第一章 概述 Overview Pe6-Pc4
●P1.1-Pe36-Pc24 Consider an automate tell machine (ATM) in which urs provide a personal identification励志名言诗句 number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each ca, indicate the degree if importance if the requirement.
答:The system must keep personal identification numbers confidential, both in the host system and during transmission for a transaction. It must protect the integrity of account r
ecords and of individual transactions. Availability of the host system is important to the economic well being of the bank, but not to its fiduciary responsibility. The availability of individual teller machines is of less concern.
●P1.5-P37-Pc25 U a matrix format to show the relationship between X.800 curity rvices and curity correspond to rvices. Each cell in the matrix should be checked, or not, to indicate whether the corresponding mechanism is ud in providing the corresponding rvice漫画素描.
●P1.6-P37-Pc25 Draw a matrix similar to that for the preceding problem that shows the relationship between X.800 curity rvices and network curity attacks.
●P1.7-P37-Pc25 Draw a matrix similar to that for the preceding problem that shows the relationship between X.800 curity mechanisms and network curity attacks.
第六章 入侵检测 Instruction Detection Pe176-Pc116
●R6.10-Pe209-Pc138 What is the difference between a distributed host-bad IDS and a NIDS?
答:A NIDS examines packet traffic directed toward potentially vulnerable computer systems on a network. A host-bad system examines ur and software activity on a ho
st. A distributed IDS is a collection of host-bad IDSs that cooperate, but the focus remains on host activity rather than network activity.
●R6.11-Pe209-Pc138 Describe the types of nsors that can be ud in a NIDS.
答:An inline nsor is inrted into a network gment so that the traffic that it is monitoring must pass through the nsor. A passive nsor monitors a copy of network traffic; the actual traffic does not pass through the device.
●资产评估学R6.12-Pe209-Pc138 What are possible locations for NIDS nsors?
答:1. just inside the external firewall;
2. between the external firewall and the Internet or WAN;
3. at the entrance to major backbone networks; to support workstation LANs.
狗狗多大可以驱虫●R6.13-Pe209-Pc138 What is a honeypot?
答:Honeypots are decoy systems that are designed to lure a potential attacker away from critical systems.
第七章 恶意软件 Malicious Software Pe215-Pc142
●P7.1-Pe246-Pc163 What is the role if compression in the operation if a virus?
答:A virus may u compression so that the infected program is exactly the same length as an uninfected version.
●P7.2-Pe246-Pc163 What is the role of encryption in the operation of a virus?
答:A portion of the virus, generally called a mutation engine, creates a random encryption key to encrypt the remainder of the virus. The key is stored with the virus, and
the mutation engine itlf is altered. When an infected program is invoked, the virus us the stored random key to decrypt the virus. When the virus replicates, a different random key is lected.