1 :There was a recent issue with Amazon cloud system. What are the security implications of the problem.
The following problems are from the text book (Pfleeger, 4th edition):
10 : List the major security issues dealt with at each level of the OSI protocol stack.
19 : A port scanner is a tool useful to an attacker to identify possible vulnerabilities in a potential victim's system. Cite a situation in which someone who is not an attacker could use a port scanner for a nonmalicious purpose.
22 (partial) : How many 4-digit numeric PINs are there? Suppose a ban prohibits "obvious" PINs like 0000 and 1234. What would you define as "obvious," and how many PINs would that disallow?
24 : Suggest a countermeasure for traffic flow analysis.
27 : How can a web site distinguish between lack of capacity and a denial-of-service attack? For example, web sites often experience a tremendous increase in volume of traffic right after an advertisement with the site's URL is shown on television during the broadcast of a popular sporting event. That spike in usage is the result of normal access that happens to occur at the same time. How can a site determine that high traffic is reasonable?
54 : Do firewall rules have to be symmetric? That is, does a firewall have to block a particular traffic type both inbound (to the protected site) and outbound (from the site)? Why or why not?
63 : Can encrypted e-mail provide verification to a sender that a recipient has read an e-mail message? Why or why not?
What to turn in: A softcopy of your solutions (could be a scanned version of the hard copy of the solutions) to be uploaded to WebCT.