UNIVERSITI SAINS MALAYSIA. CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian]

Similar documents
UNIVERSITI SAINS MALAYSIA. CST333 Distributed & Grid Computing [Perkomputeran Teragih & Grid]

UNIVERSITI SAINS MALAYSIA. CST332 Internet Protocols. Architecture & Routing [Protokol, Seni Bina & Penghalaan Internet]

UNIVERSITI SAINS MALAYSIA. CMT322/CMM323 Web Engineering & Technologies [Kejuruteraan & Teknologi Web]

UNIVERSITI SAINS MALAYSIA. CST232 Operating Systems [Sistem Pengendalian]

UNIVERSITI SAINS MALAYSIA. CCS521 Advanced Distributed Systems Concepts and Design [Konsep dan Reka Bentuk Sistem Teragih Maju]

UNIVERSITI SAINS MALAYSIA. CPT344 Computer Vision & Image Processing [Penglihatan Komputer & Pemprosesan Imej]

UNIVERSITI SAINS MALAYSIA. CCS522 Advanced Data Communication & Computer Networks [Rangkaian Komputer & Komunikasi Data Lanjutan]

UNIVERSITI SAINS MALAYSIA. CST331 Principles of Parallel & Distributed Programming [Prinsip Pengaturcaraan Selari & Teragih]

UNIVERSITI SAINS MALAYSIA. Peperiksaan Semester Pertama Sidang Akademik 2003/2004. September/Oktober 2003

UNIVERSITI SAINS MALAYSIA. CCS522 Advanced Data Communication and Computer Networks [Rangkaian Komputer dan Komunikasi Data Lanjutan]

UNIVERSITI SAINS MALAYSIA. CPT113 Programming Methodology & Data Structures [Metodologi Pengaturcaraan & Struktur Data]

UNIVERSITI SAINS MALAYSIA. CST131 Computer Organisation [Organisasi Komputer]

UNIVERSITI SAINS MALAYSIA. CPT111/CPM111 Principles of Programming [Prinsip Pengaturcaraan]

INSTRUCTION: This section consists of TEN (10) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CPT211-CPM313 Programming Language Concepts & Paradigm [Konsep & Paradigma Bahasa Pengaturcaraan]

MSS 317 Coding Theory [Teori Pengekodan]

UNIVERSITI SAINS MALAYSIA. CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian]

CPT211/CPM313 Programming Language Concepts & Paradigms [Konsep & Paradigma Bahasa Pengaturcaraan]

UNIVERSITI SAINS MALAYSIA. CPT341 Software Design & Architecture [Reka Bentuk & Seni Bina Perisian]

EEE 428 SISTEM KOMPUTER

UNIVERSITI SAINS MALAYSIA. CST131 Computer Organisation [Organisasi Komputer]

MSS 318 Discrete Mathematics [Matematik Diskret]

UNIVERSITI SAINS MALAYSIA

...a- JEE ELEKTRONIK DIGIT II. UNlVERSlTl SAINS MALAYSIA. Peperiksaan Semester Kedua Sidang Akademik FebruarVMac 2003.

UNIVERSITI SAINS MALAYSIA. CST331 Principles of Parallel & Distributed Programming [Prinsip Pengaturcaraan Selari & Teragih]

UNIVERSITI SAINS MALAYSIA. CMT422 Multimedia Information Systems & Management [Sistem & Pengurusan Maklumat Multimedia]

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CMT224/CMM221 Multimedia Systems [Sistem Multimedia]

UNIVERSITI SAINS MALAYSIA. CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian]

UNIVERSITI SAINS MALAYSIA. CST131 Computer Organisation [Organisasi Komputer]

UNIVERSITI SAINS MALAYSIA. CST231/CSM331 Data Communications & Networks [Komunikasi Data & Rangkaian]

INSTRUCTION: This section consists of TWO (2) short answer and structured essay questions. Answer ALL questions.

INSTRUCTION: This section consists of TWO (2)short answers and TWO (2) structured essays. Answer ALL questions.

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CST234 Network Programming [Pengaturcaraan Rangkaian]

UNIVERSITI SAINS MALAYSIA. CCS523 Computer Security & Cryptography [Keselamatan Komputer & Kriptografi]

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CMT324 Computer Graphics & Visual Computing [Grafik Komputer & Perkomputeran Visual]

INSTRUCTION: This section consists of TWO (2) questions. Answer ALL questions. ARAHAN: Bahagian ini mengandungi DUA (2) soalan. Jawab SEMUA soalan.

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

CPT212 Design & Analysis of Algorithms [Reka Bentuk & Analisis Algoritma]

UNIVERSITI SAINS MALAYSIA. CST431/CST335 Systems Security & Protection [Keselamatan & Perlindungan Sistem]

ssk 2023 asas komunikasi dan rangkaian TOPIK 4.0 PENGALAMATAN RANGKAIAN Minggu 11

INSTRUCTION: This section consists of FOUR (4) structured questions. Answer ALL questions.

Panduan Menggunakan Autoresponder FreeAutobot.com

UNIVERSITI SAINS MALAYSIA. CST232 Operating Systems [Sistem Pengendalian]

CPT111/CPM111 Principles of Programming [Prinsip Pengaturcaraan]

Pengenalan Sistem Maklumat Dalam Pendidikan

Semasa buku ini ditulis XAMPP mengandungi empat versi:

EEE 348 PENGANTAR REKABENTUK LITAR BERSEPADU

AN IMPROVED PACKET FORWARDING APPROACH FOR SOURCE LOCATION PRIVACY IN WIRELESS SENSORS NETWORK MOHAMMAD ALI NASSIRI ABRISHAMCHI

MICROSOFT EXCEL. Membina Hamparan Elektronik Fungsi Hamparan Elektronik

CCS592 Advanced Algorithms and Complexity [Algoritma Lanjutan & Kekompleksan]

PANDUAN PENGGUNA (SUPPLIER) MAINTAIN CERTIFICATES/SUPPLIER DETAILS SUPPLIER RELATIONSHIP MANAGEMENT SUPPLY CHAIN MANAGEMENT SYSTEM (SCMS)

PANDUAN PENGGUNA (SUPPLIER) MAINTAIN CERTIFICATES/SUPPLIER DETAILS SUPPLIER RELATIONSHIP MANAGEMENT SUPPLY CHAIN MANAGEMENT SYSTEM (SCMS)

EEE348 INTRODUCTION TO INTEGRATED CIRCUIT DESIGN (PENGANTAR REKABENTUK LITAR BERSEPADU)

PART A SULIT (EKT 221) BAHAGIAN A. Answer ALL questions. Question 1. a) Briefly explain the concept of Clock Gating.

UNIVERSITI SAINS MALAYSIA. CMT322/CMM323 Web Engineering & Technologies [Kejuruteraan & Teknologi Web]

PANDUAN PENGGUNA (PENTADBIR SYSTEM/SYSTEM ADMINISTRATOR) (INFOTECH, BPPF DAN POLIS

UNIVERSITI SAINS MALAYSIA. CPT103/CPM211 Struktur Data & Paradigma Pengaturcaraan

EEE 355 ROBOTIC & AUTOMATION [Robotik & Pengautomatan]

UNIVERSITI SAINS MALAYSIA. CCS513 Computer Vision and Image Analysis [Penglihatan Komputer dan Analisis Imej]

CST234 Network Programming [Pengaturcaraan Rangkaian]

INSTRUCTION: This section consists of FOUR (4) questions. Answer ALL questions. ARAHAN: Bahagian ini mengandungi EMPAT (4) soalan. Jawab SEMUA soalan.

PANDUAN PENGGUNA (PENSYARAH)

UNIVERSITI SAINS MALAYSIA. CCS523 Computer Security & Cryptography [Keselamatan Komputer & Kriptografi]

CST432 Microprocessors & Embedded Systems [Mikropemproses & Sistem Terbenam]

TEKNOLOGI, GADJET & KEIBUBAPAAN

VIRTUAL PRIVATE NETWORK: ARCHITECTURE AND IMPLEMENTATIONS

UNIVERSITI SAINS MALAYSIA. CPT111 Principles of Programming [Prinsip Pengaturcaraan]

MULTIMEDIA COLLEGE JALAN GURNEY KIRI KUALA LUMPUR

ISOGEOMETRIC ANALYSIS OF PLANE STRESS STRUCTURE CHUM ZHI XIAN

Panduan Pengguna Autodesk Education Community

INSTRUCTION: This section consists of TWO (2) questions. Answer ALL questions. ARAHAN: Bahagian ini mengandungi DUA (2) soalan. Jawab SEMUA soalan.

Pengguna akan diberikan Username dan Password oleh Administrator untuk login sebagai admin/conference Manager bagi conference yang akan diadakan.

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

UNIVERSITI SAINS MALAYSIA. CPT103/ CPM211 Struktur Data & Paradigma Pengaturcaraan

UNIVERSITI SAINS MALAYSIA. CPT212 Design & Analysis of Algorithms [Reka Bentuk & Analisis Algoritma]

UNIVERSITI SAINS MALAYSIA. CST432 Microprocessors & Embedded Systems [Mikropemproses & Sistem Terbenam]

INSTRUCTION: This section consists of TWO (2) structured questions. Answer ALL questions.

Panduan Guru Maker UNO/ Arduino

EEM 312 ROBOTIK & PENGLIHATAN MESIN

SECURE-SPIN WITH HASHING TO SUPPORT MOBILITY AND SECURITY IN WIRELESS SENSOR NETWORK MOHAMMAD HOSSEIN AMRI UNIVERSITI TEKNOLOGI MALAYSIA

M2U MANUAL PENGGUNA USER MANUAL M2UNHJ. 0 P a g e BAHAGIAN SIMPANAN DAN PENGELUARAN JABATAN KHIDMAT PENDEPOSIT DAN OPERASI LEMBAGA TABUNG HAJI

UNIVERSITI SAINS MALAYSIA. CCS592 Advanced Algorithms and Complexity [Algoritma Lanjutan & Kekompleksan]

EEE 430/4 SOFTWARE ENGINEERING

UNIVERSITI SAINS MALAYSIA. CMT221/CMM222 Database Organisation & Design [Organisasi & Reka Bentuk Pangkalan Data]

PERFOMANCE ANALYSIS OF SEAMLESS VERTICAL HANDOVER IN 4G NETWOKS MOHAMED ABDINUR SAHAL

UNIVERSITI SAINS MALAYSIA. CST231/CSM331 Data Communications & Networks [Komunikasi Data & Rangkaian]

Registration of Supplier (ROS) TM Supplier Registration Renewal via SUS Portal (Pembaharuan Pendaftaran Pembekal TM melalui SUS Portal)

Lab 4 : Sorting Techniques

CLOUD COMPUTING ADOPTION IN BANKING SYSTEM (UTM) IN TERMS OF CUSTOMERS PERSPECTIVES SHAHLA ASADI


SYSTEMATIC SECURE DESIGN GUIDELINE TO IMPROVE INTEGRITY AND AVAILABILITY OF SYSTEM SECURITY ASHVINI DEVI A/P KRISHNAN

Information Security Management System ISO/IEC 27001:2013

UNIVERSITI SAINS MALAYSIA. CMT321 Management & Engineering of Databases [Pengurusan & Kejuruteraan Pangkalan Data]

MAT 181 Programming for Scientific Applications [Pengaturcaraan untuk Penggunaan Sains]

DYNAMIC TIMESLOT ALLOCATION TECHNIQUE FOR WIRELESS SENSOR NETWORK OON ERIXNO

Transcription:

UNIVERSITI SAINS MALAYSIA First Semester Examination 2014/2015 Academic Session December 2014/January 2015 CST334 Network Monitoring & Security [Pengawasan & Keselamatan Rangkaian] Duration : 2 hours [Masa : 2 jam] INSTRUCTIONS TO CANDIDATE: [ARAHAN KEPADA CALON:] Please ensure that this examination paper contains FOUR questions in SEVEN printed pages before you begin the examination. [Sila pastikan bahawa kertas peperiksaan ini mengandungi EMPAT soalan di dalam TUJUH muka surat yang bercetak sebelum anda memulakan peperiksaan ini.] Answer ALL questions. [Jawab SEMUA soalan.] You may answer the questions either in English or in Bahasa Malaysia. [Anda dibenarkan menjawab soalan sama ada dalam bahasa Inggeris atau bahasa Malaysia.] In the event of any discrepancies, the English version shall be used. [Sekiranya terdapat sebarang percanggahan pada soalan peperiksaan, versi bahasa Inggeris hendaklah diguna pakai.]...2/-

- 2-1. (a) Describe the three-way handshake process used to initiate TCP connections. What are some of the benefits of a layered architecture model? Your boss wants to know how subnetting works. Provide her with a brief description on how subnetting works. Prepare an example to illustrate how subnetting works. Why is it problematic to send confidential information over e-mail? What is a solution to this problem? What elements are almost always present in an effective hoax e-mail? Give an example. 2. (a) Your Web site is completely encrypted using SSL. How does this enhance security? What will it not protect against? What are cookies used for on a Web site, and what problem do they specifically address? If your firm decides to go cookieless, what are the implications for your e- Commerce site?...3/-

- 3 - Identify the type of information that attackers might try to obtain if they were able to install a sniffer on a network. Explain the steps in spoofing a system across the Internet. 3. (a) You have just been asked to deploy an IDS at your company. The company has 500 desktops, 20 servers, and two connections to the Internet. Describe which type of IDS you would deploy and why. Create network diagrams to show placement of components. Describe how the system would be installed, maintained, and monitored. Explain what is stateful inspection? How is state information maintained during a network connection or transaction? Explain how the various types of firewalls interact with the network traffic at various levels of the OSI model. 4. (a) What is the difference between a denial-of-service attack and a distributed denial-of-service attack? Which is potentially more dangerous and devastating? Why? What is a buffer overflow and how is it used against a web server?...4/-

- 4 - Your company s security team wants more information about possible wireless solutions. They feel that WEP is secure because encryption can be used at 128 bits. Explain to them what the primary weakness in the WEP protocol is and how can it be exploited. Your company s management is considering rolling out 802.11 wireless and would like your input on what to choose. Describe the different.802.11 protocols and what has made them so popular, concluding with your recommendation to the management team. (e) Imagine you are a Web developer for a small locally owned business. Explain when using HTTP would be satisfactory. Explain when you should use HTTPS....5/-

KERTAS SOALAN DALAM VERSI BAHASA MALAYSIA - 5-1. (a) Terangkan proses jabat tangan tiga hala yang digunakan dalam memulakan sambungan-sambungan TCP. Apakah manfaat-manfaat sebuah model seni bina berlapis? Majikan anda mahu tahu bagaimana pesubrangkaian dibuat. Berikan keterangan ringkas kepadanya bagaimana pesubrangkaian dibuat. Sediakan satu contoh untuk menggambarkan bagaimana pesubrangkaian dibuat. Mengapa ianya suatu masalah untuk menghantar maklumat sulit menerusi emel? Apakah satu penyelesaian untuk masalah ini? Apakah unsur-unsur yang sentiasa ada dalam satu emel palsu yang berkesan? Berikan satu contoh. 2. (a) Laman sesawang anda dienkripkan secara lengkap menggunakan SSL. Bagaimana ianya mempertingkatkan lagi keselamatan? Apakah perkara yang ianya tidak akan lindungi?...6/-

- 6 - Apakah (maksud) cookie yang digunakan untuk sesebuah laman sesawang, dan apakah masalah spesifik yang dikendalikan olehnya? Jika firma anda memutuskan untuk tidak menggunakan cookie, apakah kesannya ke atas laman e-dagang? Kenalpasti jenis maklumat yang akan cuba diperolehi oleh penyerang jika mereka dapat memasang sniffer dalam sesebuah rangkaian. Terangkan langkah-langkah dalam perdayaan sesebuah system menerusi Internet. 3. (a) Anda telah diminta memasang atur suatu ID di syarikat anda. Syarikat itu mempunyai 500 komputer meja, 20 pelayan, dan dua sambungan ke Internet. Terangkan jenis IDS yang akan anda pasang atur dan mengapa. Cipta gambar rajah rangkaian untuk menunjukkan penempatan komponen-komponen berkaitan. Terangkan bagaimana sistem tersebut akan dipasang, diselenggarakan, dan dipantau. Terangkan apakah penyemakan berkeadaan? Bagaimana maklumat keadaan diselenggarakan semasa satu sambungan rangkaian atau transaksi? Terangkan bagaimana pelbagai jenis tembok api berinteraksi dengan trafik rangkaian pada pelbagai tahap model OSI....7/-

- 7-4. (a) Apakah perbezaan antara suatu serangan nafi khidmat dan suatu serangan nafi khidmat teragih? Yang mana satu berpotensi lebih merbahaya dan mengakibatkan kemusnahan? Mengapa? Apakah suatu limpahan penimbal dan bagaimana ianya digunakan ke atas sesebuah pelayan sesawang? Pasukan keselamatan syarikat anda mahukan lebih maklumat berkenaan dengan penyelesaian-penyelesaian tanpa wayar yang mungkin. Mereka merasakan bahawa WEP lebih selamat kerana enkripsi boleh digunakan pada 128 bit. Terangkan kepada mereka apakah kelemahan utama dalam protokol WEP dan bagaimana ianya boleh dieksploitasikan. Pengurusan syarikat anda mempertimbangkan untuk memperkenalkan tanpa wayar 802.11 dan mahukan input anda untuk mereka membuat pilihan. Jelaskan perbezaan protokol-protokol 802.11 dan apa yang membuatkannya begitu popular, dan akhiri dengan syor anda kepada pasukan pengurusan. (e) Bayangkan anda adalah seorang pembangun sesawang untuk sebuah perniagaan kecil tempatan. Jelaskan bila penggunaan HTTP akan memadai. Jelaskan bila sepatutnya ada gunakan HTTPS. - ooooooo -

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback