StudyXY
RegisterLog in

CIS3360: Security in Computing

A course focusing on security principles, methodologies, and technologies used to protect computer systems and networks.

Olivia Smith
Contributor
4.9
47
6 months ago
Preview (3 of 7 Pages)
100%
Purchase to unlock

Page 1

CIS3360: Security in Computing - Page 1 preview image

Loading page ...

CIS3360: Security in ComputingHomework 21.(35 points) Knowledge-based Questions:a.Although the majority of current botnets use the centralized C&C communicationarchitecture, why they are very hard to shut down even if defenders know all of the botmachines in a botnet?b.Give the name of a real rootkit that utilizes Direct Kernel Object Manipulation (DKOM)technique?c.What is Trojan malware? What is a backdoor?d.What is ARP? In what network layer is ARP being used?e.What is a Smurf attack? What is a SYN flooding attack?f.What are the two major DNS query modes? How many types of resource records aresaved on a DNS server?g.Why it is easy for attacker to send out spoofed packets in the“thin pipe/thick pipe”method while it is very hard for an attacker to inject spoofed packets in a normal TCPcommunication session?a.Even if defenders know all the infected bot machines in a botnet, shutting it down is difficultbecause of several reasons:1.Bot machines can be distributed across many countries, making legal actions ortakedowns complicated and time-consuming.2.Botnets can use decentralized C&C (command-and-control) structures or peer-to-peer(P2P) networks, where nodes can act both as bots and controllers. This makes it harderto shut down the entirebotnet by targeting a single C&C server.3.Fast-flux techniquesallow attackers to quickly change their C&C server’s IP address,making it harder for defenders to block the botnet effectively.4.Infected machines are often spread across different ISPs andnetworks, making theidentification and removal of infected hosts more challenging.b.A well-known example of a rootkit that uses theDirect Kernel Object Manipulation (DKOM)technique is theZeus rootkit. It manipulates the Windows kernel to hide its presence andprevent detection by antivirus software.oc.Trojan malware:A Trojan is a type of malicious software that pretends to be alegitimate program but actually contains harmful code designed to compromise thesecurity of the victim’s system. It does not self-replicate like viruses but relies on thevictim's actions to execute.oBackdoor:A backdoor is a method of bypassing normal authentication and securitymechanisms in a system to gain unauthorized access. It allows an attacker to remotelycontrol the system or inject further malicious actions without detection.d.ARP (Address Resolution Protocol)is a protocol used to map a known IPaddress to its corresponding MAC (Media Access Control) address in a localnetwork. ARP operates in theData Link layer (Layer 2)of the OSI model,

Page 2

Page 3

Preview Mode

This document has 7 pages. Sign in to access the full document!

Study Now!

XY-Copilot AI
Unlimited Access
Secure Payment
Instant Access
24/7 Support
Document Chat

Document Details

University
Seminole State College of Florida
Course
CIS 3360
Subject
Information Technology

Related Documents

View all
Class Notes

DevOps and Its Importance Study Notes

DevOps Overview – Covers culture, performance metrics, CI/CD, CALMS model, automation, continuous testing, and frameworks like Agile, SAFe, and SRE. Ideal for modern IT and DevOps foundation learning.

Past Exams

Veeam Certified Engineer VMCE-V12

Veeam Backup Q&A – Covers Scale-out Backup Repositories, Oracle RMAN plug-in, agent-supported OS, and retention policies. Ideal for IT pros preparing for Veeam certification or data protection roles.

Past Exams

Modules 1 - 3 Basic Network Connectivity and Commu

Modules 1–3: ITN v7.0 Exam Answers on Basic Network Connectivity and Communications. Covers OSI model, IP addressing, protocols, and network devices. Ideal for CCNA exam prep.

Class Notes

Notes CCNA

Set boot file and recover from crash on Cisco switches. Use boot system commands, mode button, and boot loader steps to restore functionality after power loss or software issues.

Class Notes

CCNA 200-301 Portable Command Guide 5th Edition 20

Configure and secure NTP for accurate time across your network. Learn NTP design, troubleshooting, clock settings, and timestamps with configuration examples to support SLAs and log accuracy.

Class Notes

CCNA 200-301 Portable Command Guide 5th Edition 22

Manage traffic using ACLs: Learn to create, apply, and verify standard, extended, named, and IPv6 ACLs. Includes tips, keywords, sequence numbers, and configuration examples.

Class Notes

CCNA 200-301 Portable Command Guide 5th Edition 36

Learn how to subnet IPv4 addresses using binary math, including Class B and C subnetting, binary ANDing, and shortcuts—essential skills for mastering the CCNA 200-301 exam.

Class Notes

Foundations of Novell Networking Section 26

Learn how web servers work and explore installing and configuring the NetWare Enterprise Web Server in NetWare 6, including support for iFolder and iPrint.

Class Presentation

Modulo 7 DHCPv4

Aprende a configurar DHCPv4 para asignar IPs dinámicamente. Ideal para redes grandes o pequeñas, usando servidores dedicados o routers Cisco con IOS como servidor DHCP eficiente.

Class Notes

Build and troubleshooting Integration Challenge

Networking Practice Exam: Configura y soluciona redes con routers y VLANs. Incluye direccionamiento IP detallado, subredes, interfaces y pruebas de conectividad para integración de sistemas.