Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

6 WEEK EXAM NAME: _________________

advertisement 
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
6 WEEK EXAM
NAME:
_________________
ALPHA:
_________________
SECTION: _________________
1.
2.
3.
4.
This is individual work.
SHOW ALL WORK!
Write legibly to receive credit.
Turn in your equation sheet.
SCORE: ________/100
SCALE
>89.5%: 31337
79.5 – 89.5%: H@XX0R
69.5 – 79.5%: G33K
59.5 – 69.5%: $€RiPt K1DD13
<59.5%: WannaB
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 1 – Computer System Review
1. (6 pts) The character ‘q’ is stored at memory address 73010.
a) (3 pts) By hand calculation, express this memory address in hexadecimal
notation, using a number of hex digits appropriate for our x86
architecture. Work must be shown for full credit.
b) (3 pts) What are the 8 bits is stored at this address?
____ ____ ____ ____ ____ ____ ____ ____
MSB
LSB
2. (2 pts) You type up a document in MSWORD, give it a file name, save it to
your ‘My Documents’ folder, and power down your computer. Where is the
file you created now stored? (Circle the correct answer)
a) RAM
b) The Hard Drive
c) CPU memory registers
d) Nowhere, the file is lost
e) The compiler
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 2: C Programming
3. (3 pts) For each of the following multiple choice questions select the answer
that best identifies the type of computing code being described. (Circle the
correct answer)
(1 pts) Code resulting from a successful compilation of a C program's source
code:
a) high-level code
b) assembly code
c) machine code
d) honor code
(1 pts) Code used when we write programs in the C programming language:
a) high-level code
b) assembly code
c) machine code
d) honor code
(1 pts) This code uses English-like mnemonics which correspond to machine
instructions:
a) high-level code
b) assembly code
c) machine code
d) honor code
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 3 – Registers and Memory
4. (4 pts) Analyze the following C program.
#include<stdio.h>
int main()
{
int i;
for( i=0; i < 4; i=i+2 )
{
if( i >= 2 )
{
printf(“Torpedoes\n”);
}
else
{
printf(“Howitzer\n”);
}
}
}
a) (2 pts) State how many times the loop will iterate.
b) (2 pts) What will be printed to the screen when the program is executed?
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
5. (8 pts) Answer the following questions based on the below screen capture of
assembly code in the debugger.
a) (3 pts) Part of the source code that generates this assembly code is the
line:
int x = 5;
Which assembly language instruction corresponds to this C code?
b) (3 pts) What is the memory address (in hexadecimal) of the variable x?
c) (2 pts) What is the address of the next line of code to be executed?
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 4 - Arrays
6. (4 pts) What is the fundamental issue with C that makes a buffer overflow
exploit possible?
7. (7 pts) Use the array declaration to answer the questions.
float wins[5] = {2.4,7,4,6.1,9};
a) (2 pts) How many bytes are allocated for this array?
b) (2 pts) What value is stored in wins[1]?
c) (3 pts) What value is stored in wins[5]?
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 5 – Strings and Pointers
8. (3 pts) Given the following declarations, what would be the C statement to
assign ptr_age the address of the integer age? (Circle the correct answer)
int
int
age;
*ptr_age;
a) &ptr_age = &age;
b) *ptr_age = &age;
c) &ptr_age = *age;
d) ptr_age = age;
e) ptr_age = &age;
9. (5 pts) Given the following C snippet, what would the output of the printf
statement be?
char name[40] = “LCDR Atwood”;
char *ptr1;
char *ptr2;
ptr1=name;
ptr2=ptr1 + 6;
strcpy(ptr2,”good day by all!”);
printf(“My teacher is %s\n”, name);
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 6 – Functions and the Stack
10. (3 pts) Select the most appropriate function definition to replace the
commented line in the program. (Circle the correct answer)
#include<stdio.h>
//YOUR ANSWER HERE//
{
float c_sq = a * a + b * b;
return c_sq;
}
int main()
{
float answer;
answer = hypot( 7.12 , 6.37);
printf(“The square of the hypotenuse is: %f\n”,
answer);
}
a) float hypot(float a, float b, float c)
b) float hypot(int a, int b)
c) void hypot(float a, float b)
d) float hypot(float a, float b)
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
11. (11 pts) Sketch the contents of the stack frame for main under Data in
hexadecimal. Locate and label the base pointer as ebp_main and the stack
pointer as esp_main under Stack Frame Info. Locate and label the
variables g, fox[0], fox[1] under What is Represented. (Note: Not
every block in the table will be filled in.)
#include<stdio.h>
int main()
{
char fox[2];
fox[0] = 'B';
fox[1] = 0;
int g = 17;
}
Address:
0xBFFFF810
0xBFFFF811
0xBFFFF812
0xBFFFF813
0xBFFFF814
0xBFFFF815
0xBFFFF816
0xBFFFF817
0xBFFFF818
Data:
What is
Represented:
Stack Frame
Info:
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 7 – Buffer Overflow Introduction
12. (10 pts) Given the following code snippet:
char first_name[6] = “Alice”;
strcpy(first_name, “Alexander”);
a) (2 pts) Will the C compiler state that there is an error?
b) (2 pts) What potentially dangerous situation occurs because of the
snippet above?
c) (3 pts) What is the minimum size necessary for the array first_name to
prevent this error?
d) (3 pts) There are at least two ways to change the above code to prevent
the above error from happening. Can you describe one?
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
13. (8 pts) When the greetings function is
called in main from the following code
sample the stack pictured below is created.
#include<stdio.h>
void greetings()
{
int name_len = 15;
char name[name_len];
int year = 2014;
Stack
year
name
name_len
prev_ebp
ret_addr
printf(“Enter your name: “);
scanf(“%s”, name);
printf(“Hello: %s! The current year is %d.\n”, name,
year);
}
int main()
{
greetings();
}
a) (4 pts) Assuming there is no padding (extra spaces) when the frame is
created, how many characters must the user enter to overwrite only the
first byte of the return address?
b) (4 pts) Is it possible to change the value of year by performing a buffer
overflow attack? Why or why not?
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 8 – The Heap
14. (4 pts) Is it possible for the heap and stack to collide? (Circle the correct
answer)
a) Yes, because the stack builds from the bottom (larger memory address)
up (to a smaller memory address) and the heap from the top (smaller
memory address) down (to a larger memory address).
b) Yes, because the heap builds from the bottom (larger memory address)
up (to a smaller memory address) and the stack from the top (smaller
memory address) down (to a larger memory address).
c) No, because the stack builds from the bottom (larger memory address) up
(to a smaller memory address) and the heap from the top (smaller
memory address) down (to a larger memory address).
d) No, because the heap builds from the bottom (larger memory address) up
(to a smaller memory address) and the stack from the top (smaller
memory address) down (to a larger memory address).
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 9 – Privilege Management
15. (8 pts) After typing in the command, ls –l gethappy.exe you see:
a) (2 pts) Who is the owner of this file?
b) (2 pts) What permissions do other users in the owner’s group have?
c) (4 pts) You (midshipman) are neither the owner nor part of the owner’s
group instructor. What command would the administrator enter to give
you permission to read and execute the gethappy.exe file?
16. (5 pts) You (midshipman) now have permission to read and execute the
gethappy.exe file. The function of the gethappy.exe file when executed is to
write to the file happytimes.
After multiple attempts, the executable file is not operating as expected. The
owner changes the executable file. You see:
a) (1 pts) What permission changed? Your answer must include the name of
the permission.
b) (4 pts) How does the change to the file’s permissions affect the execution
of the file?
EC310: Applications of Cyber Engineering
Exam #1 – Written Examination
Lesson 10 – Buffer Overflow Attack
17. (3 pts) Order these three main components of a buffer overflow exploit as
they will appear on the stack:
(shellcode, malicious return address, nop sled)
Top:
_________________________________
Bottom:
_________________________________
Middle:
_________________________________
18. (6 pts) Aside from careful programming and the modification of several specific
C commands, list and briefly describe two technical solutions that have been
proposed to prevent a program from being exploited by a buffer overflow.
TURN IN YOUR HAND-WRITTEN EQUATION SHEET WITH YOUR EXAM
_____________________________________________________________________________________________
Related documents
MATH 251, Section Quiz 11 (Sections 14.2, 14.3). Thursday, Nov. 11, 2010
MATH 251, Section Quiz 11 (Sections 14.2, 14.3). Thursday, Nov. 11, 2010
Quiz 5
Quiz 5
MATH 251, Section Quiz 9 (Sections 14.1, 14.2). Thursday, Nov. 7, 2013
MATH 251, Section Quiz 9 (Sections 14.1, 14.2). Thursday, Nov. 7, 2013
MATH 251, Section Quiz 10 (Sections 13.9, 13.10, 14.1). Dr. M. Vorobets
MATH 251, Section Quiz 10 (Sections 13.9, 13.10, 14.1). Dr. M. Vorobets
Name: SUMMER II, 2014 MATH 142:203 QUIZ - 9
Name: SUMMER II, 2014 MATH 142:203 QUIZ - 9
Download
advertisement