QUESTION 1
(a) List and illustrate seven security concepts.
(b) Give explanation of the following eight common threats facing web applications:
- Defacement
- Infiltration
- Phishing
- Pharming
- Insider Threats
- Click Fraud
- Denial of Service
- Data Theft/Loss
(c) What do you comprehend by IP Whitelisting and IP Spoofing?
(d) Give detailed difference between a worm and a virus?
(e) What is "Security by Obscurity"?
(f) Portray five types of biometric identification schemes.
QUESTION 2
(a) Distinguish between symmetric and public key encryption cryptographic systems and their modes of operation.
(b) Give details what hash functions are and using a suitable example show how to calculate the hash on a string using MD5.
(c) Give explanation for what you understand by the terms hash collision and rainbow tables giving an appropriate instance for each. Also describe how they can be prevented.
(d) Write a 4-pass iterative and 5-pass recursive PHP function (role) using hash algorithm sha1 and salt "mysalt" to hash password "mypass".