Reference no: EM133313
QUESTION 1
(a)(i) Differentiate between Denial of Service attack (DoS) and Distributed Denial of service (DDoS) attack.
(ii) Give one instance of a DoS attacks and one example of a DDoS attack.
(iii) Talk about two motivations for causing a DDoS attack.
(b)Evaluate and contrast Phishing and Pharming attacks. Which of these attacks is likely going to be more fruitful for the attacker? Give details why.
(c)What poses a bigger risk to an organization: External attacks or Insider attacks? give good reason for your statement.
QUESTION 2
(a)Discriminate between a one-factor and a two-factor authentication system of a user. Which one is more secure?
(b)It is strongly recommended to implement "password ageing" for password systems. Make clear "password ageing". How does it augment security?
(c)(i) How is dictionary attacks made not easy against Unix systems?
(ii) Is dictionary attack theoretically impossible when made difficult? validate your answer.
(iii) Which file is instrumental in preventing dictionary attack altogether?
(d)Which type of biometric device is considered to be the most secure: fingerprint scan or retina scan?
(e)Converse the problems of using a smart card for authentication.
QUESTION 3
(a)What kind of cryptographic attack made Double DES (2DES) not secure?
(b)What is the major hurdle preventing the widespread adoption of one-time pad cryptosystems to ensure data confidentiality?
(c)Which Data Encryption Standard (DES) operating modes can be used for large memos without the worry that an error early in the encryption/decryption process will spoil results throughout the communication? Clarify your answer.
(d)What is the major benefit of symmetric encryption?
(e)Confer three drawbacks of symmetric encryption.
(f)(i) Name the current symmetric encryption standard algorithm.
(ii) Will this algorithm still be the standard in 40 years?
(g)Give an instance of a digital certificate format.
(h)Presuppose a public key cryptosystem is being used.
(i) Richard wants to send Sue a message such that only Sue can read the message. Which key should he use to encrypt the message digest?
(ii) Richard would like to digitally sign a message he's sending to Sue so that Sue can be sure the message came from him. Which key should he use to produce the digital signature?
QUESTION 4
(a)Which port number is associated with https?
(b)Briefly portray the four SSL protocols.
(c)(i) SSL requires the exchange of a pre-master secret. How is the pre-master secret exchanged amid the client and server securely?
(ii) What is the importance of the pre-master secret shared during handshaking?
(d)Why should a Demilitarized Zone (DMZ) be used on a network?
(e)Describe how the application level proxy firewall is more secure than the packet filter firewall.
Owasp top 10 web application security risks
: Reflected XSS and Stored XSS attack, threat Modeling methodologies, Extended Stack Pointer (ESP) and the Extended Base Pointer (EBP), Canary-based defense to buffer overflow attacks in C language, admin.aspx, Index hijacking, cross-site request fo..
|
Cryptosystem
: Block cipher, Primitive root, Confusion, Diffusion, Digital signature, Conventional Symmetric-Key Encryption
|
Cyber weapon
: Single Sign On (SSO), Single Sign On (SSO), netstat -an, arp -a, ipconfig /displaydns, MS Config. Means, MS Config. Means, network reconnaissance
|
Dos and ddos attack
: Denial of Service attack (DoS) and Distributed Denial of service (DDoS) attack, two-factor authentication system, password ageing, biometric devic, cryptographic attack made Double DES (2DES), Demilitarized Zone (DMZ), SSL protocols
|
What is the standard error
: If you have five critical errors, two main faults, and five minor errors, what is the standard error
|
Determine the expected portfolio return
: Determine the expected portfolio return, rp, for each of the 6 years. Evaluate the expected value of portfolio returns, rp, (line over the r) over the 6-year period
|
Federal income tax return
: Use the given information to complete Phillip and Claire Dunphy's 2012 federal income tax return.
|
Evaluate the operating costs
: All operating costs are variable as a percentage of total sales.
|