Question1. What is the advantage of using groups for access control?
Question2. Describe the following threats to firewalls:
(I) Denial of service,
(II) IP Spoofing and
What countermeasures can be adopted against these threats?
Question3. IPSec uses two protocols for security: Authentication protocol (AH) and the Encapsulated Security Header Protocol (ESP). Why is AH used with ESP although ESP provides some authentication?
Question4. What is a Security Association (SA) and what does it define? Why are there two SAs per one connection? How can two communicating peers agree on what kind of SAs they use?
Question5. List 3 schemes for email security.
Question6. Give an example of a symmetric encryption algorithm is used by PGP?
Question7. What algorithm is used by PGP for email compatibility and why?
Question8. SET allows the merchant to view only the order information and not to have access to the payment information. Similarly, the payment gateway gets access only to the payment information. Explain how this can be achieved using a dual signature and public key cryptography.