Lab 1 Essay
3. Name two different types of encryption supported by GPG for your key.
4. What happens when you sign and trust a new key to your keychain?
5. If a user sends you his/her public key, will he/she be able to decrypt your encrypted messages once you import and sign his/her key?
6.What are the similarities between an MD5 hash and a fingerprint?
7. How would you encrypt a Web server and the pages it serves up?
8. Why is hashing all database inputs not considered encryption of the database? What value does hashing database entries provide?
9. Where would you remove a user’s certifi cate from being able to access systems on your network?
10. Which connection type is secure and which is cleartext between SSH, …show more content…
1-What is the purpose of the address resolution protocol (ARP)?
2. What is the purpose of the dynamic host control protocol (DHCP)?
3. What was the DHCP allocated source IP host address for the “Student” VM and Target VM?
4. When you pinged the targeted IP host, what was the source IP address and destination IP address of the ICMP echo-request packet?
5. Did the targeted IP host respond to the ICMP echo-request packet with an ICMP echo-reply packet? If yes, how many ICMP echo-request packets were sent back to the IP source?
6. Find a TCP three-way handshake for a Telnet, FTP, or SSH session. What is the signifi cance of the TCP three-way handshake?
7. What was the SEQ# of the initial SYN TCP packet and ACK# of the SYN ACK TCP packet?
8. During the instructor’s Telnet session to LAN Switch 1 and LAN Switch 2, what was the captured terminal password for LAN Switch 1 and LAN Switch 2?
9. When the instructor used SSH to remotely access a Cisco router, were you able to see the terminal password? Why or why not?
10. What other IP packets are on the VLAN and Ethernet LAN segment? How can these other IP packets provide additional clues or information about the logical IP routing and IP addressing schema?
1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation?
2. What is a cross-site scripting attack?