1) In conducting security testing on the Alexander Rocco network, you have found that the company configured one of its Windows Server 2016 computers as an enterprise root CA server. You have also determined that Ronnie Jones, the administrator of the CA server, selected MD5 as the hashing algorithm for creating digital signatures.Based on this information, write a one-page report explaining possible vulnerabilities caused by signing certificates with MD5. The report should cite articles about MD5 weaknesses and include recommendations from Microsoft about using MD5 in its software.

2) After conducting research for Case Project 12-1, you have gathered a lot of background about the release of information on hashing algorithms. Articles on vulnerabilities of SHA-1, MD4, and MD5 abound. The proliferation of programs for breaking DVD encryption codes and the recent imprisonment of an attacker who broke Japan’s encryption method for blocking certain images from pornographic movies have raised many questions on what’s moral or legal in releasing information about hashing algorithms.Based on this information, write a one- to two-page report addressing moral and legal issues of releasing software or code for breaking these algorithms. Your paper should also answer these questions:Should people who are able to break a hashing algorithm be allowed to post their findings on the Internet?Do you think the reporters of the DVD (DeCSS) crack were exercising their First Amendment rights when including the source code for breaking the DVD encryption key in an article? What about displaying the source code on a T-shirt? As a security professional, do you think you have to abide by a higher standard when sharing or disseminating source code that breaks hashing algorithms? Explain.

3) After a security breach in which important corporate secrets were lost, the Alexander Rocco Corporation hired you to conduct a security test and offer recommendations for preventing future attacks. Computer forensics specialist Nathan Rosswog has informed you that the hackers got in by compromising a Web site many employees visit; this attack installed Trojan code on users’ workstations by using a drive-by download. Because the company’s antivirus software didn’t detect the code on workstations, attackers were able to launch reverse Telnet command shells and upload confidential documents to hacker-controlled Web sites. To do this, they used a port that allowed outbound HTTPS traffic through the company firewall.Based on this information, write a brief report on your recommendations for configuring or revamping the network to defend against these types of threats. The report should give specific examples of how to secure the network, but not rely on a single type of network protection system, and make hardware recommendations, if needed.

4)You receive a frantic call from the system administrator of the Alexander Rocco network, JW Tabacchi. He tells you he has identified several intrusion attempts from sources over the Internet. You’re not sure if the hackers have gained access to the internal network. First, based on the tools described in this chapter and some of the techniques you’ve learned in this book, write a one-page report about the things you might look for to identify an attacker or a compromised host on your network.Second, make some recommendations on how you might instrument the network with network protection systems to better detect and prevent compromises in the future.