You are on page 1of 3

!"#$$$%&'!"#$$$$& ) *+"*,-.

/01
!"#$% '#($) *+, -./00 1)0" !
2*3*.45 360*7
This is a Nultiple Choice Questionnaiie test, similai to Class Test 1
Theie will be 2u questions, coveiing Lectuies anu Labs fiom
o 0nit 6 (Netwoik Aichitectuie)
o 0nit 7 (Wiieless Secuiity)
o 0nit 8 (Softwaie Secuiity)
You will be given Su minutes to complete the test
Calculatois aie not neeueu anu !"# %&&"'()
This stuuy guiue is inuicative
o Stuuents shoulu not limit theii piepaiation to this guiue only
o The test '*&& examine geneial knowleuge not coveieu heie
o Some questions iequiie ciitical thinking
Specifics of 0nit S - Softwaie Secuiity Pait 1 mateiial (LectuieLab) aie
!"# examinable in this test. Bowevei, geneial Softwaie Secuiity concepts
fiom that lectuie may be applicable.

869/,7 06 -3:*.7043:
;3/0 < + #*0=6.> ?.,@/0*,0-.*
!"# %&'()*
Puipose of 0SI Nouel Layeis one by one in theoiy anu what may happen
in piactice
Commontypical piotocols, wheie they stanu in the 0SI mouel anu why
Piotocols involveu in an BTTPS iequest
IPSec anu TLS: puipose, featuies, auvantages, uisauvantages
Application Layei, common piotocols anu it's ielationship with softwaie
applications
+(,-.)/ *()012(*
Besciiption anu puipose of uiiectoiy seivices in geneial, specifically the
following:
AAA systems
Active Biiectoiy
LBAP
RABI0S
Biametei
Keibeios
34&15*67&*(8 18(9,1,'
Puipose uesciiption anu opeiation
Key anu ielateu concept teiminology like
o Relying Paity, Iuentity Pioviuei, Secuie Token, Claim
o Claims-awaie, feueiation, client, feueiationfeueiateu iuentity
pioviuei, cieuentials,
:;4,1<&2,.) &;,=(9,12&,1.9
Befinition, puipose, likely opeiation
What is a "factoi"
The Knowleuge, Possession anu Inheience factois
What is "tiue" multi-factoi authentication
What is two-step veiification, key concepts
Key uiffeiences with tiue multi-factoi authentication anu examples

;3/0 & ) A/.*5*77 "*,-./01
Netwoik topologies like mesh, infiastiuctuie, point-to-point, au-hoc
What is waiuiiving anu what coulu its puipose be.
Wiieless Netwoik obscuiity methous like hiuuen SSIBs, NAC auuiess
filteiing etc as well as theii effectiveness
Foi each secuiity stanuaiu, be able to uesciibe it's enciyption anu
authentication facilities anu which piotocols they use
WEP:
o Besciiption & featuies
o vulneiabilities
WPA2:
o Besciiption & featuies
o Noues
o Biffeience between WPA2-Peisonal anu WPA2-Enteipiise
WPA2-Peisonal
o vulneiabilities
o The impoitance of SSIB selection
Biute foicing WPA2
o Bow uoes it woik what is the attack vectoi
o What is a iainbow table.
The "Attack vectoi summaiy" sliue
Teiminology like TKIP, NIC, SNonce, ANonce, PSK, BNAC
0nueistanu anu know the uiffeiences of CRC, NIC anu NAC
The NAC acionym anu what it may iefei to uepenuing on a ciyptogiaphic
oi netwoiking context
Limitations of WPA2-Enteipiise
0thei attacks in Wiieless Netwoiks (conuitional attacks, jamming,
significance of line of sight)
;3/0 B ) "6C0=4.* "*,-./01
Best piactices in secuiing an application
Compile-chain secuiity
vulneiabilities, exploits anu theii uiffeiences
0pen-souice softwaie anu it's auvantages, incluuing it's secuiity
auvantages anu limitations