Select from the following the best definition of security risk analysis:
All multiple choice questions have only one correct answer. You should provide a short explanation (100 words ) for each selected answer. Use quotation marks if not using your own words, and do not forget to cite full reference when necessary. Other Guidelines: • You should submit your exam to your assignment folder in LEO as an HTML, MS-Word or plain text. • Repeat the text of the questions you have answered. • Be the clearest and objective you can in all questions and be sure you are answering what is asked. • Put your name in the exam. ________________________________________ PROBLEM 1 - General questions (20 points) (5 pts each) a) Select from the following the best definition of security risk analysis: A) Risk analysis looks at the probability that your security measures won't stop a hacker breaking in to your system. B) Risk analysis looks at the consequences of being connected to the Internet. C) Risk analysis looks at the probability that a hacker may break in to your system. D) Risk analysis determines what resources you need to protect and quantifies the costs of not protecting them. E) Risk analysis looks at the probability that a vulnerability exists in your system. b) What would be an example of a violation of the principle of confidentiality? A) An employee accessing a payroll database to find out how much others are paid. B) Financial records being altered to make it look like a company made more than they did. C) Stealing records from a company to sell to other interested markets. D) A file server going down due to lack of good maintenance of systems. c) A company is developing a new technology that is expected to become a huge success. The CSO is concerned about someone stealing the secrets related to this technology. Which of the following will help the CSO identify potential dangers related to the loss of this technology? A) Vulnerability assessment B) Privacy threshold assessment C) Threat assessment D) Privacy impact assessment d) Which of the following answers describes best what actions have to be taken in a certain situation like how long before users must change passwords, actions to take if a user steals corporate data or an infiltration takes place? A) Policies B) Documentation C) Regulations D) Procedures PROBLEM 2 - Networking Fundamentals (20 points) (5 pts each) a) While using which type of networking device would each host 'see' all other traffic on the network? A) network router B) token ring network C) network hub D) network switch b) How does the use of a router differ from a bridge in telecommunication? A) Routers contain many ports to connect different network segments, while a bridge ensures that requests from within the network for information over the internet are distributed to the correct computer within the network. B) A router is a communication device that is used to connect two different networks, while a bridge is networking device that divides the network into different segments to manage the amount of traffic. C) A router receives electronic signals, cleans and retransmits them at a higher power level, while a bridge receives electronic signals, cleans and retransmits them at a lower power level. D) A router contains many ports to connect different network segments, while a bridge sends data it receives only to specific ports. c) What destination MAC Address would be added to a packet on the route to a remote computer? A) MAC Address of the far side of the default gateway B) MAC Address of your computer C) Exterior MAC Address of the remote Server D) Interior MAC address of default gateway d) Which of the following devices is used to interface computer networks that use different communication protocols? A) Bridge B) Hub C) Gateway D) Router PROBLEM 3 - Cryptography Fundamentals - Part 1 (20 points) (5 pts each) a) Which of the following would provide the strongest encryption? A) Random one-time pad B) DES with a 56-bit key C) AES with a 256-bit key D) RSA with a 1024-bit key b) Which concept of cryptography is used to make the ciphertext look significantly different than the plaintext after encryption? A) Diffusion B) Obfuscation C) Collision D) Confusion c) Consider the following protocol that involves both RSA public-key operations and DES. Suppose that A has an RSA private key prv(A) and an RSA public key pub(A). Suppose that B has an RSA private key prv(B) and an RSA public key pub(B). Assume both A and B knows each other’s public key. A wants to send B some message M. A selects random DES key K and send B the following two messages: -- Epub(B)( K, Sigprv(A)(K)) -- EK(M) "E" means encryption and "Sig" means digital signature. Which of the following statement(s) is true? (A) Only B can decipher the contents of the message M (B) B is certain that the message M is from A C) B can prove to a third party that the message M arrived from A. d) You need to use an encryption protocol to encrypt credit card data within a database used by the application. Which of the following would be the fastest, while also providing strong confidentiality? A) AES-256 B) DES C) Blowfish D) SHA-2 PROBLEM 4 - Cryptography Fundamentals - Part 2 (20 points) (5 pts each) a) Which of the following would a security administrator use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible? A) ECC B) RSA C) SHA D) 3DES b) Which of the following is the preferred system that provides both data security and non-repudiation? A) PPTP - Point-to-Point Tunneling Protocol B) 3DES - Triple Data Encryption Standard C) PKI - Public Key Infrastructure D) RSA - Data Security c) When a user needs to provide message authenticity, in the absence of a secure channel, what options may be the best? A) Send a digital signature of the message to the recipient B) Encrypt the message with a symmetric algorithm and send it C) Create a checksum, append it to the message, encrypt the message, then send it to the recipient D) Encrypt the message with a private key so the recipient can decrypt with the corresponding public key d) Which of the following is the best solution to protect the confidentiality of data on a laptop in the case it is stolen? A) File level encryption with very strong alphanumeric passwords B) Biometric authentication and cloud storage C) Whole disk encryption with two-factor authentication D) BIOS passwords and two-factor authentication PROBLEM 5 - Network Vulnerabilities, Attacks and Countermeasures (20 points) (5 pts each) a) Which of the following attacks enables a malicious person to view network traffic if the attacker is on the same network as the users? A) Smurf attack. B) Port redirection attack. C) Man-in-the-middle attack. D) DoS attack b) An attacker sent multiple broadcast messages to the network routers, spoofing an IP address of one of the network servers. This caused the network to send a flood of packets to that server and it is no longer responding. What best describes this attack? A) DDoS attack B) TCP SYN flood attack C) Smurf Attack D) TCP hijacking attack c) A network admin has noticed that several machines on her network are infected with malware that is sending a flood of packets to a target external to the network. What best describes this attack? A) Backdoor B) SYN Flood C) DDoS D) Botnet d) Which of the following is the most effective method to mitigate session hijacking? A) Denying traffic originating from the Internet that shows an internal network address B) Forcing users to reauthenticate before allowing transactions to occur C) Reducing the amount of time before the reset of an unfinished TCP connection D) Setting up filters on external routers to drop all incoming ICMP packets TOTAL (1-5) 100 points