SlideShare a Scribd company logo

INFA 640 Homework 2 Choose the best answer (one) and give re.docx

Download as DOCX, PDF
J
jaggernaoma

INFA 640 Homework 2 Choose the best answer (one) and give reason in a few sentences for your choice or not choosing others. Please give a reference. To get full credit the reason should be in your own words, not a copy from any reference. Without reason in your own words you will not get full credit. The questions 1 thru 7 weigh 5 pts each. The eighth Question carries 15 pts. Please name your file as [lastname firstname INFA640_ HW2] Due last day of the session Sunday 11:59 PM . pg. 1 1) If an attacker has a copy of the cipher text and its content yields no information at all with regard to the plain text message, the text is considered _____________. a) cipher perfect b) third-eye blind c) perfectly secure d) third-party secure Reason: 2) Which is not a weakness of a shift cipher? _________________________ a) Once you have the code book you can decode the message. b) Natural language letter frequency makes them easy to decode. c) The number of letters in the alphabet makes them easy to decode. d) Once the shift is determined the message is decoded almost instantly. Reason: 3) Quantum cryptography is based on the physics of light. True/False, Reason with details: 4) Claude Shannon presented the encryption design principles of _________________. a) multiplication and factoring b) exponentiation and Logarithms c) confusion and diffusion d) perplexion and reflection Reason with how and why it helps encryption: 5) Two numbers are said to be congruent if _____________________. a) one is a multiple of the other b) they produce the same remainder after modulo division c) they have the same prime number as a factor d) they are quotients of the same number Reason: 6) A good hash function creates _________ mapping between the source string and the output string. a) complex b) as many as needed c) divisional d) one to one Reason why it is good: 7) A number is relatively prime to another if they _____________. a) have only each other as factors b) have no prime factors in common c) only have one prime factor in common d) are both divisible by 7 Reason : 8) (15 pts) The following is a ciphertext: a) U GIRJ CFJ SWAY. SWAY UR JQW GUCB-TUDDWY. SWAY UR JQW DUJJDW-BWAJQ JQAJ LYUCPR JFJAD FLDUJWYAJUFC. U NUDD SAKW GM SWAY. U NUDD EWYGUJ UJ JF EARR FOWY GW ACB JQYFIPQ GW. ACB NQWC UJ QAR PFCW EARJ U NUDD JIYC JQW UCCWY WMW JF RWW UJR EAJQ. NQWYW JQW SWAY QAR PFCW JQWYW NUDD LW CFJQUCP. FCDM U NUDD YWGAUC – SYACT QWYLWY b) What kind of cipher text is this? Mono- or Poly alphabetic; Hint: assume one and when that does not work look for the other c) Describe your cryptanalysis process. Show all the steps you went through to decrypt the message. The steps should be in sufficient details so that a reader would be able to decrypt the encrypted text without needing any help from you. d) State the plain text message. e) List features of the cipher- text that hindered and helped your decryption process. mention of helpful and hindering features Note:.

Education
1 of 9
INFA 640 Homework 2 Choose the best answer (one) and give reason in a few sentences for your choice or not choosing others. Please give a reference. To get full credit the reason should be in your own words, not a copy from any reference. Without reason in your own words you will not get full credit. The questions 1 thru 7 weigh 5 pts each. The eighth Question carries 15 pts. Please name your file as [lastname firstname INFA640_ HW2] Due last day of the session Sunday 11:59 PM . pg. 1 1) If an attacker has a copy of the cipher text and its content yields no information at all with regard to the plain text message, the text is considered _____________. a) cipher perfect b) third-eye blind c) perfectly secure d) third-party secure Reason: 2) Which is not a weakness of a shift cipher? _________________________ a) Once you have the code book you can decode the message. b) Natural language letter frequency makes them easy to decode. c) The number of letters in the alphabet makes them easy to decode. d) Once the shift is determined the message is decoded almost instantly. Reason: 3) Quantum cryptography is based on the physics of light. True/False, Reason with details:
4) Claude Shannon presented the encryption design principles of _________________. a) multiplication and factoring b) exponentiation and Logarithms c) confusion and diffusion d) perplexion and reflection Reason with how and why it helps encryption: 5) Two numbers are said to be congruent if _____________________. a) one is a multiple of the other b) they produce the same remainder after modulo division c) they have the same prime number as a factor d) they are quotients of the same number Reason: 6) A good hash function creates _________ mapping between the source string and the output string. a) complex b) as many as needed c) divisional d) one to one Reason why it is good: 7) A number is relatively prime to another if they _____________. a) have only each other as factors b) have no prime factors in common c) only have one prime factor in common d) are both divisible by 7 Reason : 8) (15 pts) The following is a ciphertext: a) U GIRJ CFJ SWAY. SWAY UR JQW GUCB-TUDDWY. SWAY UR JQW DUJJDW-BWAJQ JQAJ LYUCPR JFJAD FLDUJWYAJUFC. U NUDD SAKW GM SWAY. U NUDD EWYGUJ UJ JF EARR FOWY GW ACB JQYFIPQ GW. ACB NQWC UJ QAR PFCW EARJ U NUDD JIYC JQW UCCWY WMW JF RWW UJR EAJQ. NQWYW JQW SWAY QAR PFCW
JQWYW NUDD LW CFJQUCP. FCDM U NUDD YWGAUC – SYACT QWYLWY b) What kind of cipher text is this? Mono- or Poly alphabetic; Hint: assume one and when that does not work look for the other c) Describe your cryptanalysis process. Show all the steps you went through to decrypt the message. The steps should be in sufficient details so that a reader would be able to decrypt the encrypted text without needing any help from you. d) State the plain text message. e) List features of the cipher- text that hindered and helped your decryption process. mention of helpful and hindering features Note: Only a decrypted message even if it is correct without the methodology and the detailed description of the self- explanatory steps used to decrypt, would not get points. Last Name First Name Page | 4 INFA 630- Cryptography and Data Protection Midterm Exam Spring 2017 Due on Sunday 11:59 EST INFA 630 Intrusion Detection and Intrusion PreventionMidterm Exam Instructions
· You are to take this test during the week (with late submission on Monday; a maximum of 15% penalty). The test is due no later than 11:59 p.m. Eastern Daylight Time on Sunday. Work alone. You may not confer with other class members, or anyone else, directly or by e-mail or otherwise, regarding the questions, issues, or your answers. You may use your notes, textbooks, other published materials, and the Internet. · The test scored on the basis of 100 points for the test. The exam is intended to assess your understanding of key concepts in the course, NOT your ability to look up concepts on the internet. Make sure answers are stated in your own words, and where applicable provide your own examples, rather than repeating the ones used in the course materials. · When composing your answers, be thorough. Do not simply examine one alternative if two or more alternatives exist. The more complete your answer, the higher your score will be. Be sure to identify any assumptions you are making in developing your answers, and describe how your answer would change if the assumptions were different. For multiple choice question if you think there are more than one correct answers choose the best one and justify your answers · While composing your answers, be VERY careful to cite your sources. Remember, failure to cite sources constitutes an academic integrity violation. Use APA style for citations and references. References are not required for Part I, & II. However, for Part III and IV please give references. · Your answers should be contained in a Microsoft Word, RTF, or compatible format document uploaded to the Assignments folder. If you use some other word processor, please make sure the numbering does not change. I may return files (ungraded) in any other format if I cannot open them in one try. I may check your part IV answers with Turnitin.
· Please be sure to put your name in the header on every page including page #’s. Replace “Last Name” with your last name and so on. Name your file “ Lastname first nameINFA630 Midterm” · General or logistical questions about the exam or these instructions should be posted in the Q&A Conference. Please submit specific or detailed questions regarding the exam to your instructor at [email protected]. If questions submitted via email are applicable to all, your instructor, with your permission, may post them in the LEO Q&A Conference area, without revealing their source. Exam Questions Part 1: True or False Questions. (10 questions at 2 point each) provide one or two sentences justification/explanation. Without justification you will not get full points. 1. T F Anomaly-based intrusion detection systems generate alerts based on deviations from “normal” traffic. Answer: _____ 2. T F A host-based IDS only monitors network traffic destined for a particular computer. Answer: ____ 3. T F When discussing IDS and IPS, a signature is a digital certificate used to identify the author of a rule. Answer: _____ 4. T F To comply with network communication standards, software running on Internet hosts must implement both IP and ICMP protocols. Answer: _____ 5. T F Signature-based intrusion detection can identify previously unknown attacks. Answer: _____ 6. T F The primary difference between network-based IDS and IPS is that an IPS responds to suspected attacks by blocking network traffic, while an IDS only provides notification that suspicious traffic is observed. Answer: _____ 7. T F
Snort requires the use of at least one preprocessor to be able to analyze patterns in network traffic spanning multiple packets. Answer: _____ 8. T F Snort generates an alert as soon as a detection rule is matched. Answer: _____ 9. T F A network-based IDS that scans packet traffic to try to match known attack patterns is called a signature-based NIDS. Answer: _____ 10. T F An in-line IDS must have the processing power to handle traffic at least as fast as the bandwidth of the network it monitors, or it will lose packets and potentially fail to notify on packets matching alert rules. Answer: _____ Part 2: Multiple Choice Questions. Print the correct answer in the blank following the question. With justification for the correct answer or reasons for others being not correct.(5 questions at 3 points each) 1. Which of the following is an advantage of anomaly-based detection? a. Rules are easy to define b. The data it produces can be easily analyzed c. It can detect “zero-day” or previously unknown attacks d. Malicious activity that falls within normal usage patterns is detected e. Rules developed at one site can be shared with many other users Answer(s): ____ 2. Most commercial IDSes generate alerts based on signatures at the network layer and what other OSI model layer? a. Application layer b. Presentation layer c. Data-link layer
d. Transport layer e. Session layerAnswer(s): _____ 3. Potentially troubling causes for network traffic with out-of- order packet arrival include all of the following EXCEPT? a. The network route for inbound packets is different than the outbound route b. The packets were routed through a network that uses small packet size c. The packets have been altered in transit before arriving d. The packets sent from the source were split across multiple interfaces e. None of the above Answer(s): _____ 4. Which is/are true for intrusion protection systems (IPSes)? a. An IPS detects network attacks and issues alerts b. An IPS responds to network attacks by blocking traffic and resetting connections c. An IPS sits inline and monitors traffic d. a and b only e. a, b, and c Answer(s): _____ 5. Which of the following is a limitation of Snort? a. Cannot centrally monitor sensors running on different OSes b. Cannot protect against insider threats c. Cannot inspect encrypted traffic for attack signatures d. Cannot scale effectively to protect a large network e. All of the above Answer(s): _____
Part 3: Short Answers. Please answer briefly and completely, and cite all sources of information. (5 questions at 9 points each) 1. Compare and contrast signature-based and anomaly-based intrusion detection systems. In your analysis, describe at least three ways in which the two types of IDS are similar, and at least three ways in which they differ. 2. Identify and briefly describe the two primary approaches to writing signatures for network-based IDS tools. Is one technique preferred over the other? Explain why. 3. Describe what a pre-processor does in a network-based IDS tool such as Snort. Demonstrate your understanding of this functionality by citing two examples of pre-processors and explaining what they contribute to the process of network traffic analysis and intrusion detection. 4. If an attacker knew a network-based IDS was running in a targeted environment, how might the attacker try to evade detection? Provide at least two examples of IDS evasion techniques that might be used by an attacker, and suggest a remedy or defense against the techniques you cite. 5. Describe how host-based intrusion detection works, briefly contrasting it with network-based intrusion detection. Explain three types of threats against which HIDS is particularly effective. Part 4: IDS Placement. (20 points) Please refer to the accompanying network diagram as you consider and respond to the following: Global Corporation, Inc. (GCI) is a fictional company providing business services to a variety of clients across many industries, including commercial and government entities. GCI recently finished construction of a new corporate headquarters, which includes the network infrastructure for primary company operations. You are a security analyst specializing in intrusion detection brought in by GCI to help determine the most appropriate kinds of IDS to use and most effective IDS placements to protect their network.
GCI’s network uses a conventional three-zone architecture: devices exposed to the Internet are part of an un-trusted outer zone; Internet-accessible services such as the company website and email are in a demilitarized zone; and major systems and servers supporting both Internet-facing and internal applications as well as internal computing resources such as the corporate LAN are in a trusted zone. Each of these zones is segmented from the others using hardware-based firewalls; the corporate databases are further protected behind their own dedicated firewall. GCI allows employees remote access to the corporate LAN using either VPN or dial-up connections. Identify the locations throughout the GCI network where you would recommend IDS to be deployed. Each of the components in the accompanying GCI-HQ Network diagram is lettered to simplify your references to the diagram. For network connections between devices and layers, you may assume for the purposes of this exercise that all components in a given zone share the same network segment. For each placement, you recommend, please note the type of IDS to be deployed and any specific considerations that should be taken into account to ensure the effective monitoring of the location. Page 4 of 5

Recommended

InstructionsWork alone. You may not confer with other class me.docx
InstructionsWork alone. You may not confer with other class me.docxInstructionsWork alone. You may not confer with other class me.docx
InstructionsWork alone. You may not confer with other class me.docx
normanibarber20063
 
Instructions · Take this test during the week (with late submiss.docx
Instructions · Take this test during the week (with late submiss.docxInstructions · Take this test during the week (with late submiss.docx
Instructions · Take this test during the week (with late submiss.docx
normanibarber20063
 
Lo 16
Lo 16Lo 16
Lo 16
liankei
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
Walmart Super Center
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
Walmart Super Center
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
Walmart Super Center
 
Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)
sergejsvolkovs10
 
Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)
powellabril
 

Recommended

InstructionsWork alone. You may not confer with other class me.docx
InstructionsWork alone. You may not confer with other class me.docxInstructionsWork alone. You may not confer with other class me.docx
InstructionsWork alone. You may not confer with other class me.docx
normanibarber20063
 
Instructions · Take this test during the week (with late submiss.docx
Instructions · Take this test during the week (with late submiss.docxInstructions · Take this test during the week (with late submiss.docx
Instructions · Take this test during the week (with late submiss.docx
normanibarber20063
 
Lo 16
Lo 16Lo 16
Lo 16
liankei
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
Walmart Super Center
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
Walmart Super Center
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
Walmart Super Center
 
Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)
sergejsvolkovs10
 
Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)
powellabril
 
Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)
powellabril
 
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docxNew folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
henrymartin15260
 
Assignment 2
Assignment 2Assignment 2
Assignment 2
Sandeep Ratnam
 
9th_Computer Full Exercise
9th_Computer Full Exercise 9th_Computer Full Exercise
9th_Computer Full Exercise
Naeem Mughal
 
[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人
[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人
[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人
台灣資料科學年會
 
Interview questions_mod.pdf
Interview questions_mod.pdfInterview questions_mod.pdf
Interview questions_mod.pdf
Rajb54
 
Interview questions
Interview questionsInterview questions
Interview questions
maverick2203
 
Interview questions
Interview questionsInterview questions
Interview questions
tushar patel patel
 
Rinse and Repeat : The Spiral of Applied Machine Learning
Rinse and Repeat : The Spiral of Applied Machine LearningRinse and Repeat : The Spiral of Applied Machine Learning
Rinse and Repeat : The Spiral of Applied Machine Learning
Anna Chaney
 
A02 assignment-2
A02 assignment-2A02 assignment-2
A02 assignment-2
Sandeep Ratnam
 
Cs141 mid termexam v1
Cs141 mid termexam v1Cs141 mid termexam v1
Cs141 mid termexam v1
Fahadaio
 
COSC2536/2537 Security in Computing and Information Technology Assignments
COSC2536/2537 Security in Computing and Information Technology AssignmentsCOSC2536/2537 Security in Computing and Information Technology Assignments
COSC2536/2537 Security in Computing and Information Technology Assignments
Johnsmith5188
 
midterm_fa08.pdf
midterm_fa08.pdfmidterm_fa08.pdf
midterm_fa08.pdf
RavinderKSingla
 
Finding Some "Good" iOS Interview Questions for Employers
Finding Some "Good" iOS Interview Questions for EmployersFinding Some "Good" iOS Interview Questions for Employers
Finding Some "Good" iOS Interview Questions for Employers
nataliepo
 
Feasibility study on an answer grading system based on keyword scanning
Feasibility study on an answer grading system based on keyword scanningFeasibility study on an answer grading system based on keyword scanning
Feasibility study on an answer grading system based on keyword scanning
Hossain Mohammad Samrat
 
Cets 2013_ gander hale_write_test_questions_session
Cets 2013_ gander hale_write_test_questions_sessionCets 2013_ gander hale_write_test_questions_session
Cets 2013_ gander hale_write_test_questions_session
Chicago eLearning & Technology Showcase
 
Sample prac exam2013
Sample prac exam2013Sample prac exam2013
Sample prac exam2013
hccit
 
R04503105108
R04503105108R04503105108
R04503105108
IJERA Editor
 
Cs141 final exam-143810-v2
Cs141 final exam-143810-v2Cs141 final exam-143810-v2
Cs141 final exam-143810-v2
Fahadaio
 
When composing your answers, be thorough. Do not simply exam.docx
When composing your answers, be thorough. Do not simply exam.docxWhen composing your answers, be thorough. Do not simply exam.docx
When composing your answers, be thorough. Do not simply exam.docx
mansonagnus
 
Attached is a joint letter to Capitol Hill to advocate for increased.docx
Attached is a joint letter to Capitol Hill to advocate for increased.docxAttached is a joint letter to Capitol Hill to advocate for increased.docx
Attached is a joint letter to Capitol Hill to advocate for increased.docx
jaggernaoma
 
Attached is a copy of an interview done with a Tribal member regardi.docx
Attached is a copy of an interview done with a Tribal member regardi.docxAttached is a copy of an interview done with a Tribal member regardi.docx
Attached is a copy of an interview done with a Tribal member regardi.docx
jaggernaoma
 

More Related Content

Similar to INFA 640 Homework 2 Choose the best answer (one) and give re.docx

New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docxNew folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
henrymartin15260
 
Interview questions_mod.pdf
Interview questions_mod.pdfInterview questions_mod.pdf
Interview questions_mod.pdf
Rajb54
 
Cs141 mid termexam v1
Cs141 mid termexam v1Cs141 mid termexam v1
Cs141 mid termexam v1
Fahadaio
 
Sample prac exam2013
Sample prac exam2013Sample prac exam2013
Sample prac exam2013
hccit
 
Cs141 final exam-143810-v2
Cs141 final exam-143810-v2Cs141 final exam-143810-v2
Cs141 final exam-143810-v2
Fahadaio
 
When composing your answers, be thorough. Do not simply exam.docx
When composing your answers, be thorough. Do not simply exam.docxWhen composing your answers, be thorough. Do not simply exam.docx
When composing your answers, be thorough. Do not simply exam.docx
mansonagnus
 

Similar to INFA 640 Homework 2 Choose the best answer (one) and give re.docx (20)

Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)Infa 640 midterm new (spring 2016) (umuc)
Infa 640 midterm new (spring 2016) (umuc)
 
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docxNew folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
New folderCSE2AIF 2015 Assignment 2.pdfCSE2AIF - Artifi.docx
 
Assignment 2
Assignment 2Assignment 2
Assignment 2
 
9th_Computer Full Exercise
9th_Computer Full Exercise 9th_Computer Full Exercise
9th_Computer Full Exercise
 
[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人
[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人
[TOxAIA新竹分校] 工業4.0潛力新應用! 多模式對話機器人
 
Interview questions_mod.pdf
Interview questions_mod.pdfInterview questions_mod.pdf
Interview questions_mod.pdf
 
Interview questions
Interview questionsInterview questions
Interview questions
 
Interview questions
Interview questionsInterview questions
Interview questions
 
Rinse and Repeat : The Spiral of Applied Machine Learning
Rinse and Repeat : The Spiral of Applied Machine LearningRinse and Repeat : The Spiral of Applied Machine Learning
Rinse and Repeat : The Spiral of Applied Machine Learning
 
A02 assignment-2
A02 assignment-2A02 assignment-2
A02 assignment-2
 
Cs141 mid termexam v1
Cs141 mid termexam v1Cs141 mid termexam v1
Cs141 mid termexam v1
 
COSC2536/2537 Security in Computing and Information Technology Assignments
COSC2536/2537 Security in Computing and Information Technology AssignmentsCOSC2536/2537 Security in Computing and Information Technology Assignments
COSC2536/2537 Security in Computing and Information Technology Assignments
 
midterm_fa08.pdf
midterm_fa08.pdfmidterm_fa08.pdf
midterm_fa08.pdf
 
Finding Some "Good" iOS Interview Questions for Employers
Finding Some "Good" iOS Interview Questions for EmployersFinding Some "Good" iOS Interview Questions for Employers
Finding Some "Good" iOS Interview Questions for Employers
 
Feasibility study on an answer grading system based on keyword scanning
Feasibility study on an answer grading system based on keyword scanningFeasibility study on an answer grading system based on keyword scanning
Feasibility study on an answer grading system based on keyword scanning
 
Cets 2013_ gander hale_write_test_questions_session
Cets 2013_ gander hale_write_test_questions_sessionCets 2013_ gander hale_write_test_questions_session
Cets 2013_ gander hale_write_test_questions_session
 
Sample prac exam2013
Sample prac exam2013Sample prac exam2013
Sample prac exam2013
 
R04503105108
R04503105108R04503105108
R04503105108
 
Cs141 final exam-143810-v2
Cs141 final exam-143810-v2Cs141 final exam-143810-v2
Cs141 final exam-143810-v2
 
When composing your answers, be thorough. Do not simply exam.docx
When composing your answers, be thorough. Do not simply exam.docxWhen composing your answers, be thorough. Do not simply exam.docx
When composing your answers, be thorough. Do not simply exam.docx
 

More from jaggernaoma

Attached is a joint letter to Capitol Hill to advocate for increased.docx
Attached is a joint letter to Capitol Hill to advocate for increased.docxAttached is a joint letter to Capitol Hill to advocate for increased.docx
Attached is a joint letter to Capitol Hill to advocate for increased.docx
jaggernaoma
 
Attached Files Week 5 - trace IP Physical Location.rtf (38..docx
Attached Files Week 5 - trace IP Physical Location.rtf (38..docxAttached Files Week 5 - trace IP Physical Location.rtf (38..docx
Attached Files Week 5 - trace IP Physical Location.rtf (38..docx
jaggernaoma
 
Attached Files News Analysis Sample.docxNews Analysis Sam.docx
Attached Files News Analysis Sample.docxNews Analysis Sam.docxAttached Files News Analysis Sample.docxNews Analysis Sam.docx
Attached Files News Analysis Sample.docxNews Analysis Sam.docx
jaggernaoma
 
Attached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docx
Attached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docxAttached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docx
Attached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docx
jaggernaoma
 
Attached below isWEEK 4 As always, include references. As alwa.docx
Attached below isWEEK 4 As always, include references. As alwa.docxAttached below isWEEK 4 As always, include references. As alwa.docx
Attached below isWEEK 4 As always, include references. As alwa.docx
jaggernaoma
 
Attached are the instructions and rubric! Research Paper #2.docx
Attached are the instructions and rubric! Research Paper #2.docxAttached are the instructions and rubric! Research Paper #2.docx
Attached are the instructions and rubric! Research Paper #2.docx
jaggernaoma
 
Attached are the guidelines for the Expertise Sharing Project. M.docx
Attached are the guidelines for the Expertise Sharing Project. M.docxAttached are the guidelines for the Expertise Sharing Project. M.docx
Attached are the guidelines for the Expertise Sharing Project. M.docx
jaggernaoma
 
Atomic models are useful because they allow us to picture what is in.docx
Atomic models are useful because they allow us to picture what is in.docxAtomic models are useful because they allow us to picture what is in.docx
Atomic models are useful because they allow us to picture what is in.docx
jaggernaoma
 
Atoms and Electrons AssignmentLook at these websites to he.docx
Atoms and Electrons AssignmentLook at these websites to he.docxAtoms and Electrons AssignmentLook at these websites to he.docx
Atoms and Electrons AssignmentLook at these websites to he.docx
jaggernaoma
 

More from jaggernaoma (20)

Attached is a joint letter to Capitol Hill to advocate for increased.docx
Attached is a joint letter to Capitol Hill to advocate for increased.docxAttached is a joint letter to Capitol Hill to advocate for increased.docx
Attached is a joint letter to Capitol Hill to advocate for increased.docx
 
Attached is a copy of an interview done with a Tribal member regardi.docx
Attached is a copy of an interview done with a Tribal member regardi.docxAttached is a copy of an interview done with a Tribal member regardi.docx
Attached is a copy of an interview done with a Tribal member regardi.docx
 
Attached Files Week 5 - trace IP Physical Location.rtf (38..docx
Attached Files Week 5 - trace IP Physical Location.rtf (38..docxAttached Files Week 5 - trace IP Physical Location.rtf (38..docx
Attached Files Week 5 - trace IP Physical Location.rtf (38..docx
 
Attached here is a psychology article I need to be summarized. Pleas.docx
Attached here is a psychology article I need to be summarized. Pleas.docxAttached here is a psychology article I need to be summarized. Pleas.docx
Attached here is a psychology article I need to be summarized. Pleas.docx
 
Attached Files News Analysis Sample.docxNews Analysis Sam.docx
Attached Files News Analysis Sample.docxNews Analysis Sam.docxAttached Files News Analysis Sample.docxNews Analysis Sam.docx
Attached Files News Analysis Sample.docxNews Analysis Sam.docx
 
Attached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docx
Attached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docxAttached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docx
Attached Files  SOC-220_SOCIAL PROBLEMS PRESENTATION.docx
 
Attached below you will find the series of 4 questions. This assignm.docx
Attached below you will find the series of 4 questions. This assignm.docxAttached below you will find the series of 4 questions. This assignm.docx
Attached below you will find the series of 4 questions. This assignm.docx
 
Attached below isWEEK 4 As always, include references. As alwa.docx
Attached below isWEEK 4 As always, include references. As alwa.docxAttached below isWEEK 4 As always, include references. As alwa.docx
Attached below isWEEK 4 As always, include references. As alwa.docx
 
Attached are two articles in one document. Write thoughtful resp.docx
Attached are two articles in one document. Write thoughtful resp.docxAttached are two articles in one document. Write thoughtful resp.docx
Attached are two articles in one document. Write thoughtful resp.docx
 
Attached are the instructions to the assignment.Written Assign.docx
Attached are the instructions to the assignment.Written Assign.docxAttached are the instructions to the assignment.Written Assign.docx
Attached are the instructions to the assignment.Written Assign.docx
 
Attached are the instructions and rubric! Research Paper #2.docx
Attached are the instructions and rubric! Research Paper #2.docxAttached are the instructions and rubric! Research Paper #2.docx
Attached are the instructions and rubric! Research Paper #2.docx
 
Attached are the guidelines for the Expertise Sharing Project. M.docx
Attached are the guidelines for the Expertise Sharing Project. M.docxAttached are the guidelines for the Expertise Sharing Project. M.docx
Attached are the guidelines for the Expertise Sharing Project. M.docx
 
Attached are the documents needed to complete the assignment. The in.docx
Attached are the documents needed to complete the assignment. The in.docxAttached are the documents needed to complete the assignment. The in.docx
Attached are the documents needed to complete the assignment. The in.docx
 
Attached are the 3 documents1. Draft copy submitted2. Sam.docx
Attached are the 3 documents1. Draft copy submitted2. Sam.docxAttached are the 3 documents1. Draft copy submitted2. Sam.docx
Attached are the 3 documents1. Draft copy submitted2. Sam.docx
 
attached are directions needed to complete this essay! Please make s.docx
attached are directions needed to complete this essay! Please make s.docxattached are directions needed to complete this essay! Please make s.docx
attached are directions needed to complete this essay! Please make s.docx
 
Attach is the checklist For this Assignment, write a 3 and half pa.docx
Attach is the checklist For this Assignment, write a 3 and half pa.docxAttach is the checklist For this Assignment, write a 3 and half pa.docx
Attach is the checklist For this Assignment, write a 3 and half pa.docx
 
Attach and submit the final draft of your Narrative Essay. Remember .docx
Attach and submit the final draft of your Narrative Essay. Remember .docxAttach and submit the final draft of your Narrative Essay. Remember .docx
Attach and submit the final draft of your Narrative Essay. Remember .docx
 
Atomic Theory Scientists and Their ContributionsScientist .docx
Atomic Theory Scientists and Their ContributionsScientist .docxAtomic Theory Scientists and Their ContributionsScientist .docx
Atomic Theory Scientists and Their ContributionsScientist .docx
 
Atomic models are useful because they allow us to picture what is in.docx
Atomic models are useful because they allow us to picture what is in.docxAtomic models are useful because they allow us to picture what is in.docx
Atomic models are useful because they allow us to picture what is in.docx
 
Atoms and Electrons AssignmentLook at these websites to he.docx
Atoms and Electrons AssignmentLook at these websites to he.docxAtoms and Electrons AssignmentLook at these websites to he.docx
Atoms and Electrons AssignmentLook at these websites to he.docx
 

Recently uploaded

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 

Recently uploaded (20)

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 

INFA 640 Homework 2 Choose the best answer (one) and give re.docx

  • 1. INFA 640 Homework 2 Choose the best answer (one) and give reason in a few sentences for your choice or not choosing others. Please give a reference. To get full credit the reason should be in your own words, not a copy from any reference. Without reason in your own words you will not get full credit. The questions 1 thru 7 weigh 5 pts each. The eighth Question carries 15 pts. Please name your file as [lastname firstname INFA640_ HW2] Due last day of the session Sunday 11:59 PM . pg. 1 1) If an attacker has a copy of the cipher text and its content yields no information at all with regard to the plain text message, the text is considered _____________. a) cipher perfect b) third-eye blind c) perfectly secure d) third-party secure Reason: 2) Which is not a weakness of a shift cipher? _________________________ a) Once you have the code book you can decode the message. b) Natural language letter frequency makes them easy to decode. c) The number of letters in the alphabet makes them easy to decode. d) Once the shift is determined the message is decoded almost instantly. Reason: 3) Quantum cryptography is based on the physics of light. True/False, Reason with details:
  • 2. 4) Claude Shannon presented the encryption design principles of _________________. a) multiplication and factoring b) exponentiation and Logarithms c) confusion and diffusion d) perplexion and reflection Reason with how and why it helps encryption: 5) Two numbers are said to be congruent if _____________________. a) one is a multiple of the other b) they produce the same remainder after modulo division c) they have the same prime number as a factor d) they are quotients of the same number Reason: 6) A good hash function creates _________ mapping between the source string and the output string. a) complex b) as many as needed c) divisional d) one to one Reason why it is good: 7) A number is relatively prime to another if they _____________. a) have only each other as factors b) have no prime factors in common c) only have one prime factor in common d) are both divisible by 7 Reason : 8) (15 pts) The following is a ciphertext: a) U GIRJ CFJ SWAY. SWAY UR JQW GUCB-TUDDWY. SWAY UR JQW DUJJDW-BWAJQ JQAJ LYUCPR JFJAD FLDUJWYAJUFC. U NUDD SAKW GM SWAY. U NUDD EWYGUJ UJ JF EARR FOWY GW ACB JQYFIPQ GW. ACB NQWC UJ QAR PFCW EARJ U NUDD JIYC JQW UCCWY WMW JF RWW UJR EAJQ. NQWYW JQW SWAY QAR PFCW
  • 3. JQWYW NUDD LW CFJQUCP. FCDM U NUDD YWGAUC – SYACT QWYLWY b) What kind of cipher text is this? Mono- or Poly alphabetic; Hint: assume one and when that does not work look for the other c) Describe your cryptanalysis process. Show all the steps you went through to decrypt the message. The steps should be in sufficient details so that a reader would be able to decrypt the encrypted text without needing any help from you. d) State the plain text message. e) List features of the cipher- text that hindered and helped your decryption process. mention of helpful and hindering features Note: Only a decrypted message even if it is correct without the methodology and the detailed description of the self- explanatory steps used to decrypt, would not get points. Last Name First Name Page | 4 INFA 630- Cryptography and Data Protection Midterm Exam Spring 2017 Due on Sunday 11:59 EST INFA 630 Intrusion Detection and Intrusion PreventionMidterm Exam Instructions
  • 4. · You are to take this test during the week (with late submission on Monday; a maximum of 15% penalty). The test is due no later than 11:59 p.m. Eastern Daylight Time on Sunday. Work alone. You may not confer with other class members, or anyone else, directly or by e-mail or otherwise, regarding the questions, issues, or your answers. You may use your notes, textbooks, other published materials, and the Internet. · The test scored on the basis of 100 points for the test. The exam is intended to assess your understanding of key concepts in the course, NOT your ability to look up concepts on the internet. Make sure answers are stated in your own words, and where applicable provide your own examples, rather than repeating the ones used in the course materials. · When composing your answers, be thorough. Do not simply examine one alternative if two or more alternatives exist. The more complete your answer, the higher your score will be. Be sure to identify any assumptions you are making in developing your answers, and describe how your answer would change if the assumptions were different. For multiple choice question if you think there are more than one correct answers choose the best one and justify your answers · While composing your answers, be VERY careful to cite your sources. Remember, failure to cite sources constitutes an academic integrity violation. Use APA style for citations and references. References are not required for Part I, & II. However, for Part III and IV please give references. · Your answers should be contained in a Microsoft Word, RTF, or compatible format document uploaded to the Assignments folder. If you use some other word processor, please make sure the numbering does not change. I may return files (ungraded) in any other format if I cannot open them in one try. I may check your part IV answers with Turnitin.
  • 5. · Please be sure to put your name in the header on every page including page #’s. Replace “Last Name” with your last name and so on. Name your file “ Lastname first nameINFA630 Midterm” · General or logistical questions about the exam or these instructions should be posted in the Q&A Conference. Please submit specific or detailed questions regarding the exam to your instructor at [email protected]. If questions submitted via email are applicable to all, your instructor, with your permission, may post them in the LEO Q&A Conference area, without revealing their source. Exam Questions Part 1: True or False Questions. (10 questions at 2 point each) provide one or two sentences justification/explanation. Without justification you will not get full points. 1. T F Anomaly-based intrusion detection systems generate alerts based on deviations from “normal” traffic. Answer: _____ 2. T F A host-based IDS only monitors network traffic destined for a particular computer. Answer: ____ 3. T F When discussing IDS and IPS, a signature is a digital certificate used to identify the author of a rule. Answer: _____ 4. T F To comply with network communication standards, software running on Internet hosts must implement both IP and ICMP protocols. Answer: _____ 5. T F Signature-based intrusion detection can identify previously unknown attacks. Answer: _____ 6. T F The primary difference between network-based IDS and IPS is that an IPS responds to suspected attacks by blocking network traffic, while an IDS only provides notification that suspicious traffic is observed. Answer: _____ 7. T F
  • 6. Snort requires the use of at least one preprocessor to be able to analyze patterns in network traffic spanning multiple packets. Answer: _____ 8. T F Snort generates an alert as soon as a detection rule is matched. Answer: _____ 9. T F A network-based IDS that scans packet traffic to try to match known attack patterns is called a signature-based NIDS. Answer: _____ 10. T F An in-line IDS must have the processing power to handle traffic at least as fast as the bandwidth of the network it monitors, or it will lose packets and potentially fail to notify on packets matching alert rules. Answer: _____ Part 2: Multiple Choice Questions. Print the correct answer in the blank following the question. With justification for the correct answer or reasons for others being not correct.(5 questions at 3 points each) 1. Which of the following is an advantage of anomaly-based detection? a. Rules are easy to define b. The data it produces can be easily analyzed c. It can detect “zero-day” or previously unknown attacks d. Malicious activity that falls within normal usage patterns is detected e. Rules developed at one site can be shared with many other users Answer(s): ____ 2. Most commercial IDSes generate alerts based on signatures at the network layer and what other OSI model layer? a. Application layer b. Presentation layer c. Data-link layer
  • 7. d. Transport layer e. Session layerAnswer(s): _____ 3. Potentially troubling causes for network traffic with out-of- order packet arrival include all of the following EXCEPT? a. The network route for inbound packets is different than the outbound route b. The packets were routed through a network that uses small packet size c. The packets have been altered in transit before arriving d. The packets sent from the source were split across multiple interfaces e. None of the above Answer(s): _____ 4. Which is/are true for intrusion protection systems (IPSes)? a. An IPS detects network attacks and issues alerts b. An IPS responds to network attacks by blocking traffic and resetting connections c. An IPS sits inline and monitors traffic d. a and b only e. a, b, and c Answer(s): _____ 5. Which of the following is a limitation of Snort? a. Cannot centrally monitor sensors running on different OSes b. Cannot protect against insider threats c. Cannot inspect encrypted traffic for attack signatures d. Cannot scale effectively to protect a large network e. All of the above Answer(s): _____
  • 8. Part 3: Short Answers. Please answer briefly and completely, and cite all sources of information. (5 questions at 9 points each) 1. Compare and contrast signature-based and anomaly-based intrusion detection systems. In your analysis, describe at least three ways in which the two types of IDS are similar, and at least three ways in which they differ. 2. Identify and briefly describe the two primary approaches to writing signatures for network-based IDS tools. Is one technique preferred over the other? Explain why. 3. Describe what a pre-processor does in a network-based IDS tool such as Snort. Demonstrate your understanding of this functionality by citing two examples of pre-processors and explaining what they contribute to the process of network traffic analysis and intrusion detection. 4. If an attacker knew a network-based IDS was running in a targeted environment, how might the attacker try to evade detection? Provide at least two examples of IDS evasion techniques that might be used by an attacker, and suggest a remedy or defense against the techniques you cite. 5. Describe how host-based intrusion detection works, briefly contrasting it with network-based intrusion detection. Explain three types of threats against which HIDS is particularly effective. Part 4: IDS Placement. (20 points) Please refer to the accompanying network diagram as you consider and respond to the following: Global Corporation, Inc. (GCI) is a fictional company providing business services to a variety of clients across many industries, including commercial and government entities. GCI recently finished construction of a new corporate headquarters, which includes the network infrastructure for primary company operations. You are a security analyst specializing in intrusion detection brought in by GCI to help determine the most appropriate kinds of IDS to use and most effective IDS placements to protect their network.
  • 9. GCI’s network uses a conventional three-zone architecture: devices exposed to the Internet are part of an un-trusted outer zone; Internet-accessible services such as the company website and email are in a demilitarized zone; and major systems and servers supporting both Internet-facing and internal applications as well as internal computing resources such as the corporate LAN are in a trusted zone. Each of these zones is segmented from the others using hardware-based firewalls; the corporate databases are further protected behind their own dedicated firewall. GCI allows employees remote access to the corporate LAN using either VPN or dial-up connections. Identify the locations throughout the GCI network where you would recommend IDS to be deployed. Each of the components in the accompanying GCI-HQ Network diagram is lettered to simplify your references to the diagram. For network connections between devices and layers, you may assume for the purposes of this exercise that all components in a given zone share the same network segment. For each placement, you recommend, please note the type of IDS to be deployed and any specific considerations that should be taken into account to ensure the effective monitoring of the location. Page 4 of 5