Scribd Logo
Upload

Welcome to Scribd!

  • Bahagian B: 70 Markah

    Uploaded by

    Azmira Natasha
    6 views7 pages
    This document contains questions regarding network security for an exam. It includes questions about the role of CERT/CC, types of attacks like DoS and viruses, functions of firewalls, account restrictions, password security, network security policies, encryption algorithms like Caesar cipher, symmetric key algorithms, and approaches to ensure network security goals. It asks students to define terms, describe concepts, identify examples, and explain security strategies and configurations.

    Original Description:

    Original Title

    FN612

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains questions regarding network security for an exam. It includes questions about the role of CERT/CC, types of attacks like DoS and viruses, functions of firewalls, account restrictions, password security, network security policies, encryption algorithms like Caesar cipher, symmetric key algorithms, and approaches to ensure network security goals. It asks students to define terms, describe concepts, identify examples, and explain security strategies and configurations.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    6 views7 pages

    Bahagian B: 70 Markah

    Uploaded by

    Azmira Natasha
    This document contains questions regarding network security for an exam. It includes questions about the role of CERT/CC, types of attacks like DoS and viruses, functions of firewalls, account restrictions, password security, network security policies, encryption algorithms like Caesar cipher, symmetric key algorithms, and approaches to ensure network security goals. It asks students to define terms, describe concepts, identify examples, and explain security strategies and configurations.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 7

    SULIT FN612: NETWORK SECURITY

    SECTION B: 70 MARKS
    BAHAGIAN B: 70 MARKAH

    INSTRUCTION:
    This section consists of TWO (2) structured questions and TWO (2) essay questions.
    Answer ALL questions in the answer booklet.

    ARAHAN:
    Bahagian ini mengandungi DUA (2) soalan berstruktur dan DUA (2) soalan esei.
    Jawab semua soalan di dalam buku jawapan yang disediakan.

    QUESTION 1
    SOALAN 1

    CLO1-C1 a) Define the role of CERT/CC.


    Takrifkan peranan CERT / CC.
    [2 marks]
    [2 markah]

    CLO1-C2 b) State TWO (2) tasks done by a virus when infecting a computer.
    Nyatakan DUA (2) tugas yang dilaksanakan oleh virus apabila menjangkiti
    komputer.
    [2 marks]
    [2 markah]

    CLO1- C3 c) Student reported that when he scanned his computer by using Trend Micro
    Antivirus, the following alerts appeared. Based on the scenario, what type of
    attack has been experienced by this student?

    Pelajar melaporkan apabila dia mengimbas computer menggunakan trend


    micro antivirus, mesej berikut dipaparkan. Berdasarkan senario berikut,
    apakah jenis serangan yang dihadapi oleh pelajar tersebut?

    1. W32.Mydoom.AX@mm
    2. Troj/Invo-Zip

    Figure B1 / Rajah B1
    [2 marks]
    [2 markah]

    12 SULIT
    SULIT FN612: NETWORK SECURITY

    CLO1- C4 d) Based on question 1.(c), what are the differences between


    W32.Mydoom.AX@mm and Troj/Invo-Zip?

    Berdasarkan soalan 1.(c), apakah perbezaan antara W32.Mydoom.AX@mm


    dan Troj/Invo-Zip?
    [2 marks]
    [2 markah]

    CLO2- C2 e) Explain ONE (1) type of DoS Attack on network environment.


    Terangkan SATU (1) jenis serangan DoS di dalam persekitaran rangkaian.
    [2 marks]
    [2 markah]

    CLO2- C2 f) Firewalls are not a complete solution to all computer security problems.
    Identify TWO (2) functions that firewall cannot block?

    Firewalls bukanlah penyelesaian lengkap bagi semua masalah keselamatan


    komputer. Kenalpasti DUA(2) fungsi yang tidak dapat atas oleh firewall.

    [2 marks]
    [2 markah]

    CLO2- C1 g) List TWO (2) common account restrictions.


    Senaraikan DUA (2) kebiasaan sekatan akaun.
    [2 marks]
    [2 markah]

    h) Argue the myth regarding password such as J0hn Sm1th that also result in
    CLO2- C1
    users creating a weak password.

    Hujahkan mitos mengenai kata laluan seperti J0hn Sm1th yang juga
    menyebabkan pengguna mencipta kata laluan yang lemah.

    [2 marks]
    [2 markah]

    13 SULIT
    SULIT FN612: NETWORK SECURITY

    QUESTION 2
    SOALAN 2

    CLO2- C2 a) Define Network Security Policy.

    Takrifkan apakah yang dimaksudkan dengan Polisi Keselamatan Rangkaian


    [2 marks]
    [2 markah]

    b) b) Describe the following threats :


    CLO2-C2
    Jelaskan ancaman berikut :

    i. Information Theft
    Kecurian Maklumat

    ii. Unauthorized Disclosure


    Pendedahan yang tidak dibenarkan
    [2 marks]
    [2 markah]

    CLO2-C1 c) Define the purpose of data authentication.


    Nyatakan kegunaan pengesahan data.

    [2 marks]
    [2 markah]

    CLO3-C2 d) Based on figure below, identify each of the process that occur in (i) and (ii).
    Berdasarkan gambarajah di bawah, tentukan setiap proses yang berlaku di
    dalam (i) dan (ii).

    Figure B2: Encryption Algorithms / Rajah B2:Algoritma Penyulitan


    [2 marks]
    [2 markah]

    14 SULIT
    SULIT FN612: NETWORK SECURITY

    e) Encrypt the message in Figure 2(a) by using the Caeser Cipher algorithm
    CLO3-C2 (key=2).
    Enkrip maklumat dalam Rajah 2(a) menggunakan Caeser Cipher algorithm
    (key=2).

    I Love Network

    Figure B3 / Rajah B3
    [2 marks]
    [2 markah]

    f) Describe a different approach of symmetric algorithm and define each of the


    CLO3-C3 key used.
    Huraikan pendekatan yang berbeza untuk algoritma simetri dan takrifkan
    setiap kunci yang digunakan.

    [4 marks]
    [4 markah]

    CLO3-C3 g) How do you safely exchange symmetric keys with people all over the world
    using the same medium (the Internet) which is insecure for encryption in the
    first place? Bagaimana anda secara selamat bertukar kekunci simetri dengan
    orang di seluruh dunia menggunakan medium yang sama (Internet) dimana
    pada awalnya ia tidak selamat bagi enkripsi.
    [2 marks]
    [2 markah]

    h) State the rational of applying RAID 1 technology.


    CLO3-C3
    Nyatakan rasional menggunakan teknologi RAID 1.

    [2 marks]
    [2 markah]

    15 SULIT
    SULIT FN612: NETWORK SECURITY

    QUESTION 3

    SOALAN 3

    a) Explain the necessary approach needed for organization that want to ensure
    CLO1-C3 network
    security goals such as their service and information accessible.

    Terangkan pendekatan yang perlu untuk organisasi yang mahu memastikan


    matlamat keselamatan rangkaian seperti maklumat dan perkhidmatan mereka
    boleh
    dicapai.
    [3 marks]
    [3 markah]

    b) Deploy THREE (3) security device for open security models.


    CLO1-C4 Tempatkan TIGA (3) peranti keselamatan untuk model keselamatan terbuka.

    [3 marks]
    [3 markah]

    c) Explain configuration weakness in relation to security vulnerabilities.


    CLO1-C1
    Terangkan kelemahan konfigurasi berdasarkan kecacatan keselamatan.
    [3 marks]
    [3 markah]

    d) Describe the purpose of firewall.


    CLO1-C1
    Terangkan tujuan firewall. [3 marks]
    [3 markah]

    CLO2-C2 e) Explain the meaning of open port, closed port and blocked port when attacker
    try to scan your application.

    Jelaskan maksud ‘port’ terbuka, tertutup dan disekat apabila penggodam cuba
    mengimbas aplikasi anda.
    [3 marks]
    [3 markah]

    16 SULIT
    SULIT FN612: NETWORK SECURITY

    CLO2-C2 f) Explain the advantage of recent trend to combine or integrate multipurpose


    security appliances such as antivirus, anti-malware, firewall, IPS and so on
    with traditional network devices such as a switch.

    Jelaskan kelebihan ‘trend’ terkini untuk menggabungkan atau menyatukan


    pelbagai peralatan keselamatan seperti antivirus, anti-malware, firewall, IPS
    dan sebagainya dengan peranti rangkaian tradisional seperti switch.

    [3 marks]
    [3 markah]

    17 SULIT
    SULIT FN612: NETWORK SECURITY

    QUESTION 4
    SOALAN 4

    CLO2-C1 a) Identify Internet Information Services (IIS) vulnerabilities (depends on version


    released).
    Kenal pasti kelemahan Perkhidmatan Maklumat Internet (IIS) (bergantung
    kepada versi dikeluarkan).
    [3 marks]
    [3 markah]

    CLO2-C2 b) Identify security enhancement for Internet Information Services (IIS) (depends
    on version released).
    Kenalpasti peningkatan keselamatan bagi IIS (bergantung kepada versi yang
    dikeluarkan).
    [3 marks]
    [3 markah]

    CLO2-C1 c) List the features of a good VPN product.


    Terangkan ciri-ciri produk VPN yang baik.
    [3 marks]
    [3 markah]

    d) Differentiate symmetric and asymmetric encryption algorithms.


    CLO2-C2
    Bezakan algoritma encryption simetri dan asimetri.
    [3 marks]
    [3 markah]
    e) Describe a VPN configuration.
    CLO2-C1
    Terangkan konfigurasi VPN.
    [3 marks]
    [3 markah]

    CLO3-C2 f) Discuss if we apply RAID 5, why there will be a decrease in performance?


    Bincangkan jika kita menggunakan RAID 5, mengapa akan ada penurunan
    dalam prestasi?
    [3 marks]
    [3 markah]

    END OF QUESTION

    SOALAN TAMAT

    18 SULIT

    You might also like