Advanced Network Securities

Advanced Network Securities Final Exam
 
The final exam is open book, please complete each question below with complete thoughts (2-3 sentences)
 
Q1: What are the best defenses against a brute force login attack?
 
 
Q2: Explain the difference between symmetric and asymmetric encryption.
 
 
 
Q3: Explain the difference between a white and black hat hacker.
 
 
Q4: Define the salting process and what it’s used for.
 
 
Q5: How do you deal with “Man In The Middle” attacks?
 
 
 
Q6: Which is the better security measure, HTTPS, or SSL?Q: Name the three means of user authentication.
 
 
 
Q7: Which is a more secure project: open-source or proprietary?
 
Q8: If you work with a Linux server, what are the three significant steps you must take in order to secure it?
 
 
 
 
Q9: You discover an active problem on your organization’s network, but it’s out of your sphere of influence. There’s no doubt that you can fix it, though; so what do you do?
 
 
 
Q10: What’s the most effective measure to take against a CSRF (cross-site scripting)?
 
 
Q11: You get a phone call from a very influential executive high up on the organizational chart. He or she tells you to bend company policy to suit them and let them use their home device to do company work. What do you do?
 
 
 
Q12: Which is worse in terms of Firewall detection, and why? A false positive or a false negative?
 
 
Q13: Why are internal threats usually more effective than external threats?