In: Computer Science
Answer the following questions and submit as a PDF on Webcourses. The assignment is worth 5% of your grade .
Can two network interfaces have the same MAC address? Why or why not? Also, can two network interfaces have the same IP address? Why or why not?
Answer:-------
Yes, two network interfaces can have the same MAC
address. By manufacturing error or spoofing but it's not
supposed to happen. Every network interface should have its own MAC
address. If the MAC address is duplicated then the sender of
information won't be able to recognize the network of the person
who should be receiving the information.
No, two network interfaces can not have the same IP
address it can confuse the computer that sent a message,
it won't know if the message was received.
Explain how a stateless firewall would block all
incoming and outgoing HTTP requests.
Answer:-------
User first sends request to SYN flag, which is a TCP packet flag
used to initiate a TCP connection. If there is a response with a
SYN-ACK packet then the connection is verified and the user gets
granted access to the web site.
What is the main difference between WEP and WPA?
Answer:-------
WEP (Wired Equivalent Privacy) an encryption algorithm designed to
provide wireless security, confidentiality, access control and data
integrity, while WPA (WiFi Protected Access) Provides message
integrity, and Temporal key integrity(TKIP). WEP Uses RC4 stream
cipher. and Uses 40 bit key and 24 bit random numbers while
WPA(WiFi Protected Access) use Temporal key integrity(TKIP), it's
256-bit key.
The main difference is also that WEP is an older form of
encryption. Thus,WPA is a stronger form of encryption because it
uses a longer key forencryption that is randomly generated.
Give three different techniques that an attacker can use
to make a victim send DNS requests to domains chosen by the
attacker.
Answer:-------
Which is worse for an intrusion detection system, false
positives or false negatives? Why?
Answer:-------
False negative because it means there is a problem that
hasn't been detected yet and no one is doing anything to fix the
problem. False positive is annoying but at least it forces everyone
to double check security.
How does a honeypot fit in with the security provided by
a firewall and intrusion detection system?
Answer:-------
Honey Pots can be setup inside, outside or in the DMZ, it is used
as bait to gather information when an intruder tries to break into
the system. Honey Pots learn as much as it can from the intruder by
monitoring and saving evidence of their attack.
Q:- What is a distributed denial of service attack and how is it possible for a single person to orchestrate one?
Answer:-------
Malicious users leverage the power of many machines to direct
traffic against a single web site in an attempt to create denial of
service conditions. A single person can orchestrate this by using
botnets, large networks of machines that have been compromised and
are controllable remotely.