1. Question : (TCO A) What are the three goals of security in computing? For each goal, list two controls that can be implemented to help achieve that goal.
Question 2. Question : (TCO A) Cite a real-world database situation in which the sensitivity of an aggregate is greater than that of its constituent values.
Then, cite a database situation in which the sensitivity of an aggregate is less than that of its constituent values.
Question 3. Question : (TCO B) First, name one advantage and one disadvantage of using TCP as a transport protocol. Then, name one advantage and one disadvantage of using UDP as a transport protocol.
Question 4. Question : (TCO C) Describe how asymmetric encryption is used to send a message from User A to User B that assures data confidentiality, authentication, and integrity. Be specific as to the keys used and how they achieve the three goals.
Question 5. Question : (TCO B) Which of the following is a correct statement?
Student Answer: IPSec uses symmetrical keys.
TCP Sequence numbers protect against man-in-the-middle attacks
Port scans are of limited use in enumerating systems because they do not participate in authentication.
The nslookup utility can be used to obtain NetBIOS zone transfers.
TLS and Kerberos do not support mutual authentication.