CSci 530 Final Exam
CSci 530代写 For each of the following systems or approaches to security, note the vulnerabilities that remain unaddressed.
1.(25 points) Matching Systems with Vulnerabilities CSci 530代写
For each of the following systems or approaches to security, note the vulnerabilities that remain unaddressed. Tell me what weaknesses remain and might be exploited by an adversary to render the security of the mechanism ineffective. To put this in other terms, if an adversary can perform the action in the lettered item, would it make the technique or security provided in the numbered item ineffective.
This is not a one-to-one mapping; more than one system may suffer from a vulnerability or weakness We are looking for specific matches for which you will receive credit. If you list a match that we are not looking for, but which is still correct, while you will not lose credit, you will not get credit either. You will lose a point if you associated a system a vulnerability that does not exist. There are more blanks in the page below than actual correct answers, so you do not need to fill in all the blanks.
3.Diffie Hellman Key Exchange
4.The Domain Name System (traditional, NOT DNSSEC)
5.Host Based Intrusion Detection
7.Host Based Firewalls
[Type the corresponding numbers above, separated by commas following the lettered entries below]
a) Modification of returned data:
b) Man in the Middle attack:
c)System or end-point Subversion:
f)Phishing or password guessing:
2.(40 points) Short and medium length answers CSci 530代写
Attestation – What is the meaning of attestation in trusted computing? How is attestation implemented / accomplished by the Trusted Platform Module (TPM). In answering the second part of this question, please note that there are multiple steps that occur at different times. Do not just describe the final step. (10 points) (type your answer here)
IPSec Authentication – Explain how authentication for IPSec in transport mode is fundamentally different from authentication of connections through HTTPS (SSL or TLS) and also how it is different from authentication performed by an application using a method like Kerberos. I am not concerned with the differences in the protocols used, but rather in the fundamental differences in what we know once the authentication steps are completed. (10 points) (type your answer here)
How is Secure DNS (i.e. DNSSEC) similar to public key infrastructure used by SSL and TLS. What entities or components in DNSSEC corresponded to the Certification Authority (CA) and to certificates in SSL/TLS. (10 points) (type your answer here)
List some of the advantages of a network-based intrusion detection system over a monolithic intrusion detection system located solely on the end-system that is being protected. (10 points) (type your answer here)
3.(35 points) Impact of the pandemic on security CSci 530代写
As a result of the pandemic, more and more employees (and students, and faculty) are working from home than ever before. This change in the location of our work creates significant changes to computer security technologies. Many of the assumptions we have made in the past no longer apply, and this changes the effectiveness of various security techniques and technologies. In this question you are asked to comment on some of these changes, and to suggest approaches to mitigate the impact these changes have on security.
Containment – In the second lecture following the mid-term exam we discussed the placement of data in systems, and I used the term containment architecture to describe the relationship of the different protection domains in a system, and the placement of different kinds of data in those domains relative to the locations from which different classes of users required access. CSci 530代写
Discuss how increased instances of work from home has changed the boundaries of the containment architecture for many organizations. Discuss also the technologies that are used to provide isolation / separation of protection domains both prior to the pandemic, and during the pandemic when more employees work from home.
Are there any organizational steps and guidelines (company policies) that could be applied to ensure that the containment architecture for the organization when employees work from home is as close as possible to that when employees worked from the office? (10 points) (type your answer here)
Discuss some of the difficulties for corporate intrusion detection system when applied to systems running in the work-from-home configuration. (5 points) (type your answer here)
Discuss the potential use of trusted computing technologies (including use of a Trusted Platform Module (TPM) to ensure that corporate information is only accessed and processed in accordance with company policy even when applications are running in an employee’s home environment. Explain how your approach would prevent an adversary from accessing such data even though subversion (virus, trojan horses) of applications on the employee’s computer system. (20 points) (type your answer here)