Fill in Order Details

  • Submit paper details for free using our simple order form

Make Payment Securely

  • Add funds to your account. There are no upfront payments. The writer will only be paid once you have approved your paper

Writing Process

  • The best qualified expert writer is assigned to work on your order
  • Your paper is written to standard and delivered as per your instructions

Download your paper

  • Download the completed paper from your online account or your email
  • You can request a plagiarism and quality report along with your paper

information security 53

Multiple Choice Questions.

Unless specified otherwise all multiple choice questions

have only one correct answer.

Each question is worth

5 points

.

PROBLEM 1 –

IPSec

and VPN (20 points)

(5 pts each)

a) Select the term that refers to the data recipient’s ability to ensure that the data

was not altered in any fashion as the data was sent across the VPN:

A) Encryption.

B) Tunneling.

C) Authentication.

D) Integrity.

b) Tunneling is a technique in which the IP datagram is first _______ and then

_______.

A) Encapsulated in another datagram; encrypted.

B) Encrypted; authenticated.

C) Authenticated; encrypted.

D) Encrypted; encapsulated in another datagram.

c) What is the relationship between a VPN and an extranet? Explain.

A) Some extranets are VPNs; some VPNs are extranets.

B) Some extranets are VPNs; all VPNs are extranets.

C) VPNs and extranets are the same type of network.

D) VPNs are unrelated to extranets.

d) Which one is the best approach to VPNs? Explain.

A) VPN-specific gateway device.

B) Router-based.

C) Firewall-based.

D) Software only.

E) All of the above.

PROBLEM 2 – Wireless Network Security (20 points)

(5 pts each)

a) What is the protocol developed for the wireless network communications? Explain.

A) Wireless Encryption Protocol (WEP)

B) Wireless Application Protocol (WAP)

C) Wired Equivalent Privacy (WEP)

D) Wireless Session Protocol (WSP)

b) Consider 802.11 shared key authentication. Which of the following statements is false?

Explain.

A) If a device with the key is lost then the security for the entire WLAN is compromised.

B) 802.1X requires shared key authentication.

C) Real users and attackers with a shared WEP key have the same rights.

D) Users cannot determine whether the access point is an imposter.

2c) The term used for certified 802.11b products is ___________ .

A) WAP

B) Wi-Fi

C) WiMAX

D) WPA

d) Which of the following is not a reason why WEP may be considered vulnerable? Explain.

(Select all that apply.)

A) Shared WEP keys among all clients

B) 20-bit initialization vector

C) An RC4 engine not properly initialized

D) 48-bit WEP key

PROBLEM 3 – Firewalls (20 points)

(5 pts each)

a) What governs the type of traffic that is and is not allowed through a firewall? Explain.

A) TCP/IP headers.

B) Gateway.

C) Rule base.

D) Access control list.

E) Network protocol in use.

b) Firewalls can be implemented in different ways. Consider a dedicated firewall device.

What is its major advantage when the target is throughput and security? Explain.

A) The management console is easily installed.

B) The device contains proprietary operating systems.

C) The connection to the device is monitored by security personnel.

D) A thorough packet inspection capability.

E) The hackers know most router-based firewall code.

c) Choose the best answer from the following options about the description of a firewall:

A) Firewalls statefully inspect reply packets to determine whether they match the

expected state of a connection in the state table.

B) Firewalls statically inspect packets in both directions and filter on layer 3and layer 4 information.

C) A firewall is any device that blocks access to a protected network.

D) A firewall is a system or a group of systems that enforce an access control policy

3between two networks.

E) None of the above

d) For a stateful packet-inspection firewall, which information is stored in the connection flow table?

A) TCP control header and trailer information associated with a particular session.

B) Inside private IP address and the translated inside global IP address.

C) Outbound and inbound access rules (ACL entries).

D) Source and destination IP addresses, and port numbers and sequencing information associated with a particular session.

E) TCP SYN packets and the associated return ACK packets.

PROBLEM 4 – Web and Transport Layer Security (20 points)

(5 pts each)

a) SSL is used to

A) Encrypt specific elements of data for application-specific purposes.

B) Encrypt files located on a Web server.

C) Encrypt data as it travels over a network.

D) Encrypt digital certificates used to authenticate a Web site.

E) Encrypt passwords for storage in a database.

b) What kind of attacks does SSL prevent? Select the best answer. Explain.

A) SQL Injection.

B) Sniffing.

C) Variable Manipulation.

D) Phishing Attacks.

c)Which of the following are not methods for minimizing a threat to a Web server? Indicate the two best answers from the following list, and explain your choice:

A) Disable all non-Web services.

B) Ensure telnet is running.

C) Disable nonessential services.

D) Enable logging.

d) _________ provides secure, remote logon and other secure client/server facilities.

A) SLP

B) HTTPS

4

C) TLS

D) SSH

Part 2: Short Answers.

Please answer briefly and completely, and you must cite all sources of information.

(20 points)

1.A common management requirement is that “all external Web traffic must flow via the organization’s Web’s proxy.” However, that requirement is easier stated than implemented.

Discuss the various problems and issues, possible solutions, and limitations with supporting this requirement. In particular, consider issues such as identifying exactly what constitutes “Web traffic” and how it may be monitored, given the large range of ports and various protocols used by Web browsers and servers.

(10 points)

2. Suppose you suspect that your session with a server has been intercepted

in a man-in-the-middle attack. You have a key, K,that you think you share with the server, but you might be only sharing it with an attacker. But the server also has a public key, Kp, which is widely known, and a private secret key, Ks, that goes with it.

Describe how you can either confirm you share K with the server or discover that you share it only with a man-in-the-middle. Also, be sure your solution will not be discovered by a packet sniffer.

(10 points)Multiple Choice Questions.

Unless specified otherwise all multiple choice questions

have only one correct answer.

Each question is worth

5 points

.

PROBLEM 1 –

IPSec

and VPN (20 points)

(5 pts each)

a) Select the term that refers to the data recipient’s ability to ensure that the data

was not altered in any fashion as the data was sent across the VPN:

A) Encryption.

B) Tunneling.

C) Authentication.

D) Integrity.

b) Tunneling is a technique in which the IP datagram is first _______ and then

_______.

A) Encapsulated in another datagram; encrypted.

B) Encrypted; authenticated.

C) Authenticated; encrypted.

D) Encrypted; encapsulated in another datagram.

c) What is the relationship between a VPN and an extranet? Explain.

A) Some extranets are VPNs; some VPNs are extranets.

B) Some extranets are VPNs; all VPNs are extranets.

C) VPNs and extranets are the same type of network.

D) VPNs are unrelated to extranets.

d) Which one is the best approach to VPNs? Explain.

A) VPN-specific gateway device.

B) Router-based.

C) Firewall-based.

D) Software only.

E) All of the above.

PROBLEM 2 – Wireless Network Security (20 points)

(5 pts each)

a) What is the protocol developed for the wireless network communications? Explain.

A) Wireless Encryption Protocol (WEP)

B) Wireless Application Protocol (WAP)

C) Wired Equivalent Privacy (WEP)

D) Wireless Session Protocol (WSP)

b) Consider 802.11 shared key authentication. Which of the following statements is false?

Explain.

A) If a device with the key is lost then the security for the entire WLAN is compromised.

B) 802.1X requires shared key authentication.

C) Real users and attackers with a shared WEP key have the same rights.

D) Users cannot determine whether the access point is an imposter.

2c) The term used for certified 802.11b products is ___________ .

A) WAP

B) Wi-Fi

C) WiMAX

D) WPA

d) Which of the following is not a reason why WEP may be considered vulnerable? Explain.

(Select all that apply.)

A) Shared WEP keys among all clients

B) 20-bit initialization vector

C) An RC4 engine not properly initialized

D) 48-bit WEP key

PROBLEM 3 – Firewalls (20 points)

(5 pts each)

a) What governs the type of traffic that is and is not allowed through a firewall? Explain.

A) TCP/IP headers.

B) Gateway.

C) Rule base.

D) Access control list.

E) Network protocol in use.

b) Firewalls can be implemented in different ways. Consider a dedicated firewall device.

What is its major advantage when the target is throughput and security? Explain.

A) The management console is easily installed.

B) The device contains proprietary operating systems.

C) The connection to the device is monitored by security personnel.

D) A thorough packet inspection capability.

E) The hackers know most router-based firewall code.

c) Choose the best answer from the following options about the description of a firewall:

A) Firewalls statefully inspect reply packets to determine whether they match the

expected state of a connection in the state table.

B) Firewalls statically inspect packets in both directions and filter on layer 3and layer 4 information.

C) A firewall is any device that blocks access to a protected network.

D) A firewall is a system or a group of systems that enforce an access control policy

3between two networks.

E) None of the above

d) For a stateful packet-inspection firewall, which information is stored in the connection flow table?

A) TCP control header and trailer information associated with a particular session.

B) Inside private IP address and the translated inside global IP address.

C) Outbound and inbound access rules (ACL entries).

D) Source and destination IP addresses, and port numbers and sequencing information associated with a particular session.

E) TCP SYN packets and the associated return ACK packets.

PROBLEM 4 – Web and Transport Layer Security (20 points)

(5 pts each)

a) SSL is used to

A) Encrypt specific elements of data for application-specific purposes.

B) Encrypt files located on a Web server.

C) Encrypt data as it travels over a network.

D) Encrypt digital certificates used to authenticate a Web site.

E) Encrypt passwords for storage in a database.

b) What kind of attacks does SSL prevent? Select the best answer. Explain.

A) SQL Injection.

B) Sniffing.

C) Variable Manipulation.

D) Phishing Attacks.

c)Which of the following are not methods for minimizing a threat to a Web server? Indicate the two best answers from the following list, and explain your choice:

A) Disable all non-Web services.

B) Ensure telnet is running.

C) Disable nonessential services.

D) Enable logging.

d) _________ provides secure, remote logon and other secure client/server facilities.

A) SLP

B) HTTPS

4

C) TLS

D) SSH

Part 2: Short Answers.

Please answer briefly and completely, and you must cite all sources of information.

(20 points)

1.A common management requirement is that “all external Web traffic must flow via the organization’s Web’s proxy.” However, that requirement is easier stated than implemented.

Discuss the various problems and issues, possible solutions, and limitations with supporting this requirement. In particular, consider issues such as identifying exactly what constitutes “Web traffic” and how it may be monitored, given the large range of ports and various protocols used by Web browsers and servers.

(10 points)

2. Suppose you suspect that your session with a server has been intercepted

in a man-in-the-middle attack. You have a key, K,that you think you share with the server, but you might be only sharing it with an attacker. But the server also has a public key, Kp, which is widely known, and a private secret key, Ks, that goes with it.

Describe how you can either confirm you share K with the server or discover that you share it only with a man-in-the-middle. Also, be sure your solution will not be discovered by a packet sniffer.

(10 points)

WHAT OUR CURRENT CUSTOMERS SAY

  • Google
  • Sitejabber
  • Trustpilot
Zahraa S
Zahraa S
Absolutely spot on. I have had the best experience with Elite Academic Research and all my work have scored highly. Thank you for your professionalism and using expert writers with vast and outstanding knowledge in their fields. I highly recommend any day and time.
Stuart L
Stuart L
Thanks for keeping me sane for getting everything out of the way, I’ve been stuck working more than full time and balancing the rest but I’m glad you’ve been ensuring my school work is taken care of. I'll recommend Elite Academic Research to anyone who seeks quality academic help, thank you so much!
Mindi D
Mindi D
Brilliant writers and awesome support team. You can tell by the depth of research and the quality of work delivered that the writers care deeply about delivering that perfect grade.
Samuel Y
Samuel Y
I really appreciate the work all your amazing writers do to ensure that my papers are always delivered on time and always of the highest quality. I was at a crossroads last semester and I almost dropped out of school because of the many issues that were bombarding but I am glad a friend referred me to you guys. You came up big for me and continue to do so. I just wish I knew about your services earlier.
Cindy L
Cindy L
You can't fault the paper quality and speed of delivery. I have been using these guys for the past 3 years and I not even once have they ever failed me. They deliver properly researched papers way ahead of time. Each time I think I have had the best their professional writers surprise me with even better quality work. Elite Academic Research is a true Gem among essay writing companies.
Got an A and plagiarism percent was less than 10%! Thanks!

ORDER NOW


Consider Your Assignments Done

“All my friends and I are getting help from eliteacademicresearch. It’s every college student’s best kept secret!”

Jermaine Byrant
BSN

“I was apprehensive at first. But I must say it was a great experience and well worth the price. I got an A!”

Nicole Johnson
Finance & Economics

Our Top Experts

See Why Our Clients Hire Us Again And Again!


OVER

10.3k
Reviews

RATING
4.89/5
Average

YEARS
13
Mastery

Success Guarantee

When you order form the best, some of your greatest problems as a student are solved!

Reliable

Professional

Affordable

Quick

Using this writing service is legal and is not prohibited by any law, university or college policies. Services of Elite Academic Research are provided for research and study purposes only with the intent to help students improve their writing and academic experience. We do not condone or encourage cheating, academic dishonesty, or any form of plagiarism. Our original, plagiarism-free, zero-AI expert samples should only be used as references. It is your responsibility to cite any outside sources appropriately. This service will be useful for students looking for quick, reliable, and efficient online class-help on a variety of topics.