Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Question and Answer For Network Security Final Exam

    Hochgeladen von

    Võ Tuấn Anh
    38 Ansichten4 Seiten
    This document contains answers to 10 questions about network security. The answers provide brief explanations and steps for topics like where to place a web server, examples of client/server models, how to block torrent downloads, the three-way handshake process in TCP, defenses against port scanning, the basic functions of DNS, and the differences between a hub and switch that allow for passive sniffing on hubs but require active sniffing on switches.

    Originalbeschreibung:

    Originaltitel

    Q & A

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    This document contains answers to 10 questions about network security. The answers provide brief explanations and steps for topics like where to place a web server, examples of client/server models, how to block torrent downloads, the three-way handshake process in TCP, defenses against port scanning, the basic functions of DNS, and the differences between a hub and switch that allow for passive sniffing on hubs but require active sniffing on switches.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    38 Ansichten4 Seiten

    Question and Answer For Network Security Final Exam

    Hochgeladen von

    Võ Tuấn Anh
    This document contains answers to 10 questions about network security. The answers provide brief explanations and steps for topics like where to place a web server, examples of client/server models, how to block torrent downloads, the three-way handshake process in TCP, defenses against port scanning, the basic functions of DNS, and the differences between a hub and switch that allow for passive sniffing on hubs but require active sniffing on switches.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 4

    uest|on and Answer for Network Secur|ty I|na| Lxam

    1. nu dt webserver vo h thng thl dt o du?


    Any servlce (web servers, mall servers, l1 servers, vol servers) that ls belng provlded to users on the
    external network can be p|aced |n the DM2 (lllustrated ln the lollowlng plcture).
    Web servers that communlcate wlth an lnternal database requlre access to a database server, whlch may
    not be publlcly accesslble and may contaln sensltlve lnlormatlon. 1he web servers can communlcate wlth
    database servers elther dlrectly or through an appllcatlon llrewall lor securlty reasons.
    Answer for uest|on 2 - 1rlnh by trong thuc t mt vl du v cllent/server?
    very easy uo lt yoursell
    Answer for uest|on 3 - 1rlnh by mt vl du trong h thng my tlnh hoat dng theo m hlnh cllent/server?
    very easy uo lt yoursell
    Answer for uest|on 4 - Lm th no d ngn chn my tlnh trong mang download blt torrent?
    1here're some ways to block torrent download
    a. 8lock 1orrent 1ralllc
    b. 8lock 8lt1orrent orts
    c. 8lock u1orrent orts
    1he steps to conllgure are as lollowlng:
    a. 8|ock 1orrent 1raff|c
    1 cl|ck "5tott" ooJ select "coottol looel." lo tbe "coottol looel," select "w|oJows l|tewoll."
    2 Oo tbe left s|Je of tbe w|oJow, cl|ck "Allow o ptoqtom ot feotute tbtouqb w|oJows l|tewoll."
    A l|st of olloweJ ptoqtoms w|ll oppeot.
    J cl|ck "cbooqe 5ett|oqs" ooJ look fot ooy totteot cl|eots |o tbe l|st. kemove tbe cbeck motk ftom
    tbe boxes oext to tbe totteot cl|eots. lf yout totteot cl|eot Joeso't oppeot |o tbe l|st, cl|ck "Allow
    oootbet ptoqtom."
    4 5elect yout totteot cl|eot ftom tbe l|st oo tbe follow|oq scteeo. lf |t st|ll Joes oot oppeot, cl|ck
    "8towse" ooJ ftom tbe Jtop-Jowo meou select "My computet" tbeo Jouble cl|ck "c." ooJ qo to
    "ltoqtom l|les" ooJ locote tbe totteot cl|eot |o tbe l|st. uouble cl|ck oo tbe totteot cl|eot ooce you
    f|oJ |t.
    5 cl|ck "AJJ." kemove tbe cbeck motk ftom oll tbe boxes oext to tbe totteot cl|eot(s) you oJJeJ.
    cl|ck "Ok" to sove tbese sett|oqs.
    b. 8|ock 8|t1orrent orts
    AJJ tbe stooJotJ tooqe of 8|t1otteot potts to tbe l|st of blockeJ potts (1cl. 6881 1cl. 6999)
    c. 8|ock u1orrent orts
    8ecouse u1otteot uses tooJom pott by Jefoult, so you bove to Jo tbe follow|oq steps.
    1 Opeo 1otteot. Neot tbe top of tbe w|oJow cl|ck "Opt|oos" ooJ tbeo "ltefeteoces." lo tbe
    ltefeteoces w|oJow cl|ck "coooect|oos" ooJ write down the number /isted under "Port used for
    incominq connections." x|t 1otteot.
    2 AJJ tbe u1otteot pott to tbe l|st of blockeJ potts (1cl. pott |o tbe step 1)
    Answer for uest|on S 1rlnh by qu trlnh bt tay 3 buc tcp?
    1hls beglns wlth a S?n (Synchronlse) segment (as lndlcated by the code blt) contalnlng a 32-blt Sequence number
    A called the lnltlal Send Sequence (lSS) belng chosen by, and sent lrom, cllent host. 1hls 32-blt sequence number
    A ls the startlng sequence number ol the data ln that packet and lncrements by 1 lor every byte ol data sent
    wlthln the segment, l.e. there ls a sequence number lor each octet sent. 1he S?n segment also puts the value A+1
    ln the llrst octet ol the data.
    Server host recelves the S?n wlth the Sequence number A and sends a S?n segment wlth lts own totally
    lndependent lSS number 8 ln the Sequence number lleld. ln addltlon, lt sends an lncrement on the Sequence
    number ol the last recelved segment (l.e. A+x where x ls the number ol octets that make up the data ln thls
    segment) ln lts Acknowledgment lleld. 1hls Acknowledgment number lnlorms the reclplent that lts data was
    recelved at the other end and lt expects the next segment ol data bytes to be sent, to start at sequence number
    A+x. 1hls stage ls alten called the S?n-ACk. lt ls here that the MSS ls agreed.
    Cllent host recelves thls S?n-ACk segment and sends an ACk segment contalnlng the next sequence number (8+y
    where y ls the number ol octets ln thls partlcular segment), thls ls called lorward Acknowledgement and ls
    recelved by Server host. 1he ACk segment ls ldentllled by the lact that the ACk lleld ls set. Segments that are not
    acknowledged wlthln a certaln tlme span, are retransmltted.
    Answer for uest|on 6 Lm th no d chng scannlng?
    uefenses oqoinst Port 5conninq
    close oll uouseJ potts
    kemove oll uooecessoty setv|ces
    l|ltet out oll uooecessoty ttoff|c
    l|oJ opeo|oqs befote tbe ottockets Jo
    use smott f|ltet|oq
    Answer for uest|on 7: Lthernet l gl? n hoat dng nhu th no?
    Lasy uo lt yoursell
    (ll u can't answer thls questlon, l wlll glve u the l mark ln network Admlnlstratlon llnal Lxam)
    Answer for uest|on 8:
    Cla s cc ban phal t chuc h thng server cho mt cng ty. Cng ty yu cu:
    Webslte
    uatabase cho webslte
    hn mm quan ly ca cng ty
    uatabase cho phn mm quan ly
    Pol cn bao nhlu server, ml server cn t chuc nhu th no d dam bao an ton v tlt klm?
    1rusted 2ones: uotobose 5etvet (web uotobose, Moooqemeot 5oftwote uotobose)
    Moooqemeot 5oftwote 5etvet
    DM2: web 5etvet
    uotobose 5erver shou/d be confiqured os fo//ows:
    5boulJ ollow |obouoJ coooect|oos ftom tbe web setvets ooly, ooJ tbot sboulJ be eofotceJ ot o f|tewoll
    ooJ oo tbe mocb|oes. keol|ty usuolly J|ctotes o few mote mocb|oes (Jb oJm|o, etc). Obey teol|ty os
    oeeJeJ, of coutse.
    5boulJ ooly be mok|oq outbouoJ coooect|oos |f you'te upJot|oq softwote oo tbem.
    Answer for uest|on 9: 1al sao phal cl dns?
    Lasy uo lt yoursell
    (ll u can't answer thls questlon, l wlll glve u the l mark ln network Admlnlstratlon llnal Lxam)
    Answer for uest|on 10 Pub v swltch khc nhau nhu th no?vl sao snlller trn hub gol l bl dng cn
    trn swltch l ch dng?
    1be mo|o J|ffeteoce betweeo o sw|tcb ooJ bub |s tbot wb|le o bub bos oo mopp|oq, ooJ tbus btooJcosts l|oe Joto
    to evety pott oo tbe Jev|ce, o sw|tcb looks ot tbe MAc oJJtess ossoc|oteJ w|tb eocb ftome poss|oq tbtouqb |t ooJ
    seoJs tbe Joto to tbe teu|teJ coooect|oo oo tbe sw|tcb.
    Possive 5niffinq
    loss|ve so|ff|oq |s petfotmeJ wbeo tbe uset |s oo o bub. 8ecouse tbe uset |s oo o bub, oll ttoff|c |s seot to oll potts.
    All tbe ottocket must Jo |s to stott tbe so|ffet ooJ just wo|t fot someooe oo tbe some coll|s|oo Jomo|o to stott
    seoJ|oq ot tece|v|oq Joto.
    4ctive 5niffinq
    A sw|tcb looks ot tbe MAc oJJtess ossoc|oteJ w|tb eocb ftome poss|oq tbtouqb |t ooJ seoJs tbe Joto to tbe
    teu|teJ coooect|oo oo tbe sw|tcb, tbe sw|tcb tbeteby l|m|ts tbe Joto tbot o poss|ve so|ffet coo qotbet.
    lf tbete |s o poss|ve so|ffet oct|voteJ oo o sw|tcbeJ lAN, tbe so|ffet w|ll ooly be oble to see Joto qo|oq to ooJ ftom
    ooe mocb|oe - |.e. tbe system oo wb|cb |t |s |ostolleJ.
    1be so|ffets fot o sw|tcbeJ lAN oct|vely |oject ttoff|c |oto tbe lAN to eooble so|ff|oq of tbe ttoff|c. neoce tbe tetm
    'oct|ve so|ff|oq'. 5o|ffets coo qtob wbotevet tbey see oo tbe w|te ooJ tecotJ |t fot lotet tev|ew. 1bey ollow tbe uset
    to see oll tbe Joto cooto|oeJ |o tbe pocket, eveo |ofotmot|oo tbot sboulJ temo|o b|JJeo.

    Das könnte Ihnen auch gefallen