Reference no: EM131058753
Question 1: Certificates
A) Because there are multiple certificate authorities (CAs) for the Web PKI it is possible to buy multiple certificates for the same domain signed by different CAs. How would a browser treat these different certificates?
B) Suppose that an imposter is able to obtain a certificate for a domain that the imposter doesn't own. (For example, in January 2001, an imposter tricked VeriSign into signing two certificates for "Microsoft Corporation" to be used for signing new software to be installed.) What sorts of attacks could an imposter pull off once in possession of such "fake" certificates for
i. installing software.
ii. Viewing Web pages
C) Typically the public SSH keys used by servers are not signed by any certificate authority, but the SSH protocol does support checking certificates.
i. Why, in practice, are server certificates rarely signed?
ii. What is the benefit of checking server certificates?
Question 2: Firewall Rules
Assume you have the following firewall rules:
|
Rule No.
|
Transport Protocol
|
Source IP
|
Source Port
|
Destination IP
|
Destination Port
|
Action
|
|
1
|
UDP
|
0.0.0.0/0
|
any
|
129.174.17.180
|
53
|
allow
|
|
2
|
TCP
|
55.66.77.0/24
|
any
|
129.174.17/180
|
22
|
allow
|
|
3
|
TCP
|
55.66.77.12
|
4500
|
129.174.17/180
|
22
|
deny
|
|
4
|
TCP
|
127.0.0.1
|
443
|
129.174.17/180
|
6000
|
allow
|
|
5
|
TCP
|
0.0.0.0/0
|
any
|
129.174.17/180
|
6000
|
deny
|
|
6
|
UDP
|
0.0.0.0/0
|
any
|
129.174.17/180
|
32768
|
deny
|
|
7
|
TCP
|
0.0.0.0/0
|
any
|
129.174.17/180
|
32769
|
deny
|
|
8
|
TCP
|
0.0.0.0/0
|
any
|
129.174.17/180
|
32768
|
deny
|
|
9
|
TCP
|
0.0.0.0/0
|
any
|
129.174.17/180
|
80
|
allow
|
|
10
|
UDP
|
129.174.16.20
|
1025
|
0.0.0.0/0
|
65535
|
allow
|
|
11
|
UDP
|
129.174.20.100
|
1025
|
0.0.0.0/0
|
65535
|
allow
|
|
12
|
UDP
|
129.174.18.100
|
1025
|
0.0.0.0/0
|
65535
|
allow
|
|
13
|
any
|
0.0.0.0/0
|
any
|
0.0.0.0/0
|
any
|
allow
|
|
14
|
TCP
|
0.0.0.0/0
|
any
|
0.0.0.0/0
|
any
|
deny
|
|
15
|
UDP
|
0.0.0.0/0
|
any
|
0.0.0.0/0
|
any
|
deny
|
|
16
|
TCP
|
0.0.0.0/0
|
any
|
129.57.17.180
|
6000:6010
|
deny
|
|
17
|
TCP
|
0.0.0.0/0
|
any
|
129.174.17.180
|
0:1024
|
deny
|
|
18
|
any
|
0.0.0.0/0
|
any
|
129.174.17.180
|
any
|
deny
|
a) Define what a rule conflict is and Identify any conflicts.
b) Identify any redundancies and explain which rule would be applied using each of the following 3 matching strategies:
1. FIRST
2. BEST
3. LAST
Question 3: Firewalls
a) What is a proxy firewall and how is it different from a network (or transparent) firewall?
b) What does NAT stand for, and how does the mechanism work? Describe what, if any, security NAT provides (or fails to provide).
c) Where would you place a web server in an organization assuming that you can use a network firewall and why?
|
Critique of batman as gay be motivated by homophobia
: Instructions: The selection of videos linked below offer samples of the Adam West Batman series, the 1997 Batman and Robin movie, and a recurring animated sketch from Saturday Night Live in the 1990s entitled "The Ambiguously Gay Duo".
|
|
Efficiency in the said cycle
: What is a rankine cycle? How does one develop the efficiency in the said cycle?
|
|
Which country has the financial crisis strengthened the most
: In your view, has the financial crisis weakened the United States globally? Which country has the financial crisis strengthened the most? Use APA citations to show resources that support your viewpoint.
|
|
What is a reader or an interrogator
: What is a reader or an interrogator? What security issues are associated with RFID tags? How can these concerns be mitigated? One class of active tags is called beacons. What does a beacon do?
|
|
What is the benefit of checking server certificates
: Typically the public SSH keys used by servers are not signed by any certificate authority, but the SSH protocol does support checking certificates. Why, in practice, are server certificates rarely signed? What is the benefit of checking server cert..
|
|
What is the intensity delivered to the eardrum
: A person wears a hearing aid that uniformly increases the intensity level of all audible frequencies of sound by 34.2 dB. The hearing aid picks up sound having a frequency of 250 Hz at an intensity of 3.60 10-11 W/m2. What is the intensity deliver..
|
|
Describe key elements contained in a request for proposal
: AMPS operates in what frequency range? Describe four key elements contained in a request for proposal (RFP). Discuss three strategic business advantages to wireless systems.
|
|
What are the characteristics of direct examination
: What happened during the Arraignment of Bill and Stanley? What does Vinny plead for his clients? (Did you catch that the arraignment and the preliminary hearing were out of order, at least out of the order we discussed in class?)
|
|
The material on using turnitin for assignments
: Review the material on Using Turnitin for Assignments (see the topic list/opening page of this course) Review/Read Part III of the Hacker/Fister handbook.
|