Scribd Logo
Upload

Welcome to Scribd!

  • Examen Sure

    Uploaded by

    Amine Besrour
    33 views3 pages
    examen sécurité duxième année supcom

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    examen sécurité duxième année supcom

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    33 views3 pages

    Examen Sure

    Uploaded by

    Amine Besrour
    examen sécurité duxième année supcom

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    First Name: . Last Name: ..

    Signature: ..
    Class: ..

    Course : Introduction to Network Security


    Duration : 2 hours
    Documents : Authorized

    Exam
    Preamble
    1. The exam is divided into two sections: the first consists of a series of multiple choice questions while the
    second is composed of two exercises.
    2. For a multiple choice question, the correct answer can consist of one, many, or none among the proposed
    alternatives. The full mark is attributed to the student if his answer is fully correct; otherwise a zero is attributed
    for the question.
    3. The student must submit his answers to the first section on the present exam sheet. Any answer that does not
    fulfil this requirement will not be considered.
    4. The exam is three-page long.

    Section I: Multiple Choice Questions (8 points)


    Q1.

    Q2.

    How many potential keys should be generated to break a 2-DES key using mmet-inthe-middle attack?
    (a) 256.
    (b) 2116.
    (c) 2168.
    (d) 257.

    O
    O
    O
    O

    The public parameter e of the RSA algorithm in the case where p=11, q=5, and d=3
    equals:
    (a) 5
    (b) 107
    (c) 231
    (d) 1

    O
    O
    O
    O

    Q3.
    (a)
    (b)
    (c)
    (d)

    The Euler function applied to the integer 143 returns:


    1.
    120.
    8.
    28.

    O
    O
    O
    O

    Leave this part blank

    (a)
    (b)
    (c)
    (d)

    The immediate objectives of the buffer overflow attack include:


    Breaking the OS password of the victim host.
    Stopping the execution of a specific service on the victim host.
    Executing arbitrary commands on the victim host.
    Spoof the IP address of the victim host.

    O
    O
    O
    O

    (a)
    (b)
    (c)
    (d)

    Symmetric encryption provides authentication services:


    In the case where the key-length exceeds 256 bits.
    In the case where the key-length is less than 256 bits.
    In the case where the network includes only two peers.
    Without any requirement.

    O
    O
    O
    O

    Q4.

    Q5.

    Q6.

    Q7.

    Blind signatures are used when :


    (a) The identity of the signer must not be divulgated.
    (b) The signed text must not be read by the signer.
    (c) The verification process does not encompass signer identity verification.
    The RSA cryptogram c=10 has been intercepted. Given that the corresponding
    public key (e,n) equals (5,35), which of the following is the correct plain-text?
    (a) 10.
    (b) 5.
    (c) 35.
    (d) 1.

    Q8.
    (a)
    (b)
    (c)
    (d)

    The Euler function is:


    Injective.
    Surjective.
    Bijective.
    Neither surjective nor bijective.

    Q9.

    Consider a cryptosystem where two keys k1 and k2 are used to encipher and decipher
    the messages, respectively. Given that k1= k2+c mod(n), where c and n are two
    constants, is this cryptosystems:
    (a) Symmetric.
    (b) Asymmetric.

    Q10.

    A Denial-of-Service attack, called Land attack, consists in sending a packet for


    which the source and destination IP addresses are identical. Which category of
    firewall technology prevents the Land attack from occurring:
    (a) Proxies.
    (b) Packet-filters.
    (c) Stateful inspection filters.

    O
    O
    O

    Section II: Exercises (12 points)

    Exercise 1. (7 points)
    The information system of an organisation X consists of the following resources:

    A set of client machines connected to the Internet


    A payment system consisting of a web server and a DBMS server
    An internal electronic mail server

    1- Propose a firewall-based solution to prevent inbound connections to the client


    machines and outbound connections from the public payment system. The proposed
    solution should be based only on two-port firewalls.
    2- How can this solution be improved in order to protect the payment system from being
    SYN-flooded?
    3- Give the filtering rules regulating access to and from the security domains defined in
    the previous questions.
    4- Enhance the proposed solution to protect the web server and the electronic mail server
    from buffer overflow attacks.

    Exercise 2. (5 points)
    A password-based protocol used by a server to authenticate clients consists of the following
    steps:
    a. A password P is securely shared with every client server.
    b. The client sends x=h(P) to the server, where h is a hash function.
    c. The server computes x=h(P) from its local copy of P and matches x and x. Access is
    granted if x=x.
    1- Explain how an attacker can gain access to the server by capturing the traffic between
    the server and a specific client.
    2- Improve the protocol, without modifying the number of steps, to prevent the
    aforementioned attack.

    You might also like