assignment Solution




  1. (3 points) You should rekey an encryption key:


  1. when a key is leaked to unauthorized parties
  2. when some major event occurs, such as a major new version of the file that the key protects
  3. every two to three months regardless of other factors
  4. more often on larger cryptonets


  1. ( 2 points) To avoid problems with reused encryption keys, you can:


  1. use the same passphrase
  2. clear your computer’s RAM
  3. change the internal key
  4. combine the key with a nonce


  1. (3 points) Strategies for preventing man-in-the-middle attacks include:


  1. restrict distribution of public keys so that only authorized people get them
  2. publish individual keys widely so that people can double check their copies
  3. use public-key certificates
  4. do not use a hash


  1. (3 points) Three strategies for sending data across a network are:


  1. message switching
  2. circuit switching
  3. media switching
  4. packet switching


  1. ( 3 points) A basic network packet contains:


  1. virus protection
  2. a header
  3. data
  4. a checksum
  5. ( 2 points) A MAC address:


  1. must be unique on a network
  2. is associated with a network interface
  3. is 24 bits in length
  4. is assigned by the network administrator


  1. (2 points) The TCP fields that help ensure reliable transmission of data by keeping track of the number of bytes sent and received are:


  1. Size
  2. Sequence number
  3. Status
  4. Acknowledgment number


  1. ( 3 points) TCP connections go through three stages:


  1. Setup
  2. Operation
  3. Error reporting
  4. Termination


  1. (3 points) DNS security improvements include:


  1. cache poisoning
  2. randomized requests
  3. distributed DNS servers
  4. limited access to resolvers


  1. (3 points) Management processes that help build security in an enterprise are:


  1. written policies and procedures
  2. delegation through a management hierarchy
  3. auditing and review
  4. network authentication


  1. ( 3 points) Decommissioning an ex-employee’s resources may include:


  1. issuing a company ID card
  2. changing passwords
  3. retrieving physical keys
  4. revoking access to computer and network resources




  1. (3 points) Benefits of secret-key cryptography are:


  1. lower computing resources required than public-key algorithms
  2. flexibility—techniques become easier as the user community grows in size
  3. reliable key revocation
  4. trustworthy central servers



  1. ( 2 points) VPN clients may be:


  1. firewalls
  2. computers
  3. mobile devices
  4. gateways


  1. (2 points) The two primary components of IPsec are:


  1. Transport Layer Security (TLS)
  2. Secure Sockets Layer (SSL)
  3. Authentication Header (AH)
  4. Encapsulating Security Payload (ESP)


  1. (3 points) Mailbox protocols include:


  1. Simple Mail Transfer Protocol (SMTP)
  2. Post Office Protocol 3 (POP3)
  3. Internet Message Access Protocol (IMAP)
  4. Internet Control Message Protocol (ICMP)


  1. (2 points) Session filtering keeps track of session/connection states and filters on a packet’s:


  1. link header
  2. IP header
  3. TCP/UDP header
  4. application data




Matching – here , of course, you have to use all of the answers.  Please insert your answers in the small spaces provided in front of each answer.


  1. (3 points) The phrases below describe terms and entities associated with encryption. Match the term or entity with its description.


___ No single person is universally trusted to sign certificates; individual users decide who they       trust to sign certificates

___ Used to validate public keys and to use them safely

___ A trusted third party that issues certificates


  1. Public-key infrastructure (PKI)
  2. Web of trust
  3. Certificate authority


  1. (7 points) The phrases below describe the seven layers of the Open Systems Interconnect (OSI) model.  Match the layer with its description.


___ Includes the physical wiring and signaling between nodes

___ Manages the structure and content of data carried by the physical layer

___ Manages intranetwork routing of packets

___ Associates packets with specific application processes in end-point hosts and ensures reliability

___ Handles a set of transport connections used for a particular purpose

___ Reformats host data to meet network-wide standards and vice versa

___ Provides a specific service to the user on a host computer, such as email


  1. Transport layer
  2. Application layer
  3. Physical layer
  4. Presentation layer
  5. Data link layer
  6. Network layer
  7. Session layer


  1. ( 3 points) The phrases below describe the primary entities involved in sharing resources on a network. Match the entity with its description.


___ Presents a uniform way to use a resource across a network

___ Software contacted by the API to access a resource across a network

___ Software that provides resources


  1. Client
  2. Resource API
  3. Server



  1. (5 points ) The phrases below describe network topologies. Match the network topology with its description.


___ Connects exactly two endpoints together

___ Connects three or more endpoints through a central node

___ Connects all endpoints to a single, shared communications medium

___ Connects endpoints through a hierarchy of nodes

___ Connects endpoints through a network of arbitrarily connected nodes


  1. Tree
  2. Mesh
  3. Star
  4. Point-to-point
  5. Bus


  1. ( 7 points) The phrases below describe fields in an IP packet. Match the IP packet field with its description.


___ Manages the fragmentation and reassembly of IP packets

___ Counts the number of times a packet passes through a router

___ Indicates the type of TCP/IP transport protocol carried by this IP packet

___ Contains the checksum of the IP header fields

___ Contains the IP address of the sending host

___ Contains the IP address of the receiving host

___ Contains the header indicated by the Type field and the data contents


  1. Source IP address field
  2. Fragment field
  3. Destination IP address field
  4. TTL field
  5. IP checksum field
  6. Data field
  7. Type field


  1. (3 points) The phrases below describe internet transport protocols. Match the protocol with its description.


___ Provides global addressing for Internet hosts

___ Provides reliable transport

___ Leaves reliability to be handled by the application layer


  1. User Datagram Protocol (UDP)
  2. Internet Protocol (IP)
  3. Transmission Control Protocol (TCP)



  1. (3 points) The phrases below describe forms of communication that do not require a written message. Match the form of communication with its description.


___ Transmits data using photons, either visually or by shining a light and measuring the signal

___ Transmits data using electromagnetic signals across metal wire

___ Transmits data through the air using nonvisual electromagnetic signals


  1. Radio
  2. Wire
  3. Optical


  1. (5 points) The phrases below describe or provide examples of types of computer-based attacks on enterprises. Match the type of attack with its description or example.


___ Theft of trade secrets

___ Social engineering

___ Logic bombs

___ An employee rigs the accounting system to make improper periodic payments and hides them from auditors

___ Someone steals computing or networking equipment


  1. Subversion
  2. Disclosure
  3. Masquerade
  4. Service loss
  5. Physical loss


  1. (4 points) The phrases below describe basic network authentication strategies. Match the authentication strategy with its description.


___ The system resides within a security boundary; each device contains an authentication database that’s independent from the others

___ The system contains its own, independent authentication database but users authenticate to it remotely

___ The system accepts remote logins but relies on an authentication server to perform authentication

___ The system uses public-key certificates to authenticate users


  1. Local
  2. Indirect
  3. Direct
  4. Off-line




  1. (3 points) The phrases below describe functions of protocols that are part of the modern SSL protocol. Match the protocol with its function.


___ Establishes the shared secret and the keys to be used to protect SSL traffic

___ Transfers information using a symmetric cipher and integrity check

___ Indicates errors and the end of a secure session


  1. Record protocol
  2. Handshake protocol
  3. Alert protocol


  1. (4 points) T he phrases below describe strategies used by gateways for controlling Internet traffic. Match the strategy with its description.


___ Restricts traffic according to IP addresses of clients and servers

___ Restricts traffic according to TCP or UDP port numbers

___ Restricts traffic depending on whether it originated inside or outside of the internal network

___ Restricts traffic based on an analysis of application layer data


  1. Service control
  2. Direction control
  3. Content control
  4. Host control



  1. (3 points) The phrases below describe Web traffic blocking techniques.  Match the technique with its description.


___ Lists all websites that employees may visit

___ Lists all websites that employees should not visit

___ Searches for malware in the HTML and other files returned to browsers by web servers


  1. Website blacklisting
  2. Web traffic scanning
  3. Website whitelisting





  1. (4 points) The phrases below describe properties or functions of a web host. Match the web host component with its property or function.


___ Implements static HTML, SSL security, and can pass a script to a separate interpreter for execution

___ Receives GET, POST, and other HTTP requests and returns a web page in response

___ Stores and retrieves data in a structure manner

___ A set of files that contain the site’s data


  1. Database management system software
  2. Content management system software
  3. Web server software
  4. Database