SCEA preparation 1

 

1. What is the purpose of a Firewall?

A firewall is designed to restrict access to a network by IP filtering and application proxies. It can also control abound traffic from a user or a program. It controls traffic by monitoring the various network ports. A software network port is an identified address for communicating between  programs.

 

2. What is secure socket layer(SSL)?

It has been universally accepted on the World Wide Web for authenticated and encrypted communication between clients and servers. SSL works by using a public key to encrypt data that’s transferred over the SSL connection. TCP/IP is responsible for the routing and transmission of data all over the internet. The SSL protocol runs in above TCP/IP and below higher-level protocols such as HTTP or IMAP.

 

3. What is IPSec?

IPSec is a robust VPN standard that covers authentication and encryption of data traffic over the internet. It has two encryption modes: transport and tunnel. Transport mode encrypts the packet data but leaves the header unencrypted. The tunnel mode is more secure and it encrypts both the header and the data. For IPSec to work, the sending and receiving devices mush share a key.

 

4. What is a virtual private network(VPN)?

A VPN utilizes public telecommunications network to conduct private data communications. Using tunneling, a VPN servers can manage sessions. VPN clients authenticate users, encrypt data.

 

5. What is the connection keep-alive feature of HTTP 1.1?

HTTP 1.1’s connection keep-alive feature allows the TCP connection between a browser and a Web server to remain open throughout multiple HTTP requests and responses. This significantly improves the overall performance of browse-server communication.

 

6. What is Common Gateway Interface(CGI)?

CGI is a standard for external applications to interface with information servers such as HTTP servers. CGI scripts are written by Perl, Shell, C/C++ and they are used to resolve form data, put that data in to database, send the data out as an email message, respond to the form entry with email or another web page, and much more. CGI scripts are run on the external web server, they are not limited by browser or firewall.

 

Exercises:

1. What are the advantage of VPN?

A.     Cost lower

B.     Make use of existing network connectivity

C.     Support data encryption, integration and authentication.

D.     Java based security solution.

Answer: ABC

 

2. X. 509 Version support which of the following?

A.     format and certification for digit certification

B.     The IPSec standard.

C.     The SSL

D.     The data encryption standard.

Answer: A

 

3. Which technologies are effective in securing legacy systems?

A.     Firewalls.

B.     Virtual private networks

C.     Screen scrapers

D.     Java RMI

Answer: A, B

 

4. Which of the following are characteristics of HTTP tunneling?

A.     It uses the hypertext transfer protocol.

B.     It is used to pass other protocols through a firewall.

C.     It is part of the Java 2 API.

D.     It is used to sign JAR files.

Answer: A, B

 

5. Which of the following are contained in a Java securing policy file?

A.     grant entries

B.     trusted code

C.     aliases and their public keys

D.     digital certificates.

Answer: A

 

6. Which of the following capabilities are provided by SSL?

A.     For a client to authenticate a server

B.     For a server to authenticate a client

C.     Mediate and control all communication between an internal (trusted) network and an external (untrusted) network

D.     For a client and a server to encrypt their communication using a selectable encryption algorithm

Answer: A, B, D.

C is provided by a firewall.

 

7. Suppose that the business logic of an existing application is implemented using a set of CGI programs. Which Java technologies can be used to implement the CGI programs as a Java-based solution.

A.     JMAPI

B.     Screen scrapers.

C.     Enterprise JavaBeans

D.     Servlets

Answer: C, D

 

8. Suppose a small company has a char-terminal-base legacy application that it wants to make available over the Web. However, it does not want to modify the legacy application in order to support Web connectivity. Which technologies are appropriate to accomplish these goals?

A.     Off-board servers

B.     Screen scrapers.

C.     Applets.

D.     JNDI

Answer: ABC