CPRE 530 Exam 2 | Complete Solution

CPRE 530 Exam 2 Summer 2015

Instructions:
· Open book, open notes
· Laptops are allowed
· Allow 75 minutes for exam
· Calculators are allowed

CPRE 530 Exam 2 Summer 2015
Page 1

NAME: ___________________________ SCORE: ________

1. (10 pts) Which do you think is a greater security threat in the web, Server side executables or client side executables and why?
2. (10 pts) What is the primary security vulnerability of FTP and what is the best way to bmitigate it?
3. (5 pts) Which category of the taxonomy does PGP mitigate that is not mitigated by just encrypting the SMTP traffic between MTAs?
4. (10 pts) Provide a reason why anonymous systems like TOR could be useful and provide a security problem with them?

5. (10 pts) What type of information about the browser or browser’s computer is provided to a web server by the browser using the HTTP protocol?
a. What security problems can this cause?
b. How could you stop a server from getting your information?
6. (10 pts) For each network mitigation list what categories of the taxonomy they can mitigate
A. Firewall
B. IDS
C. Web filter
D. Data Loss Prevention (DLP)

7. (15 pts) Describe how to defeat the following email security mechanisms
a. White listing
b. Grey listing
c. Spam filter

8. (10 pts) What is the difference between using TLS (TCP layer encryption) versus IPSec (IP layer encryption) in terms of security.
9. (5 pts) Comment on the course and the text book
10. (15 pts) Using the figure below answer the following questions Assume the following addresses:
H1 192.168.5.5 Nat 1 192.168.5.254 (for the NET 1)
H3 129.186.2.8 Nat 1 129.186.4.1 (for the NET 2)
Router 3 129.186.4.253 (for NET 2) Router 1 129.186.4.254 (for the NET 2)
Router 3 129.186.2.254 (the NET 3) Router 1 10.0.0.5 (for the internet side)
Assume the NAT is a dynamic NAT and that 192.168.5.0/24 is the internal network.

Assume the following request packet is delivered to the IP layer from the TCP layer on host H1 with an
intended destination of H3. (Assume the other TCP header values are correct)
TCP source port = 9333
TCP destination port = 80
500 bytes of data
Assume all ARP and DNS tables are current.
For each of the points in the network listed below show the values for the following fields in the packets. (Assume the initial value of the time to live field is 100 when the packet is sent by either host H1 or H3) (If the value for a field is not specified you can assume a value) Show the fields in the reply packet at each of the points in the network.
Request Reply Net 1 Net 2 Net 3 Net 1 Net 2 Net 3

TCP Layer:
Source port
Dest port
IP Layer:
TTL
SRC IP addr
Dest IP addr
Internet
router 1
Nat 1
H1
NET 1
NET 2
H3 NET 3
router3