Recent Question/Assignment

Question 2:
Certificates (10 Marks)
A. Because there are multiple certificate authorities (CAs) for the Web PKI it is possible to buy multiple certificates for the same domain signed by different CAs. How would a browser treat these different certificates? (2 marks)
B. ) Suppose that an imposter is able to obtain a certificate for a domain that the imposter doesn’t own. (For example, in January 2001, an imposter tricked VeriSign into signing two certificates for “Microsoft Corporation” to be used for signing new software to be installed.) What sorts of attacks could an imposter pull off once in possession of such “fake” certificates for
i. installing software. (2 marks)
ii. Viewing Web pages (2 marks)
C Typically the public SSH keys used by servers are not signed by any
certificate authority, but the SSH protocol does support checking certificates.
i. Why, in practice, are server certificates rarely signed? (2 marks)
ii. What is the benefit of checking server certificates? (2 marks)
Question 3:
Firewall Rules (10 Marks)
Assume you have the following firewall rules:
Rule
No. Transport
Protocol Source
IP Source
Port Destination
IP Destination
Port Action
1 UDP 0.0.0.0/0 any 129.174.17.180 53 allow
2 TCP 55.66.77.0/24 any 129.174.17/180 22 allow
3 TCP 55.66.77.12 4500 129.174.17/180 22 deny
4 TCP 127.0.0.1 443 129.174.17/180 6000 allow
5 TCP 0.0.0.0/0 any 129.174.17/180 6000 deny
6 UDP 0.0.0.0/0 any 129.174.17/180 32768 deny
7 TCP 0.0.0.0/0 any 129.174.17/180 32769 deny
8 TCP 0.0.0.0/0 any 129.174.17/180 32768 deny
9 TCP 0.0.0.0/0 any 129.174.17/180 80 allow
10 UDP 129.174.16.20 1025 0.0.0.0/0 65535 allow
11 UDP 129.174.20.100 1025 0.0.0.0/0 65535 allow
12 UDP 129.174.18.100 1025 0.0.0.0/0 65535 allow
13 any 0.0.0.0/0 any 0.0.0.0/0 any allow
14 TCP 0.0.0.0/0 any 0.0.0.0/0 any deny
15 UDP 0.0.0.0/0 any 0.0.0.0/0 any deny
16 TCP 0.0.0.0/0 any 129.57.17.180 6000:6010 deny
17 TCP 0.0.0.0/0 any 129.174.17.180 0:1024 deny
18 any 0.0.0.0/0 any 129.174.17.180 any deny
a) Define what a rule conflict is and Identify any conflicts. (5marks)
b) Identify any redundancies and explain which rule would be applied using each of the following 3 matching strategies:
1. FIRST
2. BEST
3. LAST (5 marks)
Question 4:
Firewalls (10 Marks)
a) What is a proxy firewall and how is it different from a network (or transparent) firewall?
(3 marks)
b) What does NAT stand for, and how does the mechanism work? Describe what, if any, security NAT provides (or fails to provide). (4 marks)
c) Where would you place a web server in an organization assuming that you can use a network firewall and why? (3 marks)
Question 4 Marking Criteria
A question that is addressed thoroughly will score full marks – a lesser mark will be awarded if material is missed or the answer is unclear. 0 Marks will be awarded if the answer is copied directly from sources (i.e. isn’t in your own words).

Looking for answers ?