Top Trending Questions
Why is a hybrid cryptosystem preferred over symmetric and public key encryption systems?
Why is a hybrid cryptosystem preferred over symmetric and public key encryption systems?
121 Views
•
1 Answers
Security Mechanisms for Confidentiality
What are the best security mechanisms to ensure information confidentiality?
140 Views
•
1 Answers
Kerberos Authentication Process Players
Discuss in detail the role played by each one of the five players in a Kerberos authentication process.
95 Views
•
1 Answers
What are the differences between symmetric and asymmetric key systems?
What are the differences between symmetric and asymmetric key systems?
96 Views
•
1 Answers
Compare or discuss the differences between any two security systems.
Compare or discuss the differences between any two security systems.
93 Views
•
1 Answers
Choosing and Using Security Best Practices
If you are an enterprise security chief, how would you go about choosing a security best practice? Is it good security policy to always use a best security practice? What are the benefits of using a best practice?
86 Views
•
1 Answers
Insider Abuse Solutions
Insider abuse is a major crime category. Discuss ways to solve it.
115 Views
•
1 Answers
CGI and Database Security
CGI is often used to manage extensive databases. Databases store sensitive information. Discuss security measures you can use to safeguard the databases.
90 Views
•
1 Answers
Access Control: Least Privilege Principle
Discuss the benefits and problems resulting from the “least privilege” principle often used in access control.
90 Views
•
1 Answers
Too Much Authorization and Least Privilege
With the principle of “least privilege,” is it possible to have too much authorization? What happens when there is too much authorization?
100 Views
•
1 Answers
Many predict that the future of e-commerce is pegged on the successful implementation of authentication. Discuss.
Many predict that the future of e-commerce is pegged on the successful implementation of authentication. Discuss.
89 Views
•
1 Answers
Differentiate between access and authorization.
Differentiate between access and authorization.
95 Views
•
1 Answers
Discuss the role of public key authentication in the growth of e-commerce
Discuss the role of public key authentication in the growth of e-commerce
85 Views
•
1 Answers
Discuss the role of data mining techniques in the quality of threat information
Discuss the role of data mining techniques in the quality of threat information
86 Views
•
1 Answers
Social engineering has been frequently cited as a source of network security threat. Discuss the different elements within social engineering that contribute to this assertion.
Social engineering has been frequently cited as a source of network security threat. Discuss the different elements within social engineering that contribute to this assertion.
97 Views
•
1 Answers
Discuss the role of certificate authentication in e-commerce
Discuss the role of certificate authentication in e-commerce
81 Views
•
1 Answers
Discuss the politics of dealing with hacktivism.
Discuss the politics of dealing with hacktivism.
113 Views
•
1 Answers
Discuss the pros and cons of four LAN technologies.
Discuss the pros and cons of four LAN technologies.
106 Views
•
1 Answers
Discuss human error or human factors as a major security threat.
Discuss human error or human factors as a major security threat.
85 Views
•
1 Answers
States in Security Process
It has been stated that security is a continuous process; what are the states in this process?
120 Views
•
1 Answers
Access Control and Authorization: Denying Document with Extended Links
Consider an environment where each server does its own authorization. If an access request is made to a document that has extended links and one of the link requests is denied, should the whole document request be denied? Why or why not?
97 Views
•
1 Answers
Physical Access Restrictions
Physical access to resources is essential and must be the most restricted. Why?
99 Views
•
1 Answers
Script Security Threat: Untrusted Data
The biggest script security threat has always been the acceptance of untrusted data. What is the best way for scripts to accept data and preserve the trust?
97 Views
•
1 Answers
Anonymous Authentication and System Security
Does anonymous authentication compromise the security of systems for the advantages of a few services?
100 Views
•
1 Answers
Network Layer Security Mechanisms and Efficacy
IPsec provides security at the network layer. What other security mechanism is applicable at the network layer? Do network layer security solutions offer better security?
95 Views
•
1 Answers
Security Threat: Human Factors
What is the best way to deal with the security threat due to human factors?
94 Views
•
1 Answers
Four Access Methods and Their Weaknesses
Discuss four access methods, giving the weaknesses of each
92 Views
•
1 Answers
Does information confidentiality infer information integrity?
Does information confidentiality infer information integrity? Explain your response.
105 Views
•
1 Answers
Discuss the advantages of using an application-level firewall over a network-level firewall.
Discuss the advantages of using an application-level firewall over a network-level firewall.
92 Views
•
1 Answers
Discuss the many ways in which access can be abused.
Discuss the many ways in which access can be abused.
103 Views
•
1 Answers
Why are vulnerabilities difficult to predict?
Why are vulnerabilities difficult to predict?
118 Views
•
1 Answers
Comparison of Authorization Models: NOS vs. Stand-alone OS
Compare the authorization model used by the network operating systems (NOSs) to that used by the old stand-alone operating systems
135 Views
•
1 Answers
Application Layer Security Mechanisms
Discuss two security mechanisms applied at the application layer. Are they safer than those applied at the lower network layer?
95 Views
•
1 Answers
Is hacking getting under control?
Following the history of hacking, can you say that hacking is getting under control? Why or why not?
124 Views
•
1 Answers
Access Privileges in Computing Systems
List and discuss the most common access privileges in a computing system.
129 Views
•
1 Answers
Circuit-Level vs. Network-Level Firewalls
What are circuit-level firewalls? How are they different from network-level firewalls?
111 Views
•
1 Answers
Sources of System Vulnerabilities
Discuss the sources of system vulnerabilities.
100 Views
•
1 Answers
Client-side vs. Server-side Scripting
What are the differences between client-side and server-side scripting? Is one better than the other?
102 Views
•
1 Answers
Security Best Practices and Mechanisms
Security best practices are security guidelines and policies aimed at enhancing system security. Can they work without known and proven security mechanisms?
180 Views
•
1 Answers
Reasons for Anonymous Authentication in High-Security Systems
There are many compelling reasons why a system that must implement security to the maximum must give anonymous authentication to a class of users. Detail five of these reasons.
102 Views
•
1 Answers
Authentication using certificates, although considered safe, suffers from weaknesses. Discuss these weaknesses using specific examples.
Authentication using certificates, although considered safe, suffers from weaknesses. Discuss these weaknesses using specific examples.
93 Views
•
1 Answers
Firewall Services and Protocols
Search and discuss as many services and protocols as possible offered by a modern firewall.
107 Views
•
1 Answers
Why is hacking a big threat to system security?
Why is hacking a big threat to system security?
100 Views
•
1 Answers
Client-side vs. Server-side Scripting Security
In terms of security, is client-side scripting better than server-side scripting? Why or why not?
107 Views
•
1 Answers
CGI Scripting and Security
CGI is also used in discussions allowing users to talk to the customer and back. CGI helps in creating an ongoing dialog between multiple clients. Discuss the security implications of dialogs like this.
85 Views
•
1 Answers
Discuss the major sources of computer crimes.
Discuss the major sources of computer crimes.
98 Views
•
1 Answers
List and discuss the types of hacker crimes.
List and discuss the types of hacker crimes.
91 Views
•
1 Answers
Discuss the basic components of cryptography
Discuss the basic components of cryptography
90 Views
•
1 Answers
Discuss a good security auditing system.
Discuss a good security auditing system.
85 Views
•
1 Answers
Discuss the benefits of enhancement of basic authentication with a cryptographic scheme such as Kerberos, SSL, and others. Give specific examples.
Discuss the benefits of enhancement of basic authentication with a cryptographic scheme such as Kerberos, SSL, and others. Give specific examples.
91 Views
•
1 Answers
Discuss the benefits of system scanning.
Discuss the benefits of system scanning.
90 Views
•
1 Answers
Reasons why firewalls do not give total security
Give reasons why firewalls do not give total security
96 Views
•
1 Answers
Is it possible to implement full distributed authorization? What will be involved?
Is it possible to implement full distributed authorization? What will be involved?
101 Views
•
1 Answers
Kerberos and SSL are additional layers to enhance authentication. Detail how these enhancements are achieved in both cases.
Kerberos and SSL are additional layers to enhance authentication. Detail how these enhancements are achieved in both cases.
84 Views
•
1 Answers
Security Standards Adaptation
Security standards are changing daily. Is it wise to pick a security standard then? Why or why not?
95 Views
•
1 Answers
Discuss two LAN technologies that are NOT Ethernet or token ring.
Discuss two LAN technologies that are NOT Ethernet or token ring.
150 Views
•
1 Answers
Differentiate between computer and network forensics.
Differentiate between computer and network forensics.
109 Views
•
1 Answers
What is the best way to deal with hacking?
What is the best way to deal with hacking?
86 Views
•
1 Answers
Difficulties in Enforcing Security Best Practices
Discuss the difficulties encountered in enforcing security best practices.
95 Views
•
1 Answers
Discuss the weaknesses of public key encryption
Discuss the weaknesses of public key encryption
94 Views
•
1 Answers
In your opinion, is computer forensics a viable tool in the fight against the cybercrime epidemic?
In your opinion, is computer forensics a viable tool in the fight against the cybercrime epidemic?
106 Views
•
1 Answers
Outline and discuss the factors that influence threat information quality
Outline and discuss the factors that influence threat information quality
82 Views
•
1 Answers
Software Verification and Validation (V&V) in System Vulnerability
Part of the problem in design flaws involves issues associated with software verification and validation (V&V). What is the role of V&V in system vulnerability?
93 Views
•
1 Answers
Wireless WAN Fundamentals
What is a wireless WAN? What kind of technology can be used in it? Is this the wave of the future?
82 Views
•
1 Answers
Discuss the much talked about role of public key authentication in the future of e-commerce. Is the role of PKI in authentication exaggerated
Discuss the much talked about role of public key authentication in the future of e-commerce. Is the role of PKI in authentication exaggerated
88 Views
•
1 Answers
Differences between Digital Certificates and Digital Signatures in Authentication
Discuss the differences between digital certificates and digital signatures in authentication
86 Views
•
1 Answers
Discuss the role of digital signatures in modern communication
Discuss the role of digital signatures in modern communication
89 Views
•
1 Answers
Ethernet Technology Appeal
Why is Ethernet technology more appealing to users than the rest of the LAN technologies?
96 Views
•
1 Answers
Discuss the limitations of a KDC system in modern communication
Discuss the limitations of a KDC system in modern communication
83 Views
•
1 Answers
In a modern communication network, what are the limitations of a tree- structured CA system? Why is it necessary?
In a modern communication network, what are the limitations of a tree- structured CA system? Why is it necessary?
88 Views
•
1 Answers
Discuss the limitations of firewalls. How do modern firewalls differ from the old ones in dealing with these limitations?
Discuss the limitations of firewalls. How do modern firewalls differ from the old ones in dealing with these limitations?
100 Views
•
1 Answers
Compare and contrast the problems and benefits of KDC and PKI
Compare and contrast the problems and benefits of KDC and PKI
87 Views
•
1 Answers
Discuss ways a system administrator can reduce system scanning by hackers.
Discuss ways a system administrator can reduce system scanning by hackers.
99 Views
•
1 Answers
Discuss the weaknesses of symmetric encryption
Discuss the weaknesses of symmetric encryption
90 Views
•
1 Answers
Describe the sequence of steps a sender of a message takes when sending the message with a digital signature. What steps does the receiver of such a message take to recover the message?
Describe the sequence of steps a sender of a message takes when sending the message with a digital signature. What steps does the receiver of such a message take to recover the message?
86 Views
•
1 Answers
Can system intrusions be stopped? Support your response.
Can system intrusions be stopped? Support your response.
91 Views
•
1 Answers
Comment on the statement regarding CAs and IPsec.
Some say that with the development of systems such as IPsec, the role the CAs play in modern communication will diminish and eventually cease. Comment on this statement.
80 Views
•
1 Answers
Scripting and Security in Computer Networks and Web Browsers
The most common CGI function is to fill in forms; the processing script actually takes the data input by the Web surfer and sends it as e-mail to the form administrator. Discuss the different ways such a process can fall victim to an attacker.
83 Views
•
1 Answers
List the major protocols discussed in this chapter.
List the major protocols discussed in this chapter.
90 Views
•
1 Answers
Describe the message authentication process using:
Describe the message authentication process using: (a) Symmetric encryption (b) Public key encryption (c) Hash function
89 Views
•
1 Answers
What is the difference between authentication and nonrepudiation?
What is the difference between authentication and nonrepudiation?
102 Views
•
1 Answers
Why is it difficult to establish permanent standards for a technology like WAN or LAN?
Why is it difficult to establish permanent standards for a technology like WAN or LAN?
80 Views
•
1 Answers
Bluetooth and Personal Wireless Networks
Many people see Bluetooth as a personal wireless network (PAN). Why is this so? What standard does Bluetooth use?
89 Views
•
1 Answers
Why is PKI so vital in modern communications?
Why is PKI so vital in modern communications?
88 Views
•
1 Answers
Discuss the best ways of protecting an internal network using firewalls from the following attacks: * SMTP server hijacking * Bugs in operating systems * ICMP redirect bombs * Denial of service * Exploiting bugs in applications
Discuss the best ways of protecting an internal network using firewalls from the following attacks:
* SMTP server hijacking
* Bugs in operating systems
* ICMP redirect bombs
* Denial of service
* Exploiting bugs in applications
97 Views
•
1 Answers
Discuss the differences between a firewall and a packet filter
Discuss the differences between a firewall and a packet filter
121 Views
•
1 Answers
System Intrusion Detection and Prevention
Discuss as many effective ways of responding to a system intrusion as possible. What are the best? Most implementable? Most cost-effective?
101 Views
•
1 Answers
In addition to ISO and TCP/IP, what are the other models?
In addition to ISO and TCP/IP, what are the other models?
106 Views
•
1 Answers
What do you think are the weak points of TCP/IP?
What do you think are the weak points of TCP/IP?
97 Views
•
1 Answers
Discuss the difficulties faced by cybercrime investigators.
Discuss the difficulties faced by cybercrime investigators.
102 Views
•
1 Answers
Discuss the reasons why ISDN failed to catch on as WAN technology.
Discuss the reasons why ISDN failed to catch on as WAN technology.
95 Views
•
1 Answers
Dispute between Digital and Legal Non-repudiation
Why is there a dispute between digital nonrepudiation and legal nonrepudiation?
99 Views
•
1 Answers
What is PKI? Why is it so important in information security?
What is PKI? Why is it so important in information security?
95 Views
•
1 Answers
Three-way Handshake as a Security Threat
Give a detailed account of why the three-way handshake is a security threat.
95 Views
•
1 Answers
Increase in Virus and Worm Attacks
There seems to have been an increase in the number of reported virus and worm attacks on computer networks. Is this really a sign of an increase, more reporting, or more security awareness on the part of the individual? Comment on each of these factors.
100 Views
•
1 Answers
Web authorization and performance
Web authorization is central to the security of all Web applications. What is the best way to safeguard all Web applications and at the same time make Web access reliable and fast?
92 Views
•
1 Answers
Three Components of a Global Access Model
Discuss the three components of a global access model
101 Views
•
1 Answers
Network Vulnerability Identification
Is it possible to locate all vulnerabilities in a network? In other words, can one make an authoritative list of those vulnerabilities? Defend your response.
104 Views
•
1 Answers
Kerberos Tickets
The Kerberos authentication process actually involves two tickets. Explain the need for each ticket and why only one ticket cannot be used.
96 Views
•
1 Answers
X.25 vs. TCP/IP Differences
X.25 and TCP/IP are very similar but there are differences. Discuss these differences.
88 Views
•
1 Answers
Why is it difficult to implement distributed authorization?
Why is it difficult to implement distributed authorization?
93 Views
•
1 Answers
Why is crime reporting so low in major industries?
Why is crime reporting so low in major industries?
94 Views
•
1 Answers
Why are design flaws such a big issue in the study of vulnerability?
Why are design flaws such a big issue in the study of vulnerability?
98 Views
•
1 Answers
What is security and information security? What is the difference?
What is security and information security? What is the difference?
125 Views
•
1 Answers
What is a bastion router? How different is it from a firewall?
What is a bastion router? How different is it from a firewall?
110 Views
•
1 Answers
Virtual Security
Virtual security seems to work in some systems. Why is this so? Can you apply it in a network environment?
160 Views
•
1 Answers
Transport Layer Security Mechanisms
Are there security mechanisms applicable at transport layer? Is it safer?
146 Views
•
1 Answers
Security Policies
Some security experts do not believe in security policies. Do you? Why or why not?
96 Views
•
1 Answers
RPC Authentication: Per-Request Authentication
In RPC authentication, why it is necessary that each client request that server services be authenticated by the authentication server?
97 Views
•
1 Answers
Merits and Demerits of Centralized and Decentralized Authorization
Discuss the merits and demerits of centralized and decentralized authorization.
108 Views
•
1 Answers
Importance of Security Plans
Why it is important to have a security plan despite the various views of security experts concerning its importance?
111 Views
•
1 Answers
Honeypot Placement without DMZ
For a system without a DMZ, where is the best area in the network to install a honeypot?
127 Views
•
1 Answers
Global Privilege in Authorization Systems
Discuss the concept of global privilege. Does it work well in a distributed authorization or centralized authorization?
95 Views
•
1 Answers
Fusion of Network Technologies
Do you foresee a fusion between LAN, MAN, and WAN technologies in the future? Support your response.
93 Views
•
1 Answers
Firewall Protocol Implementation
Show how data protocols such as TCP, UDP, and ICMP can be implemented in a firewall and give the type of firewall best suited for each of these protocols.
107 Views
•
1 Answers
Firewall Design for File Uploads to Internal Network
How would you design a firewall that would let Internet-based users upload files to a protected internal network server?
104 Views
•
1 Answers
Effective Legislation Against Hacking
What kind of legislation can be effective to prevent hacking?
96 Views
•
1 Answers
Discuss any security surveillance system.
Discuss any security surveillance system.
98 Views
•
1 Answers
Direction of Network Technology
Network technology is in transition. Discuss the direction of network technology.
90 Views
•
1 Answers
Devise a plan to compute the cost of computer crime.
Devise a plan to compute the cost of computer crime.
135 Views
•
1 Answers
Comparison of ATM and ISDN Technologies
With the future in mind, compare and contrast ATMs and ISDN technologies.
89 Views
•
1 Answers
Bluetooth as a "magic technology"
Some people think that Bluetooth is a magic technology that is going to change the world. Is this assertion true?
86 Views
•
1 Answers
Authentication Policy Involvement
Making an authentication policy must be a well-kept secret to ensure the security of the intended system. Why then is it so important that a security policy include an authentication policy that involves as many as possible? What kind of people must be left out?
140 Views
•
1 Answers
Discuss the risks to the protected internal network as a result of a DMZ
Discuss the risks to the protected internal network as a result of a DMZ
129 Views
•
1 Answers
Discuss three approaches of acquiring information needed to penetrate a network.
Discuss three approaches of acquiring information needed to penetrate a network.
115 Views
•
1 Answers
Discuss the best approaches to implementing an effective IDS.
Discuss the best approaches to implementing an effective IDS.
116 Views
•
1 Answers
Computer Network Fundamentals: Encryption Standards Security
Most of the encryption standards that are being used such as RSA and DES have not been formally proven to be safe. Why then do we take them to be secure—what evidence do we have?
109 Views
•
1 Answers