Top Trending Questions
Kerberos Tickets
The Kerberos authentication process actually involves two tickets. Explain the need for each ticket and why only one ticket cannot be used.
8 Views
•
1 Answers
Four Access Methods and Their Weaknesses
Discuss four access methods, giving the weaknesses of each
7 Views
•
1 Answers
Devise a plan to compute the cost of computer crime.
Devise a plan to compute the cost of computer crime.
8 Views
•
1 Answers
Web authorization and performance
Web authorization is central to the security of all Web applications. What is the best way to safeguard all Web applications and at the same time make Web access reliable and fast?
7 Views
•
1 Answers
Security Policies
Some security experts do not believe in security policies. Do you? Why or why not?
8 Views
•
1 Answers
Insider Abuse Solutions
Insider abuse is a major crime category. Discuss ways to solve it.
9 Views
•
1 Answers
Reasons for Anonymous Authentication in High-Security Systems
There are many compelling reasons why a system that must implement security to the maximum must give anonymous authentication to a class of users. Detail five of these reasons.
8 Views
•
1 Answers
Script Security Threat: Untrusted Data
The biggest script security threat has always been the acceptance of untrusted data. What is the best way for scripts to accept data and preserve the trust?
7 Views
•
1 Answers
Social engineering has been frequently cited as a source of network security threat. Discuss the different elements within social engineering that contribute to this assertion.
Social engineering has been frequently cited as a source of network security threat. Discuss the different elements within social engineering that contribute to this assertion.
8 Views
•
1 Answers
Authentication Policy Involvement
Making an authentication policy must be a well-kept secret to ensure the security of the intended system. Why then is it so important that a security policy include an authentication policy that involves as many as possible? What kind of people must be left out?
7 Views
•
1 Answers
Why is crime reporting so low in major industries?
Why is crime reporting so low in major industries?
7 Views
•
1 Answers
Discuss the politics of dealing with hacktivism.
Discuss the politics of dealing with hacktivism.
7 Views
•
1 Answers
Differentiate between access and authorization.
Differentiate between access and authorization.
7 Views
•
1 Answers
Firewall Design for File Uploads to Internal Network
How would you design a firewall that would let Internet-based users upload files to a protected internal network server?
8 Views
•
1 Answers
Client-side vs. Server-side Scripting Security
In terms of security, is client-side scripting better than server-side scripting? Why or why not?
7 Views
•
1 Answers
Access Privileges in Computing Systems
List and discuss the most common access privileges in a computing system.
7 Views
•
1 Answers
Network Vulnerability Identification
Is it possible to locate all vulnerabilities in a network? In other words, can one make an authoritative list of those vulnerabilities? Defend your response.
9 Views
•
1 Answers
Global Privilege in Authorization Systems
Discuss the concept of global privilege. Does it work well in a distributed authorization or centralized authorization?
7 Views
•
1 Answers
Firewall Protocol Implementation
Show how data protocols such as TCP, UDP, and ICMP can be implemented in a firewall and give the type of firewall best suited for each of these protocols.
9 Views
•
1 Answers
Kerberos Authentication Process Players
Discuss in detail the role played by each one of the five players in a Kerberos authentication process.
7 Views
•
1 Answers
Three-way Handshake as a Security Threat
Give a detailed account of why the three-way handshake is a security threat.
7 Views
•
1 Answers
Increase in Virus and Worm Attacks
There seems to have been an increase in the number of reported virus and worm attacks on computer networks. Is this really a sign of an increase, more reporting, or more security awareness on the part of the individual? Comment on each of these factors.
9 Views
•
1 Answers
Discuss the risks to the protected internal network as a result of a DMZ
Discuss the risks to the protected internal network as a result of a DMZ
10 Views
•
1 Answers
Network Layer Security Mechanisms and Efficacy
IPsec provides security at the network layer. What other security mechanism is applicable at the network layer? Do network layer security solutions offer better security?
7 Views
•
1 Answers
Discuss the differences between a firewall and a packet filter
Discuss the differences between a firewall and a packet filter
10 Views
•
1 Answers
Why is hacking a big threat to system security?
Why is hacking a big threat to system security?
7 Views
•
1 Answers
RPC Authentication: Per-Request Authentication
In RPC authentication, why it is necessary that each client request that server services be authenticated by the authentication server?
7 Views
•
1 Answers
Security Threat: Human Factors
What is the best way to deal with the security threat due to human factors?
7 Views
•
1 Answers
Is hacking getting under control?
Following the history of hacking, can you say that hacking is getting under control? Why or why not?
7 Views
•
1 Answers
Sources of System Vulnerabilities
Discuss the sources of system vulnerabilities.
8 Views
•
1 Answers
Too Much Authorization and Least Privilege
With the principle of “least privilege,” is it possible to have too much authorization? What happens when there is too much authorization?
6 Views
•
1 Answers
Three Components of a Global Access Model
Discuss the three components of a global access model
7 Views
•
1 Answers
Physical Access Restrictions
Physical access to resources is essential and must be the most restricted. Why?
7 Views
•
1 Answers
Anonymous Authentication and System Security
Does anonymous authentication compromise the security of systems for the advantages of a few services?
8 Views
•
1 Answers
Application Layer Security Mechanisms
Discuss two security mechanisms applied at the application layer. Are they safer than those applied at the lower network layer?
7 Views
•
1 Answers
Client-side vs. Server-side Scripting
What are the differences between client-side and server-side scripting? Is one better than the other?
7 Views
•
1 Answers
Effective Legislation Against Hacking
What kind of legislation can be effective to prevent hacking?
7 Views
•
1 Answers
Does information confidentiality infer information integrity?
Does information confidentiality infer information integrity? Explain your response.
8 Views
•
1 Answers
Honeypot Placement without DMZ
For a system without a DMZ, where is the best area in the network to install a honeypot?
8 Views
•
1 Answers
Comparison of Authorization Models: NOS vs. Stand-alone OS
Compare the authorization model used by the network operating systems (NOSs) to that used by the old stand-alone operating systems
7 Views
•
1 Answers
Discuss the major sources of computer crimes.
Discuss the major sources of computer crimes.
7 Views
•
1 Answers
Discuss the best approaches to implementing an effective IDS.
Discuss the best approaches to implementing an effective IDS.
8 Views
•
1 Answers
Software Verification and Validation (V&V) in System Vulnerability
Part of the problem in design flaws involves issues associated with software verification and validation (V&V). What is the role of V&V in system vulnerability?
7 Views
•
1 Answers
Outline and discuss the factors that influence threat information quality
Outline and discuss the factors that influence threat information quality
7 Views
•
1 Answers
Discuss the role of digital signatures in modern communication
Discuss the role of digital signatures in modern communication
7 Views
•
1 Answers
Security Standards Adaptation
Security standards are changing daily. Is it wise to pick a security standard then? Why or why not?
9 Views
•
1 Answers
Differentiate between computer and network forensics.
Differentiate between computer and network forensics.
8 Views
•
1 Answers
Discuss the advantages of using an application-level firewall over a network-level firewall.
Discuss the advantages of using an application-level firewall over a network-level firewall.
7 Views
•
1 Answers
Virtual Security
Virtual security seems to work in some systems. Why is this so? Can you apply it in a network environment?
8 Views
•
1 Answers
CGI and Database Security
CGI is often used to manage extensive databases. Databases store sensitive information. Discuss security measures you can use to safeguard the databases.
7 Views
•
1 Answers
Comment on the statement regarding CAs and IPsec.
Some say that with the development of systems such as IPsec, the role the CAs play in modern communication will diminish and eventually cease. Comment on this statement.
7 Views
•
1 Answers
CGI Scripting and Security
CGI is also used in discussions allowing users to talk to the customer and back. CGI helps in creating an ongoing dialog between multiple clients. Discuss the security implications of dialogs like this.
6 Views
•
1 Answers
Importance of Security Plans
Why it is important to have a security plan despite the various views of security experts concerning its importance?
6 Views
•
1 Answers
Security Mechanisms for Confidentiality
What are the best security mechanisms to ensure information confidentiality?
6 Views
•
1 Answers
Firewall Services and Protocols
Search and discuss as many services and protocols as possible offered by a modern firewall.
10 Views
•
1 Answers
Computer Network Fundamentals: Encryption Standards Security
Most of the encryption standards that are being used such as RSA and DES have not been formally proven to be safe. Why then do we take them to be secure—what evidence do we have?
6 Views
•
1 Answers
Transport Layer Security Mechanisms
Are there security mechanisms applicable at transport layer? Is it safer?
6 Views
•
1 Answers
Differences between Digital Certificates and Digital Signatures in Authentication
Discuss the differences between digital certificates and digital signatures in authentication
8 Views
•
1 Answers
List and discuss the types of hacker crimes.
List and discuss the types of hacker crimes.
6 Views
•
1 Answers
Authentication using certificates, although considered safe, suffers from weaknesses. Discuss these weaknesses using specific examples.
Authentication using certificates, although considered safe, suffers from weaknesses. Discuss these weaknesses using specific examples.
6 Views
•
1 Answers
System Intrusion Detection and Prevention
Discuss as many effective ways of responding to a system intrusion as possible. What are the best? Most implementable? Most cost-effective?
6 Views
•
1 Answers
Merits and Demerits of Centralized and Decentralized Authorization
Discuss the merits and demerits of centralized and decentralized authorization.
6 Views
•
1 Answers
Circuit-Level vs. Network-Level Firewalls
What are circuit-level firewalls? How are they different from network-level firewalls?
6 Views
•
1 Answers
Security Best Practices and Mechanisms
Security best practices are security guidelines and policies aimed at enhancing system security. Can they work without known and proven security mechanisms?
9 Views
•
1 Answers
Access Control: Least Privilege Principle
Discuss the benefits and problems resulting from the “least privilege” principle often used in access control.
7 Views
•
1 Answers
Kerberos and SSL are additional layers to enhance authentication. Detail how these enhancements are achieved in both cases.
Kerberos and SSL are additional layers to enhance authentication. Detail how these enhancements are achieved in both cases.
6 Views
•
1 Answers
Discuss ways a system administrator can reduce system scanning by hackers.
Discuss ways a system administrator can reduce system scanning by hackers.
6 Views
•
1 Answers
Discuss any security surveillance system.
Discuss any security surveillance system.
6 Views
•
1 Answers
Choosing and Using Security Best Practices
If you are an enterprise security chief, how would you go about choosing a security best practice? Is it good security policy to always use a best security practice? What are the benefits of using a best practice?
7 Views
•
1 Answers
Why are vulnerabilities difficult to predict?
Why are vulnerabilities difficult to predict?
6 Views
•
1 Answers
Discuss a good security auditing system.
Discuss a good security auditing system.
6 Views
•
1 Answers
Discuss the benefits of system scanning.
Discuss the benefits of system scanning.
6 Views
•
1 Answers
Discuss the basic components of cryptography
Discuss the basic components of cryptography
6 Views
•
1 Answers
Discuss the weaknesses of symmetric encryption
Discuss the weaknesses of symmetric encryption
6 Views
•
1 Answers
Discuss the limitations of firewalls. How do modern firewalls differ from the old ones in dealing with these limitations?
Discuss the limitations of firewalls. How do modern firewalls differ from the old ones in dealing with these limitations?
7 Views
•
1 Answers
Describe the message authentication process using:
Describe the message authentication process using: (a) Symmetric encryption (b) Public key encryption (c) Hash function
6 Views
•
1 Answers
Difficulties in Enforcing Security Best Practices
Discuss the difficulties encountered in enforcing security best practices.
6 Views
•
1 Answers
Discuss the difficulties faced by cybercrime investigators.
Discuss the difficulties faced by cybercrime investigators.
6 Views
•
1 Answers
Why is it difficult to implement distributed authorization?
Why is it difficult to implement distributed authorization?
6 Views
•
1 Answers
Discuss the role of certificate authentication in e-commerce
Discuss the role of certificate authentication in e-commerce
6 Views
•
1 Answers
Access Control and Authorization: Denying Document with Extended Links
Consider an environment where each server does its own authorization. If an access request is made to a document that has extended links and one of the link requests is denied, should the whole document request be denied? Why or why not?
6 Views
•
1 Answers
Scripting and Security in Computer Networks and Web Browsers
The most common CGI function is to fill in forms; the processing script actually takes the data input by the Web surfer and sends it as e-mail to the form administrator. Discuss the different ways such a process can fall victim to an attacker.
6 Views
•
1 Answers
Discuss three approaches of acquiring information needed to penetrate a network.
Discuss three approaches of acquiring information needed to penetrate a network.
6 Views
•
1 Answers
Why is PKI so vital in modern communications?
Why is PKI so vital in modern communications?
6 Views
•
1 Answers
Compare or discuss the differences between any two security systems.
Compare or discuss the differences between any two security systems.
9 Views
•
1 Answers
Is it possible to implement full distributed authorization? What will be involved?
Is it possible to implement full distributed authorization? What will be involved?
6 Views
•
1 Answers
What is the best way to deal with hacking?
What is the best way to deal with hacking?
7 Views
•
1 Answers
Discuss the role of data mining techniques in the quality of threat information
Discuss the role of data mining techniques in the quality of threat information
7 Views
•
1 Answers
Discuss the much talked about role of public key authentication in the future of e-commerce. Is the role of PKI in authentication exaggerated
Discuss the much talked about role of public key authentication in the future of e-commerce. Is the role of PKI in authentication exaggerated
6 Views
•
1 Answers
Discuss the weaknesses of public key encryption
Discuss the weaknesses of public key encryption
6 Views
•
1 Answers
Reasons why firewalls do not give total security
Give reasons why firewalls do not give total security
6 Views
•
1 Answers
Many predict that the future of e-commerce is pegged on the successful implementation of authentication. Discuss.
Many predict that the future of e-commerce is pegged on the successful implementation of authentication. Discuss.
6 Views
•
1 Answers
Discuss the limitations of a KDC system in modern communication
Discuss the limitations of a KDC system in modern communication
6 Views
•
1 Answers
Why is a hybrid cryptosystem preferred over symmetric and public key encryption systems?
Why is a hybrid cryptosystem preferred over symmetric and public key encryption systems?
7 Views
•
1 Answers
Discuss the benefits of enhancement of basic authentication with a cryptographic scheme such as Kerberos, SSL, and others. Give specific examples.
Discuss the benefits of enhancement of basic authentication with a cryptographic scheme such as Kerberos, SSL, and others. Give specific examples.
7 Views
•
1 Answers
What is a bastion router? How different is it from a firewall?
What is a bastion router? How different is it from a firewall?
10 Views
•
1 Answers
Discuss the many ways in which access can be abused.
Discuss the many ways in which access can be abused.
7 Views
•
1 Answers
Discuss the role of public key authentication in the growth of e-commerce
Discuss the role of public key authentication in the growth of e-commerce
6 Views
•
1 Answers
Compare and contrast the problems and benefits of KDC and PKI
Compare and contrast the problems and benefits of KDC and PKI
8 Views
•
1 Answers
In a modern communication network, what are the limitations of a tree- structured CA system? Why is it necessary?
In a modern communication network, what are the limitations of a tree- structured CA system? Why is it necessary?
6 Views
•
1 Answers
Why are design flaws such a big issue in the study of vulnerability?
Why are design flaws such a big issue in the study of vulnerability?
8 Views
•
1 Answers
Discuss the best ways of protecting an internal network using firewalls from the following attacks: * SMTP server hijacking * Bugs in operating systems * ICMP redirect bombs * Denial of service * Exploiting bugs in applications
Discuss the best ways of protecting an internal network using firewalls from the following attacks:
* SMTP server hijacking
* Bugs in operating systems
* ICMP redirect bombs
* Denial of service
* Exploiting bugs in applications
7 Views
•
1 Answers
Describe the sequence of steps a sender of a message takes when sending the message with a digital signature. What steps does the receiver of such a message take to recover the message?
Describe the sequence of steps a sender of a message takes when sending the message with a digital signature. What steps does the receiver of such a message take to recover the message?
6 Views
•
1 Answers
Can system intrusions be stopped? Support your response.
Can system intrusions be stopped? Support your response.
6 Views
•
1 Answers
Discuss human error or human factors as a major security threat.
Discuss human error or human factors as a major security threat.
6 Views
•
1 Answers
In your opinion, is computer forensics a viable tool in the fight against the cybercrime epidemic?
In your opinion, is computer forensics a viable tool in the fight against the cybercrime epidemic?
6 Views
•
1 Answers