Computer Network Security

Inline is used to look at a specific location such as between two routers, where as promiscuous mode captures traffic using a capture device such as a hub or switch, this way all traffic that goes through the device is monitored.

I you are asking what the false-acceptance rates (FAR) are ... it depends on the type of biometric and how the sensitivity is set. The tighter you set the tolerances, the fewer false acceptances you get, but the more false rejections (FRR) you get.

Typically:

Fingerprint: 1% FAR at 10% FRR, 0.01% FAR at 20% FRR

Hand-print: Better than fingerprints - somewhere in the neighborhood of Retina scans

Iris: more intrusive but more accurate than retina scans

Retina: better than fingerprints, less than Iris. Affected by health - prone to false rejections when health changes

Voice: highly variable - affected by health (ever had a sore throat?)

Facial recognition: 1% FAR at 10% FRR, 0.01% FAR at 30% FRR

... of course there are other biometrics that can be used, there are just some examples and YMMV.

Usually Bio-metrics needs to be combined with another authentication method to achieve strong security - but with another method - even if the other method is a second bio-metric - it is very strong.

If you are asking a bout how secure the database of bio-metric information is... that's just a general question of how secure the computer system is. Improperly secured it would be a tasty target for an attacker seeing PII on individuals.

: Blocking can occur when two switch inputs attempt to access the same intermediate switch channel.

Ping request

Wildcard SSL certificates are good for subdomain security.One of the most important aspects of your ecommerce website is Secure Sockets Layer (SSL) protection.When you buy a wildcard SSL certificate, you can use it to encrypt all of the subdomains. However, it is important that the there is a common factor in the domain names.

The main problem is somebody sniffing the network. At least when the traffic is encrypted the attacker now has to unencrypt it. Depending on your encryption this could take minutes or months.

How big of a risk does authenticating over an unencrypted line pose. Depends on what your authenticating to, if its only your youtube account then you will probably dont have much to worry about, if your authenticating with your bank for perhaps a money transfer - then this could lead to problems.

Ring protection is a system where multiplexers are connected in a ring topology. If a single span fails traffic switches around the other side of the ring.

Impossible to say without knowing what kind of site you are talking about, and what services you are running. If a site is public, available via a network connection, or a remote dialup, you could be subject to any attack that has an attack vector through those methods.

Your job is to make sure that the attacks do not succeed, thereby eliminating or vastly reducing any possible damage to the site.

The total key length for single DES is 56 bits. At the time, it was felt that was adequate so that someone could not easily guess what the key was. With automated approaches that has been shown to be too weak for good cryptoanalysis.

If the client doesn't know the IP address of the desired web server it has to find that out. This can be done via DNS if you know the name of the server as part of the URL.

After the address is located then transfer takes place using HTTP protocol. This is a layer 7 (application layer) protocol.

most of the time they are suspended or disbarred( not allowed to be a lawer)

An octect is a byte with exactly 8 bits.

In order to name some options one would need to know the area - the question does not specify any.

The maintenance of the security system involves periodic checks of all the elements that make up the installation (cameras, detectors, computers, circuits, lighting systems, etc.) to verify that they work well. Next, systems that are not functioning properly would be corrected or repaired (corrective maintenance).

I'm going to go out on a limb somewhat here, but if you are referring to the use of a human eye as a password then you are talking about a biometric device known as a retinal scanner. They do exist as lock devices primarily, but could be used for just about anything that requires authentication that is difficult to fake.

The essential (basic or foundation) protections to protect information systems must consist of a three tier approach: Technical, Physical and Administrative. Within these tiers are the core building blocks of managing a dynamically changing security posture. Before moving on, seriously consider, no protection can be more consistently effective without situational awareness, due diligence, and enforcement. Broken down succinctly you must ensure certain hardware and software are installed, implemented well and the latest security patches is kept updated: Network Router/Switch, Operating System (OS), Firewall, Anti-Virus, Spyware Protection and any security updates available for your other software. Remember these are basic protections. In addition, a great back up plan: External drives and/or High Capacity storage Media (the former is usually faster), and a real time backup application for both the data as well as the system itself. It will allow for recovery of not only your important data but you can also fully restore your information system in a shortened amount of time (as opposed to reloading the OS and each application). Finally, you need encryption; two types: 1. Data-at- Rest (stored on hard drives and/or other media) and 2. Data-in-Transit (Sending your data from one location to another and keeping it from prying and spying eyes). All of the above is the beginning of your "defense in depth" information systems protection program.

Technical security controls are devices, processes, protocols, and other measures used to protect the information system; examples include but not limited to; encryption, anti virus, firewalls, Spyware Protection, etc.

Physical security controls are physical ways and means you prevent access to the information systems; locked doors, fences, alarms, cameras etc.

Administrative controls are essentially the polices and procedures put in place to ensure your information system doesn't become vulnerable by following some basic rules and acceptable use policy (not to mention what information you authorize to give out and who can access your information system).

A buffer overflow occurs when you put more stuff into it than it can hold. For a stack, it means you put or pushed onto the stack more information than the size of the stack.

If I have a stack that can hold 10 entries, then putting 11 in the stack will overflow it.

There are many career opportunities with a IT security degree. Some entry level positions are: IT security technicians, firewall administrators, IT security assurance, and IT security manager. Your career can lead into several prestigious positions such as an information security officer or even a chief information security officer.

Generally an IT security degree falls into the network security category. Examples of job roles can be to manage firewalls and intrusion detection/prevention systems, develop security policies, setup encryption standards, packet level analysis, and provide consulting.

Three general approaches to replay attacks include:

1. Packet Replay: An attacker captures network packets and retransmits them to impersonate a legitimate user or session, often targeting authentication processes.
2. Session Replay: This involves replaying a previously established session's data to gain unauthorized access, typically by reusing session tokens or cookies.
3. Man-in-the-Middle (MitM) Replay: An attacker intercepts and stores communications between two parties, later replaying them to manipulate or deceive either party without their knowledge.

Digital certificates are verified through the use of another certificate, creating a chain of certificates that ends with the root certificate

The issuer of a certificate is called a certification authority (CA). The owner of the root certificate is the root certification authority.

In a star topology only the failed system would have a problem, unless the device was the network connectivity device (on a LAN).

In a WAN, if the building was connected through the central building and the central building had a problem then all buildings would be affected. If it isn't the central connection point then only the building with the problem would be affected.