question 13

profilemsheshi49
NetworkSecurity1.docx
Home>Computer Science homework help>question 13

Question 1:

·

· 1.1 What is the OSI security architecture?

· 1.2 What is the difference between passive and active security threats?

· 1.3 List and briefly define categories of passive and active security attacks.

· 1.4 List and briefly define categories of security services.

· 1.5 List and briefly define categories of security mechanisms.

· 1.6 List and briefly define the fundamental security design principles.

· 1.7 Explain the difference between an attack surface and an attack tree.

Question 2:

· 2.1 What are the essential ingredients of a symmetric cipher?

· 2.2 What are the two basic functions used in encryption algorithms?

· 2.3 How many keys are required for two people to communicate via a symmetric cipher?

· 2.4 What is the difference between a block cipher and a stream cipher?

· 2.5 What are the two general approaches to attacking a cipher?

· 2.6 Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?

· 2.7 What is triple encryption?

· 2.8 Why is the middle portion of 3DES a decryption rather than an encryption?

·

Question 3:

· 3.1 List three approaches to message authentication.

· 3.2 What is a message authentication code?

· 3.4 What properties must a hash function have to be useful for message authentication?

· 3.5 In the context of a hash function, what is a compression function?

· 3.6 What are the principal ingredients of a public-key cryptosystem?

· 3.7 List and briefly define three uses of a public-key cryptosystem.

· 3.8 What is the difference between a private key and a secret key?

· 3.9 What is a digital signature?

Question 4

· 4.1 List ways in which secret keys can be distributed to two communicating parties.

· 4.2 What is the difference between a session key and a master key?

· 4.3 What is a key distribution center?

· 4.4 What entities constitute a full-service Kerberos environment?

· 4.5 In the context of Kerberos, what is a realm?

· 4.6 What are the principal differences between version 4 and version 5 of Kerberos?

· 4.7 What is a nonce?

· 4.8 What are two different uses of public-key cryptography related to key distribution?

· 4.9 What are the essential ingredients of a public-key directory?

· 4.10 What is a public-key certificate?

· 4.11 What are the requirements for the use of a public-key certificate scheme?

· 4.12 What is the purpose of the X.509 standard?

· 4.13 What is a chain of certificates?

· 4.14 How is an X.509 certificate revoked?

Question 5:

· 5.1 Provide a brief definition of network access control.

· 5.2 What is an EAP?

· 5.3 List and briefly define four EAP authentication methods.

· 5.4 What is EAPOL?

· 5.5 What is the function of IEEE 802.1X?

· 5.6 Define cloud computing.

· 5.7 List and briefly define three cloud service models.

· 5.8 What is the cloud computing reference architecture?

· 5.9 Describe some of the main cloud-specific security threats.

Question 6:

· 6.2 What protocols comprise TLS?

· 6.3 What is the difference between a TLS connection and a TLS session?

· 6.4 List and briefly define the parameters that define a TLS session state.

· 6.5 List and briefly define the parameters that define a TLS session connection.

· 6.6 What services are provided by the TLS Record Protocol?

· 6.7 What steps are involved in the TLS Record Protocol transmission?

· 6.8 What is the purpose of HTTPS?

· 6.9 For what applications is SSH useful?

· 6.10 List and briefly define the SSH protocols.

Question 7

· 7.1 What is the basic building block of an 802.11 WLAN?

· 7.2 Define an extended service set.

· 7.3 List and briefly define IEEE 802.11 services.

· 7.4 Is a distribution system a wireless network?

· 7.5 How is the concept of an association related to that of mobility?

· 7.6 What security areas are addressed by IEEE 802.11i?

· 7.7 Briefly describe the five IEEE 802.11i phases of operation.

· 7.8 What is the difference between TKIP and CCMP?

Question 8:

· 8.1 What is the difference between RFC 5321 and RFC 5322?

· 8.2 What are the SMTP and MIME standards?

· 8.3 What is the difference between a MIME content type and a MIME transfer encoding?

· 8.4 Briefly explain base64 encoding.

· 8.5 Why is base64 conversion useful for an e-mail application?

· 8.6 What is S/MIME?

· 8.7 What are the four principal services provided by S/MIME?

· 8.8 What is the utility of a detached signature?

· 8.9 What is DKIM?

Question 9:

· 9.1 Give examples of applications of IPsec.

· 9.2 What services are provided by IPsec?

· 9.3 What parameters identify an SA and what parameters characterize the nature of a particular SA?

· 9.4 What is the difference between transport mode and tunnel mode?

· 9.5 What is a replay attack?

· 9.6 Why does ESP include a padding field?

· 9.7 What are the basic approaches to bundling SAs?

· 9.8 What are the roles of the Oakley key determination protocol and ISAKMP in IPsec?

Question 10:

· 10.1 What are three broad mechanisms that malware can use to propagate?

· 10.2 What are four broad categories of payloads that malware may carry?

· 10.3 What are typical phases of operation of a virus or worm?

· 10.4 What mechanisms can a virus use to conceal itself?

· 10.5 What is the difference between machine-executable and macro viruses?

· 10.6 What means can a worm use to access remote systems to propagate?

· 10.7 What is a “drive-by-download” and how does it differ from a worm?

· 10.8 What is a “logic bomb”?

· 10.9 Differentiate among the following: a backdoor, a bot, a keylogger, spyware, and a rootkit? Can they all be present in the same malware?

· 10.10 List some of the different levels in a system that a rootkit may use.

· 10.11 Describe some malware countermeasure elements.

· 10.12 List three places malware mitigation mechanisms may be located.

· 10.13 Briefly describe the four generations of antivirus software.

· 10.14 How does behavior-blocking software work?

· 10.15 What is a distributed denial-of-service system?

Question 11:

· 11.1 List and briefly define three classes of intruders.

· 11.2 What are two common techniques used to protect a password file?

· 11.3 What are three benefits that can be provided by an intrusion detection system?

· 11.4 What is the difference between statistical anomaly detection and rule-based intrusion detection?

· 11.5 What metrics are useful for profile-based intrusion detection?

· 11.6 What is the difference between rule-based anomaly detection and rule-based penetration identification?

· 11.7 What is a honeypot?

· 11.8 What is a salt in the context of UNIX password management?

· 11.9 List and briefly define four techniques used to avoid guessable passwords.

Question 12:

· 12.1 List three design goals for a firewall.

· 12.2 List four techniques used by firewalls to control access and enforce a security policy.

· 12.3 What information is used by a typical packet filtering firewall?

· 12.4 What are some weaknesses of a packet filtering firewall?

· 12.5 What is the difference between a packet filtering firewall and a stateful inspection firewall?

· 12.6 What is an application-level gateway?

· 12.7 What is a circuit-level gateway?

· 12.9 What are the common characteristics of a bastion host?

· 12.10 Why is it useful to have host-based firewalls?

· 12.11 What is a DMZ network and what types of systems would you expect to find on such networks?

· 12.12 What is the difference between an internal and an external firewall?