User Account

All Pages

Root certificate authority and an intermediate ca

Assignment Help Computer Network Security
Reference no: EM13800632

Question 1:

In an SSL/TLS certificate, explain the trust chain and the difference between a Root certificate authority (CA) and an Intermediate CA? Why would end-user certificates be issued by the Intermediate CA and not the Root CA?

Question 2:

Assume you are looking for a new bank to join to do your online banking. In addition to the normal characteristics of banks that interest the average consumer such as the interest rates and customer service; you hold online security in high regard and you want to evaluate the safety of the entity to ensure your online transactions will be secure.

Answer the following questions:

A. Who is the "Issued by:" of the Root CA certificate?
B. Who is the "Issued to:" of the Intermediate CA certificate?
C. What is the expiration date of the end user certificate?
D. What is the Signature Algorithm of the Root CA? Is this considered a secure algorithm?

E. Repeat steps

Question 3:

Give a detailed explanation of the differences between a qualitative risk assessment and a quantitative risk assessment and give a brief example of each. What requirements or circumstances may lead you to choose one over the other?

Question 4:

Is a cryptographic hash function/digest considered encryption? Why or why not?

Question 5:

Fully describe, fully define, and fully explain three vulnerabilities from the latest Open Web Application Security Project (OWASP) Top Ten that has been covered in this course.

Question 6:

You are the Information Systems Security Officer (ISSO) for your organization and you see the following job posting on your company's website:

Web Application Developer

ISEC615 Inc. is a progressive software development company specializing in tracking solutions with a strong commitment to our customers. We are growing and adding new Developers to our Engineering Department. We are looking for dynamic, results oriented, enthusiastic individuals at all experience levels who thrive in a fast paced environment and enjoy staying up to date on technologies.
Application Stack:

•Apache 2.2

•Tomcat 6.x, 6.0.35, 6.0.36

•HTML

•CSS

•Javascript

•1+ year RDMS/SQL experience

•1+ year Unix/Linux environment experience

•2+ years web application development experience with any of the following languages:

?JavaScript, Perl, PHP, Python, Ruby

Your qualifications will stand out if you have:

• A strong knowledge of information security principles Ideal Attributes:

•Willingness to learn/expand Perl knowledge

•Willingness to participate in Agile methodologies

•Willingness to participate in on-call rotation for production support

•Self-motivated and confident with an ownership mentality

•Autonomous producer

Education: B.S. in Computer Science, Information Technology, or similar specialization.

From the perspective of an information security practitioner, answer the following question about the above job posting:

* Giving a detailed explanation; what is wrong with this job posting that may be of use to an attacker?

* Perform research and describe exactly where an attacker may find the information in the previous question based on this job posting. Provide links to what you have found that may be of use to an attacker pertaining to that specific job posting.

Question 7:

Your organization has a Web based information system and it is discovered that your information system vulnerable to several high risk Open Web Application Security Project (OWASP) Top Ten vulnerabilities.

- What reason, conditions or circumstances may exist that may cause you to accept (risk control strategy) all of the vulnerabilities and do nothing to protect your system?

- What reason, conditions or circumstances may exist that may cause you to terminate (risk control strategy) the information system as opposed to remedying the issues associated with the vulnerabilities?

Reference no: EM13800632

Questions Cloud

Discuss risk and return many people claim that playing the : Discuss risk and return. Many people claim that playing the stock market is like gambling. How is this true or not true? What should be one's approach to the stock market
Question regarding the quality-improvement plan : Using measurement strategies can help determine whether or not there is a need for a quality-improvement plan. How would you measure the success of project component if you are unable to find the means to measure and code the data?
What is meagen''s opportunity cost for producing 1 pie : What is Meagen's opportunity cost for producing 1 pie and 1 loaf of bread? b. What is Jim's opportunity cost for producing 1 pie and 1 loaf of bread? c. Who has the comparative advantage in the production of each good?
The evolution in technology and humans : The Evolution in Technology and Humans
Root certificate authority and an intermediate ca : Is a cryptographic hash function/digest considered encryption - explain three vulnerabilities from the latest Open Web Application Security Project (OWASP).
Primarily responsible for the amount of money that is create : The _________________ is primarily responsible for the amount of money that is created, although most of the money is actually created by depository institutions.
What part does consumer confidence play in gdp : 1.What part does consumer confidence play in GDP? Research the term "animal spirits" and how it applies to business confidence. Can you give an example of consumer confidence in your life? 2.What part does the government play in economic growth? How ..
Stages of business development and incorporate : Research on stages of business development and incorporate your findings in a three to four page paper. Include examples of organizations that fit into each stage.
Synthesize the concept of motivation and examine the substan : Synthesize the concept of motivation, and examine the substantial reasons why motivation is difficult to understand. Evaluate the potential effectiveness of the model positioning of motivation, and propose at least one (1) action that the organizatio..

Reviews

Write a Review

Computer Network Security Questions & Answers

  Write the different techniques use in detecting intrusion

Explain in detail about system security and write down the different techniques use in detecting intrusion. Explain the answer must be accompanied by algorithm.

  What are the common tools used for denial of service

What are the common tools used for denial of service and How does a SQL injection attack take place

  Analyze the industry researched for each security model

From the first e-Activity, analyze the industry researched for each security model would be most applicable, and explain why you believe that to be the case. Identify the security models from your findings

  Search the internet for one instance of a security breach

search the internet for one instance of a security breach that occurred for each of the four best practices of access

  Organizations security policies and procedures

Analyze the chosen organization's security policies and procedures, and provide an opinion of whether or not its policies and procedures are strong from an information security standpoint

  What is the definition of information security what

1.what is the definition of information security? what essential protections must be in place to protect information

  Explain security model of class using cnss model

suppose that the security model is required for protection of your class. Using CNSS model, examine each of the cells and write a short statement.

  Design an algorithm to achieve the byzantine agreement

Design an algorithm to achieve the Byzantine Agreement for the case that there are four processes, amongst which one is corrupted. You should not use public key cryptography for your algorithm (200 words)

  Define encryption

In a given encryption system where the messages are expressed only as numbers and "e" is an integer.

  Design a network for the local business

Design a network for the local business based on the information: The business has approximately fifty (50) employees, and the new office space will stretch across the third and fifth floors of a building.

  Describe the new method in details and theoretical basis

Analyze advantages and weaknesses of the new protection method (e. g. implementation cost, runtime, reliability, stability and etc.)

  Analyze three enhancements that have been added to wireless

wireless networking and unified communication networks please respond to the following1.analyze three enhancements that

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd