INFA 610- Final Exam

Want create site? With you can do it easy.

INFA 610- Final Exam

INFA 610

Foundations of Information Security and Assurance

Final Exam

Part 1: Short discussion, determine if each of the following questions is true or false and defend your position in a brief discussion if you think it is necessary. Write your answer, T or F, to each question in the following Answer Table.   (10 questions at 1.5 points each, 15 points totally)

  1. T F Deleting the browsing history and cookies in a computer system can be the way to completely delete the recently visited sites.


  1. T F A Denial-of-Service attack does not require the attacker to penetrate the target’s security defenses.


  1. T F The biggest advantage of public-key cryptography over secret-key cryptography is in the area of key management/key distribution.


  1. T F When it comes to the ethics of a particular situation, there is only one right answer.


  1. T F A one-time pad is a safe house used only once by an undercover agent.


  1. T F In terms of privacy laws, companies have advantage over the government in terms of the types of data that a company can collect.


  1. T F Consider data that is stored over time in a mandatory access control based system. The contents of files containing highly classified (“top secret”) information are not necessarily more trustworthy than material stored in files marked unclassified


  1. T F A hash algorithm uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.


  1. T F 3DES (Triple DES) requires the use of three independent keys.


10. T F Intrusion Detection Systems (IDS) provide no protection from internal threats.


Part 2: Multiple Choice Questions. In some cases you may need to select more than one of the options. If you select “None of the above” you need to list the correct answer. (Do not simply select either all of the above or none of the above). (Scored as 3 points for each question, no guarantee of partial credit for partially correct answers.) Write your answers in the following Answer Table. (10 questions at 3 points each, 30 points totally)

1. Broad categories of payloads that malware may carry include which of the following:

Corruption of system or data files;
Theft of service in order to make the system a zombie agent of attack as part of a botnet;
Theft of information from the system, especially of logins, passwords or other personal details by keylogging or spyware programs;
Stealthing where the malware hides it presence on the system from attempts to detect and block it;
All of the above.

2. Denial of service attacks include:

DNS spoofing

Smurf attack

Ping of death

SYN flood

All of the above.


3. If person A uses AES to transmit an encrypted message to person B, which key or keys will A have to use:

A’s private key

A’s public key

B’s private key

B’s public key

None of the keys listed above.


4. The basic step(s) should be used to secure an operating system:

Harden and configure the operating system to adequately address the identified security needs of the system.

Install and register the operating system.

Installing and configure additional security controls, such as anti-virus, host-based firewalls, and intrusion detection systems (IDS), if needed.

Test the security of the basic operating system to ensure that the steps taken adequately address its security needs.

All of the above.


5. Choose the right statement(s):

On change-controlled system, you should run automatic updates to prevent security patches from introducing instability.

A malicious driver can potentially bypass many security controls to install malware.

It is critical that the operating system be kept as up to date as possible, with all critical security related patched installed.

The operating system planning process should consider the categories of users on the system, and the privileges they have.

All of the above.


6. Countermeasures against subdomain DNS cache poisoning include which of the following:


DNSSEC uses RRSIG and DNSKEY records


DNSSEC employing a chain of trust

All of the above.


7. SELinux implements different types of MAC: ________________________.

Role Based Access Controls and Type Enforcement,

Multi Level Security,

Multi Task Level Security,

User Based Access Controls and Format Enforcement

None of the above.


8. Protection of a software program that uses a unique, novel algorithm could be legally protected by:

A patent

A copyright

A notary

Ethical standards

All of the above.


9. Security threats include which of the following:


Disgruntled employees

Unlocked doors

Un-patched software programs

All of the above.


10. Methods to avoid SQL injection include which of the following:
Providing functions to escape special characters
Techniques for the automatic detection of database language in legacy code.
Built-in functions that strip input of dangerous characters.
Techniques for the automatic detection of SQL language in legacy code.
All of the above.

Part 3: Short Answer Questions. (5 questions, 5 points each, 25 points totally)

1. You discover that your computing system has been infected by a piece of malicious code. You have no idea when the infection occurred. You do have backups performed every week since the system was put into operation but, of course, there have been numerous changes to the system over time. How could you use the backups to construct a “clean” version of your system? (5 points)

2. What are the server-side attacks? What are the techniques a developer can employ to minimize these attacks?

3. What are some of the individual rights associated with information privacy? Do expectations of privacy change depending on the individual’s environment? If so, how? (5 points)

4. The table below shows the authentication protocol, wherein pwd is Albert’s password and K is a key derived from pwd. Can an attacker that can eavesdrop messages (but not intercept or spoof messages) obtain pwd by off-line password guessing? If you answer no, explain briefly. If you answer yes, describe the attack. (5 points)

5. Why is a firewall a good place to implement a VPN? Why not implement it at the actual server(s) being accessed? (5 points)

Part 4: Essay Questions.

1. (15.0 points) One hundred years ago, Louis Brandeis and Samuel Warren warned us that, “Numerous mechanical devices threaten to make good the prediction that ‘what is whispered in the closet shall be proclaimed from the housetops.’” Cryptography is an enabling technology for self-help privacy. Conversely, cryptography can be used to conceal criminal conspiracies and activities, including espionage.

(a) How does cryptography help or hinder protection of privacy and public safety?

(b) What policies are needed and appropriate in a networked world regarding the use of cryptography?

(c) What new threats do computer systems and networks pose to personal privacy? In other words, what threats are enabled or enhanced by computer systems and networks? Note: Your total answer to all three questions (a-c) should be restricted to two (2) pages (double spaced, font size=12). In addition to the answer, you must cite all sources of information if any.


2. (15 points) Rick is a very talented programmer who has developed a revolutionary method for a new intrusion detection system (IDS). It is an elegant new algorithm that will flawlessly detect intrusion attacks and respond almost instantly. He understands that if it works it could be worth a great deal of money. Steven is a friend of his whom he enjoys discussing his ideas with. Steven is a successful entrepreneur, and Rick is concerned that he may lose any intellectual rights if Steven was to develop his idea without including him. Please discuss the legal and ethical issues in such a relationship. What should each of these individuals do to ensure ethical barriers are not broken? Maximum length: two (2) pages (double spaced, font size=12). In addition to the answer, you must cite all sources of information if any.

Did you find apk for android? You can find new and apps.

Instant Nursing Papers
Hire a Nursing Expert
Pages (550 words)
Approximate price: -

Why Choose Instant Nursing Papers?

Quality Nursing Papers

We assist students in achieving the best top-grade in their nursing papers, and in compliance with the provided instructions. Have your nursing paper written with a certified specialist Ph.D., Bachelor's, and Master's graduates with many years of experience in academic writing.

Experts with Ph.d., MDs and DNP Holders

Our writers have acquired Ph.D., MDs and DNP credentials from world class institutions. Our writers can handle papers from any discipline and can handle over 100+ subjects.

Nursing Papers Cheap

We provide a great deal of student-friendly prices and professionalism with all our nursing essay writing services. Our paper writing services have a user-friendly interface and professional nursing academic assistance. We are committed to assisting all students with their nursing assignments and projects regardless of their academic level.

Fast Paper Delivery

Our writers follow a strict schedule to ensure papers are delivered before the deadline to enable our editors to proofread before the final delivery to our customers. We strictly observe the early delivery of assignments to meet our clients' deadlines.

Plagiarism-free Nursing Papers

Our expert nursing paper writers are dedicated to conducting thorough research and writing papers from scratch to deliver original papers. To avoid paper plagiarism, all orders go through steps of writing, editing, and proofreading.

24Hour Customer Help

Our customer support is available 24/7/365 to help clients and make their paper writing services easy to use. Our experienced support team is available to answer your queries any time, 24 hours a day.

Try it now!

Calculate the price of your order

We'll send you the first draft for approval by at
Total price:

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Nursing Papers Writing Service

We provide Nursing Assignment Services to Nursing students. Also, we are not limited to providing Nursing assignment help to students only. We also provide assignment help and solutions to community health nursing, Anatomy & Physiology, Microbiology, Biochemistry and Biophysics, and Nutrition & Dietetics.


Nursing Essays

Sit back, relax while our writers sort you out on your most daunting nursing essay queries on how to write a good nursing essay. We got you if you are looking for the best nursing essay services.


Nursing Projects

It is no doubt that qualifying for a nursing career is difficult and requires a series of tests. Most nursing students must put in a lot of work in their assignments and coursework. will help you answer queries such as “who can write my nursing research paper?”.


Nursing Dissertation Help will save you the hustle of undergoing pressure or even depression while doing your nursing dissertation paper. Save yourself from all the long sleepless nights and pressure by working with our best nursing dissertation writing professionals.


Nursing Coursework Help

If you happen to hop into our site in search of nursing coursework help, look no further. We are the number one solution for the best nursing coursework assignments. Therefore, to complete the best APA nursing coursework, seek help from professional nursing coursework experts at