Unit 1 Questions:
1. Explain the Morris Worm and its significance.
It is considered to be the first Internet Worm. It was designed to count the number of systems connected to the Internet, however due to a flaw the worm replicated quickly and caused widespread slowdown across the globe.
2. Explain what____ hackers are.
White-Hat- Those that know how hacking works but use skills for good
Black-Hat – Those that through actions or stated intent, indicated that their hacking is designed to break the law, disrupt systems or businesses, or generate an illegal return
Grey-Hat – Rehabilitated hackers or those that once were on the (black-hat) dark side but are now ...view middle of the document...
Candy-from-a-baby – If it is so easy to copy a program or download a song how can it be illegal
f. Hacker – Information should be free. No one should have to pay for books or media.
7. What is ethical hacking?
Hacking a system with the “written” consent of the asset owner to review their security vulnerabilities
8. What role does professional organizations and certifying bodies play in regards to ethical standards?
9. What is the issue with conducting security assessments without prior authorization?
Engaging in any hacking activity without the explicit permission of the owner of the target you are attacking is a crime whether you get caught or not. You will be treated as a hostile threat and persecuted by the law.
Unit 2 Questions:
1. From (Chap 2) of The Art of Intrusion, what are some of the countermeasures that can be used to reduce the threat of terrorist hacking?
Patch and update your system regularly, use defense in depth by placing publically accessed systems in a DMZ, Monitoring activity for unusual or suspicious, stronger authentication or passwords, it boils down to what you want to protect and how far you are willing to go to protect it.
2. From (Chap 1) of The Art of Intrusion, explain the importance of doing research to discover exploitable vulnerabilities when it comes to defending an existing computer system or network.
It was extremely helpful to the individuals that were trying to hack the casino machines. First they found out which type of machine then bought one, next they checked on a ROM chip under patents and found a working binary printout of the chip, they then engineered a way to count how they could exploit the random number generator. So I think that research worked out well for them. They also did the same for a newer machine and it worked then also.
3. Explain asymmetric encryption.
An algorithm that requires two separate keys one which is secret and one which is public they are mathematically linked. Public is used to encrypt plaintext or verify a digital signature private is used to decrypt or create a digital signature (they are inverse of each other)
4. What is MD5 hashing?
An improved/redesign of MD4. It provides a unique data fingerprint that is used to verify data sent and received. It changes dramatically if the message is altered. They are used for authentication and integrity of the data. One way encryption that produces 128 bit digest used to verify integrity (if file has been altered the hash should not match, but it is vulnerable to collision attacks)
5. What is IPSEC and what is it used for?
It stands for IP security and is used for information protection. It can be used to encrypt just the data or the data and the header of the information being sent.
6. What does hashing provide?
Security of integrity of a message or data, it gives the person opening the file a way of determining whether or not it has been tampered with.