User Account

All Pages

Describe how each is countered bya particular feature of ssl

Assignment Help Computer Network Security
Reference no: EM131138295

Problem solving and/or short essays

Question 1. An early attempt to force users to use less-predictable passwords involved computer-supplied passwords. The passwords were eight characters long, taken fromthe character set consisting of lowercase letters and digits. They were created by apseudorandom number generator with 215 possible starting values. Using the technology of the day, the time required to search through all character strings of length 8from a 36-character alphabet was 112 years. Unfortunately, this is not a true reflection of the actual security of the system today. Why?

Explore and explain the problem in detail.

Question 2. Consider user accounts on a system with a Web server configured to provide access touser Web areas. In general, it uses a standard directory name, such as "public_html," in a user's home directory. This acts as their user Web area if it exists. However, toallow the Web server to access the pages in this directory, it must have at least search(execute) access to the user's home directory, read/execute access to the Web directory, and read access to any webpages in it. Consider the interaction of this requirement with the cases you discussed for the preceding problem. What are the consequences of this requirement? Note that a Web server typically executes as a specialuser and in a group that is not shared with most users on the system.

Are there somecircumstances when running such a Web service is simply not appropriate? Explain.

Question 3. A decentralized NIDS is operating with two nodes in the network, monitoring anomalous inflows of traffic. In addition, a central node is present to generate an alarm signal upon receiving input signals from the two distributed nodes. The signatures oftraffic inflow into the two IDS nodes follow one of four patterns: P1, P2, P3, or P4. Thethreat levels are classified by the central node based upon the observed traffic by the two NIDS at a given time, as outlinedin the following table.

Threat Level

Signature

Low

1 P1 + 1 P2

Medium

1 P3+ 1 P4

High

2 P4

If at least one distributed node generates an alarm signal P3at a given time instance, what is the probability that the observed traffic in the network will be classified atthreat level "Medium"?

Question 4. Assume we have an internal Webserver, used only for testing purposes, at IP address 5.6.7.8on our internal corporate network. The packet filter is situated at a chokepointbetween our internal network and the rest of the Internet.

Can such a packet filterblock all attempts by outside hosts to initiate a direct TCP connection to this internal Webserver? If yes, show a packet-filtering ruleset that provides this functionality; if no,explain why a (stateless) packet filter cannot do it.

Note: A ruleset is a list of rules, and the first matching rule determines the actiontaken. A rule is an action followed by a specification of which packets match, for example, droptcp 1.2.3.4:* -> *:25.

Question 5. The BLP model imposes the ss-property and the *-property on every element of b, but does not explicitly state that every entry in M must satisfy the ss-property and the*-property.

a. Explain why it is not strictly necessary to impose the two properties on M.
b. In practice, would you expect a secure design or implementation to impose the two properties on M? Explain.

Question 6. Consider the following threats to Web security, and describe how each is countered bya particular feature of SSL.

a. Man-in-the-middle attack: An attacker interposes during key exchange, acting asthe client to the server and as the server to the client.

b. Password sniffing: Passwords in HTTP or other application traffic are "eavesdropped."

c. IP spoofing: Uses forged IP addresses to fool a host into accepting bogus data.

d. IP hijacking: An active, authenticated connection between two hosts is disrupted, so the attacker can take the place of one of the hosts.

e. SYN flooding: An attacker sends TCP SYN messages to request a connectionbut does not respond to the final message to establish the connection fully. Theattacked TCP module typically leaves the "half-open connection" around for afew minutes. Repeated SYN messages can clog the TCP module.

Question 7. Sensors, analyzers, and user interfaces are three important components of any intrusion detection system. Explain in detail what each component does, what approaches IDS typically use to analyze sensor data, what sensor data can be used for host-based intrusion detection, and what sensor data can be used for network-based intrusion detection.

Question 8. Firewalls play very important roles in computer and network security. Explore and explain in detail the functionalities of different types of firewalls, including those installed on your home computers and home networks (on the router you may have), as well as the protocols used on these firewalls.

Reference no: EM131138295

Questions Cloud

What sustaining technology or technologies it will replace : Describe the characteristics of an IT-dependent strategic initiative that will lead to a sustainable competitive advantage. Please review the attached PPT: "Strategic Information Systems: Summary" for information to assist in your response.
Which type of foundation provide in laterite soil : Which type of foundation provide in laterite soil based upon two storey residential building.
What is the actual wavelength and velocity of a near-infrare : What is the actual wavelength and velocity of a near-infrared beam (0.901um) of light modulated at a frequency of 330 MHz through an atmosphere with a dry bulb temperature,T, of 26 degrees celcius; a relative humidity, H, of 75%, and an atmospheri..
Determine the magnification of the final image formed : Two lenses, one converging with focal length 20.0 cm and one diverging with focal length -10.0 cm are placed 25.0 cm apart. An object is placed 60.0 cm in front of the converging lens.
Describe how each is countered bya particular feature of ssl : Describe how each is countered bya particular feature of SSL - In practice, would you expect a secure design or implementation to impose the two properties on M? Explain.
What achievements you accomplished in this module : Reflect on all the material covered (e.g. readings, learning activities, etc.) throughout this module. Explain your thoughts on which learning experiences influenced your perspectives on IT and why. Additionally, explain what achievements you acco..
Between-homicides data on normal probability plot : Kittlitz (1999) presents data on homicides in Waco, Texas, for the years 1980-1989 (data taken from the Waco Tribune-Herald, December 29, 1989). There were 29 homicides in 1989. The table gives the dates of the 1989 homicides and the number of days b..
Draw an edgeworth box depicting the feasible allocations : Draw an Edgeworth box depicting the feasible allocations of state 1 consumption of m and state 2 consumption.- Identify the ex ante Pareto efficient allocations 1.
How much heat must be absorbed by the cube : A .50kg sample of water is at 15.0C in a calorimeter. A 0.040 block of zinc at 115C is placed in the water. Find the final temperature of the system.

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd