CSCI 4417/5417: Final Quiz. Due at start of Final Exam

Transcription

1 CSCI 4417/5417: Final Quiz Due at start of Final Exam April 27, 2005 Overview This quiz is optional, and your grade on it will replace your lowest quiz grade. Overall, the main goal of this assignment is to get your suggestions on how to improve the course. There are also a set of quiz questions on Security, to help you practice for the final. There are 39 questions for a total of 41 points. You should submit your solutions to this quiz at the start of the final exam. Even though many of these questions are open-ended, you should take this seriously: mediocre and vague feedback will receive only partial credit. 1 Security 1. (1 point) What is the purpose of nmap? 2. (1 point) What is the purpose of John the Ripper? 3. (1 point) True/False: iptables is stateful. 4. (1 point) What is the difference in functionality and overhead between stateful and stateless firewalls? 5. (1 point) True/False: a SOCKS server is a type of proxy server 6. (1 point) True/False: an HTTP proxy server is a type of SOCKS server 7. (1 point) What is the purpose of tripwire? 8. (1 point) What type of scalability problem might you encounter if you use tripwire to watch files in the /tmp directory? 1

2 9. (1 point) Explain the difference between how rpm -Va works versus how TripWire works. 10. (1 point) If a fellow student hands you a copy of einstein s /etc/passwd file, what should you do? 11. (1 point) Discuss how tripwire could be used to solve the problem of uninstalling software that was built and installed from source. 12. (1 point) True/False: if you have a personal firewall, then you don t need to also have a separate, standalone firewall. 13. (1 point) True/False: if you have a separate, standalone firewall, then you don t need to also have a personal firewall. 14. (1 point) How does blocking an incoming, initial SYN on a firewall increase security slightly? 15. (1 point) Assume that you are working for a company as a system administrator, and your boss asks you to run l0phtcrack on your domain controller. In a sentence or two, explain your response. 16. (1 point) True/False: using a foreign language word for a password is a good idea. 17. (1 point) Explain the difference between a brute force attack and a dictionary attack on passwords. 18. (1 point) Explain blacklisting with respect to firewalls. 19. (1 point) Explain whitelisting with respect to firewalls. Page 2

3 20. (1 point) According to the specification, an unexpected message to an open connection should receive a RST. Carefully explain how you would design an experiment to test this. 21. (1 point) True/False: According to the specification, a UDP packet sent to a closed port gets an HTTP port unreachable message. 22. (1 point) What is a bastion host? 23. (1 point) List two problems with blacklisting with respect to the Fireall FAQ: Feedback Take a look at for my thoughts on how the Spring 2003 version of this course went, and then give your feedback on the following aspects. 2.1 Assignments Assignments 1. Lab design 2. Operating System Installation 3. Virtual PC and File Permissions 4. DHCP and DNS 5. Users and Groups 6. Web and FTP 7. Distributed File Sharing 8. Software management 9. Security Page 3

4 1. (1 point) Which assignment was the most interesting to you? 2. (1 point) Which assignment was the most difficult? 3. (1 point) The Distributed File Sharing assignment was moved, and other assignments rearranged, to make the Samba portion of file sharing more feasible. Was this rearrangement successful? Put another way, was the Samba portion of the file sharing assignment more difficult than other assignments? 4. (1 point) 5. I have received some individual feedback on the prerequisite of CSCI 2235 (Introduction to Unix) and would like to explore ways of improving the transition. In Fall 2005, I will be teaching a 3-credit version of 2235 that will extend the full 15 weeks of the semester. The initial thought is to divide the additional 10 weeks into 5 weeks of additional Unix material (e.g., ps, lsof, netstat and other basic tools and parts of a system like standard locations for files and logs) and the other 5 weeks would be focused on scripting. (a) (1 point) Should there be a pre-test at the beginning of 4417 on Unix skills? (b) (1 point) Does the tentative change to 2235 sound effective, or would you think a different balance would be more helpful? (If the latter, what balance would you like to see) (c) (1 point) Please give me suggestions on how to improve either CSCI 2235 (with respect to the needs of CSCI 4417/5417) or the transition from 2235 to 4417/ (1 point) Please comment on the balance between group and individual assignments this semester (i.e., Good, Not Good). If you choose Not Good, please suggest a way that the balance could be improved. 7. (1 point) What one topic would you suggest be dropped from 4417/5417 that we covered this semester? 8. (1 point) What one topic would you like to see covered in 4417/5417 that we have not covered this semester (i.e., if we dropped something, what should we put in its place). 9. (1 point) Someone suggested adding a new module to CSCI 4800 (the IT Capstone) class where instead of either helping with CSCI 1100 or volunteering to do IT support in an area K-12 school, a student could be a 4417/5417 mentor. Give your feedback on that (including a description of how you think the logistics could work out). 2.2 Quizzes 10. (1 point) Were the quizzes useful in helping you know if you understood the material? Page 4

5 11. (1 point) Were the quizzes useful in helping you prepare for the exam? 12. (1 point) Should the quizzes be dropped from the course, or perhaps rolled into assignments so that we could spend less time in class doing the mechanics of the quizzes? 2.3 References 13. (1 point) Estimate how many times you actually opened the Windows reference. 14. (1 point) Estimate how many times you actually opened the Linux reference. 15. (1 point) Should both of the texts be required? If no, which should be required? 16. (1 point) If there were a selection of materials put together on Safari.com, and a printed, bound version of it available in the bookstore, do you think that would be an improvement over the current texts and readings? Why or why not? Page 5