Cryptography and network security by Stallings- Question 4- (a) Is it.docx

•Download as DOCX, PDF•

0 likes•2 views

E

Cryptography and network security by Stallings. Question 4. (a) Is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If so, explain how it can be done. If not, why not? (b) For SSH packets, what is the advantage, if any, of not including the MAC in the scope of the packet encrytion? Solution a) SSL relies on an underlying reliable protocol TCP to assure that bytes are not lost or inserted. There was some discussion of reengineering the future TLS protocol to work over datagram protocols such as UDP, in which case out-of-order blocks cannot be handled. So it depends on the transport layer protocol SSL/TLS runs on. b) As alluded to by Palo Ebermann\'s comment, the word authentication has a different meaning in the two scenarios you mentioned. In the key exchange phase of SSH, the purpose of authentication is to ensure to both parties that they are indeed talking to the right peer (if using mutual authentication). Typically, the server authenticates itself using its public key and the client uses a username and password. In the SSH record layer phase (i.e., the sending of the actual application data), the purpose of authentication is to protect each individual data packet from tampering. This is achieved using the MAC. To encrypt application data SSH typically uses either AES in counter mode or in CBC mode. Neither of these modes of operation provides protection against tampering of the ciphertext. Thus they need to be accompanied with a MAC in order to detect this. Consider e.g., the silly example where Alice sends the following message encrypted using AES in counter mode, but without any MAC: Transfer 100 USD from Alice to Bob. Then someone (Bob?) could flip a few strategically placed bits in the ciphertext, so that it would actually decrypt to Transfer 10 000 USD from Alice to Bob. instead. Note that without any MAC, it would be impossible for the recipient to notice that this ciphertext had been tampered with. Also, observe that this fact is completely independent of any key exchange that has been done prior to the tampering. .

Cryptography and network security by Stallings. Question 4.
(a) Is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If
so, explain how it can be done. If not, why not?
(b) For SSH packets, what is the advantage, if any, of not including the MAC in the scope of the
packet encrytion?
Solution
a) SSL relies on an underlying reliable protocol TCP to assure that bytes are not lost or inserted.
There was some discussion of reengineering the future TLS protocol to work over datagram
protocols such as UDP, in which case out-of-order blocks cannot be handled. So it depends on
the transport layer protocol SSL/TLS runs on.
b)
As alluded to by Palo Ebermann's comment, the word authentication has a different meaning in
the two scenarios you mentioned.
In the key exchange phase of SSH, the purpose of authentication is to ensure to both parties that
they are indeed talking to the right peer (if using mutual authentication). Typically, the server
authenticates itself using its public key and the client uses a username and password.
In the SSH record layer phase (i.e., the sending of the actual application data), the purpose of
authentication is to protect each individual data packet from tampering. This is achieved using
the MAC. To encrypt application data SSH typically uses either AES in counter mode or in CBC
mode. Neither of these modes of operation provides protection against tampering of the
ciphertext. Thus they need to be accompanied with a MAC in order to detect this.
Consider e.g., the silly example where Alice sends the following message encrypted using AES
in counter mode, but without any MAC: Transfer 100 USD from Alice to Bob. Then someone
(Bob?) could flip a few strategically placed bits in the ciphertext, so that it would actually
decrypt to Transfer 10 000 USD from Alice to Bob. instead. Note that without any MAC, it
would be impossible for the recipient to notice that this ciphertext had been tampered with. Also,

observe that this fact is completely independent of any key exchange that has been done prior to
the tampering.

More Related Content

Similar to Cryptography and network security by Stallings- Question 4- (a) Is it.docx

Answer die following questions with short answers: Explain the difference between stream ciphers and block cipher. Explain the difference between passive and active attacks. Describe the difference between authentication and non-repudiation Explain the difference between a MAC and message digest. Give one advantage and one disadvantage of public-key cryptography over symmetric-key cryptogra Why is CBC mode considered preferable to ECB mode? Solution a) stream cipher and block cipher differ in whitch the plain text is encoded and decoded. the basic difference is how the logic used for the encryption and decryption. the idea of block cipher is partition the plain text into relatively larger blocks and further each block will be encoded. and same key is used for both encryption and decryption.example DES,IDEA the idea of stream cipher is plain text is encrypted and transfered bit by bit.but key property of stream cipher is different key is generated for each block or bit.example -ISAAC,FISH b) passive attack is indirect attack.the attacked host is completely unaware about the attack. hence it is called passive attack like some body listens the packet transformation or observing the host in network. active attack is direct attack.its nothing but the attacked one gets aware of the attack. like somebody listens the id and password and stop the services(denial of service) or logic bomb. both are harmful. c) authentication and non repudiation are two different things. authentication verifies the who you are(user-id).where the non-repudiation verifies the what you did(messages). authentication is done through a central instance where non repudiation can done by anyone d) message digest is a hash of a message.its output of a cryptographic hash function appilied to input data it refered to as message. mac is a piece of information that proves the integrity of a message. message digest is take only single input and produces a message digest(aka hash) if the message change it produce different hash code. mac (message authentication code) is take input and security code to check the integrity of message. HMAC is one of this kind. e) advantage of public key cryptography over the symmetric key cryptography is increased security and convenience. and no need of key distribution(transmitted to anyone).and it provide digital signatures that cannot be repudiated. the disadvantage of public key cryptography over symmetric cryptography is speed.they are many symmetic key methods runs faster than the public key cryptography. f) the reason why cbc is considered better than ecb has nothing to do with situations involving an attacker with partial cipher text. problem with ECB is that it leaks the information like when two blocks have same plain text then the corresponding cipher blocks also be same where in case of the CBC it randomly independent of plain text to produce the cipher text..

Answer die following questions with short answers Explain the d.pdf

Answer die following questions with short answers Explain the d.pdf

Answer die following questions with short answers Explain the d.pdf

calderoncasto9163

Chapter 8 Secure Transport Layer In the early days of the Internet, networks were small and all of the routers were in secure locations. As long as each computer connected to the Internet protected itself from unwanted incom- ing connections, it was felt that there was no need to protect data from prying eyes while it was crossing the network. So the Link, Internetwork, and Transport layers were focused on the efficient movement of data and solving the problems of a large-scale shared distributed network without worrying about the privacy of that data. But as the use of the Internet grew rapidly in the late 1980s and literally exploded when the Web became mainstream in 1994, security and privacy of network traffic became very important problems to solve. When we began using the Internet to conduct commerce and credit cards and bank account numbers were being routinely sent across the network, securing data became essen- tial. And when we started using wireless technologies like WiFi, security became necessary for even the simplest uses of the In- ternet. There are two general approaches to securing network activity. The first makes sure that all of the network hardware (routers and links) is in physically secure locations so it is not possible for someone to sneak in and monitor traffic while it is crossing the Internet. This approach is not practical for hundreds of thousands of network routers owned and operated by many different organizations. While you might be able to ensure that some of the router operators adhered to strict security procedures and policies, sooner or later a mistake will be made. And once WiFi was added to the mix and your packets went over radio waves, a network attacker could just sit in a coffee shop and intercept packets 89 90 CHAPTER 8. SECURE TRANSPORT LAYER as they passed through the air. Under these conditions, the only reasonable solution is to encrypt data in your computer before it is sent across its first physical link, and then decrypt the data in the destination computer after it arrives. Using this approach, we assume that an attacker can see all of the packets that you send, but they cannot decrypt the data that they have captured. The encryption also guarantees that there is no way to alter your data while it is crossing the Internet. 8.1 Encrypting and Decrypting Data The concept of protecting information so it cannot be read while it is being transported over an insecure medium is thousands of years old. The leaders in Roman armies sent coded messages to each other using a code called the “Caesar Cipher”. The simplest version of this approach is to take each of the characters of the actual message (we call this “plain text”) and shift each charac- ter a fixed distance down the alphabet to produce the scrambled message or “ciphertext”. Then we send the ciphertext via the courier or other insecure transport to the other person. The couri ...

Chapter 8Secure Transport LayerIn the early days of th

Chapter 8Secure Transport LayerIn the early days of th

Chapter 8Secure Transport LayerIn the early days of th

TLS/SSL - Study of Secured Communications

TLS/SSL - Study of Secured Communications

TLS/SSL - Study of Secured Communications

Q1) Show what part of SSL that protects against the following attacks :- a. Replay Attack: Earlier SSL handshake messages are replayed. b. Man-in-the-Middle Attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client. c. IP Spoofing: Uses forged IP addresses to fool a host into accepting bogus data. Q2) Describe the port forwarding operation. Using an example, describe the cases when it is very useful, and the cases when it is very dangerous. Solution The secure socket layer (SSL) is a computer networking protocol that manages server authentication, client authentication and encrypted communication between servers ant client . PROTACTION FROM REPLAY ATTACK- The SSL itself is protected againsts replay attack using Medium Access Control ( MAC ). By using MAC secret and the sequence number it ensures the communication integrity. ssl handshake protocol PROTECTION AGAINSTS MAN-IN-THE MIDDLE ATACK- SSL is based on public/ private key cryptography. This basically means that there is a key pair. The public key is used for encryption and secret key is used for decryption . A certificate is basically a public key with a label identifying the owner. So when your browser connects to an https server , the server will answer with its certificate. The browser checks if the certificate is valid- 1: The owner information needs to match the server name that the user requested. 2: The certificate needs to be signed by a trusted certification authority. if one of these condition is not met, the user is informed about the problem. PROTECTION AGAINSTS IP SPOOFING- An SSL certificate is specific to the particular domain for which it was created regardless of the IP address of the doimain. So if a malicious entity want to attempt to redirect trafiic for a certain website to their own malicious site through IP spoofing techniques. The fake site would not have a SSL certificate that was accurately registerd to the real website.This can be varified through a browser by viewing the certificate information and if the wrong address is shown, then the user will know that they are not on the site they think they are on.Secure Socket Layer Architecture ssl handshake protocolssl change cipher protocalssl alert protocolHTTPSSL record protocolTCPIP.

Q1) Show what part of SSL that protects against the following attack.pdf

Q1) Show what part of SSL that protects against the following attack.pdf

Q1) Show what part of SSL that protects against the following attack.pdf

arishmarketing21

Cryptography - An Overview

Cryptography - An Overview

Cryptography - An Overview

Applied cryptanalysis - everything else

Applied cryptanalysis - everything else

Applied cryptanalysis - everything else

Fundamental of Secure Socket Layer (SSL) | Part - 2

Fundamental of Secure Socket Layer (SSL) | Part - 2

Fundamental of Secure Socket Layer (SSL) | Part - 2

Since its introduction in 1994 the Secure Socket Layer (SSL) protocol (later renamed to Transport Layer Security (TLS)) evolved to the de facto standard for securing the transport layer. SSL/TLS can be used for ensuring data confidentiality, integrity and authenticity during transport. A main feature of the protocol is its flexibility. Modes of operation and security aims can easily be configured through different cipher suites. During its evolutionary development process several flaws were found. However, the flexible architecture of SSL/TLS allowed efficient fixes in order to counter the issues. This paper presents an overview on theoretical and practical attacks of the last 20 years.

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection

Unit 6

Vinod Kumar Gorrepati

Group slide presentation week12

Group slide presentation week12

Group slide presentation week12

SSLtalk

Cryptography Unchained - BeeBryte (White Paper)

Cryptography Unchained - BeeBryte (White Paper)

Cryptography Unchained - BeeBryte (White Paper)

BeeBryte | Energy Intelligence & Automation

Https bicycle-attack

Https bicycle-attack

Https bicycle-attack

Module 2.pdf

Sitamarhi Institute of Technology

Module 2 Lectures 4 hrs. Cryptography and Cryptanalysis: Introduction to Cryptography, Symmetric key Cryptography, Asymmetric key Cryptography, Message Authentication, Digital Signatures, Applications of Cryptography. Overview of Firewalls- Types of Firewalls, User Management, VPN Security, Security Protocols: - security at the Application Layer- PGP and S/MIME, Security at Transport Layer- SSL and TLS, Security at Network Layer-IPSec. Open Source/ Free/ Trial Tools: Implementation of Cryptographic techniques, OpenSSL, Hash Values Calculations MD5, SHA1, SHA256, SHA 512, Steganography (Stools)

Module 2.Cryptography and Cryptanalysis

Module 2.Cryptography and Cryptanalysis

Module 2.Cryptography and Cryptanalysis

Sitamarhi Institute of Technology

Transport Layer Security

Transport Layer Security

Transport Layer Security

Ibrahiem Mohammed

SSL/TLS Handshake

SSL/TLS Handshake

SSL/TLS Handshake

Demonstration of secure socket layer(synopsis)

Demonstration of secure socket layer(synopsis)

Demonstration of secure socket layer(synopsis)

Mumbai Academisc

The Time-Consuming Task Of Preparing A Data Set For...

The Time-Consuming Task Of Preparing A Data Set For...

The Time-Consuming Task Of Preparing A Data Set For...

Kimberly Thomas

Transport layer security

Transport layer security

Transport layer security

Hrudya Balachandran

Similar to Cryptography and network security by Stallings- Question 4- (a) Is it.docx (20)

Answer die following questions with short answers Explain the d.pdf

Answer die following questions with short answers Explain the d.pdf

Answer die following questions with short answers Explain the d.pdf

Chapter 8Secure Transport LayerIn the early days of th

Chapter 8Secure Transport LayerIn the early days of th

Chapter 8Secure Transport LayerIn the early days of th

TLS/SSL - Study of Secured Communications

TLS/SSL - Study of Secured Communications

TLS/SSL - Study of Secured Communications

Q1) Show what part of SSL that protects against the following attack.pdf

Q1) Show what part of SSL that protects against the following attack.pdf

Q1) Show what part of SSL that protects against the following attack.pdf

Cryptography - An Overview

Cryptography - An Overview

Cryptography - An Overview

Applied cryptanalysis - everything else

Applied cryptanalysis - everything else

Applied cryptanalysis - everything else

Fundamental of Secure Socket Layer (SSL) | Part - 2

Fundamental of Secure Socket Layer (SSL) | Part - 2

Fundamental of Secure Socket Layer (SSL) | Part - 2

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection

Unit 6

Group slide presentation week12

Group slide presentation week12

Group slide presentation week12

SSLtalk

Cryptography Unchained - BeeBryte (White Paper)

Cryptography Unchained - BeeBryte (White Paper)

Cryptography Unchained - BeeBryte (White Paper)

Https bicycle-attack

Https bicycle-attack

Https bicycle-attack

Module 2.pdf

Module 2.Cryptography and Cryptanalysis

Module 2.Cryptography and Cryptanalysis

Module 2.Cryptography and Cryptanalysis

Transport Layer Security

Transport Layer Security

Transport Layer Security

SSL/TLS Handshake

SSL/TLS Handshake

SSL/TLS Handshake

Demonstration of secure socket layer(synopsis)

Demonstration of secure socket layer(synopsis)

Demonstration of secure socket layer(synopsis)

The Time-Consuming Task Of Preparing A Data Set For...

The Time-Consuming Task Of Preparing A Data Set For...

The Time-Consuming Task Of Preparing A Data Set For...

Transport layer security

Transport layer security

Transport layer security

More from earleanp

Create your own variant of both a hiring and a termination policy related to security and keeping company info secure. Solution Information Security management is a process of defining the security controls in order to protect the information assets. Security Program The first action of a management program to implement information security is to have a security program in place. Security Program Objectives: Protect the company and its assets. Manage Risks by Identifying assets, discovering threats and estimating the risk. Objects are- Information Classification, Security Organization, and Security Education. Security Management Responsibilities: Determining objectives, scope, policies,re expected to be accomplished from a security program. Evaluate business objectives, security risks, user productivity, and functionality requirements. Approaches to Build a Security Program Security Controls Security Controls can be classified into three categories- Administrative Controls, Technical or Logical Controls ,Physical Controls. The Elements of Security Vulnerability: Vulnerability characterizes the absence or weakness of a safeguard that could be exploited. Threat: Any potential danger to information or systems. A threat is a possibility that someone (person, s/w) would identify and exploit the vulnerability. Risk: Risk is the likelihood of a threat agent taking advantage of vulnerability and the corresponding business impact. Reducing vulnerability and/or threat reduces the risk. Exposure: An exposure is an instance of being exposed to losses from a threat agent. Vulnerability exposes an organization to possible damages. Countermeasure or Safeguard: It is an application or a s/w configuration or h/w or a procedure that mitigates the risk. The Relation Between the Security Elements Example: If a company has antivirus software but does not keep the virus signatures up-to-date, this is vulnerability. The company is vulnerable to virus attacks. The likelihood of a virus showing up in the environment and causing damage is the risk. .

Create your own variant of both a hiring and a termination policy rela.docx

Create your own variant of both a hiring and a termination policy rela.docx

Create your own variant of both a hiring and a termination policy rela.docx

Determine the valuation of long-term liabilities. Donald Lennon is the president, founder, and majority owner of Wichita Medical Corporation, an emerging medical technology products company. Wichita is in dire need of additional capital to keep operating and to bring several promising products to final development, testing, and production. Donald, as owner of 51% of the outstanding stock, manages the company\'s operations. He places heavy emphasis on research and development and long-term growth. The other principal stockholder is Nina Friendly who, as a nonemployee investor, owns 40% of the stock. Nina would like to deemphasize the R&D functions and emphasize the marketing function to maximize shortâ€“run sales and profits from existing products. She believes this strategy would raise the market price of Wichita\'s stock. All of Donald\'s personal capital and borrowing power is tied up in his 51% stock ownership. He knows that any offering of additional shares of stock will dilute his controlling interest because he won\'t be able to participate in such an issuance. But, Nina has money and would likely buy enough shares to gain control of Wichita. She then would dictate the company\'s future direction, even if it meant replacing Donald as president and CEO. The company already has considerable debt. Raising additional debt will be costly, will adversely affect Wichita\'s credit rating, and will increase the company\'s reported losses due to the growth in interest expense. Nina and the other minority stockholders express opposition to the assumption of additional debt, fearing the company will be pushed to the brink of bankruptcy. Wanting to maintain his control and to preserve the direction of â€œhisâ€ company, Donald is doing everything to avoid a stock issuance and is contemplating a large issuance of bonds, even if it means the bonds are issued with a high effectiveâ€“interest rate. Instructions Answer the following questions. Who are the stakeholders in this situation? What are the ethical issues in this case? What would you do if you were Donald? Solution a)Donald and nina are the stakeholders in this situation . b)Ethical issue involved in this case is to Raise additional funds by issue of stock or to raise additonal debts to meet fund requirement. If funds are raised through issue of stock ,Donald stock ownership will be diluted and when bonds are issued ,it will be costlier to a company to raise additional funds. c) Donald can either go for BOOTSTRAPPING where funds are raised by investing the retained earnings of a company and finding a means within a company. Also Donald can also suggest Right issue of shares where shares are offered to existing shareholders at concessional price (lower than market) so that his ownership is not diluted. .

Determine the valuation of long-term liabilities- Donald Lennon is the.docx

Determine the valuation of long-term liabilities- Donald Lennon is the.docx

Determine the valuation of long-term liabilities- Donald Lennon is the.docx

Describe three of the following attack types in the Operation Security domain: man-in-the-middle, mail bombing, war-dialing, ping-of-death, teardrop, and slamming-and-cramming Solution The description of the attack types in the operation security domain is given below: 1) man-in-the-middle: In this type of attack, the intruder insert himself or insert any malicious code between the secure communication of two parties. This malicious code act as an third party, and its get the secure information that is being transfer between the two parties. Its third person or the intruder having access to the information send by both the parties involve in the communication. 2) mail bombing : Its refer to attack in which intruder try to send bulk of mails to the person\'s system, which may cause to disk full on persons system or even can crash the server, which is handling the mails. In this type of attack, the main aim is to crash the user\'s machine by fulling the disk space or can crash or stop the mail server. 3) War dialing: In this type of attack, hacker\'s uses the modem\'s to dial the range of numbers, for finding the computer machiner, servers and other devices. and after dialing they also get access to these type of devices. 4) Ping to death : Its a type of attack, in which the hacker send the incorrect ping packet to the user. There are various computer system which are designed not to handle the incorrect ping packets. Which results into system crash or system going into the abnormal state. 5) teardrop: Its a type of attack, in which the hacker sends the packets in incorrect way or in the fragmented way, that the end user is not able to reassemble these packets at their end, and results into the system crash and denial of service at user\'s end. 6)slamming-and-cramming: slamming refers to the activity in which hacker, switches the long distance calll carrier at user\'s phone, without its permission, its results into heavy bill at customer end. Cramming refers to the attack in which some extra bill is added into user\'s actual phone bill, and its keep on happening again and again .

Describe three of the following attack types in the Operation Security.docx

Describe three of the following attack types in the Operation Security.docx

Describe three of the following attack types in the Operation Security.docx

Describes the concept of ADTS and illustrates the concept with three of the most common abstract data types. Solution An abstract data type is a set of values, some of which may be distinguished as constants, together with a collection of operations involving members of the set.The primary objective is to seperate the implementation of the abstract data types from their function.The program must know what the operations do. List,stack and queues are three fundamental data structures.When you declare a variable in a .NET application, it allocates some chunk of memory in the RAM. This memory has three things: the name of the variable, the data type of the variable, and the value of the variable.Depending on the data type, your variable is allocated that type of memory. There are two types of memory allocation: stack memory and heap memory Stack memory stores data types like int , double , Boolean etc. While heap stores data types like string and objects.Stack is used for static memory allocation and Heap for dynamic memory allocation, both stored in the computer\'s RAM .Variables allocated on the stack are stored directly to the memory and access to this memory is very fast.When a function or a method calls another function which in turns calls another function etc., the execution of all those functions remains suspended until the very last function returns its value. The stack is always reserved in a LIFO order.Variables allocated on the heap have their memory allocated at run time and accessing this memory is a bit slower, but the heap size is only limited by the size of virtual memory . Element of the heap have no dependencies with each other and can always be accessed randomly at any time. You can allocate a block at any time and free it at any time. This makes it much more complex to keep track of which parts of the heap are allocated or free at any given time. The Queue works like FIFO system , a first-in, first-out collection of Objects. Objects stored in a Queue are inserted at one end and removed from the other. The Queue provide additional insertion, extraction, and inspection operations. We can Enqueue (add) items in Queue and we can Dequeue (remove from Queue ) or we can Peek (that is we will get the reference of first item ) item from Queue. Queue accepts null reference as a valid value and allows duplicate elements. A list is a collection of items that can be accessed by index and provides functionality to search, sort and manipulate list items. This can store any data types to create a list.The List class can be used to create any type including a class. In this article, we will see how to create a list of a class with several properties. .

Describes the concept of ADTS and illustrates the concept with three o.docx

Describes the concept of ADTS and illustrates the concept with three o.docx

Describes the concept of ADTS and illustrates the concept with three o.docx

Describe, manage, and install Active Directory replication, federation services, and certificate services. Demonstrate the ability to plan an advanced AD, DHCP, and DNS solution. Describe and plan for configuring a domain and forest as well as configuring trusts. Use technology and information resources to research issues in advanced network infrastructure environments. Write clearly and concisely about advanced network infrastructure topics using proper writing mechanics and technical style conventions. Solution Active directory replication Replication is the process by which the changes that are made on one domain controller are synchronized with all other domain controllers in the domain or forest that store copies of the same information. Active Directory replication uses a connection topology that is created automatically, which makes optimal use of beneficial network connections and frees the administrators from having to make such decisions. Manage and install active directory replication Active Directory relies on site configuration in sequence to manage and optimize the process of replication. Active Directory make available automatic configuration of these settings in some cases as well as configure site-related information for network using Active Directory Sites and Services. Configurable information includes settings for site links, site link bridges, and bridgehead servers. Federation service: Active Directory Federation Services (AD Federation Services) is a feature of the Windows Server operating system. It uses a claims-based access-control authorization model to maintain application security and to implement federated identity and aims to reduce the complexity around password management and guest account provisioning. AD Federation Services builds upon this functionality to authenticate users on third-party systems. Certificate service Active Directory Certificate Services (AD CS) provides customizable services for issuing and managing public key certificates used in software security systems that employ public key technologies. AD CS include Secure/Multipurpose Internet Mail Extensions (S/MIME), secure wireless networks, virtual private networks (VPN), Internet Protocol security (IPsec), Encrypting File System (EFS), smart card logon, Secure Socket Layer/Transport Layer Security (SSL/TLS) and digital signatures. .

Describe- manage- and install Active Directory replication- federation.docx

Describe- manage- and install Active Directory replication- federation.docx

Describe- manage- and install Active Directory replication- federation.docx

Describe the process to start and restart apache on CENTOS command line. Also describe how to have apache start automatically when the server is rebooted. Solution In order to stop or restart the Apache HTTP Server, you must send a signal to the running httpd processes. There are two ways to send the signals. First, you can use the unix kill command to directly send signals to the processes. You will notice many httpd executables running on your system, but you should not send signals to any of them except the parent, whose pid is in the PidFile. Start: Starting httpd using the apachectl control script sets the environmental variables in /etc/sysconfig/httpd and starts httpd. You can also set the environment variables using the init script. You can also start httpd using /sbin/service httpd start. This starts httpd but does not set the environment variables. If you are using the default Listen directive in httpd.conf, which is port 80, you will need to have root privileges to start the apache server. Restart: Signal: HUP apachectl -k restart Sending the HUP or restart signal to the parent causes it to kill off its children like in TERM, but the parent doesn\'t exit. It re-reads its configuration files, and re-opens any log files. Then it spawns a new set of children and continues serving hits. If you want your server to continue running after a system reboot, you should add a call to apachectl to your system startup files (typically rc.local or a file in an rc.N directory). This will start Apache as root. Before doing this ensure that your server is properly configured for security and access restrictions. The apachectl script is designed to act like a standard SysV init script; it can take the arguments start, restart, and stop and translate them into the appropriate signals to httpd. So you can often simply link apachectl into the appropriate init directory. But be sure to check the exact requirements of your system. .

Describe the process to start and restart apache on CENTOS command lin.docx

Describe the process to start and restart apache on CENTOS command lin.docx

Describe the process to start and restart apache on CENTOS command lin.docx

Describe, in your own words, the mechanism for establishing a HTTPS connection. Solution HTTPS consists of communication over HTTP (Hypertext Transfer Protocol) with an encrypted layer such as Transport Layer Security (TSL) or Secure Sockets Layer (SSL). The connection between Client and Server using HTTPS is established by a handshake process which has 3 main phases namely Hello, Certificate exchange and key exchange. a) Hello- This is the first phase where the client sends a message ClientHello which contains all the necessary information such as various cipher suites, SSL version number etc. for the server to connect to the client via SSL. Then the server responds with a ServerHello message which contains similar information for client. b) Certificate Exchange â€“ Once the contact is established between the Server and the Client, the server has to prove its identity to the client using its SSL certificate. The SSL certificate contains various information such as name of the owner, the domain it is attached to, the certificateâ€™s public key, certificateâ€™s validity dates etc. The client then verifies the certificate whether it is a trusted certificate or it is verified and trusted by one of several Certificate Authorities (CAs) which client trusts. c) Key Exchange â€“ In this phase the exchange of encryption key is happened by the client and server using a symmetric algorithm which was already agreed during the Hello phase. The client generates a random key for the symmetric algorithm. It then encrypts the key using an algorithm (which was also agreed upon during the Hello phase) and the serverâ€™s public key from the SSL certificate. Client then sends this encrypted key to the server, where it is decrypted using the serverâ€™s private key. Once the client and server have verified each overâ€™s identity and have secretly agreed on a key to symmetrically encrypt the data that they are about to send each other, then the HTTP requests and responses can start flowing form one party to other in the form of a plaintext message with encryption. The other party using the key decrypt is while reading. .

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

Describe the process of creating and exporting a schedule report for the medicalpractice. What is the purpose of the schedule report? Solution Purpose of the Schedule report: A shedule report is a task that lets you export data from one or more dash boards on one-time or recurring basis. The following are the main purposes that are considered mainly. you can create and manage your own scheduled reports while viewing dashboards. A scheduled report has both a name and a schedule which is defined in the same way as scheduled in the import of a file. You can export the dashboard in a report to the same excel file has png image or url links to the dashboard. Other export formats are available depending on the addons you have installed. The exported data can be delivered to you via email attachment or has file stored on the disk. Creating and exporting a schedule report for the medical practice: When creating a new schedule report first view the Dashboard in that view the first dashboard that you want to include in your report ,Set any parameter controls on the dashboard to desired filter parameters, Now click schedule on the toolbar After that schedule report definition window is opened. Steps: 1) Select the Create new schedule option in the Schedule Report Definition. In that click next to go the next step. 2) In this step enter the Report name and choose when to send the report by schedulling it. After that select a schedule type A dialy schedule,A Weekly schedule, A monthly Schedule, A custom schedule. now click on the edit button besides your selected schedule type to launch define report schedule window. Click on next to goto next step. 3) choose the report file format from the drop down list microsoft excel, png image, link only. If you choose excel options click excel settings to set advanced excel export option then click next to goto next page. 4) This is the last step you have to set the delivery option for the report by first choosing the delivery method from that drop down list email, create files. After setting delivery optins click finish to complete the scheduled report definition window. .

Describe the process of creating and exporting a schedule report for t.docx

Describe the process of creating and exporting a schedule report for t.docx

Describe the process of creating and exporting a schedule report for t.docx

Describe the principal technologies that have shaped contemporary telecommunications systems. Compare Web 2.0 and Web 3.0. It has been said that within the next few years, smartphones will become the single most important digital device we own. Discuss the implications of this statement. Solution Describe the principal technologies that have shaped contemporary telecommunications systems. Current networks have been influenced by the ascent of client-server computing, the use of packet switching, and the adoption of Transmission Control Protocol-Internet Protocol as a universal communications standard for linking disparate networks and computers, including the Internet. Protocol provides a mutual set of guidelines that enable communication among numerous components in a telecommunications network. Compare Web 2.0 and Web 3.0. It has been said that within the next few years, smartphones will become the single most important digital device we own. Discuss the implications of this statement Web2.0 refers to second-generation interactive Internet based services that enable people to collaborate, share information, and create new services online. Web2.0 is distinguished by technologies and services like cloud computing, software mashups and widgets, blogs, RSS, and wikis. These software applications run on the Web itself instead of the desktop and bring the vision of Web-based computing closer to realization. Web2.0 tools and services have fueled the creation of social networks and other online communities where people can interact with one another in the manner of their choosing. Web3.0 focuses on developing techniques to make searching Web pages more productive and meaningful for ordinary people. Web3.0 is the promise of a future Web where all digital information and all contacts can be woven together into a single meaningful experience. Sometimes referred to as the semantic Web, Web3.0 intends to add a layer of meaning a top the existing Web to reduce the amount of human involvement in searching for and processing Web information. It also focuses on ways to make the Web more .

Describe the principal technologies that have shaped contemporary tele.docx

Describe the principal technologies that have shaped contemporary tele.docx

Describe the principal technologies that have shaped contemporary tele.docx

Describe the typical duties of a security manager that are strictly managerial and not technical in nature. Solution Duties of a Security Mamger: Write or review security-related documents, such as incident reports, proposals, and tactical or strategic initiatives. Train subordinate security professionals or other organization members in security rules and procedures. Plan security for special and high-risk events. Review financial reports to ensure efficiency and quality of security operations. Develop budgets for security operations. Order security-related supplies and equipment as needed. Coordinate security operations or activities with public law enforcement, fire and other agencies. Attend meetings, professional seminars, or conferences to keep abreast of changes in executive legislative directives or new technologies impacting security operations. Assist in emergency management and contingency planning. Arrange for or perform executive protection activities. Respond to medical emergencies, bomb threats, fire alarms, or intrusion alarms, following emergency response procedures. Recommend security procedures for security call centers, operations centers, domains, asset classification systems, system acquisition, system development, system maintenance, access control, program models, or reporting tools. Prepare reports or make presentations on internal investigations, losses, or violations of regulations, policies and procedures. Identify, investigate, or resolve security breaches. Monitor security policies, programs or procedures to ensure compliance with internal security policies, licensing requirements, or applicable government security requirements, policies, and directives. Analyze and evaluate security operations to identify risks or opportunities for improvement. Create or implement security standards, policies, and procedures. Conduct, support, or assist in governmental reviews, internal corporate evaluations, or assessments of the overall effectiveness of the facilities security processes. Conduct physical examinations of property to ensure compliance with security policies and regulations. Communicate security status, updates, and actual or potential problems, using established protocols. Collect and analyze security data to determine security needs, security program goals, or program accomplishments. Supervise subordinate security professionals, performing activities such as hiring, training, assigning work, evaluating performance, or disciplining. Plan, direct, or coordinate security activities to safeguard company assets, employees, guests, or others on company property. .

Describe the typical duties of a security manager that are strictly ma.docx

Describe the typical duties of a security manager that are strictly ma.docx

Describe the typical duties of a security manager that are strictly ma.docx

Describe the four categories of international airports in the federal classification of international airports. Solution Commercial Service Airports are publicly owned airports that have at least 2,500 passenger boardings each calendar year and receive scheduled passenger service. Passenger boardings refer to revenue passenger boardings on an aircraft in service in air commerce whether or not in scheduled service. The definition also includes passengers who continue on an aircraft in international flight that stops at an airport in any of the 50 States for a non-traffic purpose, such as refueling or aircraft maintenance rather than passenger activity. Passenger boardings at airports that receive scheduled passenger service are also referred to as Enplanements. Nonprimary Commercial Service Airports are Commercial Service Airports that have at least 2,500 and no more than 10,000 passenger boardings each year. Primary Airports are Commercial Service Airports that have more than 10,000 passenger boardings each year. Hub categories for Primary Airports are defined as a percentage of total passenger boardings within the United States in the most current calendar year ending before the start of the current fiscal year. For example, calendar year 2014 data are used for fiscal year 2016 since the fiscal year began 9 months after the end of that calendar year. The table above depicts the formulae used for the definition of airport categories based on statutory provisions cited within the table, including Hub Type described in 49 USC 47102. Cargo Service Airports are airports that, in addition to any other air transportation services that may be available, are served by aircraft providing air transportation of only cargo with a total annual landed weight of more than 100 million pounds. \"Landed weight\" means the weight of aircraft transporting only cargo in intrastate, interstate, and foreign air transportation. An airport may be both a commercial service and a cargo service airport. Reliever Airports are airports designated by the FAA to relieve congestion at Commercial Service Airports and to provide improved general aviation access to the overall community. These may be publicly or privately-owned. General Aviation Airports are public-use airports that do not have scheduled service or have less than 2,500 annual passenger boardings (49 USC 47102(8)). Approximately 88 percent of airports included in the NPIAS are general aviation. .

Describe the four categories of international airports in the federal.docx

Describe the four categories of international airports in the federal.docx

Describe the four categories of international airports in the federal.docx

Describe the major types of VPNs and technologies, protocols, and services used to deploy VPNs. Also describe the business benefits of VPNs. Solution A virtual private network (VPN) is a technology that creates an encrypted connection over a less secure network. The benefit of using a VPN is that it ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. The justification for using a VPN instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network (e.g., for a traveling sales rep) or it is too costly to do so. The most common types of VPNs are remote-access VPNs and site-to-site VPNs A remote-access VPN uses a public telecommunication infrastructure like the Internet to provide remote users secure access to their organization\'s network. A VPN client on the remote user\'s computer or mobile device connects to a VPN gateway on the organization\'s network, which typically requires the device to authenticate its identity, then creates a network link back to the device that allows it to reach internal network resources (e.g., file servers, printers, intranets) as though it was on that network locally. A remote-access VPN usually relies on either IPsec or SSL to secure the connection, although SSL VPNs are often focused on supplying secure access to a single application rather than to the whole internal network. Some VPNs provide Layer 2access to the target network; these require a tunneling protocol like PPTP or L2TP running across the base IPsec connection. A site-to-site VPN uses a gateway device to connect the entire network in one location to the network in another, usually a small branch connecting to a data center. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the Internet use IPsec. It is also common to use carrier MPLS clouds rather than the public Internet as the transport for site VPNs. Here, too, it is possible to have either Layer 3 connectivity (MPLS IP VPN) or Layer 2 (Virtual Private LAN Service, or VPLS) running across the base transport. VPNs can also be defined between specific computers, typically servers in separate data centers, when security requirements for their exchanges exceed what the enterprise network can deliver. Increasingly, enterprises also use VPNs in either remote-access mode or site-to-site mode to connect (or connect to) resources in a public infrastructure as a service environment. Newer hybrid-access scenarios put the VPN gateway itself in the cloud, with a secure link from the cloud service provider into the internal network. .

Describe the major types of VPNs and technologies- protocols- and serv.docx

Describe the major types of VPNs and technologies- protocols- and serv.docx

Describe the major types of VPNs and technologies- protocols- and serv.docx

Describe the different metrics that BGP can use in building a routing table Solution The metrics used by BGP in building a routing table are 1) Weight â€” weight is the first criterion used by the router and it is set locally on the userâ€™s router. The Weight is not passed to the following router updates. In case there are multiple paths to a certain IP address, BGP always selects the path with the highest weight. The weight parameter can be set either through neighbor command, route maps or via the AS-path access list. 2) Local Preference â€” this criterion indicates which route has local preference and BGP selects the one with the highest preference. Local Preference default is 100. 3) Network or Aggregate â€” this criterion chooses the path that was originated locally via an aggregate or a network, as the aggregation of certain routes in one is quite effective and helps to save a lot of space on the network. 4) Shortest AS_PATH â€” this criterion is used by BGP only in case it detects two similar paths with nearly the same local preference, weight and locally originated or aggregate addresses. 5) Lowest origin type â€” this criterion assigns higher preference to Exterior Gateway Protocol (EGP) and lower preference to Interior Gateway Protocol (IGP). 6) Lowest multi-exit discriminator (MED) â€” this criterion, representing the external metric of a route, gives preference to the lower MED value. 7) eBGP over iBGP â€” just like the â€œLowest origin typeâ€ criterion, this criterion prefers eBGP rather than iBGP. 8) Lowest IGP metric â€” this criterion selects the path with the lowest IGP metric to the BGP next hop. 9) Multiple paths â€” this criterion serves as indication whether multiple routes need to be installed in the routing table. 10) External paths â€” out of several external paths, this criterion selects the first received path. 11) Lowest router ID â€” this criterion selects the path which connects to the BGP router that has the lowest router ID. 12) Minimum cluster list â€” in case multiple paths have the same router ID or originator, this criterion selects the path with the minimum length of the cluster list. 13) Lowest neighbor address â€” this criterion selects the path, which originates from the lowest neighbor address. .

Describe the different metrics that BGP can use in building a routing.docx

Describe the different metrics that BGP can use in building a routing.docx

Describe the different metrics that BGP can use in building a routing.docx

Describe the ethnic city and the benefit of ethnic communiti? (. I need 4 paragraphs please . Explain what you believe social justice meant to Progressive? ( 1 paragraph Solution 1ans) An â€˜ethnic groupâ€™ has been defined as a group that regards itself or is regarded by others as a distinct community by virtue of certain characteristics that will help to distinguish the group from the surrounding community. Ethnicity is considered to be shared characteristics such as culture, language, religion, and traditions, which contribute to a person or groupâ€™s identity. Ethnicity has been described as residing in: â€¢ The belief by members of a social group that they are culturally distinctive and different to outsiders; â€¢ Their willingness to find symbolic markers of that difference (food habits, religion, forms of dress, language) and to emphasized their significance â€¢ Their willingness to organize relationships with outsiders so that a kind of â€˜group boundaryâ€™ is preserved and reproduced This shows that ethnicity is not necessarily genetic. It also shows how someone might describe themselves by an ethnicity different to their birth identity if they reside for a considerable time in a different area and they decide to adopt the culture, symbols and relationships of their new community. It is worth noting that the Traveller Community is recognised as a distinct ethnic group in the UK and Northern Ireland, but only as a distinct cultural group in the Republic of Ireland. Ethnicity is also a preferential term to describe the difference between humans rather than â€˜raceâ€™. This is because race is a now a discredited term that divided all peoples based on the idea of skin colour and superiority. There is only one â€˜raceâ€™, the human race as we are essentially genetically identical. For example, there is no French â€˜raceâ€™ but the French people could be described as a separate ethnic group. Advantages Disadvantages 2ans) Progressivism is a term commonly applied to a variety of responses to the economic and social problems that arose as a result of urbanization and the rapid industrialization introduced to America in the 19th Century. Progressivism began as a social movement to cope with a variety of social needs and eventually evolved into a reform movement and greater political action. The early progressives rejected Social Darwinism. In other words, they were people who believed that the problems society faced (poverty, poor health, violence, greed, racism, class warfare) could best be addressed by providing good education, a safer environment, an efficient workplace and honest government. Progressives lived mainly in the cities, were college educated, and believed that government could be a tool for change. .

Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx

Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx

Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx

Describe the different types of qualitative analysis and indicate which is most persuasive. Solution A qualitative analysis or a research is based on the collection and analysis of non-numeric data like words or pictures. Qualitative methods have three distinct dimensions which are as follows: 1. Understanding Concept 2. Understanding People 3. Understanding Interaction Four major types of qualitative research are: 1. Phenomenology - The analysis of data is done by getting access to individuals life-worlds, which is actually their world of experience. This can be done by conducting in-depth interviews. In this analysis the commonalities across individuals are sought. Once the data is collected it will be analyzed and report will be prepared based on the collected data and understandings. 2. Ethonography - It is a analysis based on the study of a group of people based on their culture. People from same or similar culture share beliefs, customs, rituals, practices and language norms. This will be highly effective in analyzing data qualitatively. The data that are collected in this method of analysis are based on the cultural standards, insider\'s perspective, external and social scentific view. 3. Grounded Theory - Here the analysis is based on the theoretical approach. The major characteristics of grounded theory are Fit, Understanding, Generality and control. Theories provide explanation and they tell us how and why of any situiation. 4. Case Study - In this analysis the various cases are considered and in-depth analysis is performed to study the variations and deviations. In all the above steps Data coding and analysis takes place. Data Analysis is done in three different steps and they are: 1. Open Coding -Â Â Reading transcripts 2. Axial Coding - Organizing concepts 3. Selective Coding - Focusing on main ideas Phenomenology is the most pursuasive method of qualitative analysis since the data is sought directly from the individuals. Hence this can be relied upon thoroughly. .

Describe the different types of qualitative analysis and indicate whic.docx

Describe the different types of qualitative analysis and indicate whic.docx

Describe the different types of qualitative analysis and indicate whic.docx

Describe neo-evolution. What is it and what are its primary tenets? Provide an example of a technology that is altering or may alter human evolution. What are the potential benefits of this type of technology? What are the potential drawbacks? What are the moral and ethical implications of neo-evolution? Should we continue to pursue this form of technology? Why or why not? Solution oevolutionism , school of anthropology concerned with long-term culture change and with the similar patterns of development that may be seen in unrelated, widely separated cultures. It arose in the mid-20th century, and it addresses the relation between the long-term changes that are characteristic of human culture in general and the short-term, localized social and ecological adjustments that cause specific cultures to differ from one another as they adapt to their own unique environments. Further, neoevolutionists investigate the ways in which different cultures adapt to similar environments and examine the similarities and differences in the long-term historical trajectories of such groups. Because most neoevolutionists are interested in the environmental and technological adjustments of the groups they study, many are identified with the cultural ecological approach to ethnography, with the culture process approach to archaeology, and with the study of early and protohumans in biological anthropology. Neoevolutionary anthropological thought emerged in the 1940s, in the work of the American anthropologists Leslie A. White and Julian H. Steward and others. White hypothesized that cultures became more advanced as they became more efficient at harnessing energy and that technology and social organization were both influential in instigating such efficiencies. Steward, inspired by classifying the native cultures of North and South America, focused on the parallel developments of unrelated groups in similar environments; he discussed evolutionary change in terms of what he called â€œlevels of sociocultural integrationâ€ and â€œmultilinear evolution,â€ terms he used to distinguish neoevolution from earlier, unilineal theories of cultural evolution. In the years since Whiteâ€™s and Stewardâ€™s seminal work, neoevolutionary approaches have been variously accepted, challenged, rejected, and revised, and they continue to generate a lively controversy among those interested in long-term cultural and social change. .

Describe neo-evolution- What is it and what are its primary tenets- Pr.docx

Describe neo-evolution- What is it and what are its primary tenets- Pr.docx

Describe neo-evolution- What is it and what are its primary tenets- Pr.docx

Describe ip protocol security pros and cons. Solution IP Protocol Security: Internet Protocol Security ( IPsec ) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec can be used in protecting data flows between a pair of hosts ( host-to-host ), between a pair of security gateways ( network-to-network ), or between a security gateway and a host ( network-to-host ). Security architecture: Pros of IPsec: Â·Security at the Network Layer Level - Being based at the network level, this technology is completely invisible in its operation . The end users are never required to learn about it, and neither do they ever directly interact with it. This in itself is an added layer of security for the VPNs running on IPsec. Â·No Application Dependence - While SSL-/ SSH-/ PGP-based VPNs are application-dependent, IPsec-based VPNs do not need to worry about application dependence. Since the entire security system is implemented at the network level, there are no application compatibility issues. Cons of IPsec: Â·CPU Overhead - Having to perform encryption and decryption on the hundreds of megabytes of data flowing through the machines requires quite a bit of processing power, and this translates to higher processor loads . Â·Compatibility Issues - IPsec is a standardized solution today, and yet, some large software developers may not adhere to it, and may go ahead with standards of their own. As a result, this can lead to compatibility issues . Â·Broken Algorithms - Some of the security algorithms that are still being used in IPsec have already been cracked. This poses a huge security risk, especially if the network administrators unknowingly use those algorithms instead of newer, more complex ones that are already available. .

Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx

Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx

Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx

Describe core competencies and their relationship to operations management. Please provide an example for a manufacturing environment and a service environment. Solution core competency fullfills three key criteria: A core competency can take various forms, including technical/subject matter know-how, a reliable process and/or close relationships with customers and suppliers. It may also include product development or culture, such as employee dedication, best Human Resource Management (HRM), good market coverage, or kaizen or continuous improvement over time. Core competencies are particular strengths relative to other organizations in the industry, which provide the fundamental basis for the provision of added value. Core competencies reflect the collective learning of an organization and involve coordinating diverse production skills and integrating multiple streams of technologies. It includes communication, involvement, and a deep commitment to working across organizational boundaries, such as improving cross-functional teams within an organization to address boundaries and to overcome them. Few companies are likely to build world leadership in more than five or six fundamental competencies. As an example of core competencies, Walt Disney World Parks and Resorts has three main core competencies: core competencies their relationship to operations management Operations management is an area of management concerned with overseeing, designing, and controlling the process of production and redesigning business operations in the production of goods or services. It involves the responsibility of ensuring that business operations are efficient in terms of using as few resources as needed, and effective in terms of meeting customer requirements. Core competencies are the collective learning in the organization, especially how to coordinate diverse production skills and integrate multiple streams of technologies.It embodies an organization .

Describe core competencies and their relationship to operations manage.docx

Describe core competencies and their relationship to operations manage.docx

Describe core competencies and their relationship to operations manage.docx

Describe in detail a man-in-the-middle attack on the Diffie-Hellman key-exchange protocol whereby the adversary ends up sharing a key k A with Alice and a different key k B with Bob, and Alice and Bob cannot detect that anything has gone wrong. What happens if Alice and Bob try to detect the presence of a man-in-the-middle adversary by sending each other (encrypted) questions that only the other party would know how to answer? Solution In man-in-the-middle attack, an opponent Eve intercepts Alice\'s public key K A and sends her own public key as K A to Bob. When Bob transmits his public key K B , Eve substitutes it with her own and sends it as K B to Alice. Eve and Alice thus agree on one shared key and Eve and Bob agree on another shared key. After this exchange, Eve simply decrypts any messages sent out by Alice or Bob, and then reads and possibly modifies them before re-encrypting with the appropriate key and transmitting them to the other party. This vulnerability is present because Diffie-Hellman key exchange does not authenticate the participants. The man-in-the-middle attack may be prevented by using digital signatures and other cryptographic schemes. Bob to encrypt a message so that only Alice will be able to decrypt it, with no prior communication between them other than Bob having trusted knowledge of Alice\'s public key. Alice\'s public key is g K A mod p, g,p. . To send her a message, Bob chooses a random K B and then sends Alice g K B mod p together with the message encrypted with ( g K A ) K B mod p symmetric key. Only Alice can determine the symmetric key and hence decrypt the message because only she has K A. .

Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx

Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx

Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx

Describe events that led to the signing of the Homeland Security Act 2002 into law on November 25, 2002. What was the intent of this Act and what department did it create? How did the Act change FEMAâ€™s emergency response role? Several agencies resisted efforts to be incorporated in the new department. Identify three such agencies and explain why they may have been reluctant to join. Do you agree? Solution Department of Homeland Security (DHS) was formed during the incorporation of all or part of 22 various federal departments into a united, incorporated Department. It was initiated to make the Americans safe. The President of America says to form a novel DHS, by considering all the departments into a single to safeguard the America under the name of DHS. It is the strategic plan applied by him after the terrorist attack in pennenslavia. The DHS mission is to keep the Americans safe from any of the attacks. Blue campaign and citizen corps involved in the Department of Homeland security. The Blue Campaign gives its support to the DHS and believe that every people has a right to have a freedom and then it combines with other NGOâ€™s, to fulfill its belief. The mission of Citizen Corps is to bind the people of Americans to enhance their knowledge with education, providing training centers, and volunteer service to make people strong and prepare them how to handle situations when they were troubles or attacks by other or some other natural disasters occurs. The Federal Emergency Management Agency (FEMA) is an organization of theUnited States Department of Homeland Security, initially created by Presidential Reorganization Plan No. 3 of 1978 and implemented by twoExecutive Orders on April 1, 1979.The goal is to organize the reply to a disasters that has happened in the US and then provide the funds to local and state government. The governer from that state that is where the disaster took place is the right person to intimate to the FEMA and to president .

Describe events that led to the signing of the Homeland Security Act 2.docx

Describe events that led to the signing of the Homeland Security Act 2.docx

Describe events that led to the signing of the Homeland Security Act 2.docx

More from earleanp (20)

Create your own variant of both a hiring and a termination policy rela.docx

Create your own variant of both a hiring and a termination policy rela.docx

Create your own variant of both a hiring and a termination policy rela.docx

Determine the valuation of long-term liabilities- Donald Lennon is the.docx

Determine the valuation of long-term liabilities- Donald Lennon is the.docx

Determine the valuation of long-term liabilities- Donald Lennon is the.docx

Describe three of the following attack types in the Operation Security.docx

Describe three of the following attack types in the Operation Security.docx

Describe three of the following attack types in the Operation Security.docx

Describes the concept of ADTS and illustrates the concept with three o.docx

Describes the concept of ADTS and illustrates the concept with three o.docx

Describes the concept of ADTS and illustrates the concept with three o.docx

Describe- manage- and install Active Directory replication- federation.docx

Describe- manage- and install Active Directory replication- federation.docx

Describe- manage- and install Active Directory replication- federation.docx

Describe the process to start and restart apache on CENTOS command lin.docx

Describe the process to start and restart apache on CENTOS command lin.docx

Describe the process to start and restart apache on CENTOS command lin.docx

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

Describe the process of creating and exporting a schedule report for t.docx

Describe the process of creating and exporting a schedule report for t.docx

Describe the process of creating and exporting a schedule report for t.docx

Describe the principal technologies that have shaped contemporary tele.docx

Describe the principal technologies that have shaped contemporary tele.docx

Describe the principal technologies that have shaped contemporary tele.docx

Describe the typical duties of a security manager that are strictly ma.docx

Describe the typical duties of a security manager that are strictly ma.docx

Describe the typical duties of a security manager that are strictly ma.docx

Describe the four categories of international airports in the federal.docx

Describe the four categories of international airports in the federal.docx

Describe the four categories of international airports in the federal.docx

Describe the major types of VPNs and technologies- protocols- and serv.docx

Describe the major types of VPNs and technologies- protocols- and serv.docx

Describe the major types of VPNs and technologies- protocols- and serv.docx

Describe the different metrics that BGP can use in building a routing.docx

Describe the different metrics that BGP can use in building a routing.docx

Describe the different metrics that BGP can use in building a routing.docx

Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx

Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx

Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx

Describe the different types of qualitative analysis and indicate whic.docx

Describe the different types of qualitative analysis and indicate whic.docx

Describe the different types of qualitative analysis and indicate whic.docx

Describe neo-evolution- What is it and what are its primary tenets- Pr.docx

Describe neo-evolution- What is it and what are its primary tenets- Pr.docx

Describe neo-evolution- What is it and what are its primary tenets- Pr.docx

Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx

Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx

Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx

Describe core competencies and their relationship to operations manage.docx

Describe core competencies and their relationship to operations manage.docx

Describe core competencies and their relationship to operations manage.docx

Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx

Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx

Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx

Describe events that led to the signing of the Homeland Security Act 2.docx

Describe events that led to the signing of the Homeland Security Act 2.docx

Describe events that led to the signing of the Homeland Security Act 2.docx

Recently uploaded

Basic Civil Engineering notes first year Notes Building notes Selection of site for Building Layout of a Building What is Burjis, Mutam Building Bye laws Basic Concept of sunlight ventilation in building National Building Code of India Set back or building line Types of Buildings Floor Space Index (F.S.I) Institutional Vs Educational Building Components & function Sills, Lintels, Cantilever Doors, Windows and Ventilators Types of Foundation AND THEIR USES Plinth Area Shallow and Deep Foundation Super Built-up & carpet area Floor Area Ratio (F.A.R) RCC Reinforced Cement Concrete RCC VS PCC

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

In Bachelor of Pharmacy course, Class- 1st year, sem-II Subject EVS having topic of Energy Resources under the point Natural Resources. Following Presentation contain total information about the energy resources like Introduction of energy resources, Non-renewable, Renewable Energy resources with examples as well as deep explanations of coal, oil, petroleum, solar energy , wind energy , Conservation of Natural resources etc. Students having deep knowledge about energy resources after studying this presentation.

Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources

Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources

Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources

Shubhangi Sonawane

Z Score,T Score, Percential Rank and Box Plot Graph

Z Score,T Score, Percential Rank and Box Plot Graph

Z Score,T Score, Percential Rank and Box Plot Graph

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

Web & Social Media Analytics Previous Year Question Paper.pdf

Web & Social Media Analytics Previous Year Question Paper.pdf

Web & Social Media Analytics Previous Year Question Paper.pdf

General Principles of Intellectual Property: Concepts of Intellectual Proper...

General Principles of Intellectual Property: Concepts of Intellectual Proper...

General Principles of Intellectual Property: Concepts of Intellectual Proper...

Poonam Aher Patil

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

The global implications of DORA and NIS 2 Directive are significant, extending beyond the European Union. Amongst others, the webinar covers: • DORA and its Implications • Nis 2 Directive and its Implications • How to leverage directive and regulation as a marketing tool and competitive advantage • How to use new compliance framework to request additional budget Presenters: Christophe Mazzola - Senior Cyber Governance Consultant Armed with endless Excel files, a meme catalog worthy of the best X'os (formerly twittos), and a risk register to make your favorite risk manager jealous, I swapped my computer scientist cape a few years ago for that of a (cyber) threat hunter with the honorary title of CISO. Ah, and I am also a quadruple senior certified ISO27001/2/5, Pas mal non ? C'est francais. Malcolm Xavier Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc. His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management. Date: April 25, 2024 Tags: Information Security, Digital Operational Resilience Act (DORA) ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: Digital Operational Resilience Act (DORA) - EN | PECB NIS 2 Directive - EN | PECB Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

RamjanShidvankar

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

VishalSingh1417

This PowerPoint helps students to consider the concept of infinity.

This PowerPoint helps students to consider the concept of infinity.

This PowerPoint helps students to consider the concept of infinity.

christianmathematics

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx

2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx

2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx

MaritesTamaniVerdade

How to Give a Domain for a Field in Odoo 17

How to Give a Domain for a Field in Odoo 17

How to Give a Domain for a Field in Odoo 17

Nutritional Needs Presentation - HLTH 104

Nutritional Needs Presentation - HLTH 104

Nutritional Needs Presentation - HLTH 104

Recently uploaded (20)

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources

Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources

Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources

Z Score,T Score, Percential Rank and Box Plot Graph

Z Score,T Score, Percential Rank and Box Plot Graph

Z Score,T Score, Percential Rank and Box Plot Graph

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

psychiatric nursing HISTORY COLLECTION .docx

Web & Social Media Analytics Previous Year Question Paper.pdf

Web & Social Media Analytics Previous Year Question Paper.pdf

Web & Social Media Analytics Previous Year Question Paper.pdf

General Principles of Intellectual Property: Concepts of Intellectual Proper...

General Principles of Intellectual Property: Concepts of Intellectual Proper...

General Principles of Intellectual Property: Concepts of Intellectual Proper...

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Beyond the EU: DORA and NIS 2 Directive's Global Impact

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Measures of Central Tendency: Mean, Median and Mode

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

Unit-V; Pricing (Pharma Marketing Management).pptx

This PowerPoint helps students to consider the concept of infinity.

This PowerPoint helps students to consider the concept of infinity.

This PowerPoint helps students to consider the concept of infinity.

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

microwave assisted reaction. General introduction

2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx

2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx

2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx

How to Give a Domain for a Field in Odoo 17

How to Give a Domain for a Field in Odoo 17

How to Give a Domain for a Field in Odoo 17

Nutritional Needs Presentation - HLTH 104

Nutritional Needs Presentation - HLTH 104

Nutritional Needs Presentation - HLTH 104

Cryptography and network security by Stallings- Question 4- (a) Is it.docx

1. Cryptography and network security by Stallings. Question 4. (a) Is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If so, explain how it can be done. If not, why not? (b) For SSH packets, what is the advantage, if any, of not including the MAC in the scope of the packet encrytion? Solution a) SSL relies on an underlying reliable protocol TCP to assure that bytes are not lost or inserted. There was some discussion of reengineering the future TLS protocol to work over datagram protocols such as UDP, in which case out-of-order blocks cannot be handled. So it depends on the transport layer protocol SSL/TLS runs on. b) As alluded to by Palo Ebermann's comment, the word authentication has a different meaning in the two scenarios you mentioned. In the key exchange phase of SSH, the purpose of authentication is to ensure to both parties that they are indeed talking to the right peer (if using mutual authentication). Typically, the server authenticates itself using its public key and the client uses a username and password. In the SSH record layer phase (i.e., the sending of the actual application data), the purpose of authentication is to protect each individual data packet from tampering. This is achieved using the MAC. To encrypt application data SSH typically uses either AES in counter mode or in CBC mode. Neither of these modes of operation provides protection against tampering of the ciphertext. Thus they need to be accompanied with a MAC in order to detect this. Consider e.g., the silly example where Alice sends the following message encrypted using AES in counter mode, but without any MAC: Transfer 100 USD from Alice to Bob. Then someone (Bob?) could flip a few strategically placed bits in the ciphertext, so that it would actually decrypt to Transfer 10 000 USD from Alice to Bob. instead. Note that without any MAC, it would be impossible for the recipient to notice that this ciphertext had been tampered with. Also,

2. observe that this fact is completely independent of any key exchange that has been done prior to the tampering.