1. List the three fundamental security properties and for each give an
example of a failure.
2. If the useful life of DES was about 20 years (1977-1999), how long
do you predict the useful life of AES to be? Justify your answer.
3. Security decision-making should be based on rational thinking and
sound judgement. In this context critique five security design principles
with suitable examples.
4. The HTTP protocol is by definition stateless, meaning that it has no
mechanism for “remembering” data from one interaction to the next. (a)
Suggest a means by which you can preserve state between
two HTTP calls. For example, you may send the user a page of books and
prices matching a user’s query, and you want to avoid having to look up
the price of each book again once the user chooses one to purchase. (b)
Suggest a means by which you can preserve some notion of
state between two web accesses many days apart. For example, the user
may prefer prices quoted in euros instead of dollars, and you want to
present prices in the preferred currency next time without asking
5. Why is a firewall a good place to implement a VPN? Why
not implement it at the actual server(s) being accessed?
In accepting the ACM Turing Award, Ken Thompson described a
devious Trojan horse attack on a Unix system, which most people now
refer to as Thompson’s rigged compiler. This attack first changes the
binary version of the login program to add a backdoor, say, to allow a
new user, 12345, that has password, 67890, which is never checked
against the password file. Thus, the attacker can always login to this
computer using this username and password. Then the attack changes the
binary version of the C compiler, so that it first checks if it is compiling
the source code for the login program, and, if so, it reinserts the backdoor
in the binary version. Thus, a system administrator cannot remove this
Trojan horse simply by recompiling the login program. In fact, the attack
goes a step further, so that the C compiler also checks if it is compiling
the source code of the C compiler itself, and, if so, it inserts the extra
code that reinserts the backdoor for when it is compiling the login
program. So recompiling the C compiler won’t fix this attack either, and
if anyone examines the source code for the login program or the C
compiler, they won’t notice that anything is wrong. Now suppose your
Unix system has been compromised in this way (which you confirm by
logging in as 12345). How can you fix it, without using any outside
resources (like a fresh copy of the operating system)?
Suppose you want to use an Internet cafe to login to your personal
account on a bank web site, but you suspect that the computers in this
cafe are infected with software keyloggers. Assuming that you can have
both a web browser window and a text editing window open at the same
time, describe a scheme that allows you to type in your userID and
password so that a keylogger, used in isolation of any screen captures or
mouse event captures, would not be able to discover your userID and
Hints: Think about what a keylogger would see if you toggle between the
web browser (asking for your userID and password) and a text editor
window, while you are typing.
You are the system administrator for a provider that owns a large network
(e.g., at least 64,000 IP addresses). Show how you can use SYN cookies
to perform a DOS attack on a web server.
Johnny just set up a TCP connection with a web server in Chicago,
Illinois, claiming he is coming in with a source IP address that clearly
belongs to a network in Copenhagen, Denmark. In examining the session
logs, you notice that he was able to complete the three-way handshake for
this connection in 10 milliseconds. How can you use this information to
prove Johnny is lying?
Explain how it would give a potential intruder an additional advantage if
he can spend a week stealthily watching the behaviors of the users on the
computer he plans to attack.
Hints: By watching legitimate users for a week, an intruder can determine
what is normal, accepted behaviors for each user.
The coupon collector problem characterizes the expected number of days
that it takes to get n coupons if one receives one of these coupons at
random every day in the mail. This number is approximately n ln n. Use
this fact to compare the number of TCP connections that are initiated in a
sequential port scan, going from port 1 to 65535, directed at some host, to
the expected number that are requested in a random port scan, which
requests a random port each time (uniformly and independently) until it
has probed all of the ports.
Hints: A sequential port scan will initiate 65535 TCP connections.
Ad servers are increasingly being used to display essential content for
web sites (e.g., photos that are part of news items). Suppose that the same
host is used to serve images for two different web sites. Explain why this
is a threat to user privacy. Is this threat eliminated if the browser is
configured to reject third-party cookies?
Hints: Think about the session linking that could be done by this server.
What is the plaintext for the following ciphertext, which was encrypted
using a simple substitution cipher: @par CJBT COZ NPON ZJV FTTK
TWRTUYTFGT NJ DTN O XJL. Y COZ ZJV CPJVIK DTN O XJL
Hints: Note the short words and use a frequency analysis.
The picture above shows the frequency analysis of the cipher text. The plain text of the cipher text is as
: @CNE PWOG PBM ACBA MWI SGGX GJEGHLGSTG AW QGA B KWY. L PBM MWI PCWIVX QGA B KWY
But you can order it from our service and receive complete high-quality custom paper. Our service offers Business essay sample that was written by professional writer. If you like one, you have an opportunity to buy a similar paper. Any of the academic papers will be written from scratch, according to all customers’ specifications, expectations and highest standards.”