User Account

All Pages

Ssl for http traffic

Assignment Help Computer Network Security
Reference no: EM133475

QUESTION 1

(a)(i) Why has "Stuxnet" virus been named as a cyber-weapon?

(ii) What has been the first identified target of the Stuxnet virus?

(iii) How the virus infection began? Why was infection (virus) brought in this way?

(iv) Offer two reasons why it is particularly difficult to detect the Stuxnet virus.

(v) How does the virus know that it has already infected a computer?

(vi) Name or give two modified variants of the Stuxnet virus.

(b)Present two examples of anonymous networks that may be used by attackers to hide their activities.

(c)In the year 2012, there has been many incidents related to the theft of personal data. For instance, clients personal data had been stolen from Zappos Online Shoe and Clothing website. What is the aim for attackers to steal such personal user data?

QUESTION 2

(a)(i) Illustrate Phishing attacks.

(ii) Make a distinction between Phishing and Spear Phishing attacks.

(b)Explain two instances where an attacker sniffing on a network may get an opportunity to carry out a DNS poisoning and how the DNS poisoning can be done.

(c)Briefly describe how the following networks can be protected against cache ARP poisoning (i) small networks, (ii) large networks and (iii) all networks.

QUESTION 3

(a)Think about the following access control information in the form of the 9 mode bits for a Unix file: 111 101 001. The owner of the file is John. John and Sam belong to the same group. Peter is an additional user on the system.

(i) What are the encoded access rights of John?

(ii) What are the encoded access rights of Sam?

(iii) What are the encoded access rights of Peter?

(b)Consider a system using the Bell-LaPadula model for access control. The subsequent are the clearance for several of the system users:

Jane: SECRET[PAYROLL]
John: TOPSECRET[SALES, PAYROLL, ADMIN]
Billy: SECRET[PAYROLL, ADMIN]
Tom: CONFIDENTIAL[SALES]

A file in the system named LOGISTICS has the following classification: SECRET[PAYROLL, ADMIN].
Assuming that the pecking order of the classification labels is TOPSECRET>SECRET>CONFIDENTIAL. State the read and write access for the LOGISTICS file by the following users. Give good reason for your answer.

(i) Jane,

(ii) John,

(iii) Billy, and

(iv) Tom

(c)RADIUS server is frequently used in networks for access control.

(i) What does the short form of RADIUS stands for?

(ii) Does it present centralised or decentralised access control?

(d)What is the importance of implementing parting of duties for access control?

QUESTION 4

(a)Can SSL be used to encrypt email data? Give good reason for your answer.

(b)What are the three fundamental security provided by SSL?

(c)Converse the limitations of SSL.

(d)State the port number used by application (submission) using SSL for HTTP traffic?

(e)With the help of an illustration, describe the processing performed by the SSL Record protocol of the SSL protocol stack.

Reference no: EM133475

Questions Cloud

Project management for engineering : economic feasibility of the projec, restrictions are the economics of the project based,  technical feasibility for the project
Ip spoofing : honeypot or a firewall, error handling, Denial-Of-Service, Public Key Infrastructure, WLAN Administrator, WEP Protocol, RSA Algorithm, Network Engineer
Protocol stack for wap2 : WAP protocol, cellular network infrastructure, SSL protect against eavesdropping, network datagrams (packets) be protected at the network layer, pin and fingerprint, Certificate Revocation, Public Key Infrastructure, modern symmetric algorithm bl..
Network threats : confidentiality, integrity and availability, trojan horse, Compress the data, Caesar cipher, rail fence cipher, PGP operation, network perimeter, MSFT, RSA cryptosystem
Ssl for http traffic : SSL Record protocol of the SSL protocol stack, RADIUS, networks for access control, DNS poisoning, Spear Phishing attacks, centralised or decentralised access control, encrypt email data
Security by obscurity : Defacement, Infiltration, Phishing, Pharming, Insider Threats, Click Fraud, Denial of Service, Data Theft/Loss, IP Whitelisting and IP Spoofing, recursive PHP functio, worm and a virus, hash on a string using MD5
Concept of subletting in v6 : small package routing is more efficient in IPV6 than in IPV4, increase the hacking factor, network security model (NSM), ACL, VLAN, war dialing
Mc gregor theory : action of a modern HR department, Personnel Management and Human Resources Management, Maslow's Theory to managing people, Maslow's hierarchy of needs Theory, Apprenticeship, job description, interviewing
Operation management : marketing strategy, turnover in terms of revenue, Paid out rate

Reviews

Write a Review

 

Computer Network Security Questions & Answers

  Security vulnerabilities of vc

single access point (AP), wireless network, CSMA/CA, goals of information security, Wireless LANs, wireless hacking process, Wired Equivalent Privacy (WEP), Open System Authentication and Shared Key Authentication, Initialisation Vector (IV), RADIU..

  Mitigating dos attacks against broadcast authentication

Mitigating DOS Attacks against Broadcast Authentication in Wireless Sensor Networks

  Discuss two drawbacks of steganography

Discuss two drawbacks of steganography Describe the operation of a Trojan Horse program. How can we protect our computer from such a program

  Prepare a trouble ticket to record the problem

Prepare a Trouble Ticket to record the problem

  Analyze security requirements and prepare a security policy

Analyze security requirements and prepare a security policy.

  Symmetric encryption algorithms

block cipher and a stream cipher, Caesar cipher, cryptanalytic attacks, mono alphabetic cipher and a poly alphabetic cipher, Mix Columns, Add Round key, PGP services, traffic padding, contrast link and end-to-end encryption

  Network security

SLE, ARO, and ALE, behavioural biometric technology, Enterprise Information Security Policy, Issue Specific Security Policy, System Specific Security Policy, firewalls protect network, creating a DMZ during firewall implementation, use of SSL to se..

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Intrusion detection system (ids)

concept of Data, information and knowledge in information warfare, politically motivated computer misdeeds, McClintock Manufacturing, Percentage of Windows systems that run antivirus software that is updated each day, network traffic that is evaluate..

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Security by obscurity

Defacement, Infiltration, Phishing, Pharming, Insider Threats, Click Fraud, Denial of Service, Data Theft/Loss, IP Whitelisting and IP Spoofing, recursive PHP functio, worm and a virus, hash on a string using MD5

  Prepare a graph of the storage requirements

Prepare a graph of the storage requirements for the project.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd