5. (TCO B) Which of the following is a correct statement? (Points : 8)
IPSec uses symmetrical keys.
TCP Sequence numbers protect against man-in-the-middle attacks
Port scans are of limited use in enumerating systems because they do not participate in authentication.
The nslookup utility can be used to obtain NetBIOS zone transfers.
TLS and Kerberos do not support mutual authentication.
1. (TCO A) What are the three goals of security in computing? For each goal, list two controls that can be implemented to help achieve that goal. (Points : 23)
2. (TCO A) List and define five desirable qualities in a process designed to evaluate the trustworthiness of an operating system. (Points : 23)
3. (TCO B) First, name one advantage and one disadvantage of using TCP as a transport protocol. Then, name one advantage and one disadvantage of using UDP as a transport protocol. (Points : 23)
4. (TCO C) Describe how asymmetric encryption is used to send a message from User A to User B that assures data confidentiality, authentication, and integrity. Be specific as to the keys used and how they achieve the three goals. (Points : 23)