ICT379 Security Architectures and Systems Administration (tjd, 2025)
Looking for ICT379 Security Architectures and Systems Administration (tjd, 2025) test answers and solutions? Browse our comprehensive collection of verified answers for ICT379 Security Architectures and Systems Administration (tjd, 2025) at moodleprod.murdoch.edu.au.
Get instant access to accurate answers and detailed explanations for your course questions. Our community-driven platform helps students succeed!
This task is related to the snort lab activity and the detection of EternalBlue using eternalblue-success-unpatched-win7.pcap.
A) Briefly describe how you installed the rules from https://asecuritysite.com/forensics/snort and how you ran snort (no more than 2-3 sentences)
B) Describe the detection outcome in one sentence. Copy the first 3 lines of relevant snort events into the answer. This must be no more than 10 lines. Answers with irrelevant or excessive snort output (> 10 lines) will receive 0 marks for this part.
You have to configure a firewall to block incoming traffic into your network (192.168.10.0/24). It must have the following properties:
- Access to the web server www.my.org (192.168.10.112) is allowed for HTTP and HTTPS only.
- SSH access is allowed for all internal hosts from the external network 172.16.1.0/24 only and SSH access to host secure.my.org (192.168.10.200) must be blocked.
- All other incoming traffic is denied.
Your rules must be written in the below table format and no more than 4 rules must be specified to fulfil the above requirements.
There is no possibility of specifying a default policy for your firewall (bad product). Direction is In or Out. An IP address or network can be defined for Source IP/Net and Destination IP/Net. Single ports or comma-separated lists of ports can be specified for source and destination ports. Protocol is UDP or TCP.
| Rule# | Direction | Source IP/Net | Destination IP/Net | Source port(s) | Destination port(s) | Protocol | Action |
|---|---|---|---|---|---|---|---|
| 1 | |||||||
| 2 | |||||||
| 3 | |||||||
| 4 |
Describe the two main purposes of honeypots.
When discussing IDS/IPS, what is a signature?
Describe the man-in-the-middle attack against the Diffie-Hellman Exchange protocol, which is used by SSL/TLS, based on the two parties (A)lice and (B)ob. Next, explain how this attack can be prevented.
Explain the key differences between SSL/TLS and IPSec with regards to the order of authentication and encryption, the type of authentication, access control and where its implemented.
IPSec provides security at _____.
IPSec defines two protocols: _______ and ________.
In the SSL/TLS handshake protocol, server authentication is ______ and client authentication is ______.
Want instant access to all verified answers on moodleprod.murdoch.edu.au?
Get Unlimited Answers To Exam Questions - Install Crowdly Extension Now!