Do the following review questions:
- 9.1 Give examples of applications of IPsec.
- 9.2 What services are provided by IPsec?
- 9.3 What parameters identify an SA and what parameters characterize the nature of a particular SA?
- 9.4 What is the difference between transport mode and tunnel mode?
- 9.5 What is a replay attack?
- 9.6 Why does ESP include a padding field?
- 9.7 What are the basic approaches to bundling SAs?
- 9.8 What are the roles of the Oakley key determination protocol and ISAKMP in IPsec?
- 10.1 What are three broad mechanisms that malware can use to propagate?
- 10.2 What are four broad categories of payloads that malware may carry?
- 10.3 What are typical phases of operation of a virus or worm?
- 10.4 What mechanisms can a virus use to conceal itself?
- 10.5 What is the difference between machine-executable and macro viruses?
- 10.6 What means can a worm use to access remote systems to propagate?
- 10.7 What is a drive-by-download and how does it differ from a worm?
- 10.8 What is a logic bomb?
- 10.9 Differentiate among the following: a backdoor, a bot, a keylogger, spyware, and a rootkit? Can they all be present in the same malware?
- 10.10 List some of the different levels in a system that a rootkit may use.
- 10.11 Describe some malware countermeasure elements.
- 10.12 List three places malware mitigation mechanisms may be located.
- 10.13 Briefly describe the four generations of antivirus software.
- 10.14 How does behavior-blocking software work?
- 10.15 What is a distributed denial-of-service system?
Submit a Microsoft Word document