Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Figure below shows the SSL Protocol stack. The SSL Record Protocol provides basi

ID: 3633679 • Letter: F

Question

Figure below shows the SSL Protocol stack. The SSL Record Protocol provides basic security services to various higher-layer protocols. In particular, the Hypertext Transfer Protocol (HTTP), which provides the transfer service for Web client/server interaction, can operate on top of SSL. Three higher-layer protocols are also defined as part of SSL: the Handshake Protocol, Change Cipher Spec Protocol, and Alert Protocol. These SSL-specific protocols are used in the management of SSL exchanges. For each attack listed below, which of the four higher-layer SSL protocols is most helpful for preventing the attack? Brute-Force Cryptanalytic Attack: An exhaustive search of the key space for a conventional encryption algorithm. Known Plaintext Dictionary Attack: Many messages will contain predictable plaintext, such as the HTTP GET command. An attacker constructs a dictionary containing every possible encryption of the known-plaintext message. When an encrypted message is intercepted, the attacker takes the portion containing the encrypted known plaintext and looks up the ciphertext in the dictionary. The ciphertext should match against an entry that was encrypted with the same secret key. If there are several matches, each of these can be tried against the full ciphertext to determine the right one. This attack is especially effective against small key sizes (e.g., 40-bit keys). Replay Attack: Earlier SSL handshake messages are replayed. Man-in-the-Middle Attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client. Password Sniffing: Passwords in HTTP or other application traffic are eavesdropped. IP Spoofing: Uses forged IP addresses to fool a host into accepting bogus data. IP Hijacking: An active, authenticated connection between two hosts is disrupted and the attacker takes the place of one of the hosts. SYN Flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the "half-open connection" around for a few minutes. Repeated SYN messages can clog the TCP module.

Explanation / Answer

brute force attack- SSL change cipher spec protocol known plain dictionary attack - SSL change cipher spec protocol replay attack - SSH handshake protocol man in the middle attack- SSL alert protocol password sniffing- SSL alert protocol IP spoofing- SSL alert protocol IP hijacking- SSL handshake protocol SYN flooding- SSL alert protocol

Related Questions

Figure P3_1 below shows the General Arrangement and Principal Dimensions for a \
Question #2315719
Figure P4 shows a single drainage, compressible layer that is 16 ft thick below
Question #1827419
Figure P4-1 shows a simply supported beam and the cross section at midspan. The
Question #1826658
Figure P4-21 shows a simply supported beam and the cross section at midspan. The
Question #1826675
Figure P4.1.4 is a sketch of an artificial kidney, a medica device used to remov
Question #892508
Figure P4.56(a) depicts a capacitor consisting of two parallel, conducting plate
Question #1809099
Figure P4.56(a) depicts a capacitor consisting of two parallel, conducting plate
Question #1937506
Figure P5.22 Figure P5.24 Vcc = 12V 5.23 In Problem 5.21, if only an A,--100 is
Question #1730380
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Figure below shows an offset slider crank mechanism. The size and location data
Next
Figure below shows the essentials of a mass spectrometer which is used to measur

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.