CIS 286 Final Exam

CIS 286 Final Exam
Fall 2016
Directions: All questions must be answered using full sentences, college level writing, and in YOUR OWN WORDS. No cutting and pasting of answers except for QUESTION 9! All answers must be submitted as a Word document. Be sure to include your name, course and section number, and the date.
1. Compare and contrast symmetric and asymmetric encryption methods. Be specific and give examples of how each method works.
2. Explain how secure shell (SSH) works with PKI (public key infrastructure). Is this a symmetric or asymmetric method of encryption?
3. Access control to a computer system or physical location can be based on one or more categories: what you have, what you know, and/or what you are. Give an example and an explanation of that example for each category.
4. What type of access control does the college use at physical entry points? What type of access control does the college use for student computers?
5. Imagine you are implanting for your organization. Explain:
a. How works
b. What safety measures are provided by to ensure users will always have access to their card
6. Visit and test the following list of passwords:
a. david1970
b. 1d9a7v0id
c. Answer the following questions
i. Which password is most secure?
ii. How long does the site estimate it will take to crack the secure password?
iii. How long does the sire estimate it will take to crack the insecure password
iv. Explain what accounts for the difference in cracking times.
7. Visit Obtain the passwords for the following MD4 hashes
a. 441e01ee3fe4df73dbca2d76bfa56861
b. 7e12fd0398763f1d54fc945f3d38971d
c. 8a9d093f14f8701df17732b2bb182c74
8. Explain how the above method of password cracking works. Be specific and answer the question in your own words! DO NOT CUT AND PASTE FROM THE SITE!
9. Build a dictionary crack list by using the site or another similar site to calculate the MD5 hash values of the following commonly found passwords:
a. letmein
b. princess
c. qwertyuiop
d. passw0rd
e. starwars
10. Use zenmap to run a scan against Answer the following questions:
a. List the open ports followed by the services traditionally run on the open port, e.g.
i. port 80: http
b. What operating system does zenmap guess the server is running?
c. Which of the above ports would you attempt to exploit and why?

Field of study: 
No answers yet