release questions via webcourse “assignment” around 2pm, Wednesday Mar. 28th, due via webcourse at 2pm, next day Submit format: Word file, PDF file Scanned answer sheets Make sure your writing is large and readable, file names show page number - PowerPoint PPT PresentationTRANSCRIPT
Midterm 2 Exam Review
• Release questions via webcourse “assignment” around 2pm, Wednesday Mar. 28th, due via webcourse at 2pm, next day
• Submit format:– Word file, PDF file– Scanned answer sheets
• Make sure your writing is large and readable, file names show page number
– Photos of your answer sheets if you have no scanner• Make sure it is readable, file names show page number
• You can resubmit, so submit first version early!– Don’t wait until the last one hour to submit!– No excuse of not being able to submit! (unless webcourse is down for
the all day on Mar. 29th)
• From 2pm to 3:45pm on Mar. 28th, you can call me for any questions related to exam problems– Office number: 407-823-5015 (HEC 243)
Exam Coverage
• All questions in previous three homework and the email spam assignment
• All questions in mid-term 1 exam
• All examples given in this review lecture
• Try to go over my lecture notes after mid-term 1 exam– Use textbook as reference
Question Types– Knowledge questions
– True or false statement (explain why)
– Protocols
– Calculations
Knowledge Question Examples
• What port is used by SMTP protocol? By HTTP protocol? By HTTPS protocol?
• When a user reads his/her email, is the “From:” field shows the email address from “Mail from:” command, or from the “from:” line in Data command?
• What is RBL? (realtime blackhole list)• What are the two sender verification techniques
introduced in class? Which one use public key?• What is the biggest hurdle for “pwdHash” to be really
implemented?• Why in KaZaA there are so many virus-infected files?• What is the major differences between polymorphic virus
and metamorphic viruse?
Knowledge Question Examples
• What is IRC?• Among Agobot, SDBot, SpyBot, GT Bot, which one has
no malicious code in it? • Why centralized C&C botnets are very hard to shut down
by defenders? Why peer-to-peer botnets are even harder to shut down?
• What are the two running mode of rootkits?• Why rootkitrevealer can detect rootkits that hide
malicious files on hard drive?• What is a Trojan horse? Adware? Spyware?