1. a) If a message reads "We begin bombing in five minutes.", what would this look like in a Caesar cipher with k=12?
b) What happens to spaces and punctuation in a Caesar cipher?
c) Who got in trouble for using that phrase, and when?
2. With public key encryption, there are two ways you could send a message from Harvey to Eunice:
A. Harvey would apply his private key to the message, and Eunice would decrypt it using Harvey's public key
B. Harvey would apply Eunice's public key to the message, and Eunice would decrypt it using her private key.
How do these methods (A versus B) differ in terms of the authentication and confidentiality provided? Be sure to answer both aspects for both methods.
3. Why does it matter if a server has unused ports left open? What kind of attacks could take advantage of this?
4. a) If I maintain an offsite backup of my system so I can restore it after a virus wipes it out, is this part of a prevention, detection, or mitigation strategy? Explain your answer.
b) Provide examples of the other two strategies for that threat.
5. What algorithms did we discuss for:
a) symmetric encryption?
b) public key encryption?
6. SHAVS is a validation test suite for SHA (NIST, 2004). What three kinds of tests does it execute? How long is the longest test string used?
7. a) How does a message digest differ from a digital signature?
b) Would it be practical to use both on the same message? Explain your answers.
8. In what way are MD5 and SHA different from DES and RSA?
9. What kind of attack does the use of a nonce prevent?
10. What kind of key authority is used to prevent the man-in-the-middle attack when using public key encryption?
11. How does the output of MD5 differ from that of SHA-1?
12. Snort can do both signature-based and anomaly-based intrusion detection, but it can also do a third kind of detection. Name and describe it.
13. AES and RSA can both have 128-bit keys. Which is stronger, and why?
14. How does 802.11n differ from 802.11g?
15. If 802.11a uses 11 channels, what is the span of frequencies for each channel?
16. Describe in your own words the difference between DIFS and SIFS.
17. Find two specific retail devices that use the Zigbee protocol. Describe them and cite their sources.
18. If you want your home network to be more secure, would you use agent advertisement or agent solicitation? Explain your answer.
19. The new "4K SUHD" TVs can scan 3840 x 2160 pixels at up to 240 Hz. Assuming 32 bits of data per pixel, what data rate is needed to support them without compression?
20. Describe the differences between symmetric and public key encryption. Address how to provide authentication, confidentiality, and verify message integrity using them.
21. What type of attack makes public key encryption less secure than symmetric?
22. How is an access control list used by a firewall?
23. What does a MIB store and where does it get it from?
24. What environmental conditions might you monitor for a physically remote network location (e.g. your system is in a building in the woods), and what potential problem would you look for with respect to each condition? Identify at least three conditions.