User Account

All Pages

Describe the data encryption standard

Assignment Help Management Information Sys
Reference no: EM131304433

INFA 620 - NETWORK AND INTERNET SECURITY

This is an open-book individual exam. You may use any resources in addition to the textbook, but you should do it individually without collaborating with others. Questions should be answered in your own words. Use quotation marks if not using your own words, and do not forget to cite full reference when necessary. Unless specified otherwise all multiple choice questions have only one correct answer.
Other Guidelines:

• You should submit your exam to your assignment folder in LEO as an HTML, MS-Word or plain text. When using HTML or plain text, you can either use the window available to paste your work, or attach your file.

• Repeat the text of the questions you have answered.

• Be the clearest and objective you can in all questions and be sure you are answering what is asked.

• Put your name in the exam.

PROBLEM 1 - General questions (20 points) ?(5 pts each)

a) Which of the following is considered the first line of defense against human behavior? Explain.

A) Policies

B) Cryptography

C) Physical security

D) Business continuity planning

b) Select from the following the best definition of security risk analysis:?A) Risk analysis looks at the probability that a vulnerability exists in your system.

B) Risk analysis looks at the probability that your security measures won't stop a hacker breaking in to your system.

C) Risk analysis looks at the probability that a hacker may break in to your system.

D) Risk analysis determines what resources you need to protect and quantifies the costs of not protecting them.

E) Risk analysis looks at the consequences of being connected to the Internet.

c) Which answer governs how a network might be configured and operated as well as how people are expected to behave on it?

Explain.?A) Network documentation?B) Regulations?C) Procedures?D) Policies

d) Which answer is one that contains actions to be taken in a certain situation like how long before users must change passwords, actions to take if an infiltration takes place or a users steals corporate date? Explain.

A) Policies

B) Documentation

C) Regulations

D) Procedures

PROBLEM 2 - Networking Fundamentals (20 points)?(5 pts each)
a) While using which type of networking device would each host 'see' all other traffic on the network? Explain.?A) Network Switch?B) Network Router?C) Network Hub?D) Token Ring Network

b) Which type of network device divides broadcast domains? Explain.?A) Switches?B) Hubs?C) Routers?D) Bridges

c) What destination MAC Address would be added to a packet on the route to a remote computer? Explain.

A) MAC Address of the far side of the default gateway

B) MAC Address of your computer

C) Exterior MAC Address of the remote Server

D) Interior MAC address of default gateway

d) You have two network segments separated by a router. A host on one segment does an ARP request for a certain IP Address. Would that request cross the router? Explain.

A) Yes, because routers forward broadcasts

B) Yes, if there is a hub between segments

C) Only if you have a Caching Engine

D) No, routers do not forward broadcasts
PROBLEM 3 - Cryptography Fundamentals (20 points)
(5 pts each)

a) Users in your organization sign their emails with digital signatures. What provides integrity for these certificates? Explain.

A) Hashing

B) Encryption

C) Non-repudiation

D) Private key

b) Bob wants to send a secure email to Alice so he decides to encrypt it. Bob wants to ensure that Alice can verify that he sent it. Which of the following does Alice need to verify the certificate that Bob used in this process is valid? Explain.

A) Alice's public key

B) Alice's private key

C) Bob's private key

D) Bob's public key

E) The CA's private key

F) The CA's public key

c) Which cryptographic system provides both data security and non-repudiation? Explain.

A) 3DES - Triple Data Encryption Standard

B) PKI - Public Key Infrastructure

C) DES - Data Encryption Standard

D) AES - Advanced Encryption Standard

d) When a user needs to provide message integrity, what options may be the best?

A) Send a digital signature of the message to the recipient

B) Encrypt the message with a symmetric algorithm and send it

C) Create a checksum, append it to the message, encrypt the message, then send it to the recipient

D) Encrypt the message with a private key so the recipient can decrypt with the corresponding public key?
PROBLEM 4 - Network Vulnerabilities, Attacks and Countermeasures (20 points)
(5 pts each)

a) Which of the following is not to be considered a cyber attack? Explain.?A) A nuclear electromagnetic pulse (EMP) that knocks out all electronic devices.

B) Trust exploitation.

C) Access control.

D) Port redirection.

E) Man-in-the-middle.

b) Which denial of service attack involves sending crafted ICMP packets which have a source address of the victim and all responses go to the victim?

A) Macro Virus

B) SYN Flood

C) Smurf Attack

D) Buffer Overflow

c) Security experts at your organization have determined that your network has been repeatedly attacked from multiple entities in a foreign country. Research indicates these are coordinated and sophisticated attacks. What best describes this activity?

A) Targeted attack

B) Sniffing

C) Spear phishing

D) Advanced persistent threat

d) Which component of an effective penetration test involves contacting users and asking questions about the corporate network in an attempt to gather intelligence? Explain.

A) Man-in-the-Middle Attack

B) Phishing

C) Spear Phishing

D) Social Engineering
PROBLEM 5 - Authentication and Authorization Controls (20 points)
(5 pts each)
a) Consider the following protocol that involves both RSA public-key operations and DES. Suppose that A has an RSA private key prv(A) and an RSA public key pub(A). Suppose that B has an RSA private key prv(B) and an RSA public key pub(B). Assume both A and B knows each other's public key. A wants to send B some message M. A selects random DES key K and send B the following two messages:
-- Epub(B)( K, Sigprv(A)(K))
-- EK(M)
"E" means encryption and "Sig" means digital signature. Which of the following statement(s) is true? Briefly explain why or why not.

(A) Only B can decipher the contents of the message M

(B) B is certain that the message M is from A

(C) B can prove to a third party that the message M arrived from A.

b) The security manager at your company recently updated the security policy. One of the changes requires dual-factor authentication. Which of the following will meet this requirement? Explain.

A) Fingerprint scan and retina scan

B) Password and PIN

C) Hardware token and PIN

D) Smart card

c) Apart from having strong passwords, what can mitigate brute force logon attempts? Explain.

A) Automatic Account Lockouts

B) Renaming Administrator Accounts

C) Disable the Administrator Account

D) Security Audits

d) A network includes a ticket-granting ticket server. Which of the following choices is the primary purpose of this server? Explain.

A) Access control

B) Authentication

C) Authorization

D) Identification

Reference no: EM131304433

Questions Cloud

Macroeconomic assignment : Many people find the current unemployment figures for Australia a bit unbelievable. Why is this? Why might the official statistics be inaccurate?
Calculate the macaulay duration and the modified duration : The derivative of the price function of the bond with respect to the yield to maturity is -$7,443.81 when evaluated at the current annual yield, which is 7%. Calculate the Macaulay duration D(.07, infinity) and the modified duration D(.07, 1) of t..
What are some of the unwritten boundaries that exist : What life lessons have you learned through these people? What are some of the unwritten boundaries that exist in your family? Did one person establish the rules in your family, if so, who?
Find this futures contract useful in hedging : What type of investor would find this futures contract useful in speculating? Briefly explain how these investors would use it to speculate.
Describe the data encryption standard : Describe the Data Encryption Standard,Public Key Infrastructure,Advanced Encryption Standard, Triple Data Encryption Standard etc.
How oil prices tend to rise during the spring observe : If you wanted to use the futures market for oil to speculate that oil prices were going to increase, how would you do it?
Why southwest airlines would want to hedge fuel costs : Briefly explain why Southwest Airlines would want to hedge fuel costs and how it would do so. Your answer should include a definition of hedging.
Whether banking and supervisory structures at eu level : Please write an essay of approximately 500 words on the topic Whether banking and supervisory structures at EU level proved adequate in responding to the debt crisis.
How do people use futures market for oil to buy protection : An article in the Wall Street Journal quotes a participant in the futures market for oil as saying, "We've seen less activity of people buying protection."

Reviews

Write a Review

Management Information Sys Questions & Answers

  How does your solution address wireless security issues

Why use a mobile application (and wireless technology) and not a wired application for the business you suggest? What are the advantages and disadvantages? Why use the specific technology and infrastructure you recommend? What are the advantages an..

  The process of auditing information systems

The Process of Auditing Information Systems, The annotated bibliography must include at least three of the references you will use in your paper, written in APA style

  What special challenges does biometric authentication pose

How is biometric authentication more secure compared to other authentication methods like text passwords, tokens, smartcards, etc.? What special challenges does biometric authentication pose

  Why has risk modeling become pervasive

Why has risk modeling become pervasive in the security management professions? Why do you believe that MSRAM has become a favored Risk Management tool? Just because it was first?

  Explain your rationale behind the design of the e-r diagram

Create a database schema that supports the company's business and processes. Explain and support the database schema with relevant arguments that support the rationale for the structure.Note: The minimum requirement for the schema should entail th..

  Evaluation of a coupled organisational structure

Evaluation of a Coupled Organisational Structure - A decentralization and delegation in an organization is explained step-by-step in this solution. The response also has the sources used.

  Supporting mobile health clinics

Analyze Case Study : Supporting Mobile Health Clinics: The Children's Health Fund of New York City and Examine the case study, and develop the conclusions, recommendations, and implications.

  Develop test plan training plan and maintenance methodology

Develop test plan, training plan, and maintenance methodology for SanGrafix, a video game design company. Each test and maintenance methodology should include a method for testing applications, operating systems, network connectivity, speed, load ..

  What should be done about the various incidents

Your boss asks what you think about all of these strange incidents. Respond and be sure to provide a recommendation on what should be done about the various incidents.

  Choose and discuss one type of advancement in production

choose and discuss one type of advancement in production technology.conduct research on the internet and choose one

  Supply chains amp system dynamics1 what is your opinion on

supply chains amp system dynamics1 what is your opinion on the questions below?case 1 focuses on beer as an end item

  Describe interfaces you interact with on a daily basis

Early user interfaces were designed with little or no consideration for the end user. This was largely due to technical and hardware limitations. Describe three (3) interfaces you interact with on a daily basis

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd