| 1 |
Enter your Last name
|
|
| 2 |
Enter your First name
|
|
| 3 |
Enter your class
|
|
| 4 |
What is a digital id? |
- Digitally encrypt e-mail and
electronic communications
- Ensure confidential delivery of all
your messages and attachments
- authenticate your e-mail address to
place trust in your messages
- Prevent tampering or e-mail
"spoofing"
|
| 5 |
Is the software free? |
Free
for 30 days
|
| 6 |
What is a digital certificate? Explain
|
A certificate consists of a
public key plus the user id of the key owner and this whole block is
signed by a trusted third party.
Typically, the third party is the certificate
authority that is trusted by the community. |
| 7 |
Enter one or more company/ies that issues digital
certificates |
- Verisign
- Microsoft
|
| 8 |
What do we mean by authentication?
|
The authentication service is concerned with
assuring that a communication is authentic. It assures that the message is
from the source it claims to be. |
| 9 |
Name three different types of authentication
|
- Password
- Public key Authentication
- Biometrics
|
| 10 |
Describe what we mean by a digital signature |
An authentication mechanism that
enables the creator of a message to attach a code that acts as a
signature. The signature guarantees the source and the integrity of the
message. |
| 11 |
Name one hacking magazine |
2600 |
| 12 |
How do you acquire a DID (Digital id)? |
Though
- MS
- Verisign
- BT
- Globalsign
- Thawte
|
| 13 |
How many ways can you digitally sign a message in
Outlook Express? |
As above |
| 14 |
What is error 438? |
Many users have received the
following error message when trying to obtain the trial version of a
Digital ID from Verisign: "The error '438' occurred. Your credentials
could not be generated." To work around this issue, you must delete the
certenr3.dll file in your \Windows\occache folder. A new copy will be
downloaded when you install a new Digital ID. |
| 15 |
How many steps are there in successfully installing and using a digital
id? |
This is an exercise not to be
asked in exam 1 |
| 16 |
Enter the step-by-step procedure to ensure that you can
successfully install and use a digital ID for purposes of digitally signing
and encrypting email messages for OE (Outlook Express).
|
This is an exercise not to be
asked in exam 1 |
| 17 |
What is actually going on when you encrypt a message in OE?
|
It is ensuring that the message
can not be tampered and it ensures that it is arriving form the source
that has encrypted it. |
| 18 |
What are the 7 basic steps of the Attacker's
process?
|
- Passive reconnaissance
- Active reconnaissance
- Exploiting the system
- Uploading programs
- Downloading data
- Keeping access by backdoors or trojans
- Covering tracks
- page 23
|
| 19 |
What are the two types of network based attacks? |
- Active
- Passive
|
| 20 |
What are the Active attacks? |
Page 35 |
| 21 |
What are the Passive attacks?
|
Page 35 |
| 22 |
What is a sniffer? |
A program that watches all the traffic that occurs
on a network. |
| 23 |
What do we mean by shoulder surfing? |
Looking over the shoulder of someone typing their
password |
| 24 |
Name 8 ways to exploit the network.
page 51 |
- Ports
- Services
- Third-party s/w
- Passwords
- Back doors
- Trojan horses
- Inference channels
- Covert channels
|
| 25 |
Which ports could a hacker use to gain access? |
- 21 FTP
- 23 Telnet
- 25 SMTP
- 53 DNS
- 79 Finger
- 80 Http
- 110 POP
- 137-139 NETBIOS
-
|
| 26 |
What is cryptography? |
There are two kinds of cryptosystems: symmetric
and asymmetric. Symmetric cryptosystems use the same key (the secret
key) to encrypt and decrypt a message, and asymmetric cryptosystems use one
key (the public key) to encrypt a message and a different key (the private
key) to decrypt it. Asymmetric cryptosystems are also called public key
cryptosystems. |
| 27 |
What is PKI? |
Public Key Infrastructure |
| 28 |
What is your email? |
hmmm |