Top Trending Questions
Comparison of Authorization Models: NOS vs. Stand-alone OS
Compare the authorization model used by the network operating systems (NOSs) to that used by the old stand-alone operating systems
105 Views
•
1 Answers
Security Mechanisms for Confidentiality
What are the best security mechanisms to ensure information confidentiality?
116 Views
•
1 Answers
Describe the message authentication process using:
Describe the message authentication process using: (a) Symmetric encryption (b) Public key encryption (c) Hash function
68 Views
•
1 Answers
Why is PKI so vital in modern communications?
Why is PKI so vital in modern communications?
69 Views
•
1 Answers
Access Privileges in Computing Systems
List and discuss the most common access privileges in a computing system.
95 Views
•
1 Answers
In your opinion, is computer forensics a viable tool in the fight against the cybercrime epidemic?
In your opinion, is computer forensics a viable tool in the fight against the cybercrime epidemic?
65 Views
•
1 Answers
Comment on the statement regarding CAs and IPsec.
Some say that with the development of systems such as IPsec, the role the CAs play in modern communication will diminish and eventually cease. Comment on this statement.
61 Views
•
1 Answers
Discuss a good security auditing system.
Discuss a good security auditing system.
63 Views
•
1 Answers
Security Standards Adaptation
Security standards are changing daily. Is it wise to pick a security standard then? Why or why not?
72 Views
•
1 Answers
Can system intrusions be stopped? Support your response.
Can system intrusions be stopped? Support your response.
64 Views
•
1 Answers
Scripting and Security in Computer Networks and Web Browsers
The most common CGI function is to fill in forms; the processing script actually takes the data input by the Web surfer and sends it as e-mail to the form administrator. Discuss the different ways such a process can fall victim to an attacker.
61 Views
•
1 Answers
Discuss the much talked about role of public key authentication in the future of e-commerce. Is the role of PKI in authentication exaggerated
Discuss the much talked about role of public key authentication in the future of e-commerce. Is the role of PKI in authentication exaggerated
66 Views
•
1 Answers
Discuss human error or human factors as a major security threat.
Discuss human error or human factors as a major security threat.
63 Views
•
1 Answers
List and discuss the types of hacker crimes.
List and discuss the types of hacker crimes.
68 Views
•
1 Answers
Access Control: Least Privilege Principle
Discuss the benefits and problems resulting from the “least privilege” principle often used in access control.
65 Views
•
1 Answers
Compare and contrast the problems and benefits of KDC and PKI
Compare and contrast the problems and benefits of KDC and PKI
66 Views
•
1 Answers
Discuss the benefits of system scanning.
Discuss the benefits of system scanning.
63 Views
•
1 Answers
Differentiate between computer and network forensics.
Differentiate between computer and network forensics.
72 Views
•
1 Answers
Discuss the role of digital signatures in modern communication
Discuss the role of digital signatures in modern communication
69 Views
•
1 Answers
Discuss the weaknesses of public key encryption
Discuss the weaknesses of public key encryption
71 Views
•
1 Answers
Ethernet Technology Appeal
Why is Ethernet technology more appealing to users than the rest of the LAN technologies?
73 Views
•
1 Answers
Access Control and Authorization: Denying Document with Extended Links
Consider an environment where each server does its own authorization. If an access request is made to a document that has extended links and one of the link requests is denied, should the whole document request be denied? Why or why not?
73 Views
•
1 Answers
Bluetooth and Personal Wireless Networks
Many people see Bluetooth as a personal wireless network (PAN). Why is this so? What standard does Bluetooth use?
71 Views
•
1 Answers
Discuss the role of certificate authentication in e-commerce
Discuss the role of certificate authentication in e-commerce
61 Views
•
1 Answers
List the major protocols discussed in this chapter.
List the major protocols discussed in this chapter.
64 Views
•
1 Answers
Anonymous Authentication and System Security
Does anonymous authentication compromise the security of systems for the advantages of a few services?
73 Views
•
1 Answers
Discuss the limitations of firewalls. How do modern firewalls differ from the old ones in dealing with these limitations?
Discuss the limitations of firewalls. How do modern firewalls differ from the old ones in dealing with these limitations?
72 Views
•
1 Answers
In a modern communication network, what are the limitations of a tree- structured CA system? Why is it necessary?
In a modern communication network, what are the limitations of a tree- structured CA system? Why is it necessary?
66 Views
•
1 Answers
CGI Scripting and Security
CGI is also used in discussions allowing users to talk to the customer and back. CGI helps in creating an ongoing dialog between multiple clients. Discuss the security implications of dialogs like this.
66 Views
•
1 Answers
Reasons why firewalls do not give total security
Give reasons why firewalls do not give total security
74 Views
•
1 Answers
Discuss the pros and cons of four LAN technologies.
Discuss the pros and cons of four LAN technologies.
84 Views
•
1 Answers
Software Verification and Validation (V&V) in System Vulnerability
Part of the problem in design flaws involves issues associated with software verification and validation (V&V). What is the role of V&V in system vulnerability?
70 Views
•
1 Answers
Discuss the advantages of using an application-level firewall over a network-level firewall.
Discuss the advantages of using an application-level firewall over a network-level firewall.
67 Views
•
1 Answers
CGI and Database Security
CGI is often used to manage extensive databases. Databases store sensitive information. Discuss security measures you can use to safeguard the databases.
68 Views
•
1 Answers
Many predict that the future of e-commerce is pegged on the successful implementation of authentication. Discuss.
Many predict that the future of e-commerce is pegged on the successful implementation of authentication. Discuss.
66 Views
•
1 Answers
Discuss the difficulties faced by cybercrime investigators.
Discuss the difficulties faced by cybercrime investigators.
63 Views
•
1 Answers
Computer Network Fundamentals: Encryption Standards Security
Most of the encryption standards that are being used such as RSA and DES have not been formally proven to be safe. Why then do we take them to be secure—what evidence do we have?
72 Views
•
1 Answers
Discuss the reasons why ISDN failed to catch on as WAN technology.
Discuss the reasons why ISDN failed to catch on as WAN technology.
76 Views
•
1 Answers
Discuss ways a system administrator can reduce system scanning by hackers.
Discuss ways a system administrator can reduce system scanning by hackers.
72 Views
•
1 Answers
Discuss the weaknesses of symmetric encryption
Discuss the weaknesses of symmetric encryption
69 Views
•
1 Answers
Why is it difficult to establish permanent standards for a technology like WAN or LAN?
Why is it difficult to establish permanent standards for a technology like WAN or LAN?
63 Views
•
1 Answers
System Intrusion Detection and Prevention
Discuss as many effective ways of responding to a system intrusion as possible. What are the best? Most implementable? Most cost-effective?
68 Views
•
1 Answers
Choosing and Using Security Best Practices
If you are an enterprise security chief, how would you go about choosing a security best practice? Is it good security policy to always use a best security practice? What are the benefits of using a best practice?
65 Views
•
1 Answers
Discuss the best ways of protecting an internal network using firewalls from the following attacks: * SMTP server hijacking * Bugs in operating systems * ICMP redirect bombs * Denial of service * Exploiting bugs in applications
Discuss the best ways of protecting an internal network using firewalls from the following attacks:
* SMTP server hijacking
* Bugs in operating systems
* ICMP redirect bombs
* Denial of service
* Exploiting bugs in applications
67 Views
•
1 Answers
What do you think are the weak points of TCP/IP?
What do you think are the weak points of TCP/IP?
77 Views
•
1 Answers
Why is a hybrid cryptosystem preferred over symmetric and public key encryption systems?
Why is a hybrid cryptosystem preferred over symmetric and public key encryption systems?
97 Views
•
1 Answers
Wireless WAN Fundamentals
What is a wireless WAN? What kind of technology can be used in it? Is this the wave of the future?
64 Views
•
1 Answers
What is the best way to deal with hacking?
What is the best way to deal with hacking?
66 Views
•
1 Answers
Authentication using certificates, although considered safe, suffers from weaknesses. Discuss these weaknesses using specific examples.
Authentication using certificates, although considered safe, suffers from weaknesses. Discuss these weaknesses using specific examples.
70 Views
•
1 Answers
Describe the sequence of steps a sender of a message takes when sending the message with a digital signature. What steps does the receiver of such a message take to recover the message?
Describe the sequence of steps a sender of a message takes when sending the message with a digital signature. What steps does the receiver of such a message take to recover the message?
63 Views
•
1 Answers
Network Layer Security Mechanisms and Efficacy
IPsec provides security at the network layer. What other security mechanism is applicable at the network layer? Do network layer security solutions offer better security?
67 Views
•
1 Answers
Virtual Security
Virtual security seems to work in some systems. Why is this so? Can you apply it in a network environment?
133 Views
•
1 Answers
States in Security Process
It has been stated that security is a continuous process; what are the states in this process?
91 Views
•
1 Answers
Client-side vs. Server-side Scripting Security
In terms of security, is client-side scripting better than server-side scripting? Why or why not?
77 Views
•
1 Answers
Client-side vs. Server-side Scripting
What are the differences between client-side and server-side scripting? Is one better than the other?
73 Views
•
1 Answers
Kerberos and SSL are additional layers to enhance authentication. Detail how these enhancements are achieved in both cases.
Kerberos and SSL are additional layers to enhance authentication. Detail how these enhancements are achieved in both cases.
65 Views
•
1 Answers
Discuss the differences between a firewall and a packet filter
Discuss the differences between a firewall and a packet filter
92 Views
•
1 Answers
Security Best Practices and Mechanisms
Security best practices are security guidelines and policies aimed at enhancing system security. Can they work without known and proven security mechanisms?
154 Views
•
1 Answers
Reasons for Anonymous Authentication in High-Security Systems
There are many compelling reasons why a system that must implement security to the maximum must give anonymous authentication to a class of users. Detail five of these reasons.
72 Views
•
1 Answers
Importance of Security Plans
Why it is important to have a security plan despite the various views of security experts concerning its importance?
84 Views
•
1 Answers
Honeypot Placement without DMZ
For a system without a DMZ, where is the best area in the network to install a honeypot?
72 Views
•
1 Answers
Dispute between Digital and Legal Non-repudiation
Why is there a dispute between digital nonrepudiation and legal nonrepudiation?
69 Views
•
1 Answers
Why are design flaws such a big issue in the study of vulnerability?
Why are design flaws such a big issue in the study of vulnerability?
72 Views
•
1 Answers
Is hacking getting under control?
Following the history of hacking, can you say that hacking is getting under control? Why or why not?
90 Views
•
1 Answers
What is the difference between authentication and nonrepudiation?
What is the difference between authentication and nonrepudiation?
72 Views
•
1 Answers
Why is crime reporting so low in major industries?
Why is crime reporting so low in major industries?
70 Views
•
1 Answers
Why is hacking a big threat to system security?
Why is hacking a big threat to system security?
68 Views
•
1 Answers
Devise a plan to compute the cost of computer crime.
Devise a plan to compute the cost of computer crime.
109 Views
•
1 Answers
Discuss the many ways in which access can be abused.
Discuss the many ways in which access can be abused.
76 Views
•
1 Answers
Differentiate between access and authorization.
Differentiate between access and authorization.
68 Views
•
1 Answers
Three-way Handshake as a Security Threat
Give a detailed account of why the three-way handshake is a security threat.
71 Views
•
1 Answers
Why are vulnerabilities difficult to predict?
Why are vulnerabilities difficult to predict?
85 Views
•
1 Answers
Discuss any security surveillance system.
Discuss any security surveillance system.
75 Views
•
1 Answers
Global Privilege in Authorization Systems
Discuss the concept of global privilege. Does it work well in a distributed authorization or centralized authorization?
67 Views
•
1 Answers
Script Security Threat: Untrusted Data
The biggest script security threat has always been the acceptance of untrusted data. What is the best way for scripts to accept data and preserve the trust?
68 Views
•
1 Answers
Three Components of a Global Access Model
Discuss the three components of a global access model
70 Views
•
1 Answers
Direction of Network Technology
Network technology is in transition. Discuss the direction of network technology.
63 Views
•
1 Answers
Fusion of Network Technologies
Do you foresee a fusion between LAN, MAN, and WAN technologies in the future? Support your response.
70 Views
•
1 Answers
Comparison of ATM and ISDN Technologies
With the future in mind, compare and contrast ATMs and ISDN technologies.
64 Views
•
1 Answers
In addition to ISO and TCP/IP, what are the other models?
In addition to ISO and TCP/IP, what are the other models?
80 Views
•
1 Answers
X.25 vs. TCP/IP Differences
X.25 and TCP/IP are very similar but there are differences. Discuss these differences.
66 Views
•
1 Answers
Bluetooth as a "magic technology"
Some people think that Bluetooth is a magic technology that is going to change the world. Is this assertion true?
61 Views
•
1 Answers
Discuss two LAN technologies that are NOT Ethernet or token ring.
Discuss two LAN technologies that are NOT Ethernet or token ring.
84 Views
•
1 Answers
Social engineering has been frequently cited as a source of network security threat. Discuss the different elements within social engineering that contribute to this assertion.
Social engineering has been frequently cited as a source of network security threat. Discuss the different elements within social engineering that contribute to this assertion.
70 Views
•
1 Answers
Discuss the benefits of enhancement of basic authentication with a cryptographic scheme such as Kerberos, SSL, and others. Give specific examples.
Discuss the benefits of enhancement of basic authentication with a cryptographic scheme such as Kerberos, SSL, and others. Give specific examples.
68 Views
•
1 Answers
Discuss the role of public key authentication in the growth of e-commerce
Discuss the role of public key authentication in the growth of e-commerce
64 Views
•
1 Answers
Discuss the role of data mining techniques in the quality of threat information
Discuss the role of data mining techniques in the quality of threat information
65 Views
•
1 Answers
Is it possible to implement full distributed authorization? What will be involved?
Is it possible to implement full distributed authorization? What will be involved?
73 Views
•
1 Answers
Differences between Digital Certificates and Digital Signatures in Authentication
Discuss the differences between digital certificates and digital signatures in authentication
66 Views
•
1 Answers
Discuss the best approaches to implementing an effective IDS.
Discuss the best approaches to implementing an effective IDS.
72 Views
•
1 Answers
Compare or discuss the differences between any two security systems.
Compare or discuss the differences between any two security systems.
71 Views
•
1 Answers
Merits and Demerits of Centralized and Decentralized Authorization
Discuss the merits and demerits of centralized and decentralized authorization.
85 Views
•
1 Answers
What is a bastion router? How different is it from a firewall?
What is a bastion router? How different is it from a firewall?
78 Views
•
1 Answers
Discuss the politics of dealing with hacktivism.
Discuss the politics of dealing with hacktivism.
86 Views
•
1 Answers
What is PKI? Why is it so important in information security?
What is PKI? Why is it so important in information security?
70 Views
•
1 Answers
Why is it difficult to implement distributed authorization?
Why is it difficult to implement distributed authorization?
68 Views
•
1 Answers
Does information confidentiality infer information integrity?
Does information confidentiality infer information integrity? Explain your response.
76 Views
•
1 Answers
Firewall Design for File Uploads to Internal Network
How would you design a firewall that would let Internet-based users upload files to a protected internal network server?
73 Views
•
1 Answers
Four Access Methods and Their Weaknesses
Discuss four access methods, giving the weaknesses of each
66 Views
•
1 Answers
Difficulties in Enforcing Security Best Practices
Discuss the difficulties encountered in enforcing security best practices.
68 Views
•
1 Answers
Discuss the major sources of computer crimes.
Discuss the major sources of computer crimes.
70 Views
•
1 Answers
Discuss the basic components of cryptography
Discuss the basic components of cryptography
68 Views
•
1 Answers
Too Much Authorization and Least Privilege
With the principle of “least privilege,” is it possible to have too much authorization? What happens when there is too much authorization?
73 Views
•
1 Answers
Kerberos Authentication Process Players
Discuss in detail the role played by each one of the five players in a Kerberos authentication process.
69 Views
•
1 Answers
Transport Layer Security Mechanisms
Are there security mechanisms applicable at transport layer? Is it safer?
115 Views
•
1 Answers
Application Layer Security Mechanisms
Discuss two security mechanisms applied at the application layer. Are they safer than those applied at the lower network layer?
70 Views
•
1 Answers
Network Vulnerability Identification
Is it possible to locate all vulnerabilities in a network? In other words, can one make an authoritative list of those vulnerabilities? Defend your response.
78 Views
•
1 Answers
Effective Legislation Against Hacking
What kind of legislation can be effective to prevent hacking?
69 Views
•
1 Answers
Web authorization and performance
Web authorization is central to the security of all Web applications. What is the best way to safeguard all Web applications and at the same time make Web access reliable and fast?
67 Views
•
1 Answers
Insider Abuse Solutions
Insider abuse is a major crime category. Discuss ways to solve it.
88 Views
•
1 Answers
Physical Access Restrictions
Physical access to resources is essential and must be the most restricted. Why?
71 Views
•
1 Answers
Security Policies
Some security experts do not believe in security policies. Do you? Why or why not?
66 Views
•
1 Answers
Authentication Policy Involvement
Making an authentication policy must be a well-kept secret to ensure the security of the intended system. Why then is it so important that a security policy include an authentication policy that involves as many as possible? What kind of people must be left out?
115 Views
•
1 Answers
What is security and information security? What is the difference?
What is security and information security? What is the difference?
84 Views
•
1 Answers
Outline and discuss the factors that influence threat information quality
Outline and discuss the factors that influence threat information quality
61 Views
•
1 Answers
Discuss the limitations of a KDC system in modern communication
Discuss the limitations of a KDC system in modern communication
61 Views
•
1 Answers
Discuss the risks to the protected internal network as a result of a DMZ
Discuss the risks to the protected internal network as a result of a DMZ
87 Views
•
1 Answers
Discuss three approaches of acquiring information needed to penetrate a network.
Discuss three approaches of acquiring information needed to penetrate a network.
73 Views
•
1 Answers
RPC Authentication: Per-Request Authentication
In RPC authentication, why it is necessary that each client request that server services be authenticated by the authentication server?
70 Views
•
1 Answers
Kerberos Tickets
The Kerberos authentication process actually involves two tickets. Explain the need for each ticket and why only one ticket cannot be used.
69 Views
•
1 Answers
Firewall Protocol Implementation
Show how data protocols such as TCP, UDP, and ICMP can be implemented in a firewall and give the type of firewall best suited for each of these protocols.
80 Views
•
1 Answers
Security Threat: Human Factors
What is the best way to deal with the security threat due to human factors?
66 Views
•
1 Answers
Firewall Services and Protocols
Search and discuss as many services and protocols as possible offered by a modern firewall.
73 Views
•
1 Answers
Sources of System Vulnerabilities
Discuss the sources of system vulnerabilities.
70 Views
•
1 Answers
Increase in Virus and Worm Attacks
There seems to have been an increase in the number of reported virus and worm attacks on computer networks. Is this really a sign of an increase, more reporting, or more security awareness on the part of the individual? Comment on each of these factors.
71 Views
•
1 Answers
What are the differences between symmetric and asymmetric key systems?
What are the differences between symmetric and asymmetric key systems?
70 Views
•
1 Answers
Circuit-Level vs. Network-Level Firewalls
What are circuit-level firewalls? How are they different from network-level firewalls?
73 Views
•
1 Answers