1. (TCO A) What are the three goals of security in computing? For each goal, list two controls that can be implemented to help achieve
that goal.2. (TCO A) Cite a real-world database situation in which the sensitivity of an aggregate is greater than that of its constituent values.
Then, cite a database situation in which the sensitivity of an aggregate is less than that of its constituent values.
3. (TCO B) It’s been said that firewalls are dead. Some think that, because of the prevalence of application-layer attacks, packet filtering firewalls are of no real use in protecting networks. Name three advantages of using packet filtering firewalls in modern networks.
4. (TCO C) Respond to each part of this question:
a) Describe how a long number (encryption key) can be shared between sender and receiver without using any source that is obvious to outsiders and without directly sending the number from sender and receiver.
b) Describe how a long number (encryption key) can be shared between sender and receiver over an unsecured network without loss of confidentiality.
|5. (TCO B) Which of the following is a correct statement? (Points : 8)|
A SYN flood involves an attacker sending a stream of acknowledgements.
In link encryption, packet confidentiality is assured from sending to receiving host.
A digital certificate binds an entity to its public key.
SSL assures data confidentiality within the recipient’s network.
Inductive taps are used to compromise fiber-optic networks.