Professional Documents
Culture Documents
Network Security, Cyber Laws & Standards
Network Security, Cyber Laws & Standards
Network Security, Cyber Laws & Standards
Me Us
51 Kerberos TESA ; ;
4 Marks)
- 17,A sn
(S wn
ne
6 Marks)
the Kerberos with their AT, WAB,area
usage.
[at @ Explain
xpi te
of suitable diagram.
rv with help ieee
Explainplain the the Kerberos ———— Sec
tocol and it fs designed to provide strong authentication for client/server
Q 2
7 How it works?
a. Whatisis Ke Kerber’ os — pri
entication
~ Kerberos is a networ autthkey © ooo ee f
ide any security. There are
applications. It uses 5
ecre vee met wes er en t prot ocol s but they do nat prov
nly used by maliciou s hackers. Hence, the
walls assume
but unfortunately, fire
k security problems
ill to solve their networassumption.
— es
men oer 2
ise firew?! bad
some es qt e utside
= tere are
tackers are O" re o
that at
Mite on to these network security problems. i, .
ior a server and vice versa over an insecure network DiiNecsins
an encrypt all oftheir communications to assure privacy ang
= ome
8
Ticket Grating Server (148)
Twnestam 8 arg
=H Service Server (SS)
Fig. 5.1.6
tiated between client
8. Theclient then dec
rypts the tick
et. If the keys are stil stil valid then the communication is ini
er /aptlication.
mit logon information because
After the communi ication between the client and server, there is no need to trans
the client is authenticated until the session expires.
5.2 IP Security
Ee
(ST, 5.48, WB, 6 Marks)
h help of diagram
[an Eipiain 1PSec security wit
524 Overview ket s passes by can read the data and
any one wat chi ng the IP pac
The IP packets contain datkina in plaintext form i+ isms are there to prevent such kind of attacks
n can cha nge it. Som e ds of higher Jevel mechan uth ori zed mon itoring. Also there is en9 crneeypdtionto
eve uct ure fro m una
cure the network infra str u sing authentication and
Hence, there is 2 need to ffisec and 10 secure end-user-to-end-user
traffic
tra
control the network
mechanisms. of packets at the IP layer. it provides the secure
which Is developed to support secure andexchange
the Internetet
IPSecis a protocolacross 2 LAN, Prats ‘and public WANs, dat a during transmission.
.
communications an sp or t an d app lic ati ion lay er
J the tr
is to 10 encrypt and seal r
The overall idea of IPSEC Recolo
‘Original mag
‘Appecton
the transport layer payload, adds iPSec Header and trailer encrypts the whole thing and
-Thu
the IPs,
header is not encrypted.
on of source and destination IP addresses,
as well as of the data itself. This provides
Ip packet consists of two portions +
> "Sec does not require any specific security algorithm or method of implementation. It is an open framework,
which
will allow vendors to implement existing industry-standard algorithms suited for specific tasks.
~ 'PSec provides different security technologies which can be combined into a comprehensive solution to provide
confidentiality, integrity and authentication for networks,
= IniPSec security process, it uses cryptographic keys and has both the manual and automatic distribution of keys as
part of the protocol series.
= Automated is the default method of key management and is typically referred to as IKE. IKE authenticates each peer
keys.
in IPSec and consults the security policy, including the exchange of session
53 Email Security
ee SC
i
-
40
Once the connect HOM Is establis
hed, the receiver
identifies itsel
self f with "220 Service Ready”.
{e) The sender identifie
s itself with the HELO
commnma
annd,
{d) The receiver accepts the sender's
Wdentification with "250 OK"
(e) H the mail service on
the destination is n ot availabl
reply in step 2 and the proce: 5s e, the destin ation host returns '421 Service Not Available"
terminated. e
2 Mail trahe
nsf: After
er thee connecti
ection
on h, has been established, the SMTPP sende
sen r may send
send one one oror m mot re messages to the
(0) Sender initiates TCP close opera jon for the TCP connection.
(€) The receiver initiates its TCP clase after sending is reply to the QUIT command,
5.3.2 Privacy Enhanced Mail (PEM)
a a aa!
“
+.
iCano
n nical Conversion
ed
| 2. Digtal Signature
4. Ba 64 s
Encoe
ie edie ng
|
Fig. 5.3.3 : PEM Operatio
ns
igital signature, as
12