Question

QUESTION 26

1. Consider RSA with p = 7 and q = 11. What are n and z?

   n

   z

4 points   

QUESTION 27

1. Put the following wireless encryption protocols in order from most secure to least secure.

         -       1.       2.       3.         

   WPA

   
         -       1.       2.       3.         

   WEP

   
         -       1.       2.       3.         

   WPA2

4 points   

QUESTION 28

1. Alice wants to send an email message m to Bob and ensure confidentiality, authentication, and integrity. So, Alice sends the following to Bob:

   K_B⁺ ( K_S) + K_S (m + K_A^- (H(m)))

   where K_B⁺ is Bob's public key, K_A^- is Alice's private key,and K_S is their shared session key.

   What is the first thing that Bob has to do to start unpacking this message?

   	a.	apply Bob's private key to the first part of the message to obtain the shared session key
   	b.	apply the shared session key to the 2nd part of the message to obtain the message and signed hash of the message
   	c.	apply Bob's public key to the first part of the message to obtain the shared session key
   	d.	apply Alice's public key to the first part of the message to obtain the shared session key

4 points   

QUESTION 29

1. Select all of the ways that can help prevent SQL injection attacks.

   	a.	ensuring that all data from web forms is in lowercase
   	b.	ensuring that web forms do not rely on SQL databases
   	c.	properly validating input into web forms
   	d.	preventing data from web forms from directly modifying SQL statements

4 points   

QUESTION 30

1. The basic idea behind DNSSEC is

   	a.	authenticating that the data received in a DNS response is the same as what was entered by the zone administrator (i.e., the response has not been tampered with)
   	b.	ensuring that only local authoritative nameservers have the authorization to contact nameservers higher in the hierarchy (i.e., TLD nameservers, root nameservers)
   	c.	encrypting each DNS response so that it cannot be read by a third-party
   	d.	providing name resolution from a hostname to an IP address

4 points   

QUESTION 31

1. Consider the ACL shown below

   action	src addr	dst addr	protocol	src port	dst port	flag bit
   allow	222.22/16	outside of 222.22/16	TCP	>1023	80	any
   allow	outside of 222.22/16	222.22/16	TCP	80	>1023	ACK
   deny	all	all	all	all	all	all

   Select all of the types of traffic (application-layer protocols) that are allowed.

   	a.	HTTP
   	b.	FTP
   	c.	SMTP
   	d.	DNS

4 points   

QUESTION 32

1. What is the disadvantage of traditional packet filters that stateful packet filters address?

   	a.	Traditional packet filters consider packets in isolation and do not consider if they are part of an existing connection.
   	b.	Traditional packet filters cannot specify TCP flags such as ACK, SYN, FIN.
   	c.	Traditional packet filters cannot distinguish between TCP and UDP packets.

4 points   

QUESTION 33

1. Select all of the following that are disadvantages of signature-based IDS.

   	a.	They cannot do deep packet inspection.
   	b.	They may be overwhelmed because every packet must be compared with a large collection of signatures.
   	c.	They require previous knowledge of the attack to generate an accurate signature.
   	d.	They rely on determining if packet streams are statistically unusual, which is difficult.
   	e.	They may generate many false alarms because even though the signature matches, it may not be the result of an attack.

Answer 1

Question :: 26

p = 7 , q = 11

n = p x q ----> 7 x 11 = 77
z = ( p - 1 ) x ( q - 1 ) ----> 6 x 10 = 60

Question :: 27

Most Secure to Least Secure ::

WPA2 :: Advanced version of WPA. It uses AES ( Advanced Encryption Standard ) for encryption

WPA :: This encryption protocol uses Temporal Key Integrity Protocol for encryption.

WEP :: This encryption protocol is for wireless networks and It can easily broken

Question :: 28

What is the first thing that Bob has to do to start unpacking this message?

(b) :: apply the shared session key to the 2nd part of the message to obtain the message and signed hash of the message.

Question :: 29

(b) :: ensuring that web forms do not rely on SQL databases

(c) :: properly validating input into web forms // Validating the inputs in the web forms prevent the attacker to get into database with those false requests.

(d) :: preventing data from web forms from directly modifying SQL statements // data from web forms should not be passed to SQL statements on form submissions.

Question :: 30

(a) :: DNSSEC authenticates the data that is received.

Question :: 31

HTTP is allowed on port 80
FTP is allowed on ports greater than or equal to 1024.

Question :: 33

(b) :: Every packet need to checked which results in waste of time.

(c) :: Previous information about the attack need to be known to know the signature accurately which is very time consuming.

(e) :: false alarm will be generated extensively while performing checking.