Question

QUESTION 6

1. A cryptographic technique that allows the creator of a message to prove that they created it, helps to provide authentication, uses public key encryption

2 points   

QUESTION 7

1. Organization that assumes the responsibility for validating identities and certifying public keys

2 points   

QUESTION 8

1. Attack in which falsified DNS replies are sent. An attacker hears a DNS request and then sends DNS replies with bogus A and sometimes NS resource records that are then cached by the requester.

2 points   

QUESTION 9

1. Technique used to find computers that are running a vulnerable application and listening for connections on a particular port. Can also be used to determine all of the ports that a computer is listening on.

2 points   

QUESTION 10

1. In this attack, the attacker will send many TCP SYN packets, but never complete the handshake (by responding to the receiver’s SYN/ACK). This leaves many “half-open” connections on the receiver and can use up all of the receiver’s resources. Legitimate connections will then not be able to be handled.

Answer 1

(6) Answer: Digital Signature

Description:

• A digital signature is basically a mathematical technique that uses public key encryption method to verify authenticity or integrity of digital messages or documents.

• A digital signature is just like handwritten signatures but in secured and digital form. Recipient can strongly believe by a valid digital signature, that message is created by authenticated sender and not modified in transit.

(7) Answer: certification authority (CA)

Description:

• Certification authority (CA) is the trusted entity or authority that validates identity of individuals and certifies public keys.

• Certification authority certifies a digital certificate for authentication of public key by the named subject.

(8) Answer: DNS spoofing or DNS cache poisoning

Description:

• DNS spoofing - Domain Name Server spoofing is also called as DNS cache poisoning attack in which altered or malicious response records are replied by attacker in a response to DNS request.

• This altered or spoofed DNS records are used by attacker to redirect the traffic to a fake website that resembles its intended original website.

(9) Answer: Port Scanning

Description:

• Port scanning is a technique to check all the ports that a computer system may be listening on. This method is sometimes used by security technicians to check any vulnerable computer application on a particular port.

• Port sweeping method is same as port scanning. Port sweeping method scans multiple systems in a same port where as port scanning scans one system on multiple ports.

(10) Answer: SYN flood attack

Description:

• The SYN flood attack is also known as half-open attack which is one of the types of DDoS distributed denial-of-service attack.

• Attacker repeatedly sends TCP SYN packets to the target server to consist all the available ports or server resources and this will make target server unresponsive or unavailable to legitimate traffic.