* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download OPERATING-SYSTEM STRUCTURES
Survey
Document related concepts
Zero-configuration networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Computer security wikipedia , lookup
Computer network wikipedia , lookup
Wireless security wikipedia , lookup
Airborne Networking wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Network tap wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Distributed firewall wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Transcript
ECCE/Tutorial 1 Internet Management and Security Faculty of Engineering Science and the Built Environment Department of Electrical, Computer and Communications Engineering Internet Management and Security Tutorial 1 Answer the following Questions: Part 1: Introduction to IMS & System performance Question 1-1 If a network is congested, the throughput is likely to: 1. Decrease 2. Remain the same 3. Increase Question 1-2 If a server in a busy bank exhibits an utilisation of 60% and the forecast of users is to increment 100% in the next year: 1. The systems manager can afford to buy a new server in six months 2. The systems manager needs to buy a new server immediately 3. The systems manager can afford to buy a new server in 12 months Question 1-3 MTTR means: 1. Mean time to repair - how long it takes from the failure of the equipment until it is up and running again 2. Mean time to repair - how long it takes for the technician to fix the equipment 3. Mean time to repair - how long it takes fro the technician to get to the site Question 1-4 The term scalability refers to: 1. How long a piece of equipment will last given that the number of users is rising 2. How well a piece of equipment performs when many people are making use of it 3. The cost of adding one more user to the equipment S. Lecturer: S. Dimitriou Page 1 of 12 ECCE/Tutorial 1 Internet Management and Security Question 1-5 The response time of a service is: 1. The delay in the network that may keep a suer waiting for a long time 2. How long in total a user has to wait for a service to be completed 3. The time a server takes to return a web page Question 1-6 The main point of performance parameters is: 1. Aid the systems manager to identify possible sources of fault within the organisation 2. Determine if clients are feeling satisfied with the service 3. Organise the structure of the systems in an organisation Question 1-7 Resources in an organisation are: 1. All the printesr in the organization 2. All the systems and networks in the organisation 3. All the computers in the organisation Question 1-8 MTBF means: Mean time between failures - an indication of how reliable a piece of equipment is Mean time between failures - how long before the next failure Mean time between failures - the time a network manager has to buy a new equipment Question 1-9 As the utilisation of a server increases, the response time: 1. Tends to decrease 2. Tends to increase 3. Remains the same Question 1-10 Response times affect throughput in the following way: 1. If response time increases, throughput decreases 2. If response time decreases, throughput decreases 3. If response time increases, throughput increases S. Lecturer: S. Dimitriou Page 2 of 12 ECCE/Tutorial 1 Internet Management and Security Part 2: Internet Traffic and Active Traffic Measurement Question 2-1 Broadband access is rarely what I have signed up for, this is due to: 1. 2. 3. 4. My computer's modem is not fast enough I always choose to use the Internet at busy periods ISPs usually under-resource their networks ISPs always trying to make the most money out of me Question 2-2 The maximum available capacity on an Internet path is: 1. The difference between the capacity of the bottleneck interface and its current occupation level 2. The smallest capacity along the path 3. The capacity of the largest interface along that path 4. The sum of all the capacities of interfaces in nodes along the path Question 2-3 Active traffic measurement techniques are difficult to implement because: 1. 2. 3. 4. It requires difficult programmin algorithms It is a black box technique and it is not easy to know what is going on in the network It requires a lot of bandwidth to be successful Network managers are worried about security Question 2-4 If a change in topology is detected through active traffic measurement, the relationship between delay and packet loss: 1. 2. 3. 4. Remains the same Zero delay and high packet loss Low delay and low packet loss High delay and high packet loss Question 2-5 The ISP your work for has developed a billing policy that will charge more for every bit transmitted from 9 to 5. This will encourage: 1. 2. 3. 4. A thoroughly balanced network load that will avoid peak times It will increase the response time for other users Users will send more bits at work Companies will make sure that their employees do not use the network for personal communications S. Lecturer: S. Dimitriou Page 3 of 12 ECCE/Tutorial 1 Internet Management and Security Question 2-6 The piggy-backing strategy for active traffic measurements is useful because: 1. 2. 3. 4. It minimises the impact of active traffic measurements on Internet traffic It allows users to measure the paths from their computers to the ISPs computer It restricts the data rate of video applications It saturates the paths that the traffic uses Question 2-7 The pair of packets technique for measuring available bandwidth on an Internet path consists of: 1. Sending several probe packets and calculating the differences between the round trip times 2. Sending two probe packets and waiting for the user's response 3. Sending two probe packets back-to-back and calculating the throughput 4. Measuring the difference between the capacity of the smallest interface and its current occupation level Question 2-8 When observing packet traces collected through active measurements, a change in topology can be identified through: 1. 2. 3. 4. A service interruption and a change in the observed minimum value An increase in delay when it occurs A service interruption A change in the observed minimum value Question 2-9 One of the main disadvantages of using more traffic to measure existing traffic is: 1. 2. 3. 4. It may not give accurate details about the hardware It will affect clock synchronisation It will depend on packet sizes It will distort the measured results Part 3: Passive Traffic Measurement Question 3-1 Passive traffic measurement consists mainly of: 1. 2. 3. 4. Capturing statistics about port numbers and IP addresses Making a copy of every packet that passes through the monitor Looking into the global performance of a network Looking into other users' packets S. Lecturer: S. Dimitriou Page 4 of 12 ECCE/Tutorial 1 Internet Management and Security Question 3-2 Promiscuous mode means: 1. 2. 3. 4. The monitor will assess which packets it needs to copy The monitor will request that all the computers send it a copy of the packets received All the packets that arrive in the network will be sent to the monitor That the network card will make a copy of every packet that it receives regardless of the address Question 3-3 If the monitor does not capture user data in the WAN configuration: 1. 2. 3. 4. It ensures that nobody can spy on other users Limits the number of packets that can be looked at The ethical considerations about privacy are met The users of the network can be assured that their privacy is respected Question 3-4 If I want to identify someone who is abusing the bandwidth of the network, I would: 1. 2. 3. 4. Count the number of bytes that are transmitted by each computer in the organisation Collect all the packets in the network Limit the number of packets that users transmit Look at the port numbers of all the packets to identify forbidden applications Question 3-5 A difference between passive and active traffic measurement is: 1. That one has access to the network infrastructure and the other does not 2. That one is interested in what the users like to do in the network and the other one does not 3. One is used by researchers and the other one by industries 4. Both are used to measure available bandwidth Question 3-6 Looking at the analysis of passive measurements, it has been found that: 1. 2. 3. 4. A lot of people play games online UDP is a well known protocol The majority of the traffic in the network corresponds to TCP flows Most Internet packets have not got well known ports S. Lecturer: S. Dimitriou Page 5 of 12 ECCE/Tutorial 1 Internet Management and Security Question 3-7 A flow can be identified through: 1. 2. 3. 4. The port numbers The destination and source addresses The port numbers of the hosts The port numbers and IP addresses Question 3-8 One difference between the LAN and WAN configurations for passive traffic measurement is that: 1. 2. 3. 4. One has a global view of the network and the other one does not One looks into the packet payload and the other one does not One needs more hard drive space than the other One copies packets of network users and the other one does not Question 3-9 If I want to characterise the flows required to download a page from the web, I would be interested in: 1. 2. 3. 4. What protocols are used for the transfer How many packets are transmitted per flow The port numbers of the packets One needs more hard drive space than the other Question 3-10 If you wanted to prove that someone is committing identity theft over the web, would you have to: 1. Just look into the packet headers and see what applications the suspect is using 2. Look at the protocls the suspect uses in order to see the source and destination addresses of the packets 3. Look into the suspect's packets in order to assess if he is stealing information from other people 4. Set up a monitor in promiscuous mode Part 4: System and Network Management Question 4-1 Redundancy in network management and monitoring means: 1. 2. 3. 4. Using two or more NMSs so that if one fails, the other one is still active Having several NMAs along the network Using agents to monitor the network Making plans for failures of NMAs and NMSs S. Lecturer: S. Dimitriou Page 6 of 12 ECCE/Tutorial 1 Internet Management and Security Question 4-2 The main purpose of a trap is to: 1. 2. 3. 4. Send unsolicited information to the NMS Trigger an event in the device and report it back to the NMS Monitors the device constantly for failure events Report on device events that are relevant to the NMS Question 4-3 Network monitoring and network traffic measurement are different because: 1. They are the same, but network monitoring allows the network manager to do extra configuring of devices 2. Network monitoring is mainly concerned with the status of devices 3. Network monitoring uses MIBs to measure traffic 4. With network monitoring and NMS and NMAs and specific protocols are needed. With network measurement, no further changes are needed to network devices or peripherals Question 4-4 RMON's main objective is to: 1. 2. 3. 4. Collect information from device MIBs passively The same as SNMP Measure traffic Probe devices for event MIBs Question 4-5 Resources in the context of network monitoring and management are: 1. 2. 3. 4. Network nodes All the systems connected to the network Network routers Printers and computers Part5: Introduction to Security and Symmetric Cryptography Question 5-1 The "Add round key" step in the AES algorithm uses: 1. 2. 3. 4. A NAND bitwise function An XOR bitwise function An XOR Bytewise function A substitution that alters each byte in a column as a funtion of all the bytes in the column S. Lecturer: S. Dimitriou Page 7 of 12 ECCE/Tutorial 1 Internet Management and Security Question 5-2 A masquerade attack would allow a user to: 1. Access information on the pretence of being someone else who has access to a resource 2. Capture access data of another user 3. Modify messages of a user on a system 4. Prevent the normal use of communication facilities Question 5-3 Data integrity is a defence mechanism against: 1. 2. 3. 4. Masquerade Denial of service Replay Modification Question 5-4 The efficiency of a symmetric encryption algorithm relies on: 1. 2. 3. 4. The processing power of the computer running the algorithm The block size The key size The secrecy of the key Question 5-5 If the key size if 128 bits, this means: 1. 2. 3. 4. A very secure algorithm There are 2^128 possible keys A lot of processing power will be required to break the algorithm A lot of processing power will be required to encrypt the message Part 6: Message Authentication & Public-key Cryptography Question 6-1 Message authentication is important because: 1. It enables the user to determine who sends a message 2. It enables the user to make sure that their message will reach its destination unchanged 3. It allows the user to determine if the message received was sent by the right sender 4. It allows the usesr to determine if they are sending the right message S. Lecturer: S. Dimitriou Page 8 of 12 ECCE/Tutorial 1 Internet Management and Security Question 6-2 Symmetric encryption can be used as message authentication if: 1. 2. 3. 4. The key is kept secret and the message justifies high computational power A message digest is attached at the end of the encrypted message as well The key is transmitted in a secure way before hand A certificate authority oversees the communication process for the keys Question 6-3 A hash function is a secure has function if: 1. It is difficult to break 2. There exists one and only one hash function per message and viceversa (or at least it is computationally infeasible to find an exception to this rule) 3. The key is transmitted in a secure way before hand 4. A certificate authority oversees the communication process for the keys Question 6-4 The main difference between public-key cryptography and symmetric encryption is that: 1. Two keys are used, one private and one public 2. Public-key criptography is generated through mathematical functions rather than bit wise operations 3. Public-key cryptography is more secure than symmetric cryptography 4. Public-key cryptography is not as secure as symmetric cryptography Question 6-5 A session key: 1. 2. 3. 4. Is used only to encrypt a key for symmetric encryption Is used only to encrypt a public-key before transmission Is used only once to encrypt a certificate Is used only once to encrypt both the public key and the secret key Part 7: Encryption applications Question 7-1 The main purpose of Kerberos is to: 1. 2. 3. 4. Allow the user to enter his password only once Provide secure access to services in an organisation Serve secure tickets for access to services Ensure confidentiality and authentication for users S. Lecturer: S. Dimitriou Page 9 of 12 ECCE/Tutorial 1 Internet Management and Security Question 7-2 If a user wants access to five different services, how many tickets will Kerberos issue in total for this user? 1. 2. 3. 4. 2 6 5 7 Question 7-3 The main purpose of X.509 is to: 1. 2. 3. 4. Provide secure transmission of certificates Provide a medium for users to trust other people's keys Ensure that the certification authority is trustworthy Encrypt certificates for the user Question 7-4 Why is it important to have several certificate authorities? 1. Because it motivates a fair management of certificates 2. Because if a certificate authority becomes compromised, the other CAs keep the infrastructure working 3. Because users do not trust the establishment 4. To provide a competitive market environment Question 7-5 PGP's main component block is: 1. 2. 3. 4. Authentication Encryption Compression All of the above Part 8: Network and Transport Security Question 8-1 IPSec's position on the TCP/IP protocol stack is: 1. 2. 3. 4. Below the IP layer Above the TCP and UDP layer Below the application layer Below the TCP and UDP layer S. Lecturer: S. Dimitriou Page 10 of 12 ECCE/Tutorial 1 Internet Management and Security Question 8-2 If a user wants to ensure confidentiality and authenticity of traffic, it is best to: 1. 2. 3. 4. Use a tunnel Combine ESP and AH Use ESP only Use the transport mode Question 8-3 An SSL session is: 1. 2. 3. 4. A collection of connections between a server and a client An association with one connection A secure transmission between a client and a server A web query in a secure way Question 8-4 If a fatal allert is conveyed by the alert protocol, which action should be taken? 1. 2. 3. 4. The communication should carry on but only for the current session The communication should carry on, but only for the current connection The communication should carry on as normal All information exchange should stop as soon as the alert is received Question 8-5 The main purpose of SET is to: 1. 2. 3. 4. Guarantee payment to the merchant Guarantee secure transmission between the client and the bank Guarantee secure communication between all the parties involved in a transaction Guarantee that only the bank has access to the client's credit card information Part 9: System Security Question 9-1 Zombies and worms are independent malicious programs becuase: 1. 2. 3. 4. They do not replicate They can execute on their own They hide form the user They propagate accross the network S. Lecturer: S. Dimitriou Page 11 of 12 ECCE/Tutorial 1 Internet Management and Security Question 9-2 One of the main problems with macros viruses is that: They are platform independent They can send e-mails to many people They execute when a document is opened They are hidden in MS Office documents usually Question 9-3 A packet filtering firewall usually resides in: 1. 2. 3. 4. A proxy server A bastion host A honey pot A gateway router Question 9-4 A stateful inspection firewall will: 1. 2. 3. 4. Block connections that repeatedly scan for open ports Block connections that originate from outside the local network Builds a table of valid connections and allows packets belonging to them Allows all the connections that are not in the stateful connection table Question 9-5 How many networks does a screened-subnet firewall system contain? 1. 2. 3. 4. 1 2 3 4 S. Lecturer: S. Dimitriou Page 12 of 12