It 255

In: Computers and Technology

Submitted By superrock2k
Words 309
Pages 2
Rock Laguerre
IT255
Homework
Instructor: Nicole Taylor

1. _____________ offers a mechanism to accomplish four security goals: confidentiality, integrity, authentication, and non-repudiation.
A. Security association (SA)
B. Secure socket layer (SSL)
* C. Cryptography
D. None of the above

2. A strong hash function is designed so that a message cannot be forged that will result in the same hash as a legitimate message.
* True
B. False

3. The act of scrambling plaintext into ciphertext is known as __________
A. Decryption
* B. Encryption
C. Plaintext
D. Cleartext

4. An algorithm used for cryptographic purposes is known as a ______________
A. Hash
B. Private key
C. Public key
* D. Cypher

5. Encryption ciphers fall into two general categories: symmetric (private) key and asymmetric (public) key
* True
B. False

6. An encryption cipher that uses the same key to encrypt and decrypt is called a ____________ key
* Symmetric (private)
B. Asymmetric (public)
C. Key encrypting
D. None of the above

7. ______________ corroborates the identity of an entity, whether the sender, the sender’s computer, some device, or some information.
A. Non-repudiation
B. Confidentiality
C. Integrity
* D. Authentication

8. Which of the following is one of the four basic forms of a cryptographic attack?
A. Ciphertest-only attack
B. Known-plaintext attack
C. Chosen-plaintext attack
D. Chosen-ciphertext attack
* E. All the above

9. The two basic types of ciphers are transpositions and substitution
* True
B. False

10. A _____________ is used to detect forgeries.
A. Hash function
B. Checksum
* C. Hash value
D. KDC

11. DES, IDEA, RC4, and WEP are examples of ____________
A. Key revocation
B. 802.11b wireless security
C. Asymmetric key algorithms (or standards)
*…...

Similar Documents

Itt 255 Lab 6

...? Ans: Technical backup Plan: How can you recover smoothly from technical glitches? Communications Plan: What communication will facilitate this recovery? 4. What is the main difference between a Disaster Recovery Plan (DRP) and a Business Continuity Plan (BCP)? Ans: Disaster recovery is the older of the 2 functions. Business continuity is a newer term which was first popularized as a response to the Y2K bug. 5. What is the purpose of a risk assessment and business impact analysis? Why is this an important first step in defining a BCP and DRP? Ans: The purpose of a Business Impact and Risk Assessment is to determine the approximate business value of IT assets, to assess the impact the loss of those assets would have on business units, and to assign recovery priorities to the assets. 6. How does risk assessment (RA) relate to a business impact analysis for an organization? Ans: The purpose of a Business Impact and Risk Assessment is to determine the approximate business value of IT assets, to assess the impact the loss of those assets would have on business units, and to assign recovery priorities to the assets. 7.Given the list of identified mission critical business functions and processed, what kind of company would you say this organization is, and what do you think are its most important business processes and functions? Ans: IT Company; Risk Analysis & Disaster Recovery Plan to get the business up and running on the web. 8. Given the......

Words: 835 - Pages: 4

9.2 It-255

...Network nodes are not directly aware that switches handle the traffic they send and receive, making switches the silent workhorse of a network. Other than offering an administrative interface, switches do not maintain layer three IP addresses, so hosts cannot send traffic to them directly. The primary attack against a switch is the ARP poisoning attack described earlier in the “Switches” section of this chapter. However, the possibility of an ARP attack doesn’t mean switches cannot be used as security control devices. As mentioned earlier, MAC addresses are unique for every network interface card, and switches can be configured to allow only specific MAC addresses to send traffic through a specific port on the switch. This function is known as port security, and it is useful where physical access over the network port cannot be relied upon, such as in public kiosks. With port security, a malicious individual cannot unplug the kiosk, plug in a laptop, and use the switch port, because the laptop MAC will not match the kiosk’s MAC and the switch would deny the traffic. While it is possible to spoof a MAC address, locking a port to a specific MAC creates a hurdle for a would-be intruder. Switches can also be used to create virtual local area networks (VLANs). VLANs are layer two broadcast domains, and they are used to further segment LANs. As described earlier, ARP broadcasts are sent between all hosts within the same VLAN. To communicate with a host that is not in...

Words: 399 - Pages: 2

It 255 Assignment 8

...Network Hardening Assignment 8 The Internet is vulnerable to myriads kinds of attacks, due to: 1. Vulnerabilities in the TCP-IP protocol 2. No global flow control mechanisms The above two problems lead to many TCP exploits and the dreaded DDoS attacks. We have devised a method of incrementally upgrading the network infrastructure at the transport level that solves the above problems and makes the network significantly more resilient to attacks, particularly the DDoS attack. The approach uses "hardened routers" -- routers that can do simple cryptographic functions (encryption, signatures) on all packets flowing int he network, as well as to participate in a hierarchical control network. We show how incremental deployment of such routers can make the Internet safer. Like all things dynamic, change is inevitable. Such is the case with your network environment. Upgrades and modifications to the network architecture can sometimes expose (or create) security holes. As such, it is important to consistently evaluate the Making a Business Case for Network Hardening Hardening a network does not always translate into spending large quantities of money. However, money will be required in some form or fashion. Whether that means spending it on new hardware, software, or man hours really depends on what needs to be addressed. It may include all of the above. The time may come when a cost/benefit analysis will be required by those in charge before hardening activities can move...

Words: 362 - Pages: 2

It-255

...IT255 Introduction to Information Systems Security Unit 5 Importance of Testing, Auditing, and Monitoring © ITT Educational Services, Inc. All rights reserved. Learning Objective Explain the importance of security audits, testing, and monitoring to effective security policy. IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 2 Key Concepts  Role of an audit in effective security baselining and gap analysis  Importance of monitoring systems throughout the IT infrastructure  Penetration testing and ethical hacking to help mitigate gaps  Security logs for normal and abnormal traffic patterns and digital signatures  Security countermeasures through auditing, testing, and monitoring test results IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 3 EXPLORE: CONCEPTS IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 4 Purpose of an IT Security Assessment Check effectiveness of security measures. Verify access controls. Validate established mechanisms. IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 5 IT Security Audit Terminology  Verification  Validation  Testing  Evaluation IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights...

Words: 799 - Pages: 4

W9 Assessment It 255

...[pic] Martin’s Inc. Ethics Policy Created by or for the SANS Institute. Feel free to modify or use for your organization. If you have a policy to contribute, please send e-mail to stephen@sans.edu 1. Overview Martin’s Inc. purpose for this ethics policy is to establish a culture of openness, trust and integrity in business practices. Effective ethics is a team effort involving the participation and support of every Martin’s Inc. employee. All employees should familiarize themselves with the ethics guidelines that follow this introduction. Martin’s Inc. is committed to protecting employees, partners, vendors and the company from illegal or damaging actions by individuals, either knowingly or unknowingly. When Martin’s Inc. addresses issues proactively and uses correct judgment, it will help set us apart from competitors. Martin’s Inc. will not tolerate any wrongdoing or impropriety at anytime. Martin’s Inc. will take the appropriate measures act quickly in correcting the issue if the ethical code is broken. Any infractions of this code of ethics will not be tolerated. 2. Purpose Our purpose for authoring a publication on ethics is to emphasize the employee’s and consumer’s expectation to be treated to fair business practices. This policy will serve to guide business behavior to ensure ethical conduct. 3. Scope This policy applies to employees, contractors, consultants, temporaries, and other workers at Martin’s Inc...

Words: 661 - Pages: 3

Lab 4 255

...? Minimum password length, maximum password age, password must meet complexity requirements, and store passwords using reversible encryption 7) What sources you use as a source to perform the MBSA security state? Computer by Name or IP and multiple Computers by Domain or IP Range 8) What does WSUS stand for, and what does it do? Windows Server Update Service and it downloads Microsoft updates to a single server and deploys them 9) What is the difference between MBSA and Microsoft Update? MBSA scans for security vulnerabilities while Microsoft update checks the Microsoft database for available updates. They are two totally different tools. 10) What are some of the options that you can exercise when using the MBSA tool? You can check for Windows administrative vulnerabilities and for security updates...

Words: 365 - Pages: 2

Pediatric Clinic

...TermPaperWarehouse.com - Free Term Papers, Essays and Research Documents The Research Paper Factory Join Search Browse Saved Papers Home Page » Business and Management Paediatric Orthopaedic Clinic In: Business and Management Paediatric Orthopaedic Clinic Case report: Paediatric Orthopaedic Clinic 1- What is capacity utilization at every step in the process? What is the direct resource utilization? Using the data provided in the case, we are able to compile all data necessary to compute the capacity utilization at the clinic. Activity | # of Staff | Available time | Activity time | Number of Patients | Time needed | Utilization10 | | | /Staff | Total | N | F | N | F | N | F | Total | | 1. Front Desk | | | | | | | | | | | | a. Registration | 3 | 180 | 540 | 5 | 5 | 32 | 48 | 160 | 240 | 400 | 74 % | b. Verification | 3 | 255 | 765 | 9 | 4 | 32 | 48 | 288 | 192 | 480 | 63 % | 2. Radiology Department | | | | | | | | | | | | a. X-ray imaging | 6 | 240 | 9603 | 11 | 11 | 32 | 40.8 | 352 | 448.8 | 800.8 | 83 % | b. Development of X-rat | -1 | 240 | 9604 | 7 | 7 | 32 | 40.8 | 224 | 285.6 | 509.6 | 53%8 | c. Diagnostic reading and comments | 3 | 240 | 4805 | 5 | 5 | 32 | 40.8 | 160 | 204 | 364 | 76% | 3. Hand-off X-ray to Clinic | | | | | | | | | | | | a. Collection of X-ray | 3 | 2556 | 7657 | 2 | 2 | 32 | 40.8 | 64 | 81.6 | 145.6 | 19% 9 | b. Filing/exam room prep | 1 |......

Words: 282 - Pages: 2

Psyc 255 Discussion Board 4

...All research must have careful observations no matter what type of research is being conducted. It is important to understand the differences between qualitative and quantitative methods in order to better understand the specific behavior being studied. Sometimes it is important to use both methods for the same study. "Qualitative research methods are the best!" “Qualitative research focuses on people behaving in natural settings and describing their own words” (Cozby and Bates, p. 114. 2012). This research method is the best because it does not manipulate variables in any way. The results are completely reliant on the participant’s reactions in a natural settings. This method offers first hand experiences for researchers to be a part of the study. Qualitative research describes the behaviors being studied without giving a mathematical analysis, which can save time due to the drawn out mathematical analysis. "Quantitative research methods are the best!" “Quantitative research tends to focus on specific behaviors that can be easily quantified” (Cozby and Bates, p. 115, 2012). Quantitative research draws it conclusions based off of the statistical analysis of data. Therefore, the results are in numerical form and then analyzed using statistics. Qualitative research cannot be converted to numerical form so the results cannot be analyzed using statistics. I find that this is the best method for research because it proves that there is a truth in things. Unlike quantitative......

Words: 256 - Pages: 2

Case Study Psyc 255

...Case Study Question 1 What is a Case Study? “A case study is an observational method that provides a description of an individual” (Cozby & Bates, 2012). The sample size in a case study usually only consists of a single person or organization, but by design only studies one single social phenomenon. They typically use field-related research to produce qualitative data and help to prepare for future qualitative research. Question 2 What are Some Reasons for Using a Case Study Approach? Case studies are useable within the social sciences to help explain rare circumstances or behaviors. In the world of music, the ability to name correctly and consistently an audible pitch without relating it to any other pitches is an extremely coveted talent. One case study by Lucinda Pearl Boggs (1907) provided qualitative data on a participant known as Miss C. Disinukes, who possessed the gift of perfect pitch. Boggs discovered that Miss Disinukes began learning about music at an extremely young age, and that she had very talented, musical grandparents. This research sparked further quantitative research to test whether having early musical education aids in the development of perfect pitch. Question 3 What are Some Advantages and Disadvantages of Using this Approach? Like pilot studies, case studies are very helpful in exploring a topic on a smaller scale initially and beginning a larger product using the data gathered in the case study. For example, a researcher may be...

Words: 516 - Pages: 3

Pscy 255 Case Study

...Case Study Kimberly Greenway Liberty University What is a case study? In psychology a case study is an observation technique in which one person is studied in depth in the hope of revealing universal principles. A case study analyzes the subject’s life to understand pattern and causes of behavior. What are some reasons for using a case study approach? Case studies can be used to collect data that involves a person’s individual behavior. This allows a person to obtain a detailed profile of the person being studied. This can provide clear insight for further or future research. Case studies allow researchers a possibility to investigate which is impossible in a laboratory where other research may be conducted. What are advantages and disadvantages of this approach? Some advantage of case studies can help generate new methods that may help or be tested later by other research methods. Case studies can provide detailed information, as wells as in depth information on individuals. Also, some unusual cases can help give a clear understanding on some situations or problems that are unethical so they may be studied in other ways. Some disadvantages of this approach are that vital information may be missing, or may be difficult to interpret. Someone’s memory may be selective or even inaccurate. The case study may also be difficult to replicate and can be very time consuming. Another disadvantage is it may also be difficult to draw definite cause-effect conclusions from...

Words: 480 - Pages: 2

Rst 255 Term Paper

...Blake Groesbeck RST 255-B Term Paper 5/4/15 grosbck2 Term Paper: Bigger Stronger Faster In our everyday lives every action has a positive and negative effect, where individuals are constantly using ethical lenses to judge their stance on a certain situation, whether they know it or not. After having the chance to watch the ESPN 30 for 30 Bigger Stronger Faster, it was an extremely eye opening experience. The documentary took an objective stance on the use of anabolic steroids where the National Institute on Drug Abuse defines anabolic-androgenic steroids as, “a synthetic variant of the male sex hormone testosterone and that “anabolic” refers to muscle-building and “androgenic” refers to increased male sexual characteristics.” The use of anabolic steroids for sports/recreation is illegal and is considered by the United States as a controlled substance, however the use of anabolic steroids for medical use is legal. The ethical question I am asking is, “how can the United States “claim” that the use of anabolic steroids for medical reasons be ethical and can “help” someone when they “claim” that the use of anabolic steroids for sports/recreation to be unethical and will “hurt” someone?” In order to take an objective stance I will use three of the five ethical lenses provided in class. The five ethical lenses that were provided in class are: the Utilitarian Approach, the Rights Approach, the Fairness or Justice Approach, the Common Good Approach, and the Virtue Approach...

Words: 1505 - Pages: 7

Adj 255 Expert Tutor/ Indigohelp

...ADJ 255 Capstone CheckPoint: An Informed Opinion For more classes visit www.indigohelp.com Due Date: Day 4 [Individual] forum • Write a 75- to 100-word response to each of these questions: o Of the contemporary issues examined in this course, which issue did you feel most strongly about, and why? o Did you have a clear-cut opinion about that issue? o Which issue seemed to be the most irresolvable, and what do you think the future holds for that issue? • Submit your responses as a single post. --------------------------------------------------------------------------------------------------------------------------------------------------------------- ADJ 255 Entire Course For more classes visit www.indigohelp.com ADJ 255 Week 1 CheckPoint: Constitutionality of Free Speech vs. Threats to National Security ADJ 255 Week 1 Assignment: Privacy Rights and Press Freedoms ADJ 255 Week 1 CheckPoint: The Media, Crime, and Violence ADJ 255 Week 2 Discussion Question 1 ADJ 255 Week 2 Discussion Question 2 ADJ 255 Week 2 CheckPoint: Media-Based Anticrime Efforts ADJ 255 Week 3 CheckPoint: Excessive Use of Force ADJ 255 Week 3 Assignment: Senator’s Letter ADJ 255 Week 4 CheckPoint: Death Penalty Legislation ADJ 255 Week 4 Discussion Question 1 ADJ 255 Week 4 Discussion Question 2 ADJ 255 Week 5 CheckPoint: Women and the Criminal Justice System ADJ 255 Week 5 Assignment: Equality of Justice, Jury Nullification ADJ 255 Week 6...

Words: 949 - Pages: 4

Adj 255 Course Success Begins / Tutorialrank.Com

...ADJ 255 Capstone CheckPoint: An Informed Opinion(UOP) For more course tutorials visit www.tutorialrank.com Due Date: Day 4 [Individual] forum • Write a 75- to 100-word response to each of these questions: o Of the contemporary issues examined in this course, which issue did you feel most strongly about, and why? o Did you have a clear-cut opinion about that issue? o Which issue seemed to be the most irresolvable, and what do you think the future holds for that issue? • Submit your responses as a single post. ---------------------------------------------------------------------- ADJ 255 Final Project: Criminal Justice Opinion Portfolio(UOP) For more course tutorials visit www.tutorialrank.com Resource: Appendix A • Due Date: Day 7 [Individual] forum • Create a 2,500- to 2,800-word Criminal Justice Opinion Portfolio outlining your opinion on one issue from each of the eight weeks of this class. Select issues about which you feel strongly, and create eight distinct opinion essays to complete your portfolio. • See Appendix A for additional project requirements. • Cite your sources according to APA requirements. • Post your Criminal Justice Opinion Portfolio as an attachment ---------------------------------------------------------------------- ADJ 255 Week 1 CheckPoint: Constitutionality of Free Speech vs. Threats to National Security(UOP) For more course tutorials visit www.tutorialrank.com Resource: Electronic Reserve Readings...

Words: 670 - Pages: 3

Adj 255 Slingshot Academy / Tutorialrank.Com

...ADJ 255 Entire Course For more course tutorials visit www.tutorialrank.com ADJ 255 Week 1 CheckPoint: Constitutionality of Free Speech vs. Threats to National Security ADJ 255 Week 1 Assignment: Privacy Rights and Press Freedoms ADJ 255 Week 1 CheckPoint: The Media, Crime, and Violence ADJ 255 Week 2 Discussion Question 1 ADJ 255 Week 2 Discussion Question 2 ADJ 255 Week 2 CheckPoint: Media-Based Anticrime Efforts ADJ 255 Week 3 CheckPoint: Excessive Use of Force ADJ 255 Week 3 Assignment: Senator’s Letter ADJ 255 Week 4 CheckPoint: Death Penalty Legislation ADJ 255 Week 4 Discussion Question 1 ADJ 255 Week 4 Discussion Question 2 ADJ 255 Week 5 CheckPoint: Women and the Criminal Justice System ADJ 255 Week 5 Assignment: Equality of Justice, Jury Nullification ADJ 255 Week 6 CheckPoint: Abolish Parole ADJ 255 Week 6 Discussion Question 1 ADJ 255 Week 6 Discussion Question 2 ADJ 255 Week 7 CheckPoint: The USA PATRIOT ACT- Appendix B ADJ 255 Week 7 Assignment: Government Expansion for National Security ADJ 255 Week 8 CheckPoint: Strategies for Law Enforcement- Appendix C ADJ 255 Week 8 Discussion Question 1 ADJ 255 Week 8 Discussion Question 2 ADJ 255 Capstone CheckPoint: An Informed Opinion ADJ 255 Final Project: Criminal Justice Opinion Portfolio ---------------------------------------------------------------------------------------------------------------------- ADJ 255 Capstone CheckPoint: An Informed Opinion(UOP) For more course...

Words: 729 - Pages: 3

It-255 Study Guide

...Threat - Any action that could damage an asset. Gramm-Leach Bliley Act(GLBA - Passed in 1999, requires that all types of financial institutions to protect private financial information. Protecting Private Data - The process of ensuring data confidentiality. Standard - A detailed written definition for hardware and software and how it is to be used. Data Classification Standards - Four Major Categories: • Private data • Confidential • Internal use only • Public domain data White-hat hackers - Ethical hacking...Intending to be helpful. Vulnerabilities and Threats - any weakness in a system that makes it possible for a threat to cause harm. Remote Access Domain - Primarily affected by endpoint security on VPN clients. Risk - Refers to the likely hood of exposure to danger. Closing Security Gaps - A laps in a security control in a policy creates a gap. Logical access control - These control access to a computer system or network. Identification Methods - The first step enforcing an authorization policy in Identification. Linked to identification methods - The second step is Authentication. Authentication Types - Knowledge, ownership, characteristics Formal Models Of Access - Discretionary access control (DAC) - The owner of a resource decides who gets in, and changes permissions as needed. The owner can give that job to others. Brewer and Nash Integrity Model - based on a mathematical theory published in 1989 to ensure fair competition. Two levels of...

Words: 619 - Pages: 3