Security Design

CSIS 3756

First Midterm

 

Due: 11:59pm Monday, October 15.

 

1. What is a browser hijacker? How does one get onto a computer? What steps can be done to repair damage done by a browser hijacker?
   
   
2. One method of protecting files in Windows is to use file encryption. Explain what Windows does with the encryption key for a file, and how to prevent a system crash from rendering an encrypted file permanently unrecoverable.
   
   
3. Suppose we have a set of Windows XP users that share a common set of security privileges that is unique to that set (e.g., none of the existing groups, such as “Power Users”, has the proper privileges). For simplicity, assume these users share a single machine. Explain the basic steps to implement the security settings for this group of users.
   
   
4. Suppose we have a network of computers that must support many users. Each user has information they wish to be shared across all machines, and information each user wishes to keep private on their “home” machine. Explain how this can be done if all of the computers are running Windows XP.
   
   
5. What is a man-in-the-middle attack? Explain how encryption helps to defeat this form of attack.
   
   
6. Two issues mentioned in class regarding NFS were security and ownership/access rights. What specifically were the problems with these issues, and how are they resolved?
   
   
7. (extra credit) In RSA encryption, suppose we choose p = 11 and q = 23. Find n = pq. If we choose e = 13, find d so that de = 1 mod (p-1)(q-1). (Hint: d is less than 20). Note that (e,n) are the public key, and d is the private key. Show how to encrypt the message 100, then show how to decrypt it.