Add to collection(s) Add to saved
  1. Business
  2. Finance

CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM

advertisement 
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
CSCI4911 Special Topics: Computer Security Final Exam
Due Tuesday Dec 10thth 2013 by 5pm
INSTRUCTIONS
1. Please answer all 10 questions in this document (in the boxes provided) and email it to
Robert.owor@asurams.edu on or before Tuesday December 10th 2013, 5pm. Each question is worth 10 points.
Make sure you include your first and last name in the document, when you email it as an attachment.
2. In the Subject Header of the email, you should include the following: CSCI4911 Special Topics: Computer
Security Final Exam, Your Last Name, Your First Name, and Due Date. Late Exam submissions are not
accepted except where a valid excuse with evidence is provided.
3. Use Times Roman Font size: 10 to answer all your questions.
STUDENT DETAILS
LAST NAME:
FIRST NAME:
DO NOT WRITE ANYTHING BETWEEN THE LINES BELOW:
INSTRUCTOR’S EVALUATION
SCORE:
COMMENTS:
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q1. Should Governments trust Commercial Off the Shelf Software and hardware? What are some of
the risks in COTS hardware and software, particularly if it is manufactured in a foreign country? List at
least 5 risks. (10 points)
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q2. Using a real life scenario of sending money by text messaging, outline how two-factor encryption
can be used to authenticate the messages described in parentheses (I have sent you money; I have
received your message about sending me money; I have received the money; I have received the
message that you have received the money; use identity, transactionID, Origin, Destination, time,
amount and any other variables you think might help, without exchanging more than 4 messages i.e.
two messages from the Sender and two messages from the receiver). (10 points)
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q3. Explain 5 five points of concern you would take into account when designing a decryption
scheme. (10 Points)
3. Comment on the statement “normal flow is the best-case scenario.” What are some of the
Q4. Using three real life examples, explain how an attacker might compromise each of the following:
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q4. In each of the following 4 scenarios, explain how an attacker might compromise security
(a) Userid and Password page on the web
(b) A Blog or Bulletin Board Forum
(c) A For or While loop in an executable file using buffer overflows.
(d) An Online Credit Card Operation
(10 points)
4. What is the difference between an information system and information technology?
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q5. What is the role of packet filtering in firewall security? Outline at least 3 packet filtering strategies
you would recommend to meet your security goals.
(10 Points)
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q6 Outline a real life scenario for each of the following attack cases: Interruption, Interception,
Modification, and Fabrication. How do each of these attacks relate to Availability, Integrity,
Confidentiality and Authenticity?
(10 Points)
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q7. What is a Man-In-The-Middle-Attack (MITMA)? Give an example of software MITMA and
hardware MITMA (10 Points)
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q8. What is a Security Model? Discuss the steps you would take to design a Security Model? List at
least 7 steps.
(10 Points)
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q9. Supposing you were asked to prepare a Contingency/Disaster Recovery Plan, Outline the steps
you would take.
(10 points).
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM FALL 2013 – Dr. Robert Owor
Q10. Write brief notes (one paragraph or not more than 5 sentences) on each of the following:
(a)
(b)
(c)
(d)
(e)
The MD5 Algorithm
The Feistel Algorithm
Elliptical Curve Cryptography
RSA Encryption
Triple DES Algorithm
Related documents
COMPUTER SYSTEM COST COMPARISON PACKET_Name ______
COMPUTER SYSTEM COST COMPARISON PACKET_Name ______
When the Going Gets Tough
When the Going Gets Tough
Hwk #11
Hwk #11
Minorities Tolerance Scenarios
Minorities Tolerance Scenarios
Money Responsibility- Instructor Resource #1
Money Responsibility- Instructor Resource #1
Gwynne Dyer, Climate Wars - Sustainability Book Club
Gwynne Dyer, Climate Wars - Sustainability Book Club
Big Street Survey KS2
Big Street Survey KS2
My First Packet Tracer Lab
My First Packet Tracer Lab
Student Guide & Problem Statement
Student Guide & Problem Statement
15 CHEMICAL GROUP PROJECT
15 CHEMICAL GROUP PROJECT
Cash Flow Planning - Northfield Enterprise Center
Cash Flow Planning - Northfield Enterprise Center
Forces at an Angle Assignment
Forces at an Angle Assignment
STUDENT MISCONDUCT SCENARIOS
STUDENT MISCONDUCT SCENARIOS
Integrity - Andrew.cmu.edu
Integrity - Andrew.cmu.edu
Rapid Review Outline
Rapid Review Outline
LINC_Primo_Findbooksandmore - University of Waterloo Library
LINC_Primo_Findbooksandmore - University of Waterloo Library
New! Payroll Accounting Homework Grader
New! Payroll Accounting Homework Grader
Problem Set 3
Problem Set 3
Chapter 1
Chapter 1
Comparison_of_Exam_Objectives_N10-005_to_N10
Comparison_of_Exam_Objectives_N10-005_to_N10
IEInstructorNotes
IEInstructorNotes
Network Security
Network Security
Download
advertisement