• Check the Class Register for current grades.
• Lab involvement: 2 points
• Assignments: 4.5 points
• Tests during lectures: 2 points
• Final exam: 2.5 points
• 4.5 points are required to pass the class.
  • There are no other requirements (such as a minimal grade for a given component).
• In case you don't pass the exam you may choose to keep the lab and assignments grade or the final exam and test grade for the next year. You cannot keep some parts of these grades. If choosing not to keep any grade, everything will be reset for at the 1st of October 2018.

You can get assignment bonus pooints in case you take part and perform well CTF games. For each CTF you take part in get at most 1 bonus point equivalent in assignments. The evaluation will be subjective based on the results and a short description of the CTF and the results. You will send that short description on the mailing list stating an overall description of the CTF (organizers, duration) and team results and what each member has done: the challenge he/she solved and a very high level idea of the solution.

That is, if you take part successfully in two CTF games, you can get 2 bonus points to the 4.5 points for the assignments.

There will be a total of 5 lecture tests. Each lecture test consists of 4 questions with a free answer. Each lecture test is graded 0.4 points for a total of 2 points for all tests.

Each lecture test will cover the previous 2 lectures. The lecture tests will take place as shown below.

Lecture test #1 will take place on Monday, October 15, 2018, 6:05pm, room PR106, at the beginning of lecture 3. It will consist of 4 questions from Lecture 01 - Introduction. Basic Exploration Tools and Lecture 02 - Program Analysis.

Lecture test #2 will take place on Monday, October 29, 2018, 6:05pm, room PR106, at the beginning of lecture 5. It will consist of 4 questions from Lecture 03 - The Stack. Buffer Management and Lecture 04 - Exploiting. Shellcodes.

Lecture test #3 will take place on Monday, November 12, 2018, 6:05pm, room PR106, at the beginning of lecture 7. It will consist of 4 questions from Lecture 05 - Exploiting. Shellcodes (part 2) and Lecture 06 - Exploit Protection Mechanisms.

Lecture test #4 will take place on Monday, November 26, 2018, 6:05pm, room PR106, at the beginning of lecture 9. It will consist of 4 questions from Lecture 07 - Strings. Information Leaks and Lecture 08 - Code Reuse (part 1).

Lecture test #5 will take place on Monday, December 10, 2018, 6:05pm, room PR106, at the beginning of lecture 11. It will consist of 4 questions from Lecture 09 - Code Reuse (part 2) and Lecture 10 - Heap Exploitation.

The final exam will consists of two parts (1.25p of the final grade each):

• A quiz consisting of 22 multiple choice questions for 22 points. 20 points equal maximum grade. It will last 20 minutes. We'll use the cs.curs.pub.ro Moodle instance of the CNS class. Make sure you're enrolled.
• A set of three CTF-like tasks that are going to be solved on paper. It will last 60 minutes.

You will not be provided access to any sort of documentation for the duration of the final exam.

A sample quiz is located on the cs.curs.pub.ro Moodle instance of the CNS class.

A sample “practical” exam paper (solutions included) is located here.

You may choose not to take part in the final exam if you are comfortable with your grade so far.

For the quiz, you get points for each correct answer and you lose points for every wrong answer. Points are computed this way

• For each correct answer you get 1 / number_of_correct_answers (/ (slash) means “divided by”). That is:
  • 1 point for the correct answer for questions with a single correct answer;
  • 0.5 points for each correct answer for questions with two correct answers;
  • 0.33 points for each correct answer for questions with three correct answers;
• For each wrong answer you lose -0.5 points; negative grades are cumulative.

For example, consider a question with 7 choices and 3 correct answers. You may get the following grades:

• for 2 correct answers (you only placed two choices): 2*0.33 = 0.66 points
• for 2 correct answers and 1 wrong answer: 2*0.33-0.5 = 0.16 points
• for 1 correct answer and 2 wrong answers 1*0.33 - 2*0.5 = -0.66 points
• for 3 wrong answers: 3*(-0.5) = -1.5 points

The minimum overall grade for the quiz exam is 0 (zero). You don't get a negative grade.

If, for a given question, you don't chose any answer or you chose the “I don't know / I won't answer” option, that question will be graded with 0 (you don't get points, you don't lose points).

For the September exam session only the final exam may be taken again.

This is also the case for the June special session for 2nd year master students.

You can take part only once in a given exam session.

You can take both parts of the final exam (quiz and CTF) or you can choose to do only one. Your new grade will replace the existing (old) grade.

If you choose to, you can keep the lab grade (all labs) or the assignments grade (all assignments) from previous academic years or both. You cannot keep grades for lecture tests or for the exam. In case you want to keep grades, reply on the respective thread on acs.curs.pub.ro.