sparks
计算机安全原理与实践课后习题答案
第一章 概述 Overview Pe6-Pc4
●P1.1-Pe36-Pc24 Consider an automate tell machine (ATM) in which urs provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each ca, indicate the degree if importance if the requirement.
思考在自动柜员机(ATM)上,用户提供银行卡和个人标识码(PIN)用于账户访问。给出与系统相关的机密性、完整性和可用性要求的例子,并说明每种情况下的要求的重要性等级。
答:The system must keep personal identification numbers confidential, both in the host system and during transmission for a transaction. It must protect the integrity of account r
ecords and of individual transactions. Availability of the host system is important to the economic well being of the bank, but not to its fiduciary responsibility. The availability of individual teller machines is of less concern.
●P1.5-P37-Pc25 U a matrix format to show the relationship between X.800 curity rvices and curity correspond to rvices. Each cell in the matrix should be checked, or not, to indicate whether the corresponding mechanism is ud in providing the corresponding rvice上海pte培训.
使用矩阵形式来说明X.800安全服务和安全机制间的关系。矩阵的列对用安全机制,行对应安全服务。矩阵中的每一个单元用来表示是否有相应的机制提供对用的服务。
●吃一堑长一智英文P1.6-P37-Pc25 Draw a matrix similar to that for the preceding problem that shows the relationship between X.800 curity rvices and network curity attacks.
画一个类似于上述问题的矩阵,给出X.800安全服务与网络安全攻击的关系。
●P1.7-P37-Pc25 Draw a matrix similar to that for the preceding problem that shows the relationship between X.800 curity mechanisms and network curity attacks.
画一个类似于上述问题的矩阵,给出X.800安全机制与网络安全攻击的关系。
第六章 入侵检测 Instruction Detection Pe176-Pc116
●aipR6.10-Pe209-Pc138 What is the difference between a distributed host-bad IDS and a NIDS?
基于主机的分布式IDS和NIDS之间的区别是什么?
答:A NIDS examines packet traffic directed toward potentially vulnerable computer systems on a network. A host-bad system examines ur and software activity on a ho
st. A distributed IDS is a collection of host-bad IDSs that cooperate, but the focus remains on host activity rather than network activity.
监测网络上流向潜在的易受攻击的计算机系统的数据包流量,而基于主机的IDS系统检测的是主机上的用户和软件活动王思聪 花千芳
●R6.11-Pe209-Pc138 Describe the types of nsors that can be ud in a NIDS.
描述可被用于NIDS的传感器类型。
答:An inline nsor is inrted into a network gment so that the traffic that it is monitoring must pass through the nsor. A passive nsor monitors a copy of network traffic; the actual traffic does not pass through the device.
内嵌传感器将被插入到网络段,以使正在监控的流量必须通过传感器。另一种是被动传感器,监控网络流量的备份,实际的流量并没有通过这个设备。
●R6.12-Pe209-Pc138 What are possible locations for NIDS nsors?
NIDS传感器可能的位置是什么?
答:1. just inside the external firewall;
2. between the external firewall and the Internet or WAN;
3. at the entrance to major backbone networks; to support workstation LANs.深圳电脑培训
1.在外部防火墙之中
2.在外部防火墙和以太网/网络之间riven
3.在主要支柱网络的入口处,用来维护局域网。it s amazing
●R6.13-Pe209-Pc138 What is a honeypot?
蜜罐的含义是什么?
答:Honeypots are decoy systems that are designed to lure a potential attacker away from critical systems.
蜜罐是为了潜在的攻击者原理关键系统而设计的障人耳目的系统。
第七章 恶意软件 Malicious Software Pe215-Pc142
●P7.1-Pe246-Pc163 What is the role if compression in the operation if a virus?
病毒执行过程中压缩的作用是什么?
答:A virus may u compression so that the infected program is exactly the same length as an uninfected version.
病毒在压缩可能使得被感染程序正好与未被感染时的长度想同。
●bingo什么意思P7.2-Pe246-Pc163 What is the role of encryption in the operation of a virus?
病毒执行过程中加密的作用是什么?
答:A portion of the virus, generally called a mutation engine, creates a random encryption key to encrypt the remainder of the virus. The key is stored with the virus, and
the mutation engine itlf is altered. When an infected program is invoked, the virus us the stored random key to decrypt the virus. When the virus replicates, a different random key is lected.
外教中介
