Outcomes addressed in this activity:
Unit Outcomes:
• Explain integrity with signatures and hashing.
• Extrapolate public key infrastructure.
• Contrast cryptographic attacks.
Course Outcome:
IT279-3: Apply secure design principles to network architecture.
Purpose
In this assignment, you will examine several well-known attack strategies as well as the concept of trust.
Assignment Instructions
Using Credible Sources, Justify Your Answers to Questions
Answer the following 12 questions by selecting the one best answer for each. Cite your course texts, or other credible source, and provide a 50- to 100-word explanation of why you chose your answer for each question.
- Which characteristic of PGP is different from the use of formal trust certificates?
A. The use of Certificate Authority servers
B. The establishment of a web of trust between the users
C. The use of trust domains by the servers and the clients - Users access your network using smart cards. Recently, hackers have uncovered the encryption key of a smart card using reverse engineering. Which smart card attack was used?
A. Fault generation
B. Microprobing
C. Software attack - Your organization has decided to use one-time pads to ensure that certain confidential data is protected. All of the following statements are true regarding this type of cryptosystem, except:
A. Each one-time pad can be used only once.
B. The pad must be made up of sequential values.
C. The pad must be as long as the message. - Which of the following types of access control attacks against passwords contain all possible passwords in a hash format?
A. Brute force attacks
B. Rainbow tables
C. Dictionary attacks - During a recent network attack, a hacker used rainbow tables to guess network passwords. Which type of attack occurred?
A. Social engineering attack
B. Denial-of-service attack
C. Privilege escalation - Your network has been the victim of an access control attack that involved the use of rainbow tables. What is contained in these tables?
A. All possible passwords
B. All possible passwords in a hash
C. All accepted passwords - You have decided to attach a digital timestamp to a document that is shared on the network. Which attack does this prevent?
A. A replay attack
B. A side channel attack
C. A ciphertext-only attack - Which attacks are considered common access control attacks?
A. Spoofing
B. Phreaking
C. SYN flood
D. Dictionary attacks
E. Brute force attacks
A. Option a
B. Option b
C. Option c
D. Option d
E. Options b and c
F. Options a, d, and e
G. All options - Which of the following is the potential loss to an area due to the occurrence of an adverse event?
A. Exposure
B. Risk
C. Vulnerability - Which of the following processes of risk management is a methodic process consisting of three steps: risk identification, risk analysis, and risk evaluation?
A. Acceptance of residual risk
B. Risk assessment
C. Risk treatment - When it comes to risk mitigation, which risk countermeasure involves not even taking the chance with the risk?
A. Risk acceptance
B. Risk transference
C. Risk avoidance - In terms of risk analysis and dealing with risk, which of the three common ways listed below is the practice of coming up with alternatives so that the risk in question is not realized?
A. Acceptance
B. Transference
C. Avoidance
Assignment Requirements
Answers contain enough information to adequately answer the questions and contain no spelling, grammar, or APA errors.
