1. Which do you think is a greater security threat in the web, Server side executables or client side executables and why?
2. What is the primary security vulnerability of FTP and what is the best way to bmitigate it?
3. Which category of the taxonomy does PGP mitigate that is not mitigated by just encrypting the SMTP traffic between MTAs?
4. Provide a reason why anonymous systems like TOR could be useful and provide a security problem with them?
5. What type of information about the browser or browser's computer is provided to a web server by the browser using the HTTP protocol?
a. What security problems can this cause?
b. How could you stop a server from getting your information?
6. For each network mitigation list what categories of the taxonomy they can mitigate
A. Firewall
B. IDS
C. Web filter
D. Data Loss Prevention (DLP)
7. Describe how to defeat the following email security mechanisms
a. White listing
b. Grey listing
c. Spam filter
8. What is the difference between using TLS (TCP layer encryption) versus IPSec (IP layer encryption) in terms of security.
9. Comment on the course and the text book
10. Using the figure below answer the following questions Assume the following addresses:
H1 192.168.5.5 Nat 1 192.168.5.254 (for the NET 1)
H3 129.186.2.8 Nat 1 129.186.4.1 (for the NET 2)
Router 3 129.186.4.253 (for NET 2) Router 1 129.186.4.254 (for the NET 2)
Router 3 129.186.2.254 (the NET 3) Router 1 10.0.0.5 (for the internet side)