Exam (elaborations)
CS 6262 Network Security Quizzes with 100% Correct Verified Answers
- Course
- Institution
CS 6262 Network Security Quizzes with 100% Correct Verified Answers
[Show more]
Seller
Follow
Content preview
CS 6262 Network Security Quizzes with100% Correct Verified Answers
The following question is from the recommended reading "Exposing Private
Information by Timing Web Applications". Which of these are valid defense(s) by web
applications to resist timing attacks?
- Both the answer choices are correct
- Taking constant amount of time always for processing a request
- Adding random delay to the response - ANSWER Taking constant amount of time
always for processing a request
T/F: You are visiting a page that contains two iframes: http://example.com/ and
https://example.com/. They can access each other's content directly. - ANSWER False
T/F: HTTPS encrypts the host address to protect the user's privacy. - ANSWER False
T/F: From the paper "A Look Back at "Security Problems in the TCP/IP Protocol
Suite," it's safe to rely on the IP source address for authentication. - ANSWER False
T/F: In Steve Friedl's tech tips, he recommends people to run patched
servers. However, patched servers might still be vulnerable. - ANSWER True
Which of these is a TCP security problem:
- Eavesdropping
- Denial of service
, - Packet sniffing
- All of the above - ANSWER All of the above
T/F: TCP/IP packets are signed and not able to be forged or spoofed by the client -
ANSWER False
T/F: Randomizing just the initial sequence number completely prevents an attacker from
guessing the right sequence number. - ANSWER False
What is the purpose of BGP in the context of autonomous systems?
- To exchange routing information between autonomous systems
- To determine the routing policy within a domain
- To authenticate ARP requests in a network
- To secure routing protocols from hijacking - ANSWER To exchange
routing information between autonomous systems
T/F: A downside of using DNS Pinning as a defense against DNS Rebinding attacks is
that it makes the interaction with VPNs and proxies difficult. - ANSWER True
What are some of the things to consider when trying to meet the transparency
requirement for malware analysis?
Answers:
- Identical exception handling
- Identical notion of time
- Higher privilege than the malware
- All of the above - ANSWER All of the above
Which of the following is NOT an area of the C based toolchain where hardening can
occur.
- Assembler
- Compiler
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KenAli. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.24. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
83637 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now