Escolar Documentos
Profissional Documentos
Cultura Documentos
FINAL EXAMINATION
JANUARY 2014 SEMESTER
SUBJECT CODE
INB35303
SUBJECT TITLE
NETWORK SECURITY
LEVEL
BACHELOR
TIME / DURATION
(2 HOURS)
DATE
INSTRUCTIONS TO CANDIDATES
JANUARY 2014
CONFIDENTIAL
[25 MARKS]
QUESTION 2: Securing Devices and LAN Security
a) Describe the following EDGE ROUTER implementation approach listed below, used to
secure the perimeter of networks. Use a diagram to support your answer.
i.
(3 marks)
ii.
(3 marks)
iii.
DMZ APPROACH
(3 marks)
(3 marks)
ii.
(2 marks)
iii.
(2 marks)
c) Discuss the THREE (3) common ATTACKS in Local Area Network (LAN) environment.
(9 marks)
[25 MARKS]
INB_35303 NETWORK_SECURITY
JANUARY 2014
CONFIDENTIAL
(4 marks)
CIPHERTEXT = [ATSIVEPGHI]
(8 marks)
c) The military secret service of Malaysia has tapped into terrorist communication and
obtained an encrypted abort code to disable a bomb targeted for KLCC. The secret
random prime number believed to create the terrorist cryptosystem is p=11 and q=5 and
the public key used to lock the code is believed to be e=23. Decrypt the FOUR (4) secret
alphabets [39, 25, 20, 26] to recover this abort code. (Note: Assume A=1, B=2, C=3
Z=26 to convert your finalized answer digits, back into alphabetical plaintext.)
(13 marks)
N=p*q
r = (p-1)(q-1)
= lcm [(p-1),(q-1)]
d * e 1 (mod r)
Message = Cd mod N
Cipher = Me mod N
[25 MARKS]
INB_35303 NETWORK_SECURITY
JANUARY 2014
CONFIDENTIAL
DEVICE
R1
INTERFACE
IP ADDRESS
SUBNET MASK
DEFAULT
GATEWAY
SWITCH
PORT
FA0/1
192.168.1.1
255.255.255.0
N/A
S1 FA0/5
S0/0/0 (DCE)
10.1.1.1
255.255.255.252
N/A
N/A
S0/0/0
10.1.1.2
255.255.255.252
N/A
N/A
S0/0/1(DCE)
10.2.2.2
255.255.255.252
N/A
N/A
FA0/1
192.168.3.1
255.255.255.0
N/A
S4 FA0/5
S0/0/1
10.2.2.1
255.255.255.252
N/A
N/A
NTP
NIC
192.168.1.5
255.255.255.0
192.168.1.1
S1 FA0/6
Syslog
NIC
192.168.1.6
255.255.255.0
192.168.1.1
S3 FA0/12
TACACS+
NIC
192.168.3.5
255.255.255.0
192.168.3.1
S4 FA0/18
PC-A
NIC
192.168.1.7
255.255.255.0
192.168.1.1
S1 FA0/10
PC-B
NIC
192.168.1.8
255.255.255.0
192.168.1.1
S2 FA0/10
PC-C
NIC
192.168.3.6
255.255.255.0
192.168.3.1
S4 FA0/10
R2
R3
JANUARY 2014
CONFIDENTIAL
R1
R3
ISAKMP
10
AES
SHA-1
Pre-share
DH2
myvpn4u
R1
VPN-SET, esp-sha-hmac
R3
A
C
MYVPN-MAP; 10
ipsec-isakmp
ISAKMP
10
AES
SHA-1
Pre-share
DH2
myvpn4u
R3
VPN-SET, esp-sha-hmac
R1
B
D
MYVPN-MAP; 10
ipsec-isakmp
SCENARIO:
B2B Corporation wishes to implement a VPN Tunnel from site A (Router R1) to
site B (Router R3), to secure their network sites communication.
Analyze Diagram 1, Table 1 and 2, and then answer the following questions:
(a)
What is the network value A and B and peer IP value C and D stated in
Table 2?
(b)
(4 marks)
Apply ACL 110 at R1, to identify the traffic from the LAN on R1 to the LAN on R3 as
interesting.
(3 marks)
(c)
(7 marks)
(d)
(9 marks)
(e)
(2 marks)
[25 MARKS]
END OF QUESTION
INB_35303 NETWORK_SECURITY