A7006E 2014-03-19 - TENTAMEN PDF

Preview

Summary

TENTAMEN...

Description

EXAMINATION Luleå University of Technology

Course: A7006E Course name: Server Security Architecture Date: 2014-03-19 (Wednesday) Time: 09:00 – 14:00 (5 hours) Aid: None

Teacher on duty (complete telephone number): Ali Ismail Awad, +46 (0)920 493414

Teacher on duty (complete telephone number): Bilal Charif, +46 (0)73-705 8501

Teacher on duty (complete telephone number):

Teacher on duty (complete telephone number):

Grade scale:

U/G/VG

Total number of questions and score:

35 questions, total of 100 points

Other information:

General instructions Check that you have received all the tasks/questions. All new answers begin on a separate page. Print, write clearly.

After examination The result of your examination are posted on “ My pages” on the Student web Examination results are posted within 15 workdays after the examination. For the courses with more than 60 students taking the examination the results are posted within 20 workdays after the examination. Uppgifter till tryckeriet för tentor campus Luleå Project number SRT: 341980 Hur många sidor: 5

Hur många ex: 0 Dubbel eller enkelsidigt: Enkelsidigt

Start of the Exam

Part One (Short Answer Questions) 14 questions total, 2.5 points each, total 35 points. 1. In a relational database columns are referred to as _________. 2. _______ is the process of making copies of data at regular intervals allowing the recovery of lost or corrupted data over relatively short time periods of a few hours to some weeks. 3. Security of HMAC depends on the cryptographic strength of the underlying _________. 4. In a discretionary access control environment database users are classified into three broad categories:

administrator, end user other than application owner, and

__________. 5. Guest OSs are managed by a ______, or VMM, that coordinates access between each of the guests and the actual physical hardware resources. 6. Cryptanalysis is a process of _________. 7. The __________ is a human entity that presents requests (queries) to the system. 8. _____ attacks flood the network link to the server with a torrent of malicious packets competing with valid traffic flowing to the server. 9. Trusted computing provides three basic services:

authenticated boot, certification,

and _________. 10. A _______ flood refers to an attack that bombards Web servers with HTTP requests. 11. The best defense against broadcast amplification attacks is to block the use of _______ broadcasts. 12. The three operating system security layers are: physical hardware, operating system kernel, and _________. 13. The final step in the process of initially securing the base operating system is ________. 14. “No read up” is also referred to as the _________ property.

Part Two (Multiple Choice Questions) 18 questions total, 2.5 points each, total 45 points.

15. __________ is when the data in the SDB can be modified so as to produce statistics that cannot be used to infer values for individual records. A. Data perturbation

B. Inference channeling

C. Database access control

D. Output perturbation

16. Which of the following need to be taken into consideration during the system security planning process? A. How users are authenticated B. The categories of users of the system C. What access the system has to information stored on other hosts D. All of the above 17. ______ are resources that should be used as part of the system security planning process. A. Texts B. Online resources C. Specific system hardening guides D. All of the above 18. You need to install a network adapter to a computer so that it can be connected to a network that uses Ethernet cabling. What type of port does the network adapter need to use? A. RJ11

B. RJ45

C. RG-58

D. Fiber optic

19. “An individual (or role) may grant to another individual (or role) access to a document based on the owner’s discretion, constrained by the MAC rules” describes the _________. A. ss-property

B. ds-property

C. *-property

D. cc-property

20. You need to connect to a switch that has a management IP address 192.168.1.1 on a standard, default Class C network using the subnet mask 255.255.255.0. Which of the following is a valid IP address for your network adapter? A. 192.168.0.1

B. 192.168.1.1

C. 192.168.100.1

D. 192.168.1.100

21. For Linux server that will be accessed remotely, ___________ should be removed for enhancing the server security level. A. SMTP Daemons

B. the Internet Daemon (inetd)

C. logging service

D. X window system

22. A(n) __________ is a user who has administrative responsibility for part or all of the database. A. administrator

B. database relations manager

C. application owner

D. end user other than application owner

23. Encryption is computationally secure if: A. Cost of breaking cipher exceeds value of information B. Time required to break cipher exceeds the useful lifetime of the information C. A and B D. Unlimited processing power is needed 24. The design parameters of any block cipher algorithm include: A. Block size B. Key size C. Number of rounds D. All of the above 25. __________provides security level equals to 192 bits with block size equals to 1024 bits. A. SHA-1

B. SHA-256

C. SHA-384

D. SHA-512

26. _________ is assurance that a system deserves to be trusted such that the trust can be guaranteed in some convincing way such as through formal analysis or code review. A. TCB

B. Trustworthiness

C. Trusted computing

D. TPM

27. Using forged source addresses is known as _________. A. source address spoofing

B. a three-way address

C. random dropping

D. directed broadcast

28. In both direct flooding attacks and ______ the use of spoofed source addresses results in response packets being scattered across the Internet and thus detectable. A. SYN spoofing attacks

B. indirect flooding attacks

C. ICMP attacks

D. system address spoofing

29. Cryptography can be classified as block cipher or stream cipher according to_______. A. the type of operation

B. the way to process the plaintext

C. the length of the key

D. the sender and the receiver

30. __________is a practical method for secure key exchange. A. Diffie-Hellman algorithm

B. RSA algorithm

C. Digital Signature Standard

D. Elliptic-Curve Cryptography

31. ___________ use loadable kernel module, and work in the kernel space to intercept any system call . A. Denial-of-Service attacks

B. Buffer overflow attacks

C. Rootkit attack s

D. Abuse of programs run “setuid root”

32. The Windows_______ aims to reduce the number of vulnerabilities in all Microsoft products. A. Mandatory Security Education

B. Final Security Review

C. Security Push

D. Security Development Lifecycle

Part Three (Long Questions) 3 questions total, 20 points (5, 10, 5 points respectively)

33. Explain and draw the AES Substitute Byte operation. (3 pts explanation, 2 pts drawing) 34. Explain in details the RSA Public-Key Encryption, and give a numeric example. (5 pts explanation, 5 pts example) 35. Describe a simple hash function using bitwise XOR. (5 pts)

Best wishes  ----------------------------------------------------------------------------------------------------------------End of the Exam...