Describe the mutual authentication procedure

Assignment Help Computer Network Security
Reference no: EM131224060

Question 1: Explain about Snort Rules, create rules and test the created rules.

Question 2: Kerberos Authentication Protocol

You are required to do personal research to complete the following questions regarding this topic:

To answer these questions, you should consult reference materials from other texts and the Internet. You are required to reference these sources - DO NOT DIRECTLY COPY material from them - i.e. use your own words.

A. Give your general description of the Kerberos authentication protocol.

B. Explain the term: Authenticator used in the Kerberos authentication protocol.

C. In the Kerberos authentication protocol, there are 3 basic roles: client, server and Key Distribution Centre (KDC). Give your description of each of them.

D. By explaining the term: Session Ticket, describe how a session key is created by KDC, and distributed to the client and the server

E. Describe the mutual authentication procedure between the client and the server after the client obtains the session ticket

Question 3: Wireless Protocols

To answer some of these questions, you should consult reference materials from other texts and the Internet. You are required to reference these sources - DO NOT DIRECTLY COPY material from them - i.e. use your own words.

You are required to do personal research to complete the following questions regarding this topic:

A. Describe 802.1x authentication and the steps that when a wireless client connects to a network using RADIUS server for authentication.

B. Explain the PEAP protocol - how does it differs from EAP and what EAP deficiency does it address?

C. What makes a brute-force attack both particularly difficult and potentially easy on a wireless network using AES/CCMP encryption and 802.1x authentication? Hint: What do you need to know in order to attempt the attack?

D. Assume an office wireless network was only configured with WPA2-AES encryption (i.e. no additional authentication standards). What problems would this cause?

E. Assume an office wireless network was only configured with 802.1x authentication (i.e. no additional encryption). What problems would this cause?

Question 4: Steganography Exercise

This exercise requires you to use Steganography to embed secret text into a graphic file and also to embed a secret watermark into a second graphic file. To accomplish these tasks you are to download a copy of OpenStego from the internet.You will also need to download the two graphic files cqu_logo.png andBundaberg.jpg from the Moodle site.

a) Data Hiding in a graphic file

b) Watermarking a second graphic file

Question 5

You are the Chief Information security Officer (CISO) of a small medium sized - accounting Services Company. In the last few weeks, senior staff have been complaining that some confidential information has been disclosed via email without any authorisation. You are approached by the Chief Information Officer (CIO) to discuss the issue and see the most appropriate way to tackle this problem. You suspect that some of the employees might be using their technical skills to access sensitive information either from the mail serversor during transmission. To counteract this malpractice, you suggest the CIO the implementation of encryption. Before you actually implement the system, you want to conduct a pilot using the GNU Privacy Guard (GPG) software.

The pilot requires that you install GNU Privacy Guard (GPG) software onto your own computer and complete the following activities.

Note: The GNU Privacy Guard is available for free download from https://www.gnupg.org/ and "APractical Introduction to GNU Privacy Guard in Windows" by Brendan Kidwell is available at https://www.glump.net/howto/gpg_intro
After installing GPG software onto your own computer, complete the following tasks:

1. Generate your own key-pair by using GPG software and do not create a pass-phrase for your private key (in a real world this is not a good practice. Just for the sake of this assignment, do not create a pass-phrase). You need to use screen-shots to show that you have successfully completed this task. A valid screen-shot is similar to the one shown in Figure 1. Pay attention to the red circles, which demonstrate the success of key pair generation

Figure Key Pair Creation

2451_figure.png

2. Export your public key and paste it into your assignment document. You need to use two screen-shots to show that you have successfully completed this task. One screen-shot is to show the use of gpg command and the other is to show the exported public key. For example, the screen-shot in Figure 2, shows a public key, which is exported into the file: CC-pubkey.txt.

1800_figure1.jpg

3. Explain the steps how to import your Lecturer's public key from the key-server https://pgp.mit.edu (your lecturer created a public key and stored it at the MIT PGP Public Key Server). Include in the assignment document the gpg command line, individual options you used and their meaning. As above, use screenshots of website interactions, with accompanying explanations of the screenshots to explain the steps how to import your Lecturer's public key from the key-server https://pgp.mit.edu.

4. Create an ASCII text file to store your full-name, your student number, and your student CQU email address (please do not use any other email address). Then using your lecturer's public key, encrypt this text file. The resulting file should also be ASCII armored so that it is readable once decrypted by your lecturer / tutor. Failure to do so will result in loss of marks. Submit the resulting encrypted file along with your assignment solutions document (word document) via the online submission system and following the naming convention given above.

Reference no: EM131224060

Questions Cloud

How the business environment is influenced by government : Evaluate how their business environment is influenced by government economic policy which may be identified through your application of economic theory.
Primary advantages of the capital asset pricing model : Question 1: What are the primary advantages of the Capital Asset Pricing Model (CAPM) in pricing common stock? Question 2: What are some potential issues in effectively using the (CAPM) to determine the price of a stock?
Analyze four key points of a relevant economic article : Identify at least four key points of a relevant economic article from either the Strayer Library or a newspaper. The article must deal with any course concepts covered in Weeks 1-8.
Why do intrinsic values of companies : Why do intrinsic values of companies differ from actual stock values? What types of assumptions are made during the valuation process of a firm?
Describe the mutual authentication procedure : COIS23001 - Network Security - What makes a brute-force attack both particularly difficult and potentially easy on a wireless network using AES/CCMP encryption and 802.1x authentication? Hint: What do you need to know in order to attempt the attac..
How much total interest is earned on the original deposit : Interest-on-Interest Consider a $2,200 deposit earning 8 percent interest per year for 7 years. How much total interest is earned on the original deposit (excluding interest earned on interest)?
Evaluate role of federal reserve in stabiles current economy : Evaluate the role and the effectiveness of the Federal Reserve in stabilizing the current economy. Determine which economic indicators the Federal Reserve should analyze so it can better stabilize this particular economy.
What is the value of their cash and marketable securities : Oasis Products, Inc. has current liabilities = $10.0 million, current ratio = 1.50 times, inventory turnover ratio = 12.0 times, average collection period = 20 days, and sales = $100 million. What is the value of their cash and marketable securiti..
What is the value of the pakistan project : Read  The Case "Globalizing the Cost of Capital and Capital Budgeting at AES" - What is the value of the Pakistan project using the cost of capital derived from the new methodology?

Reviews

Write a Review

 

Computer Network Security Questions & Answers

  What is access control

What is Access Control? What is SSO and what are some of parts and types of Access Control?

  Article on a current topic related to it security

Post a link to an article on a current topic related to IT security and/or ethics in the news. Once you post your article, go to other students submission and respond with how you see the articles content relating to either of the texts in class ..

  Problem related to internet communication

Question 1: What is Net Neutrality and why is it important? Question 2: From the group project, identify at least one important step needed to work successfully with a team when working virtually (collaborating online rather than face to face). Th..

  Describe situations where end-to-end encryption combined

Give some examples where traffic analysis could jeopardize security. Describe situations where end-to-end encryption combined with link encryption would still allow enough traffic analysis to be dangerous. about 150 words with references

  Discuss some of the problems nats create for ipsec security.

Why deployment of IPv6 has been slow to date

  Write udp programs to establish communication channel

Write UDP programs allowing two parties to establish a secure communication channel. For simplicity, let us call the programs "Host" and "Client", which are executed by Alice and Bob, respectively.

  What is the rationale or justification offered by hackers

What is the rationale or justification offered by hackers such as Anonymous or Wikileaks? How can the activities of such groups be considered "cybercrime"?

  Create more secured network infrastructure for the company

You are part of a telecommunication company that provides network and security solutions in different fields. You have been called by a client to plan and design the network system for the company. The idea of this project is create more secured n..

  Calculate the positions in an array

How do you calculate the positions in an array of the left and right child of a node in a tree represented as an array?

  Explaining wtls does not give message integrity protection

An earlier version of WTLS supported a 40-bit XOR MAC and also supported RC4 stream encryption. Show that this scheme doesn't give message integrity protection.

  Comprehensive analysis of the business needs

Identify network security measures needed and providing detailed information about them. Network security measures should also include preventative and maintenance measures.

  Evaluate the effect of this ruling on forensic investigation

Evaluate the effect of this ruling on forensic investigations from a forensics standpoint and determine whether or not you would consider this an "open door" for criminal activity. Justify your answer

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd