User Account

All Pages

Describe the function or purpose of a virtual machine

Assignment Help Computer Networking
Reference no: EM13310291

1. Briefly define/describe what is meant by "defensive programming."

2. Which of the following is NOT a valid category of software errors?
a) Porous Defenses
b) Malware activation
c) Insecure interaction between components
d) Risky resource management
3. Identify a form of injection attack, AND briefly describe what is involved in this type of attack.

4. Which of the following is NOT a valid characteristic of cross site scripting?
a) An attack where input from one user is later output to another user
b) Commonly seen in scripted web apps
c) Can be created with JavaScript and Active X
d) Social networking websites are immune to cross site scripting
5. Identify AND briefly describe an approach for validating the input to a program.

6. Match the following with the words that best describe them  Memory leak; Race condition; Fuzzing; Least Privilege;
Privilege escalation; Canonicalization; Safe code; XSS reflection;
a) A powerful testing method using a large range of randomly generated inputs ____________________
b) Where multiple processes or threads compete to gain access to resources possibly resulting in corrupted data and/or lost changes ____________________
c) Attackers exploit flaws in programs to give the attacker great authority or power ____________________
d) Where a program fails to correctly manage use and release of memory causing a steady reduction in available memory to the point where it is completely exhausted ____________________
7. Briefly define/describe the "white listing" security approach.

8. Which of the following is the best definition/description of the chroot jail Linux/Unix security control?
a) Prevents a user from switching to su/root level privilege
b) Shuts down discretionary access control mechanisms
c) Restricts a system/user view of the file system to a specified portion
d) Encrypts the password file

9. Briefly define/describe the function/purpose of a virtual machine hypervisor OR describe one of the hypervisor's security roles.


10. Which of the following is the best definition for a data archive?
a) Saving copies of all security logs and records
b) Retaining copies of data over an extended period of time
c) Automatic saving of data
d) Making copies of data at regular intervals
11. Briefly define what we mean by "system hardening" AND identify one specific step/approach you might take for hardening an operating system.

12. Identify and briefly describe one (1) of the primary rules of the BLP model.

 

13. Match the following with the words that best describe them:
Biba model; Clark Wilson model; Chinese Wall Model; Reference Monitors;
a) Developed for commercial applications to deal with conflicts of interest ____________________
b) Elaborate yet practical integrity model that includes rules requiring well-formed transactions and separation of duties ____________________
c) Controlling element in the hardware and operating system of a computer that regulates the access of subjects to objects ____________________

14. Which of the following is NOT one of the basic services offered by a TPM?
a) Certified patching
b) Authenticated boot
c) Encryption
d) Certification

15. Briefly describe the fundamental problem/flaw of BLP that prevents it being widely implemented or practically useful.

16. Briefly define/describe "assurance" AND identify how it is related to the "common criteria."

17. Which of the following security concepts is particularly suitable for use in a Multilevel Security (MLS) environment?
a) Poly-instantiation
b) Role-based access control (RBAC)
c) Chinese Firewall
d) Three person control

18. Briefly define a "security audit."

19. Which of the following is NOT a part of the security audit model/architecture?
a) Audit trail database
b) Alarm processor
c) Audit analyzer
d) Event discriminator

20. Which of the following is the best definition for an audit trail?
a) The database of security related events collected by an audit system
b) A chronological record of the steps that auditors go through during an evaluation of your security controls
c) The path that your log data takes as it moves through the network to the archives
d) A timeline of system activities that is sufficient to reconstruct an event like a break-in

21. Identify/list three (3) auditable events that your audit system should collect.

22. Which of the following is NOT one of the six major audit functions?
a) Audit analysis
b) Data generation
c) Event translation
d) Automatic response

23. Briefly describe the role and importance of "baselining" or "establishing a baseline" as part of a security audit program.

24. Which IP Security (IPSec) mode protects the entire IP packet?
a) Transport mode
b) AH mode
c) Tunnel mode
d) Privacy mode

25. Which of the following is NOT one of the SSL protocols?
a) Handshake
b) Change cipher spec
c) Agreement
d) Record

26. Which of the following is NOT one of security functions of S/MIME?
a) Receipt service
b) Envelope
c) Signature
d) Confidentiality/encryption

27. Name three (3) types of agents involved in DomainKeys Identified Mail (DKIM).

28. Which of the following best describes HTTPS?
a) Combination of HTTP and IPSec
b) Combination of HTTP and SSL
c) Combination of HTTP and S/MIME
d) Combination of HTTP and DKIM

29. Name the three primary components and avenues for attack of wireless system.


30. Which of the following is NOT a threat associated with wireless networks?
a) Man-in-the-middle attack
b) Malicious association
c) Denial of Service
d) Transport reflection

31. Name one acceptable form of 802.11 wireless LAN security/encryption AND name one unacceptable form.

32. Briefly describe/explain what an IEEE 802.11 BSS consists of AND how it is different than an ESS.

33. Which of the following is NOT one of the IEEE 802.11i phases of operation?
a) Key management
b) Discovery
c) Negotiation
d) Protected data transfer

Reference no: EM13310291

Questions Cloud

How to compute the ionic strength of a solution : Calculate the ionic strength of a solution that is 0.08 M in La(NO3)3 and 0.06 M in Fe(NO3)2.
Calculate the ammonia concentration in mg per l : NH4+ = N+ + NH3 pK =9.24 If the pH is 8.5 and the ammonium(NH4+) concentration in 20mg/L, calculate the ammonia(NH3) concentration in mg/L.
Compute the percentage of crude protein in the sample : You want to determine the protein content in milk with the Kjeldahl method. You take 100 g whole milk and use 100 mL of 0.5 M hydrochloric acid to collect ammonia. You needed 34.50 mL of 0.3512 M NaOH for the back-titration. Calculate the percenta..
Explain a concentration of this base will produce a ph : A certain weak base has a Kb of 8.70 × 10-7. What concentration of this base will produce a pH of 10.10
Describe the function or purpose of a virtual machine : Which of the following is the best definition/description of the chroot jail Linux/Unix security control?
What are the radii of curvature of the eyepiece lens : The objective lens of a telescope is a symmetric glass lens with 100cm radii of curvature. The eyepiece lens is also a symmetric glass lens. What are the radii of curvature of the eyepiece lens
Determine the approximate flow rate in a conduit : Water at 20 C flows in a conduit with a cross-section shaped in the form of an equilateral triangle. The cross-sectional area of the conduit is 100 sqaure meters and e=0.045 mm.
Depict the structure of oxaloacetate : Draw the structure of oxaloacetate and clearly show which carbon atoms are 14C and which are 13C labeled. Draw a box around your answer.
Find the moment equations and then the deflection : a simple beam with a pin support at A on the left side of my beam, and a roller connection 20 feet away on the far right side of the beam labeled C, with the midspan point (10 feet) labeled B.

Reviews

Write a Review

Computer Networking Questions & Answers

  Find the rfc which defines ftp protocol

Find the RFC that defines the FTP protocol. Take any non text file (e.g. word document, mpg, excel or any application centric file) Segmentation of a file and forming FTP datagrams: Read first 'x' number of bytes and use them as part of payload sect..

  Optimal algorithm for mutual exclusion in computer networks

In Ricart and agrawala's An optimal algorithm for mutual exclusion in computer networks paper if we are updating the code with taking the priorities.

  Threat, risk and vulnerability

Threat, Risk and Vulnerability are related to Cybersecurity. Describe these three terms and provide a business case example.

  Explain sliding window error control system

In a sliding window error control system in which each byte is numbered, Station A sends a packet with bytes numbered 801 to 900. If the packet arrives with no errors, how does Station B respond?

  Write commands which are required to allow rip version

Write down the commands which are required to allow RIP version 2 and include LAN1 and LAN2 networks also the link between HQ and BRANCH in routing updates?

  Reasons to prevent outsider obtaining free network acces

List three reasons you might still want to prevent an outsider obtaining free network access by intruding into your wireless network.

  Reserved route takes over when device or connection fails

It determines new tree topology when switch or cable link failures. Reserved route takes over when device or connection fails. To aggregate ....to gather together Which is better, 10x100Mbps or 1Gbps?

  Mac destination address in ethernet header-arp payload

Describe the difference between MAC Destination Address in Ethernet header and one found in ARP payload.

  Attacks and defenses to session key establishment protocols

Illustrate attacks and defenses to these session key establishment protocols at all levels, including one or both of communicating machines being compromised.

  Where are wlan technologies going in the future

Where are WLAN technologies going in the future? Research what the next versions of the 802.11 standards are, and provide your educated opinion on how these technologies will be used.

  Assume a dual-railed system

(Multiplexers) Assume a dual-railed system, where you have access to any vari- able and its complement. Implement the following four-input Boolean function as indicated in each of the following subsections.

  Domain name system (dns.dynamic host configuration protocol

On the Internet, the entity that looks up a domain name and retrieves information about it is the:Select one: A. Domain Name System (DNS) B. Dynamic Host Configuration Protocol (DHCP) C. Internet Corporation for Assigned Names and Numbers (ICAAN) ..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd