Computer Science > TEST BANK > CSE 445 Final HUGE Final Exam | Questions Bank | with COMPLETE SOLUTION | 536 Questions with 100% Co (All)

CSE 445 Final HUGE Final Exam | Questions Bank | with COMPLETE SOLUTION | 536 Questions with 100% Correct Answers

Document Content and Description Below

SSL _______ protocol negotiates the protocols to be used for authentication and encryption? - ✔✔handshake SSL handshake protocol carries out initial ________? - ✔✔authentication SSL handsha... ke protocol establishes a ______ byte pre-master secret? - ✔✔48 With SSL, client and server use _________ to derive a 48 byte master secret? - ✔✔48 byte pre-master secret Negation of session ID, Key exchange algorithm, mac algorithm, etc happens in which phase of SSL handshake protocol? - ✔✔phase 1 Who sends its certificate and key exchange message in phase two of SSL handshake protocol? - ✔✔server who sends its certificate if requested, and verification message in phase 3 of SSL handshake protocol? - ✔✔client In phase 4 of SSL handshake, change ________ spec and finish _______? - ✔✔cipher handshake In phase 1: client hello message, what do the values of the session id indicate? - ✔✔if 0, the client wants to create a session or the session ID of an old session. ________ is a list of cryptographic options supported by the client ordered by preference? - ✔✔cipher_suites in phase 1: server hello message, what do the values of session ID indicate? - ✔✔Session ID chosen by the server If the client wants to resume an old session, server responds with old session ID If 0, server generates a new session ID cipherSuite = _____________ + ___________ - ✔✔key exchange algorithm + cipherSpec What are the five key exchange methods? - ✔✔RSA Fixed DH Ephemeral DH Anonymous DH Fortezza______ defines a set of cryptographic security parameters, which can be shared among multiple connections? - ✔✔session ______ may include multiple connections between the same client and server? - ✔✔sessions A connection is created with each _______? - ✔✔mouse click every connection is associated with one ______? - ✔✔session connections of the same session share the same __________ state? - ✔✔session If key exchange between server and client is RSA based then it was generated by the _________? It is then sent to the server and encrypted with __________'s public ______ key? - ✔✔client server RSA session identifier is an arbitrary byte sequence chosen by the _________? - ✔✔server master secret is a _______ byte secret shared between the client and the server? - ✔✔48 ______ us a man in the middle attack ? - ✔✔SSLstrip ______ attack is when an attacker sends a heartbeat request to a server? - ✔✔heart bleed attack ______ attack is a browser exploit against SSL/TLS? - ✔✔Beast With _______ some websites sends back up user's input without filtering? - ✔✔crosssite scripting(XSS) _________ allows attackers to inject HTML or Client-side script into the web pages viewed by others? - ✔✔cross site scripting(XSS) What are different ways cross site scripting can be used to obtain user data? - ✔✔Attack URL with a script delivery of spam/phishing email to victim victim clicks url script in the URL is sent user input displayed back to user script runs on client browser [Show More]

Last updated: 2 years ago

Preview 1 out of 45 pages

Buy Now

Instant download

We Accept: