User Account

All Pages

Ssl for http traffic

Assignment Help Computer Network Security
Reference no: EM133475

QUESTION 1

(a)(i) Why has "Stuxnet" virus been named as a cyber-weapon?

(ii) What has been the first identified target of the Stuxnet virus?

(iii) How the virus infection began? Why was infection (virus) brought in this way?

(iv) Offer two reasons why it is particularly difficult to detect the Stuxnet virus.

(v) How does the virus know that it has already infected a computer?

(vi) Name or give two modified variants of the Stuxnet virus.

(b)Present two examples of anonymous networks that may be used by attackers to hide their activities.

(c)In the year 2012, there has been many incidents related to the theft of personal data. For instance, clients personal data had been stolen from Zappos Online Shoe and Clothing website. What is the aim for attackers to steal such personal user data?

QUESTION 2

(a)(i) Illustrate Phishing attacks.

(ii) Make a distinction between Phishing and Spear Phishing attacks.

(b)Explain two instances where an attacker sniffing on a network may get an opportunity to carry out a DNS poisoning and how the DNS poisoning can be done.

(c)Briefly describe how the following networks can be protected against cache ARP poisoning (i) small networks, (ii) large networks and (iii) all networks.

QUESTION 3

(a)Think about the following access control information in the form of the 9 mode bits for a Unix file: 111 101 001. The owner of the file is John. John and Sam belong to the same group. Peter is an additional user on the system.

(i) What are the encoded access rights of John?

(ii) What are the encoded access rights of Sam?

(iii) What are the encoded access rights of Peter?

(b)Consider a system using the Bell-LaPadula model for access control. The subsequent are the clearance for several of the system users:

Jane: SECRET[PAYROLL]
John: TOPSECRET[SALES, PAYROLL, ADMIN]
Billy: SECRET[PAYROLL, ADMIN]
Tom: CONFIDENTIAL[SALES]

A file in the system named LOGISTICS has the following classification: SECRET[PAYROLL, ADMIN].
Assuming that the pecking order of the classification labels is TOPSECRET>SECRET>CONFIDENTIAL. State the read and write access for the LOGISTICS file by the following users. Give good reason for your answer.

(i) Jane,

(ii) John,

(iii) Billy, and

(iv) Tom

(c)RADIUS server is frequently used in networks for access control.

(i) What does the short form of RADIUS stands for?

(ii) Does it present centralised or decentralised access control?

(d)What is the importance of implementing parting of duties for access control?

QUESTION 4

(a)Can SSL be used to encrypt email data? Give good reason for your answer.

(b)What are the three fundamental security provided by SSL?

(c)Converse the limitations of SSL.

(d)State the port number used by application (submission) using SSL for HTTP traffic?

(e)With the help of an illustration, describe the processing performed by the SSL Record protocol of the SSL protocol stack.

Reference no: EM133475

Questions Cloud

Project management for engineering : economic feasibility of the projec, restrictions are the economics of the project based,  technical feasibility for the project
Ip spoofing : honeypot or a firewall, error handling, Denial-Of-Service, Public Key Infrastructure, WLAN Administrator, WEP Protocol, RSA Algorithm, Network Engineer
Protocol stack for wap2 : WAP protocol, cellular network infrastructure, SSL protect against eavesdropping, network datagrams (packets) be protected at the network layer, pin and fingerprint, Certificate Revocation, Public Key Infrastructure, modern symmetric algorithm bl..
Network threats : confidentiality, integrity and availability, trojan horse, Compress the data, Caesar cipher, rail fence cipher, PGP operation, network perimeter, MSFT, RSA cryptosystem
Ssl for http traffic : SSL Record protocol of the SSL protocol stack, RADIUS, networks for access control, DNS poisoning, Spear Phishing attacks, centralised or decentralised access control, encrypt email data
Security by obscurity : Defacement, Infiltration, Phishing, Pharming, Insider Threats, Click Fraud, Denial of Service, Data Theft/Loss, IP Whitelisting and IP Spoofing, recursive PHP functio, worm and a virus, hash on a string using MD5
Concept of subletting in v6 : small package routing is more efficient in IPV6 than in IPV4, increase the hacking factor, network security model (NSM), ACL, VLAN, war dialing
Mc gregor theory : action of a modern HR department, Personnel Management and Human Resources Management, Maslow's Theory to managing people, Maslow's hierarchy of needs Theory, Apprenticeship, job description, interviewing
Operation management : marketing strategy, turnover in terms of revenue, Paid out rate

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd