This is an old revision of the document!
You can get assignment bonus pooints in case you take part and perform well CTF games. For each CTF you take part in get at most 1 bonus point equivalent in assignments. The evaluation will be subjective based on the results and a short description of the CTF and the results. You will send that short description on the mailing list stating an overall description of the CTF (organizers, duration) and team results and what each member has done: the challenge he/she solved and a very high level idea of the solution.
That is, if you take part successfully in two CTF games, you can get 2 bonus points to the 4.5 points for the assignments.
There will be a total of 5 lecture tests. Each lecture test consists of 4 questions with a free answer. Each lecture test is graded 0.4 points for a total of 2 points for all tests.
Each lecture test will cover the previous 2 lectures. The lecture tests will take place as shown below.
Lecture test #1 will take place on Monday, October 15, 2018, 6:05pm, room PR106, at the beginning of lecture 3. It will consist of 4 questions from Lecture 01 - Introduction. Basic Exploration Tools and Lecture 02 - Program Analysis.
Lecture test #2 will take place on Monday, October 29, 2018, 6:05pm, room PR106, at the beginning of lecture 5. It will consist of 4 questions from Lecture 03 - The Stack. Buffer Management and Lecture 04 - Exploiting. Shellcodes.
Lecture test #3 will take place on Monday, November 12, 2018, 6:05pm, room PR106, at the beginning of lecture 7. It will consist of 4 questions from Lecture 05 - Exploiting. Shellcodes (part 2) and Lecture 06 - Exploit Protection Mechanisms.
Lecture test #4 will take place on Monday, November 26, 2018, 6:05pm, room PR106, at the beginning of lecture 9. It will consist of 4 questions from Lecture 07 - Strings. Information Leaks and Lecture 08 - Code Reuse (part 1).
Lecture test #5 will take place on Monday, December 10, 2018, 6:05pm, room PR106, at the beginning of lecture 11. It will consist of 4 questions from Lecture 09 - Code Reuse (part 2) and Lecture 10 - Heap Exploitation.
The final exam will consists of two parts (1.25p of the final grade each):
You will not be provided access to any sort of documentation for the duration of the final exam.
A sample quiz is located on the cs.curs.pub.ro Moodle instance of the CNS class.
A sample “practical” exam paper (solutions included) is located here.
You may choose not to take part in the final exam if you are comfortable with your grade so far.
For the quiz, you get points for each correct answer and you lose points for every wrong answer. Points are computed this way
For example, consider a question with 7 choices and 3 correct answers. You may get the following grades:
The minimum overall grade for the quiz exam is 0 (zero). You don't get a negative grade.
If, for a given question, you don't chose any answer or you chose the “I don't know / I won't answer” option, that question will be graded with 0 (you don't get points, you don't lose points).
For the September exam session only the final exam may be taken again.
This is also the case for the June special session for 2nd year master students.
You can take part only once in a given exam session.
You can take both parts of the final exam (quiz and CTF) or you can choose to do only one. Your new grade will replace the existing (old) grade.
The quiz duration will be 15 minutes. Only one question will be shown at a time. You will not be able to get back to the previous question.
If you choose to, you can keep the lab grade (all labs) or the assignments grade (all assignments) from previous academic years or both. You cannot keep grades for lecture tests or for the exam. In case you want to keep grades, reply on the respective thread on acs.curs.pub.ro.