CS 600.443 Final Exam



Similar documents
Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

CSCI 454/554 Computer and Network Security. Final Exam Review

Chapter 8. Network Security

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

EXAM questions for the course TTM Information Security May Part 1

CS 5490/6490: Network Security Fall 2015

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Networking: EC Council Network Security Administrator NSA

Chapter 7 Transport-Level Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

CS 494/594 Computer and Network Security

Chapter 10. Network Security

CS 356 Lecture 28 Internet Authentication. Spring 2013

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

Virtual Private Networks

CS Computer Security Third topic: Crypto Support Sys

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Network Security Essentials Chapter 5

Network Access Security. Lesson 10

Firewalls, Tunnels, and Network Intrusion Detection

NETWORK ADMINISTRATION AND SECURITY

Security Protocols/Standards

Client Server Registration Protocol

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

Security vulnerabilities in the Internet and possible solutions

McAfee Firewall Enterprise 8.3.1

CRYPTOGRAPHY IN NETWORK SECURITY

CS5008: Internet Computing

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

McAfee Firewall Enterprise 8.2.1

CPS Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang

IP Security. Ola Flygt Växjö University, Sweden

Network Security. Lecture 3

VALLIAMMAI ENGINEERING COLLEGE

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Transport Level Security

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

FL EDI SECURE FTP CONNECTIVITY TROUBLESHOOTING GUIDE. SSL/FTP (File Transfer Protocol over Secure Sockets Layer)

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

CSE/EE 461 Lecture 23

CSci 530 Midterm Exam. Fall 2012

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Eleventh Hour Security+

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

CISCO IOS NETWORK SECURITY (IINS)

City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

CS 161 Computer Security Spring 2010 Paxson/Wagner MT2

Computer Networks. Secure Systems

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

CRYPTOGRAPHY AND NETWORK SECURITY

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

Detailed Description about course module wise:

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

Network Security and Firewall 1

Topics in Network Security

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Recommended Wireless Local Area Network Architecture

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Overview. SSL Cryptography Overview CHAPTER 1

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

Network Security - ISA 656 Review

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

Corporate VPN Using Mikrotik Cloud Feature. By SOUMIL GUPTA BHAYA Mikortik Certified Trainer

Bit Chat: A Peer-to-Peer Instant Messenger

BUY ONLINE FROM:

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Cisco VPN Internal Service Module for Cisco ISR G2

Chapter 12. Security Policy Life Cycle. Network Security 8/19/2010. Network Security

Description: Objective: Attending students will learn:

Network Security Fundamentals

Cryptography and network security CNET4523

Lecture 9 - Network Security TDTS (ht1)

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Application Note: Onsight Device VPN Configuration V1.1

ISM/ISC Middleware Module

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Chapter 7: Network security

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Security Policy Revision Date: 23 April 2009

FL EDI SECURE FTP CONNECTIVITY TROUBLESHOOTING GUIDE. SFTP (Secure File Transfer Protocol)

How To Protect Your Data From Attack

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May New Features and Enhancements. Tip of the Day

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

VPN SECURITY. February The Government of the Hong Kong Special Administrative Region

Release Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved

CS 4803 Computer and Network Security

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

Transcription:

CS 600.443 Final Exam Name: This exam is closed book and closed notes. You are required to do this completely on your own without any help from anybody else. Feel free to write on the back of any page to continue an answer, and indicate (over) when doing so. Part I. Multiple choice: circle one choice (2 points each) 1. Which of the following is typically not considered a firewall a. A multi homed router b. A packet filter c. A hub d. An application level gateway 2. Which of the following is a DDOS tool a. Trinoo b. Apache c. SSL d. IPsec 3. Which of the following is an example of Transport Layer security a. SSL/TLS b. WEP c. IPsec d. SSH 4. Which of the following is an example of Link layer security a. IPsec b. A cryptographic protocol for 802.11 c. SSH d. RC4 5. Which of the following was not done by the Morris worm a. Use a dictionary to crack passwords b. Exploit a sendmail bug c. Copy itself to remote machines d. Email itself with a misleading subject line 6. Which statement about DES is false? a. The underlying cipher in DES was broken mathematically b. The keys are 56 bits in length, although the block size is 64 bits c. The key schedule is run in reverse for decrypting d. The full design criteria for the S/Box design is not public 7. Which of the following is true about AES a. The keys must be 128 bits long b. The NSA approved it because the developers were American c. It was designed by NIST d. It is a block cipher that can be used in CBC mode 8. Which of the following can be used to authenticate someone you ve never communicated with, in the face of an active adversary? a. Diffie Hellman b. RSA c. HMAC d. None of the above

9. According to Randy Sabbet a. Now that the RSA patent expired, anybody can use it without a license b. A patent owner must continuously enforce the patent for it to stay valid c. You cannot patent something if a subset of it is patented by someone else d. All of the above 10. Which of the following was developed by the Honeynet researchers a. firewalls b. intrusion detection c. Sebek d. Application gateways 11. A honeypot is valuable because a. It can block previously unknown attacks b. No legitimate traffic should go there, so it identifies attackers techniques c. It avoids buffer overflows d. It is designed by the attacker Part II. True/Fale: circle T for True or F for False (2 points each) T F 1. DRE voting machines are 100% secure T F 2. The CalTech/MIT report introduced the concept of a frog T F 3. In the Sensus system, the tallier and the validater must trust each other. T F 4. Len Adelman, the A in RSA was an early virus researcher. T F 5. The Happy 99 virus deleted files on target computers. T F 6. The MyDoom virus hit in the mid 90s and did not involve a denial of service attack. T F 7. Passport is architecturally similar to Kerberos, but the authenticator is missing. T F 8. Kerberos is based on Needham and Schroeder but uses timestamps instead of nonces. T F 9. SSL protects against eavesdroppers on the network. T F 10. IPsec often uses manual keys, but they can also be derived automatically using IKE T F 11. VPNs can only be implemented in software. T F 12. One of the privacy principles covered in class is Notice and Disclosure. T F 13. In the privacy lingo, Access means that you have access to a web site. T F 14. Ad networks use cookies and referer headers to track user browsing patterns. Part III. Short answer. (use the back if necessary) (4 points each) 1. Explain why you would not want to use a stream cipher on a noisy channel.

2. The original Kerberos protocol suffered from a dictionary attack. Describe the vulnerability and how you would exploit it. 3. How would you check to see if there was any spyware on your machine? 4. Describe the main difference in terms of security between 802.11 and Bluetooth. 5. Explain how an RFID blocker tag works. 6. In distributed firewalls an administrator ships out firewall rules to hosts over an authenticated channel, and each host enforces its own policy. Give 3 disadvantages of such a system over a centralized firewall.

7. The S-BGP proposal discussed in class uses public key signatures on attestations to validate routes. However, S-BGP has not been adopted, and some say that it is unrealistic. What is the problem? What technical reason is there for the lack of adoption of S-BGP? 8. Why should mixes send fixed sized blocks at fixed intervals? 9. Compare and contrast top down PKI versus the web of trust. 10. OPIE, also known as S/Key, uses hash chains to authenticate users. This means that no secrets need to be stored on the authentication server. Why is that? 11. In the Publius system, take m to be the number of hosts participating. Take k and n to be the number of shares of the key for a document in a k out of n secret splitting scheme. Two independent questions: What would happen if n > m? What are the security implications if k=n?

Part IV. Long answer. (20 points) use front and back of this sheet and the next, if necessary Imagine that you control a jondo in a Crowd. Say, also that you are running the DNS server that services all the crowd members. Devise an attack that was not discussed in class or in the Crowds paper where you could tell if someone who was sending you requests was the originator of the request. Show the attack algorithm as well as the details, and explain why the attack is effective. Evaluate the seriousness of the attack, and discuss possible countermeasures.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information