Professional Documents
Culture Documents
PART A
Security attack refers to a process whereby a person compromise your computer by installing
harmful malicious software in your computer without your knowledge. These malicious software
includes viruses, spywares, adwares, and trojan horses. These software often deletes certain vital
files on your computer, making your computer to function abnormally, spying on your online
surfing habits, and cause advertisements to pop up on your screen when you are online.
Ques3) What commonly used computer programs are prone to man in the middle attacks.
Discuss solutions to prevent this form of attack.
Ans: ppt pdf
Man-In-The-Middle attack is the type of attack where attackers intrude into an existing
connection to intercept the exchanged data and inject false information. It involves
eavesdropping on a connection, intruding into a connection, intercepting messages, and
selectively modifying data.
The term "Man-in-the-middle attack" (MITM attack) refers to the type of attack where the attacker
intrudes into the communication between the endpoints on a network to inject false information
and intercept the data transferred between them.
Or
Various defenses against MITM attacks use authentication techniques that are based on:
The integrity of public keys must generally be assured in some manner, but need not be
secret. Passwords and shared secret keys have the additional secrecy requirement. Public
keys can be verified by a Certificate Authority, whose public key is distributed through a
secure channel (for example, with a web browser or OS installation). Public keys can also
be verified by a web of trust that distributes public keys through a secure channel (for
example by face-to-face meetings).
See Key-agreement protocol for a classification of protocols that use various forms of
keys and passwords to prevent man-in-the-middle attacks.
PART B
Cryptography (or cryptology; from Greek κρυπτός, kryptos, "hidden, secret"; and γράφ,
gráph, "writing", or -λογία, -logia, respectively)[1] is the practice and study of hiding
information. Modern cryptography intersects the disciplines of mathematics, computer
science, and engineering. Applications of cryptography include ATM cards, computer
passwords, and electronic commerce.
Cryptology prior to the modern age was almost synonymous with encryption, the
conversion of information from a readable state to nonsense. The sender retained the
ability to decrypt the information and therefore avoid unwanted persons being able to
read it. Since WWI and the advent of the computer, the methods used to carry out
cryptology have become increasingly complex and its application more widespread.
Or
Ans :
Firewalls are a key part of keeping networked computers safe and secure. All computers
deserve the protection of a firewall, whether it’s the thousands of servers and desktops
that compose the network of a Fortune 500 company, a traveling salesperson’s laptop
connecting to the wireless network of a coffee shop, or your grandmother’s new PC with
a dial-up connection to the Internet.
Although home users have traditionally used only host-based firewalls, recent trends in
security exploits highlight the importance of using both types of firewalls together.
Traditional firewall architectures protect only the perimeter of a network. However, once
an attacker penetrates that perimeter, internal systems are completely unprotected. Hybrid
worms, in particular, have penetrated corporate networks through email systems, and then
have spread quickly to unprotected internal systems. Applying host-based firewalls to all
systems, including those behind the corporate firewall, should now be standard practice.