Institute of Computer Science
  1. Courses
  2. 2025/26 fall
  3. Information Security (MTAT.07.028)
ET
Log in

Information Security 2025/26 fall

  • Home
  • Lectures & labs
  • Homework & course rules
  • Terminology
  • Exam
  • Links

Exam

In the fall semester of 2025, there will be a closed book written exam that is held in the Delta building. You will need to bring a pen and an official ID with a photo.We will check the students' identities and check whether they have collected the required 40 points to be allowed to attend the exam.

The exam is composed of two parts, and both parts give 20 points.

  • The first part consists of 10-20 questions, which are in a test format. For example, the student may have to select the correct answer or reorder the list based on a given criteria.
  • The second part consists of four longer tasks that require the ability to combine information from different subtopics in order to solve the stated problem.

It is possible to get up to 40 points from the exam. In order to attend the exam, at least 40 points must have been collected from the homework tasks, tests and from the essay. There is a threshold to pass the exam. To pass the exam the student has to get at least 5 points from the first part of the exam and at least 5 points from the second part of the exam. If a student gets less than 5 points from either the first part or second part the result will be F.

Registration to the exam has to be done through the study information system (SIS). The exam date can be selected as soon as the information is available in the study information system, it is not necessary to wait until 40 points have been collected. This requirement is checked by the lecturers before the exam to make sure that the students registered for the exam have collected a sufficient amount of points to be allowed to attend the exam.

Exam schedule:

  • 12th of December, 09:00-11:00 (location is announced in the SIS)
  • 9th of January, 09:00-11:00 (location is announced in the SIS)
  • resit exam: 23th of January, 09:00-11:00 (location is announced in the SIS)

Example of a written closed-book exam.

  • example of an exam

Notice that a question can contain several sub-questions and all of the sub-questions have to be answered when you want to get full points.

Additional information that may help to prepare for the exam

The exam may includes questions from all topics covered throughout the course. The first part of the exam checks whether students have worked through the lecture materials. The second part of the exam checks whether students have understood the most important principles in addition to working through the lecture materials and whether they can use and combine the acquired knowledge.

The lecturers assume that students have either participated in all lectures or watched lecture recordings. It is also necessary to work through the lab and lecture materials on the courses.cs.ut.ee website. Reading the lecture materials is not equivalent to attending the lecture. For example, there are no drawings in the lecture materials that illustrate the technologies discussed in the lecture. The lecturers assume that students have worked through the materials related to the homework tasks. Therefore, some exam questions may be based on content from homework assignments or reading materials given as part of the homework. Reading the additional materials section (useful links / additional materials) at the end of the lecture materials is not mandatory and exam tasks will not be prepared based on these.

To get a good result, you must understand the essence of what was discussed in the information security lectures. If you have questions about the content of lectures or lecture notes, please ask the questions via the corresponding Moodle forum.

It is worth paying extra attention to public key cryptography and TLS, as these topics always play a rather large role in the exam. Some abbreviations and names must be remembered. You must definitely know the names of the most important modern cryptographic algorithms so that you can use them in the second part of the exam. You should also know the names and abbreviations of the most important technologies (such as VPN). As for other abbreviations, you should know in what context they are used so that you can answer the questions in the first part of the exam. We try to limit the use of abbreviations, but they are present in some questions.

Since the exam is paper-based, you do not need to remember exactly how to use the software that we used in the lab, but you may need to be able to provide examples of software that helps to solve a problem described in the task. Therefore, it is important to know what the software is used for.

Wrong answers will receive 0 points, negative points are not given. Therefore, it is worth answering even if you are not quite sure what the correct answer is. Some discussion questions in the second part may have several correct answers. The second part of the exam also assesses reasoning, and points can be awarded even if the answer is wrong, but the reasoning is logical (does not contain contradictions).

  • Institute of Computer Science
  • Faculty of Science and Technology
  • University of Tartu
In case of technical problems or questions write to:

Contact the course organizers with the organizational and course content questions.
The proprietary copyrights of educational materials belong to the University of Tartu. The use of educational materials is permitted for the purposes and under the conditions provided for in the copyright law for the free use of a work. When using educational materials, the user is obligated to give credit to the author of the educational materials.
The use of educational materials for other purposes is allowed only with the prior written consent of the University of Tartu.
Terms of use for the Courses environment