1.This question is about basic Network Security Terminology and Privacy.
a.Explain what a security mechanism is and give 3 examples of security mechanisms. [10 marks]
b.What functionality is provided by the Transport, Network and Data Link layers of the OSI Model? List any two other layers of the OSI Model. [10 marks]
c.Explain what Privacy is, what Anonymity is, and how Privacy and Anonymity are related to each other. [10 marks]
d.Describe how a TOR (The Onion Router) circuit is set up and used. [10 marks]
e.Describe how a location hidden server can be created and used. [10 marks]
2.This question is about Network Protocols and Attacks.
a.This subquestion is about DHCP:
i.What is DHCP and what is it used for? [5 marks]
ii.What is DHCP starvation? Explain how an attacker performs it and the type of messages used for it. [5 marks]
iii. What is a DHCP rogue server attack and how can it be facilitated through DHCP starvation? [10 marks]
b.What are SYN flood attacks? How can IP spoofing be used to make them more effective? [10 marks]
c.What are “amplifification attacks”? Explain how the Network Time Protocol (NTP) can be used to launch an amplifification attack. [10 marks]
d.What problem is caused by the fact that DNS is stateless? Explain how a DNS poisoning query ID attack works. [10 marks]
3.This question is about Intrusion Prevention and Detection Systems.
a.This sub-question is about firewalls.
i.Describe what a fifirewall security policy does. Enumerate the different types of default policies. [5 marks]
ii.Enumerate and describe the techniques that firewalls use to control access and enforce the site’s security policy. [8 marks]
iii. Describe an example of firewall limitation. [2 marks]
EasyDue™ 支持PayPal, AliPay, WechatPay, Taobao等各种付款方式!
E-mail: email@example.com 微信:easydue