CS 416 Exam 3

Spring 2012

See the solutions (6 per page).

    PART I – 88 points – 23 questions – 4 points each

    For each statement, select the most appropriate answer. You may omit one question. Please clearly indicate the question you choose to omit.

  1. An Ethernet device driver implements the:
    (a) Data Link layer.
    (b) Network layer.
    (c) Transport layer.
    (d) Session layer.
  2. A virtual circuit will not guarantee:
    (a) Constant packet latency.
    (b) In-order packet delivery.
    (c) Reliable packet delivery.
    (d) Packet-based data transmission.
  3. Packet encapsulation is useful for:
    (a) Protocol layering.
    (b) Separating the header from the data.
    (c) Encrypting packet data.
    (d) Fault-tolerant packet delivery.
  4. How are additional protocol headers added to packet data as it goes down the network stack?
    (a) The socket buffer is allocated to be big enough to hold all anticipated headers.
    (b) Each layer of the protocol stack creates its own header and adds it via a linked list
    (c) At each layer, data is copied to a new buffer big enough to hold the existing data and new headers.
    (d) A separate socket buffer is created to manage headers.
  5. How many times is the data in a message copied from a user process creating it to it being sent onto the network?
    (a) Zero times.
    (b) One time.
    (c) Two times.
    (d) One time for each layer of the network stack.
  6. Linux’s New API (NAPI) added the following feature to the network stack:
    (a) Support for jumbo packets to support gigabit Ethernet transceivers.
    (b) Support for IPv6 in addition to IPv4.
    (c) A clean separation between the transport and network layer.
    (d) A combination of interrupts and polling to avoid a high rate of interrupts.
  7. A stub function in a remote procedure call:
    (a) Is the implementation of the remote function on the server.
    (b) Provides the interface of the server function on the client.
    (c) Is a placeholder function that needs to be filled in by the programmer.
    (d) Is a local function that is called if the server cannot be contacted.
  8. A programmer using remote procedure calls (RPC) uses an interface definition language (IDL) to:
    (a) Implement the remote procedures in an architecture-independent manner.
    (b) Provide the kernel with the interfaces to a set of remote procedures.
    (c) Marshal parameters for the remote procedure.
    (d) Identify the names, inputs, and outputs of remote procedures.
  9. Which caching approach yields session semantics?
    (a) Read ahead.
    (b) Write behind.
    (c) Write through.
    (d) Write on close.
  10. What operation is not possible on a stateless remote file system?
    (a) Read ahead.
    (b) File locking.
    (c) Getting file attributes.
    (d) Appending to a file.
  11. Under AFS, a callback from a callback promise:
    (a) Ensures that the client invalidates an obsolete version of a cached file.
    (b) Is used by a client to inform the server that it is modifying a file.
    (c) Informs a client that a lock has been released on a remote file.
    (d) Tells the client that it is now allowed to cache data for a specific file.
  12. The principle of least privilege can best be enforced with:
    (a) Stack canaries.
    (b) Access control lists for all files.
    (c) Cryptographically secure authentication.
    (d) A sandbox.
  13. Privilege separation is useful in enforcing:
    (a) The principle of least privilege.
    (b) Mandatory access control.
    (c) Discretionary access control.
    (d) Multi-level secure access.
  14. File permissions on Windows or Linux are an example of:
    (a) An access control list.
    (b) A capability list.
    (c) Mandatory access control.
    (d) An access matrix.
  15. Return Oriented Programming:
    (a) Allows buffer overflow attacks to run code even if stack memory is not executable.
    (b) Is a technique for injecting executable code into a buffer (also known as stack smashing).
    (c) Is a programming technique to ensure that buffer overflow attacks cannot occur.
    (d) Is where the compiler generates code at the return of a function to check for buffer overflow.
  16. Which technique cannot be used guard against buffer overflow attacks?
    (a) Address space layout randomization.
    (b) Stack canaries.
    (c) Signed software.
    (d) Non-executable stack memory.
  17. A chroot jail disallows a process:
    (a) Access to the network.
    (b) Access to parts of the file system.
    (c) The ability to execute specific system calls.
    (d) The ability to write files.
  18. A secure message from Alice to Bob is encrypted with:
    (a) Alice's private key.
    (b) Alice's public key.
    (c) Bob's public key.
    (d) Bob's private key.
  19. A hybrid cryptosystem uses:
    (a) Two levels of encryption to secure data: symmetric encryption followed by public key encryption.
    (b) Two symmetric keys, A and B, and encrypts data three times: EA(DB(EA(M))).
    (c) Public key cryptography to send a key and symmetric cryptography to encrypt data.
    (d) A combination of public and private keys to encrypt data securely.
  20. The Challenge Handshake Authentication Protocol (CHAP) is secure NOT because:
    (a) Both sides have a shared secret that is never sent across the network.
    (b) The server issues a random challenge for each authentication session.
    (c) Only hashed passwords are stored on the server.
    (d) All responses from the client are hashed values.
  21. An intruder cannot deduce the next S/key password having seen the previous one because:
    (a) Passwords are hashed.
    (b) The next password will be unrelated to the previous one.
    (c) One-way functions are used to generate passwords.
    (d) An encrypted communication session will be needed to transmit the password.
  22. For Alice to talk to Bob, the Kerberos ticket that Alice obtains contains:
    (a) Alice's secret key.
    (b) Bob's secret key.
    (c) The session key.
    (d) A Kerberos authorization message signed by the Kerberos server.
  23. Your digital certificate will not contain:
    (a) The certificate issuer's identification.
    (b) Your name.
    (c) Your private key.
    (d) Your public key
  24. PART II – 10 points – 6 questions – 2 points each

    For each statement, specify whether it is true or false by circling the correct choice.

  25. TCP is a Transport layer protocol whereas UDP is a network layer protocol.
          True        False
  26. The Address Resolution Protocol (ARP) converts Ethernet addresses into IP addresses.
          True        False
  27. Sockets are implemented as a pseudo file system type under VFS (Virtual File System).
          True        False
  28. NFS provides session semantics.
          True        False
  29. A digital signature is an encrypted hash.
          True        False
  30. Diffie-Hellman is a public key encryption algorithm.
          True        False