Risk_MGMT_participat
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
---|---|---|---|---|---|
Please explain what is substitution and transposition with example | Substitution: one letter or bit is changed, key is always constant
Transposition: Taco key 3 = otac
🗑
|
||||
How to realize digital signature with hash algorithm and public key algorithm | sender should first generate a hash value of the message. Then the sender should sign the hash value with his private key
-receiver should first decrypt the digital signature with the sender's public key.
🗑
|
||||
Please explain how to do a direct and indirect DOS attack. Explain what is reflected DOS attack with example | Attacker direct send SYN to the victim
Attacker sends the flood to bot, then the bot sends that to the victim
Attacker sends SYN with fake IP to the victim, the victim sends the SYN ACK to the real victim
🗑
|
||||
How to reduce the DOS attack | Black holing
Validate the SYN
rate limiting
🗑
|
||||
Please explain what is ARP poisoning. And how to prevent it | IP address to MAC address storage information is manipulated to reroute network traffic. It can be used for the man in the middle attack.
Prevention: Static ARP table, Limit the local access
🗑
|
||||
What protocol you can use to achieve workgroup switch authentication. What method you can use for wireless access authentication | EAP or Radius
WEP and WPA
🗑
|
||||
What is AAA and explain correspondingly | Authentication: identifying who you are
Authorization: what you can do
Auditing: record what you did
🗑
|
||||
What are the four authentication credentials and explain that with examples? | i. What you know (e.g., a password)
ii. What you have (e.g., an access card)
iii. What you are, or (e.g., your fingerprint)
iv. What you do (e.g., speaking a passphrase)
🗑
|
||||
Please list at least four main types of Biometric Scanning and list the four main aspects related to Biometric Performance | -fingerprint, hand geo, retina, iris
-enrollment, throughput, FAR, FRR
🗑
|
||||
what is least privilege in the authorization? | Initially give people only the permissions a person absolutely needs to do his or her job
🗑
|
||||
Please list the three access control (authorization) model | DAC, MAC, RBAC
🗑
|
||||
If there are too much log information, what you need to do for the configuration. Could you example to explain that. | Setting up the clipping level. For example, I only log the activity that users fail for three times.
🗑
|
||||
please differentiate security policy, procedure, standard, regulation and guideline through definition | security policy: company statement on security
procedure: specifications
standard: mandatory implementation guidance
regulation: requirements for corporate security
guideline: discrete implementation guidance
🗑
|
||||
Suppose university network is under the same attack 2 times a year, each attack will lose 20% of the network value. The network value is about 10,0000 dollar. How much is the SLE value of this risk | Asset value(AV) * Exposure Factor (EF) = Single Loss Expectance (SLE)
Therefore: (2 * .20) * 100,000 = 40,000
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
ITSec_guy
Popular Computers sets