Q What is the suitability of DoS in this scenario? Explain and justify your answer. Home, - What is the suitability of DoS in this scenario Question - (a) Determine whether each of the following statements is true or false. i. MD5 is an authentication protocol that can also provide encryption services ii. Kerberos V3 always avoids clients from sending their passwords to the application server iii. In IPsec, the AH transport mode is unsuitable for achieving data integrity when data is transmitted between two computers in a LAN iv. In the concept of SSL, the web server sends the certificate to the user's browser v. Kerberos V4 can be used to distribute IPsec policies across all the computers in a single domain Answer - (a) (Comprehension) i. False ii. True iii. False iv. True v. False (b) A company intends to implement a firewall solution that can apply network scanning policies at three layers of the OSI model. Present your recommended solution and explain how your solution acts and provides the firewall solution. Answer - (Application) The solution is to implement a stateful multi-layer packet inspection firewall. This type of firewall is a sophisticated implementation of firewall that can deploy packet filtering at various layer of the OSI model and provides an integrated solution by combining application layer inspection, stateful inspection, and packet filtering. Such a type of firewall scans and inspects the entire pack contents such as the source and destination IP addresses, application type, port numbers, session information etc., whilst making decisions of allowing or denying packets. (c) A company has implemented its Intrusion Detection System (IDS) with signature based detection and pattern matching methodologies. Now an attacker is attempting to evade this IDS using DoS attack. What is the suitability of DoS in this scenario? Explain and justify your answer. Answer - (Application) IDS cannot be evaded with a Denial-of-Service attack. Although DoS is a type of a network attack that is used to make the intended services unavailable to the respective users, DoS are generally not performed directly to evade IDS. (d) What mechanism in the PGP protocol makes it more space efficient and helps effective transmission? Explain how this is achieved. Answer - (Bookwork) The PGP protocol encompasses a compression mechanism in its operation. This compression mechanism is used to compress the email message after appended with the signature, but the compression is carried out before the encryption process. The compression is achieved using the ZIP algorithm. Compression of the message helps reducing the transmission time and disk space. Importantly, compression enhances the resistance to cryptanalysis. When the receiver receives the cryptogram, decompression is carried out to obtain the message and the signature. (e) Suppose that Alice received a digitally signed message from Bob that contains instructions for Alice to make a payment to Bob. Alice obtained Bob's public key from the public key server and decrypted the digital signature, and further validated Bob's message by comparing the received and computed hash values. Upon this verification, Alice initiated the payment to Bob. Now, a few days later Bob complains that he never received any payment. When Alice checked with her Bank, she found that the payment was made to Trudy not Bob. What could have gone wrong here? Provide your recommendation to avoid such issues. Answer - (Application) Given this situation, it can be understood that the digitally signed message that Alice initially received came from Trudy not Bob. Trudy have created a new key pair in the name of Bob using his personal information and stored it in the public key server. Trudy signed the message with the corresponding private key and send it to Alice. Here, Trudy impersonated as Bob and convinced Alice. Believing that the message came from Bob, Alice followed the instructions in the message she received. Such issues can be avoided using digital certificates received from trusted Certificate Authorities (CA), so that the public key of the owners can be validated. Related: What is the suitability of DoS in this scenario Describe the three-tier design of demilitarized zone
Related :- Q Action against the company for unpaid wages action against the company for unpaid wages - initiated action against the company for four weeks' unpaid wages but not his unpaid subsidy Q Is their company insolvent? is their company insolvent? - Amanda and Emilia do not know what to do. Is their company insolvent? If it is, what action would you advise them to take? Q Why Sunlight terminate the lease why sunlight terminate the lease - Sunlight looked to terminate the lease because Hugo had broken the condition by living in the second floor unit. Q Explain the meanings and scope of Private Law explain the meanings and scope of private law - Briefly explain the meanings and scope of "Public Law" and "Private Law" Q Explain the typical expenses recognised by a lease explain the typical expenses recognised by a lease - HI6025 - Explain how the lease liability and a right-of-use asset would be recognised and measured at lease Q Explain the hedging arrangement explain the hedging arrangement and how does it reduce foreign currency risk exposure - hi6025 - calculate the basic eps for pearson ltd. Q Initial measurement of the lease liability initial measurement of the lease liability - Accounting Theory and Current Issues - Explain the measurement requirement for potential restoration provisions. Q Discuss the potential for the cost of acquiring Red-X discuss the potential for the cost of acquiring red-x - hi6025 - provide the journal entries to account for the revaluation on 30 june 2022. Q Explain the foreign currency swaps explain the foreign currency swaps and why are they undertaken - HI6025 - Explain the functional currency and what is a presentation currency Q Has Freddy breached his statutory obligations has freddy breached his statutory obligations - Has Freddy breached his statutory obligations under the Corporations Act (Cth) 2001? Explain your answer