Assignment 4

docx

School

New Jersey Institute Of Technology *

*We aren’t endorsed by this school

Course

351

Subject

Computer Science

Date

Feb 20, 2024

Type

docx

Pages

3

Uploaded by hemaj18

Report
Name: CS 351 Assignment 4 1. Consider the following threats to Web security and describe how each is encountered by a particular feature of SSL: (20 pts) a) Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client. b) Password sniffing: Password in HTTP or other application traffic are eavesdropeed. c) IP spoofing: Uses forged IP addresses to fool a host into accepting bogus data. d) IP hijacking: An active, authenticated connection between two hosts is disrupted and the attacker takes the place of one of the hosts. e) SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the “half- open connection” around for a few minutes. Repeated SYN messages can clog the TCP module. 2. a) In a public-key system using RSA, you intercept the ciphertext C=10 sent to a user whose public key is e=5, n=35. What is the plaintext? b) In an RSA system, the public key of a given user is e=31, n=3599. What is the private key of this user? (20 pts) 3. A phonetic password generator picks two segments randomly for each six-letter password. The form of each segment is CVC (consonant, vowel, consonant), where V= <a, e, i, o, u> and C = V̅ (non vowels). a) What is the total password population? b) What is the probability of an adversary guessing a password correctly? (20 pts)
4. Assume you are supposed to choose and deploy Cyber Security tools for your company. Your company consists of the following assets: a) Internal private servers (consisting of DC’s, internal apps, etc.) b) DMZ servers (e-mail servers, web applications, etc.) c) End users (Employee’s Computers) For each case (1-9), which cyber Security tool(s)/step(s) will you prefer to deploy in your company? (40 pts) 1) You want to seperate the Internal Private servers and End users from DMZ servers 2) You want to be sure that your employees do not download and run malware in their computers. 3) You want to detect all network anomalies in your network (port scans, DDoS, etc.) 4) You want to prevent all network anomalies in your network (port scans, DDoS, etc.) 5) You want to protect your web applications (hosted in DMZ) from external web application attacks like SQL injection, XSS, CSRF etc. 6) You want to be sure that your internal (private) servers can’t reach to the Internet. 7) You want to check that whether your DMZ servers are up to date and if there is any vulnerability. 8) You want to collect the logs of the systems of your company and want to manage all events and incidents.
9) You want to deflect the attacks by putting some fake vulnerable servers to your system and follow the activities of the attackers. 10) Draw a sample network diagram showing the place/location of these tools.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

HW2.pdf
Assignment 1 (1).pdf
CYB_210_Network_Configuration_Scavenger_Hunt_Chris_Braccili.docx
CYB_230_Module_Five_Lab_Worksheet_Chris_Braccili.docx
CYB_210_Module_Five_Packet_Tracer_Activity_Chris_Braccili.docx
A20_2022F_Exam.pdf
Assignment 2.docx
Java-Questions.docx
Assignment 1.pdf
Wk 8 Ch 4B - Loops Practice.docx
Wk 10 Ch 5B - Functions Practice with Simple Game.docx
R-CheatSheet.pdf
Recommended textbooks for you
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
SEE MORE TEXTBOOKS