		     TOPICS FOR THE CIS 4615 EXAM
				  on
Common Criteria, UMLSec, Secure Coding in C, and Secure System Design
		     $Date: 2015/10/20 02:00:48 $
                                   
This exam covers topics from homeworks 2-4. It is related to
the course outcome [SecurelyConstruct].

REMINDERS

The exam will be open book, open notes, but no electronics.  
If you need electronic material, print it and bring the printout.
(Warning: don't expect to learn the material during the exam.)
A good idea for studying is to condense your notes to a few
pages of ready reference materials.

If you need more space, use the back of a page.  Note when you do that
on the front.

Before you begin, please take a moment to look over the entire test
so that you can budget your time.

Clarity is important; if your answers are sloppy and hard
to read, you may lose some points.  

READINGS

We recommend reading the materials referred to in the course
syllabus. In particular the following:

  * Jan Jürjens. Secure Systems Development with UML. Springer-Verlag,
    Berlin, 2005. http://www.springer.com/us/book/9783540007012. 
  * chapters 5, 10, and 11 of
    John Viega and Gary McGraw. Building Secure Software: How to Avoid
    Security Problems the Right Way. Addison-Wesley Professional,
    2002. ISBN-13: 978-0321774958.
  * Parts 1-4 of 
    Michael Howard, David LeBlanc, and John Viega. 24 Deadly Sins of
    Software Security: Programming Flaws and How to Fix
    Them. McGraw-Hill, 2010. ISBN: 978-0-07-162676-7. 

If you have more time, read

  * Arthur F. Roubik, Jr. "Applying the Common Criteria to the
   Certification & Accreditation of Department of Defense Unclassified
   Information Technology Systems", version 1.4b, 2003. URL
   http://www.sans.org/reading-room/whitepapers/country/applying-common-criteria-certification-accreditation-department-defense-unclass-1171,
   fetched Sept. 2, 2015.

If you have even more time, see the course resources page for other readings.

TOPICS

In the following, I use + to denote relatively more important topics,
and - to denote relatively less important topics. Topics marked with
++ are almost certain to be on the exam.  All of these are fair game,
but if you have limited time, concentrate on the ones that are more
important first (and in those, the ones you are most uncertain about).

SKILLS [SecurelyConstruct]

  + Draw a UMLSec statechart diagram
    [HW2, statechart diagram for client and server of VPN]
  + Draw a UMLSec class diagram
    [HW2, class diagram for VPN]
  + Draw a UMLSec sequence diagram
    [HW2, sequence diagram for VPN
 ++ Find and fix vulnerabilities in C code
    [HW3, find, identify, and fix vulnerabilities in C code for prompt,
          print_errors, and histogram]
 ++ Apply secure design principles and techniques in various situations
    [HW4, apply secure design principles in various situations]

CONCEPTS [SecurelyConstruct]

You should understand the following terms and be able to use them in
solving problems.

 ++ confidentiality
 ++ integrity
 ++ availability
 ++ attack
  + risk
 ++ buffer overflow (attack)
 ++ format string attack
 ++ information leakage
  + cryptographic algorithm
  + digital signature
 ++ Personally Identifiable Information (PII)
  + Public Key Infrastructure (PKI)
  + exception handling, throw, catch, finally
  + invariant
 ++ command injection, SQL injection
  + psuedo-random number generator (PRNG)
  + cryptographic random number generator (CRNG)