Add to collection(s) Add to saved
  1. Business
  2. Management

Computer and Network Security

advertisement 
Computer and Network Security
Final Exam (A), 2006
Dr. Ron Rymon
Time: 2 hours and 30 minutes, plus 30 minutes extension.
No Additional Material is Allowed
Part A. Explain briefly 6 of the following 7 terms (4 points each):
1. Phishing
a. A type of spam mail (1)
b. Which impersonates a request from a familiar business (usually a bank) (1)
c. Refers the victim to an impersonating web site in which the victim is requested to
enter personal data such as usernames and password to be used by the criminals (2)
2. SSL
a.
b.
c.
d.
Secure Socket Layer (1)
Protocol for secure web communication (1)
Supports confidentiality/encryption (1)
Supports one-way or two-way authentication using certificates (1)
3. PGP
a.
b.
c.
d.
Pretty Good Privacy (1)
Protocol and software for secure email (1)
Supports authentication (1)
Supports confidentiality (1)
4. Kerberos
a. Client/server authentication system (2)
b. Based on idea of access tickets (2)
5. CBC
a. Cipher Block Chaining (1)
b. A mode of operation for block ciphers (1)
c. Combines the output of the encryption of the previous block with the current block
plaintext (1)
d. In order to create inter-block diffusion and to avoid repetitions of same block being
encrypted in the same way (1)
6. Stream cipher
a. Works on a stream of plaintext bits (1)
b. Auto-generates a keystream, which is dependent on the encryption key (1), and on
previous bits (1)
c. Keystream xored with the plaintext stream (1)
7. Something-you-possess
a. A type of authentication where the authenticating party is required to physically
demonstrate something (2)
b. for example a card, token, etc. (2)
Part B. Answer 4 of the following 5 questions (9 points each):
1. Explain how a DDoS attack is mounted, and how it can be detected and dealt with
a. What it is: Distributed Denial of Service. A DoS is an attack on a server that is
designed to shut it down by flooding it with requests/traffic (2).
b. How it works: In distributed DoS, the hacker is using many computers that are
launching the attack when received the command from the hacker (2).
c. How the hacker gets to control the slaves: Usually, the computers that do the actual
attack were taken over by the hacker in a preceding step, e.g. through a Trojan that
was downloaded by unsuspecting users (1).
d. How it is detected: A DDoS attack is usually detected only when the traffic to the
victim becomes unusual or high (2).
e. How it is mitigated: Once detected, it is usually impossible to mitigate the attack in
the areas of the network that are close to the victim. Instead, traffic aimed to the
victim has to be siphoned and filtered at the ISP level, as close as possible to the
perimeter or sources of the attack. Filtering is usually based on the protocols and
patterns of the attack vs. the normal traffic (2)
2. Explain how fingerprinting works, and how it can be used for authentication
a. What it is: Fingerprinting is a something-you-are form of authentication, based on the
fact that different people have different fingerprints (3)
b. How it works: a reader makes a copy of the fingerprint. The image is then analyzed
and compared to the original fingerprint. (3)
c. How two fingerprints are compared: The comparison uses a catalog of lines/shapes
that are found in a fingerprint (minutiae) (3)
3. Explain how an HMAC is computed, and how it protects a message integrity
a. Illustration/explanation of the HMAC algorithm, and the input/output (5)
b. The role of the MAC and hash function in ensuring integrity (4)
4. Explain the Role-Based Access Control model
a. Groups people that perform same job function (3)
b. Together with the privileges they need to perform this function (3).
c. Advantages/disadvantages/comparison to other methods (e.g., ACL, groups) (3)
5. Explain how packet filters and application gateways work. What are the relative advantages
of each method?
a. General explanation (3)
b. Firewall rules (1)
c. Firewall configuration (DMZ, Bastion Host) (1)
d. Packet filters work in IP layer vs App Gateways in App layer (1)
e. Advantages and disadvantages (3)
Part C. Answer the following two questions (20 points each):
1. Explain how IPSec works and how it can be used to implement a VPN
a. IP Security protocol that works at the IP layer, therefore can be used for any
application (3)
b. General architecture that consists of a set of protocols for encryption and
authentication (ESP, AH) (2)
c. Explanation of AH for authentication (3)
d. Explanation of ESP for confidentiality (3)
e. Domain of interpretation, SAs, and key management functions (3)
f. Transport and tunnel mode – confidentiality for packet and against traffic analysis (3)
g. IPSec-based VPN architecture (3)
2. Outline the RSA encryption algorithm, and explain how it can be used to implement digital
signatures
a. RSA is a public-key algorithm (2).
b. The key generation algorithm (3 bonus – I didn’t ask for it)
c. The RSA encryption algorithm itself (6)
d. The difficulty in factorization that gives RSA its power (2)
e. Digital signatures – explanation of the public key scheme (two keys, one
published one secret) (2)
f. Digital signatures – the process explanation/illustration – how signed, how
verified, why secure (6)
g. Best to sign only hashes (2)
Related documents
cryptography and network security
cryptography and network security
17.1 Case Study Worksheet1
17.1 Case Study Worksheet1
537mat
537mat
Inter Bank Fund Transfer in Distributed Network
Inter Bank Fund Transfer in Distributed Network
CS 2813 - Loyola College
CS 2813 - Loyola College
Chapter 13
Chapter 13
CSE 473
CSE 473
Homework Assignment #1
Homework Assignment #1
Chapter 11 HW
Chapter 11 HW
Overview of Network Security - Electrical and Computer Engineering
Overview of Network Security - Electrical and Computer Engineering
Security and Risk Management
Security and Risk Management
Lecture 10: Message Authentication Code
Lecture 10: Message Authentication Code
MOD-DWH: Data Warehousing Fundamentals
MOD-DWH: Data Warehousing Fundamentals
Confidentiality, Privacy and Security
Confidentiality, Privacy and Security
Intrusion Detection: Definitions
Intrusion Detection: Definitions
www.ijecs.in International Journal Of Engineering And Computer Science ISSN: 2319-7242
www.ijecs.in International Journal Of Engineering And Computer Science ISSN: 2319-7242
SIP Security
SIP Security
A Guide to Security Policy
A Guide to Security Policy
Chapter 12 Outline
Chapter 12 Outline
Hardware Token Overview
Hardware Token Overview
Chapter 13 Network Management Applications
Chapter 13 Network Management Applications
RSA Adaptive Authentication
RSA Adaptive Authentication
Download
advertisement