UNIVERSITI SAINS MALAYSIA. CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian]

Similar documents
UNIVERSITI SAINS MALAYSIA. CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian]

UNIVERSITI SAINS MALAYSIA. CST333 Distributed & Grid Computing [Perkomputeran Teragih & Grid]

UNIVERSITI SAINS MALAYSIA. CMT322/CMM323 Web Engineering & Technologies [Kejuruteraan & Teknologi Web]

UNIVERSITI SAINS MALAYSIA. CST332 Internet Protocols. Architecture & Routing [Protokol, Seni Bina & Penghalaan Internet]

UNIVERSITI SAINS MALAYSIA. CPT344 Computer Vision & Image Processing [Penglihatan Komputer & Pemprosesan Imej]

UNIVERSITI SAINS MALAYSIA. CST232 Operating Systems [Sistem Pengendalian]

UNIVERSITI SAINS MALAYSIA. CCS522 Advanced Data Communication & Computer Networks [Rangkaian Komputer & Komunikasi Data Lanjutan]

UNIVERSITI SAINS MALAYSIA. CPT211-CPM313 Programming Language Concepts & Paradigm [Konsep & Paradigma Bahasa Pengaturcaraan]

UNIVERSITI SAINS MALAYSIA. CST331 Principles of Parallel & Distributed Programming [Prinsip Pengaturcaraan Selari & Teragih]

UNIVERSITI SAINS MALAYSIA. CCS522 Advanced Data Communication and Computer Networks [Rangkaian Komputer dan Komunikasi Data Lanjutan]

UNIVERSITI SAINS MALAYSIA. CCS521 Advanced Distributed Systems Concepts and Design [Konsep dan Reka Bentuk Sistem Teragih Maju]

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

INSTRUCTION: This section consists of TEN (10) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CMT224/CMM221 Multimedia Systems [Sistem Multimedia]

UNIVERSITI SAINS MALAYSIA. CMT422 Multimedia Information Systems & Management [Sistem & Pengurusan Maklumat Multimedia]

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CPT111/CPM111 Principles of Programming [Prinsip Pengaturcaraan]

INSTRUCTION: This section consists of TWO (2)short answers and TWO (2) structured essays. Answer ALL questions.

EEE 428 SISTEM KOMPUTER

UNIVERSITI SAINS MALAYSIA. CPT341 Software Design & Architecture [Reka Bentuk & Seni Bina Perisian]

UNIVERSITI SAINS MALAYSIA. CPT113 Programming Methodology & Data Structures [Metodologi Pengaturcaraan & Struktur Data]

UNIVERSITI SAINS MALAYSIA. Peperiksaan Semester Pertama Sidang Akademik 2003/2004. September/Oktober 2003

UNIVERSITI SAINS MALAYSIA. CST234 Network Programming [Pengaturcaraan Rangkaian]

UNIVERSITI SAINS MALAYSIA. CST131 Computer Organisation [Organisasi Komputer]

MSS 317 Coding Theory [Teori Pengekodan]

CPT211/CPM313 Programming Language Concepts & Paradigms [Konsep & Paradigma Bahasa Pengaturcaraan]

UNIVERSITI SAINS MALAYSIA. CST131 Computer Organisation [Organisasi Komputer]

UNIVERSITI SAINS MALAYSIA. CCS523 Computer Security & Cryptography [Keselamatan Komputer & Kriptografi]

VIRTUAL PRIVATE NETWORK: ARCHITECTURE AND IMPLEMENTATIONS

MSS 318 Discrete Mathematics [Matematik Diskret]

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CST331 Principles of Parallel & Distributed Programming [Prinsip Pengaturcaraan Selari & Teragih]

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

ssk 2023 asas komunikasi dan rangkaian TOPIK 4.0 PENGALAMATAN RANGKAIAN Minggu 11

INSTRUCTION: This section consists of TWO (2) questions. Answer ALL questions. ARAHAN: Bahagian ini mengandungi DUA (2) soalan. Jawab SEMUA soalan.

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CMT324 Computer Graphics & Visual Computing [Grafik Komputer & Perkomputeran Visual]

UNIVERSITI SAINS MALAYSIA. CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian]

UNIVERSITI SAINS MALAYSIA

...a- JEE ELEKTRONIK DIGIT II. UNlVERSlTl SAINS MALAYSIA. Peperiksaan Semester Kedua Sidang Akademik FebruarVMac 2003.

UNIVERSITI SAINS MALAYSIA. CST231/CSM331 Data Communications & Networks [Komunikasi Data & Rangkaian]

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CST131 Computer Organisation [Organisasi Komputer]

AN IMPROVED PACKET FORWARDING APPROACH FOR SOURCE LOCATION PRIVACY IN WIRELESS SENSORS NETWORK MOHAMMAD ALI NASSIRI ABRISHAMCHI

Semasa buku ini ditulis XAMPP mengandungi empat versi:

EEE348 INTRODUCTION TO INTEGRATED CIRCUIT DESIGN (PENGANTAR REKABENTUK LITAR BERSEPADU)

CPT212 Design & Analysis of Algorithms [Reka Bentuk & Analisis Algoritma]

CPT111/CPM111 Principles of Programming [Prinsip Pengaturcaraan]

COMBINING TABLES. Akademi Audit Negara. CAATs ASAS ACL / 1

INSTRUCTION: This section consists of TWO (2) short answer and structured essay questions. Answer ALL questions.

CST432 Microprocessors & Embedded Systems [Mikropemproses & Sistem Terbenam]

INSTRUCTION: This section consists of TWO (2) questions. Answer ALL questions. ARAHAN: Bahagian ini mengandungi DUA (2) soalan. Jawab SEMUA soalan.

UNIVERSITI SAINS MALAYSIA. CCS513 Computer Vision and Image Analysis [Penglihatan Komputer dan Analisis Imej]

INSTRUCTION: This section consists of FOUR (4) questions. Answer ALL questions. ARAHAN: Bahagian ini mengandungi EMPAT (4) soalan. Jawab SEMUA soalan.

UNIVERSITI SAINS MALAYSIA. CST232 Operating Systems [Sistem Pengendalian]

EEE 355 ROBOTIC & AUTOMATION [Robotik & Pengautomatan]

Panduan Menggunakan Autoresponder FreeAutobot.com

UNIVERSITI SAINS MALAYSIA. CST432 Microprocessors & Embedded Systems [Mikropemproses & Sistem Terbenam]

UNIVERSITI SAINS MALAYSIA. CST431/CST335 Systems Security & Protection [Keselamatan & Perlindungan Sistem]

TEKNOLOGI, GADJET & KEIBUBAPAAN

SYSTEMATIC SECURE DESIGN GUIDELINE TO IMPROVE INTEGRITY AND AVAILABILITY OF SYSTEM SECURITY ASHVINI DEVI A/P KRISHNAN

EEE 348 PENGANTAR REKABENTUK LITAR BERSEPADU

PANDUAN PENGGUNA (PENTADBIR SYSTEM/SYSTEM ADMINISTRATOR) (INFOTECH, BPPF DAN POLIS

CLOUD COMPUTING ADOPTION IN BANKING SYSTEM (UTM) IN TERMS OF CUSTOMERS PERSPECTIVES SHAHLA ASADI

PART A SULIT (EKT 221) BAHAGIAN A. Answer ALL questions. Question 1. a) Briefly explain the concept of Clock Gating.


DOKUMEN TIDAK TERKAWAL

UNIVERSITI SAINS MALAYSIA. CCS523 Computer Security & Cryptography [Keselamatan Komputer & Kriptografi]

TRUSTED CLOUD COMPUTING FRAMEWORK IN CRITICAL INDUSTRIAL APPLICATION MERVAT ADIB BAMIAH UNIVERSITI TEKNOLOGI MALAYSIA

Pengenalan Sistem Maklumat Dalam Pendidikan

UNIVERSITI SAINS MALAYSIA. CPT111 Principles of Programming [Prinsip Pengaturcaraan]

Pengguna akan diberikan Username dan Password oleh Administrator untuk login sebagai admin/conference Manager bagi conference yang akan diadakan.

PRIVACY FRIENDLY DETECTION TECHNIQUE OF SYBIL ATTACK IN VEHICULAR AD HOC NETWORK (VANET) SEYED MOHAMMAD CHERAGHI

PANDUAN PENGGUNA (PENSYARAH)

UNIVERSITI SAINS MALAYSIA. CPT103/ CPM211 Struktur Data & Paradigma Pengaturcaraan

MULTIMEDIA COLLEGE JALAN GURNEY KIRI KUALA LUMPUR

UNIVERSITI SAINS MALAYSIA. CPT212 Design & Analysis of Algorithms [Reka Bentuk & Analisis Algoritma]

DETECTION OF WORMHOLE ATTACK IN MOBILE AD-HOC NETWORKS MOJTABA GHANAATPISHEH SANAEI

DARI KAUNTER KE SISTEM DALAM TALIAN

MULTIMEDIA COLLEGE JALAN GURNEY KIRI KUALA LUMPUR

EEE 430/4 SOFTWARE ENGINEERING

Information Security Management System ISO/IEC 27001:2013

PANDUAN PENGGUNA (SUPPLIER) MAINTAIN CERTIFICATES/SUPPLIER DETAILS SUPPLIER RELATIONSHIP MANAGEMENT SUPPLY CHAIN MANAGEMENT SYSTEM (SCMS)

PANDUAN PENGGUNA (SUPPLIER) MAINTAIN CERTIFICATES/SUPPLIER DETAILS SUPPLIER RELATIONSHIP MANAGEMENT SUPPLY CHAIN MANAGEMENT SYSTEM (SCMS)

CCS592 Advanced Algorithms and Complexity [Algoritma Lanjutan & Kekompleksan]

UNIVERSITI SAINS MALAYSIA. CMT322/CMM323 Web Engineering & Technologies [Kejuruteraan & Teknologi Web]

Analysis SPM of year 2007, 2008, 2009, 2010, 2011, 2012, 2013 (Section B & C)

AUTOMATIC APPLICATION PROGRAMMING INTERFACE FOR MULTI HOP WIRELESS FIDELITY WIRELESS SENSOR NETWORK

Registration of Supplier (ROS) TM Supplier Registration Renewal via SUS Portal (Pembaharuan Pendaftaran Pembekal TM melalui SUS Portal)

SUPERVISED MACHINE LEARNING APPROACH FOR DETECTION OF MALICIOUS EXECUTABLES YAHYE ABUKAR AHMED

HARDWARE/SOFTWARE SYSTEM-ON-CHIP CO-VERIFICATION PLATFORM BASED ON LOGIC-BASED ENVIRONMENT FOR APPLICATION PROGRAMMING INTERFACING TEO HONG YAP

-2- c) Bincangkan mengapa pemprosesan wafer perlu dijalankan di dalam persekitaran bilik bersih. [30 markah]

Panduan Guru Maker UNO/ Arduino

5. All fields are compulsory and MUST be filled up. For fields that do not apply to you, please put as N/A (not applicable).

UNIVERSITI SAINS MALAYSIA. CMT321 Management & Engineering of Databases [Pengurusan & Kejuruteraan Pangkalan Data]

Panduan Pengguna Autodesk Education Community

ANOMALY DETECTION IN WIRELESS SENSOR NETWORK (WSN) LAU WAI FAN

CREATING USER ID AND PASSWORD : NOTA PENTING NOTA PENTING SEBELUM MEMULAKAN PROSES CREATE USER ID & PASSWORD

FIRST TIME LOGIN & SELF REGISTRATION USER GUIDE LOG MASUK KALI PERTAMA & PENDAFTARAN SENDIRI PANDUAN PENGGUNA

Transcription:

UNIVERSITI SAINS MALAYSIA First Semester Examination 2015/2016 Academic Session December 2015/January 2016 CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian] Duration : 2 hours [Masa : 2 jam] INSTRUCTIONS TO CANDIDATE: [ARAHAN KEPADA CALON:] Please ensure that this examination paper contains FOUR questions in ELEVEN printed pages before you begin the examination. [Sila pastikan bahawa kertas peperiksaan ini mengandungi EMPAT soalan di dalam SEBELAS muka surat yang bercetak sebelum anda memulakan peperiksaan ini.] Answer ALL questions. [Jawab SEMUA soalan.] You may answer the questions either in English or in Bahasa Malaysia. [Anda dibenarkan menjawab soalan sama ada dalam bahasa Inggeris atau bahasa Malaysia.] In the event of any discrepancies, the English version shall be used. [Sekiranya terdapat sebarang percanggahan pada soalan peperiksaan, versi bahasa Inggeris hendaklah diguna pakai.]...2/-

- 2-1. (a) A developer in your company is building a new application and has asked you if the application should use TCP- or UDP-based communications. Explain to the developer on the advantages and disadvantages of each protocol. (8/100) Your boss wants to know if DHCP can be appropriately used for both server and PC environments. Provide your opinion and be sure to explain on how DCHP works to defend your position. (c) Your company, ABC Plastics, is a firm that buys plastic resin from manufacturers and sells it to small users. To be competitive, your firm needs to conduct business via the Internet, and along these lines has decided to connect its internal network, consisting of an e-mail server, a file server, and a database server to the Internet. To facilitate B2B transaction processing, a Web server and application server are being added to the network. The company understands the critical nature associated with this change and has initiated a project under your direction to design the new environment. Describe the security topology you would recommend in this instance. Also, explain where each server should be located in the network, and the rationale behind the placement decision. (7/100) Network Address Translation (NAT) is the protocol which can be used to translate private (non-routable) IP addresses into public (routable) IP addresses. Explain the two (2) purposes of the NAT service? 2. (a) You have been asked to write a security policy regarding wireless-based e-mail for your corporation. Explain in the policy why you would or would not allow confidential information to be sent over this medium. (c) There are various technologies employed by wireless devices to maximize their use of the available radio frequencies. List and describe briefly three (3) of the technologies. You are installing a wireless network in your apartment and will be performing work-related functions on days when you telecommute from home. List and describe briefly with proper example two (2) basic steps you should take to protect your wireless network from potential unauthorized user access in your apartment complex....3/-

- 3 - Consider the following security steps or policies: Install a firewall and check the logs daily. Monitor your intrusion detection system for possible attacks. Limit the information that can be obtained on your organization and the services that are run by your Internet-visible systems. Ensure that all patches have been applied for the services that are offered by your system. What is the best way to minimize possible avenues of attack for your system? Explain your answer (by comparing your choice with other steps or policies). (e) Johnny is worried that someone might be able to intercept and decrypt his VoIP phone calls which is using the standard VoIP protocol: SIP. Thus Johnny considers to use Skype. What is SIP? Why SIP is vulnerable to attacks? Why Skype is better used in this situation? (3/100) 3. (a) Explain the following attacks in term of its definition and example: Replay Attack. Spoofing Attack....4/-

- 4 - Session hijacking targets the TCP connection between a client and a server. If the attacker learns the initial sequence, he might be able to hijack a connection. Describe in detail on how this occur. Describe Domain Name Server (DNS) poisoning and cache poisoning. What is ARP Poisoning? (c) Why is HTML e-mail dangerous? Why is an open e-mail relay bad? Give one (1) but the main reason why spam is prevalent today. The IT department is debating several different e-mail packages, and they ask you to present the security implications of automated malicious code. Briefly explain how worms propagate through e-mail, and why Microsoft Outlook is such a popular target for worms....5/-

- 5-4. (a) You are the security expert of your company. The CIO has tasked your team with the responsibility of designing the corporate network while providing the maximum degree of security. After several discussions to determine the needed network requirements with your team, the following network topology diagram is proposed. Diagram 1: The proposed network topology Based on the proposed network topology diagram, explain HOW the following security requirements can be done to achieve the most effective solution. The internal network must be secured against external and internal threats....6/-

- 6 - Several servers may be accessed by external users. However, the internal network must be secured, even if these servers are compromised. (iv) Traveling and home-office users may access the internal network resources. Outbound Internet (WWW) access must be screened and filtered. (5/100) You are the security analyst for a company that is moving to Web Services as a method of distributed application deployment. Your boss has asked you to write a short report explaining the security issues associated with this new strategy. Note: Answers to this question will vary, but should explain two (2) of the four types of Web Services vulnerabilities, and how they relate to each other. (8/100)...7/-

KERTAS SOALAN DALAM VERSI BAHASA MALAYSIA - 7-1. (a) Seorang pembangun di syarikat anda yang sedang membangunkan satu aplikasi baru telah bertanya anda sama ada aplikasi berkenaan sepatutnya menggunakan komunikasi berdasarkan TCP atau UDP. Jelaskan kepada beliau kelebihan-kelebihan dan kekurangan-kekurangan setiap protocol berkenaan. (8/100) (c) Majikan anda ingin tahu sama ada DHCP sesuai digunakan untuk kedua-dua persekitaran pelayan dan PC. Nyatakan pandangan anda dan pastikan penerangan diberikan bagaimana DHCP bekerja untuk menyokong pendirian anda. Syarikat anda, ABC Plastics, adalah satu firma yang membeli resin plastik daripada pengeluar-pengeluar dan menjualnya kepada pengguna-pengguna secara kecil-kecilan. Untuk menjadi lebih berdaya saing, firma ada perlu melakukan perniagaan menerusi Internet, dan oleh kerana itu telah memutuskan untuk menyambungkan rangkaian dalaman syarikat yang terdiri daripada satu pelayan e-mel, satu pelayan fail, dan satu pelayan pangkalan data kepada Internet. Untuk memudahkan pemprosesan urus niaga B2B, satu pelayan sesawang dan satu pelayan aplikasi ditambahkan kepada rangkaian. Syarikat memahami keadaan kritikal yang berkaitan dengan perubahan ini dan telah memulakan satu projek yang diketuai oleh anda untuk mereka bentuk persekitaran baru itu Gambarkan topologi keselamatan yang bakal anda cadangkan dalam hal ini. Juga, terangkan di mana setiap pelayan sepatutnya ditempatkan dalam rangkaian dan rasional di sebalik keputusan penempatan tersebut. (7/100) Network Address Translation (NAT) adalah protokol yang boleh digunakan untuk menterjemahkan alamat-alamat IP khusus (non-routable) kepada alamat-alamat IP umum (routable). Terangkan dua (2) tujuan perkhidmatan NAT? 2. (a) Anda telah diminta menulis satu polisi keselamatan berkaitan dengan e-mel berasaskan Tanpa Wayar untuk perbadanan anda. Jelaskan dalam polisi berkenaan mengapa anda akan benarkan atau tidak akan benarkan maklumat sulit dihantar menerusi medium ini. Terdapat pelbagai teknologi yang digunakan oleh peranti-peranti Tanpa Wayar untuk memaksimumkan penggunaan frekuensi-frekuensi radio yang ada. Senaraikan dan terangkan secara ringkas tiga (3) daripada teknologi berkenaan....8/-

- 8 - (c) Anda memasang sebuah rangkaian Tanpa Wayar di kediaman anda dan akan melakukan fungsi-fungsi yang berkaitan dengan kerja pada hari-hari di mana anda bertelekomunikasi dari rumah. Senaraikan dan jelaskan secara ringkas dengan contoh yang sesuai dua (2) langkah-langkah asas yang sepatutnya diambil untuk melindungi rangkaian Tanpa Wayar anda daripada kemungkinan capaian oleh pengguna yang tidak dibenarkan di kompleks kediaman anda. Pertimbangkan langkah-langkah keselamatan atau polisi-polisi berikut: Memasang satu tembok api dan menyemak log setiap hari. Memantau sistem pengesan pencerobohan anda untuk sebarang kemungkinan serangan. Hadkan maklumat yang boleh diperoleh daripada organisasi anda dan juga perkhidmatan-perkhidmatan yang dilaksanakan oleh sistem-sistem Internet yang boleh dicapai. Memastikan semua tampungan-tampungan dibuat ke atas perkhidmatanperkhidmatan yang ditawarkan oleh sistem anda Apakah kaedah yang terbaik dalam meminimumkan kemungkinan puncapunca serangan ke atas sistem anda? Terangkan jawapan anda (dengan membandingkan pilihan anda dengan langkah-langkah atau polisi-polisi yang lain yang dinyatakan di atas). (e) Johnny bimbang seseorang mungkin dapat memintas dan mendekripsi panggilan telefon VoIP beliau yang menggunakan protocol piawai VoIP: SIP. Jadi Johnny mempertimbangkan untuk menggunakan Skype. Apakah SIP? Kenapa SIP terdedah kepada serangan? Mengapa Skype lebih baik digunakan dalam situasi ini? (3/100)...9/-

- 9-3. (a) Jelaskan serangan-serangan berikut dalam bentuk takrifan dan contoh: Serangan Pengulangan. Serangan Perdayaan. Perampasan Sesi mengarah kepada sambungan TCP antara satu pelanggan dan satu pelayan. Jika penyerang mempelajari jujukan awalan, dia mungkin boleh merampas satu sambungan. Terangkan secara terperinci bagaimana ini boleh berlaku. Terangkan peracunan Pelayan Nama Domain (DNS) dan peracunan cache. Apakah peracunan ARP? (c) Kenapa e-mel HTML merbahaya? Kenapa sesebuah geganti e-mel terbuka adalah tidak baik? Berikan satu (1) tetapi alasan utama mengapa spam berleluasa hari ini. Jabatan IT membahaskan beberapa pakej e-mel yang berbeza, dan mereka meminta anda membentangkan implikasi-implikasi keselamatan kod berniat jahat berautomat. Jelaskan secara ringkas. bagaimana cecacing menular menerusi e-mel, dan mengapa Microsoft Outlook adalah sasaran popular bagi cecacing....10/-

- 10-4. (a) Anda adalah pakar keselamatan syarikat anda. CIO syarikat anda telah menugaskan pasukan anda dengan tanggung jawab merekabentuk sebuah rangkaian korporat dengan sokongan tahap keselamatan yang maksima. Selepas beberapa perbincangan untuk menentukan keperluan-keperluan rangkaian berkenaan bersama pasukan anda, gambar gambar rajah topologi rangkaian berikut dicadangkan. Gambar rajah 1: Topologi rangkaian yang dicadangkan Berdasarkan gambar rajah topologi rangkaian yang dicadangkan, jelaskan BAGAIMANA keperluan-keperluan keselamatan berikut dapat dilakukan untuk mencapai penyelesaian yang paling berkesan. Rangkaian dalaman mesti dilindungi daripada ancaman-ancaman luaran dan dalaman....11/-

- 11 - Beberapa pelayan boleh dicapai oleh pengguna-pengguna luar. Namun, rangkaian dalaman mesti dilindungi meskipun pelayan-pelayan tersebut dikompromi. Pengguna-pengguna yang merantau dan bekerja di rumah boleh mencapai sumber-sumber rangkaian dalaman. (5/100) (iv) Capaian keluar Internet (WWW) mesti diskren dan ditapis. Anda adalah penganalisis keselamatan kepada sebuah syarikat yang sedang memindahkan perkhidmatan-perkhidmatan laman sesawang sebagai satu kaedah untuk mengatur kedudukan aplikasi teragih. Majikan anda meminta anda menulis satu laporan ringkas yang menerangkan isu-isu keselamatan yang berkaitan dengan strategi baru ini. Nota: Jawapan kepada soalan ini akan berbeza-beza, namun perlu menerangkan dua (2) daripada empat jenis kerentanan perkhidmatan-perkhidmatan sesawang, dan bagaimana ianya berkaitan antara satu sama lain. (8/100) - ooooooo -

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback