Question 1. Malicious Email
Items a-g below are email scenarios where you are the receiver of the email. Answer the questions in each item and justify your answers.
a. You received an unexpected email with an attachment named, "SecurityPatches4You.exe", from an unknown sender. What type(s) of malicious code (virus, worm, or Trojan horse) may be included in the email? How did the email reach you? Would you open the attachment?
Answer :All the  virus, worm, or Trojan horse may included in the mail .
It may be sent by a hacker who want to get your information or want to use the data stored in your computer .It also maybe sent by a computer itself which infected virus ,worm ,or Trojan horse 
Of course not 
b. You received an unexpected email with an attachment named, "SecurityPatches4You.exe", from your friend Joe. What type(s) of malicious code (virus, worm, or Trojan horse) may be included in the email? How did the email reach you from Joe? Would you open the attachment?
Answer : All the  virus, worm, or Trojan horse may included in the mail .
 It maybe sent by Joe ,but it also maybe sent by a hacker who want to steal your data or information stored in your computer ,it also maybe sent by a computer itself which infected with virus ,worm ,or Trojan horse .
I will ask Joe first to make sure the mail by phone . 
c. You received an unexpected email with an attachment named, "finalDraft.doc", from your friend Joe. What type(s) of malicious code (virus, worm, or Trojan horse) may be included in the email? How did the email reach you from Joe? Would you open the attachment?
Answer : All the  virus, worm, or Trojan horse may included in the mail .
It maybe sent by Joe himself ,also there is a chance that Joe’s computer infected with virus ,worm so it sent itself to every address in the email address book of Joe’s computer .
d. You received an expected email with .doc attachment from your friend Joe (assume hidden extensions are exposed). What type(s) of malicious code (virus, worm, or Trojan horse) may be included in the email? How did the email reach you? What would you do and why?
Answer : All the  virus, worm, or Trojan horse may included in the mail .
It maybe sent by Joe ,but it also maybe sent by a hacker who want to steal your data or information stored in your computer ,it also maybe sent by a computer itself which infected with virus ,worm ,or Trojan horse .
I will ask Joe first to make sure the mail by phone .
e. You received an unexpected email with no attachment from your friend Joe. The email instructs you to click on the enclosed URL. What type(s) of malicious code (virus, worm, Trojan horse, or mobile code) may be included in the email? How did the email reach you fro Joe? What would you do and why?
Answer : Perhaps it includes no malicious code 
It maybe sent by Joe himself ,also there is a chance that Joe’s computer infected with virus ,worm so it sent itself to every address in the email address book of Joe’s computer .
I will not click on the enclosed URL .and I will ask Joe for sure .
Because it maybe sent by a hacker .
f. You received an unexpected, digitally signed email with no attachment from your friend Joe. The email instructs you to deposit $10,000 to Joe’s bank account. How did the email reach you? What would you do and why? 
Answer : It maybe sent by Joe himself , it also maybe sent by a hacker who use Joe’s address .
I will ask Joe first to make sure it ,then make a decision ,
Because it maybe sent by a hacker. 
g. You received an expected, digitally signed email without an attachment from your friend Joe. Joe also confirmed that he sent the email. The email instructs you to deposit $20,000 to Joe’s bank account. How did the email reach you? What would you do and why?
Answer : It maybe sent by Joe himself 
I will ask Joe first to make sure it ,then make a decision 
Question 2. Cryptography
In this section, you will encode/decode simple messages using different cryptography methods. 
a. Consider the alphabet shift cipher. Complete the following table: 
Plaintext	Encryption Technique	Ciphertext
Software	Shift right by 4 characters	 Wsjxaevi
 Systems	Shift right by 3 characters	Vbvwhpv

b. What is the maximum number of ways you can replace a character using the above alphabet shift cipher? What is the size of the key space? What is a weakness of the alphabet shift cipher above? 
Answer : 25  
It may be break by the brute force attack easily ,and it only provides limited number of ways 
c. How does using a secret passphrase as the encryption key compare to using the alphabet shift cipher?
 Answer : Using a passphrase to control the substitution cipher greatly expands the keyspace. With a passphrase n letters long, the keyspace is of size 26n, which grows very quickly with n.so that it can’t be broke by the hacker easily 
Let us try using a passphrase to encrypt the message "Meet at noon." with a larger key space. The key is "CBA". In this case, only encrypt alphabet letters. 
d. What is the encrypted message?
Answer : Pgfw cu qqpq 

Now let us explore how to use private/public keys and digital signature.
Suppose Jean is sending her friend Erin a secret note with a digital signature. 
e. How does Jean include a digital signature? What key does Jean use to encrypt the entire message including the digital signature? ]
Answer : To generate a digital signature, Jean would first generate a hash code of the message, and then encrypt the hash code using his private key to create a signature that is both unique to him and unique to that particular message.
Private key 
f. How does Erin decrypt the message, and verify that the message was from Jean?
Answer : When Erin receives the message, she can use Jean's public key to decrypt the digital signature and see the hash of the message. he can then compute the hash of the message. If the two hash codes were the same, the message had not been altered. Otherwise, either the message was altered during transmission, or it was not really signed by Jean.
Question 3. Trusting Web Sites
A new e-commerce company, eSale.com has launched. It sells named-brand clothing at discounted prices.
a. When you access the site, a certificate warning appeared, how would you go about deciding whether to accept the certificate or not? 
Answer : I will first check the detailed information ,such as the the name of the entity it identifies, an expiration date the digital signature of the issuing CA,and so on .if its information is not complete ,or the web sites is not famous ,I will not accept it .

b. You decided to trust the site, and input your personal information. After you have submitted your personal information, a page returned asking you to confirm the information on the page. How can you be sure that your information was served back through a secure connection? Answer : If the http or https is in sight ,then if the lock icon appears at the bottom right of the web page window ,I will sure my information is served back .
c. If a malicious intruder cracked your password and gained access to the site via your account, list two malicious activities the intruder can perform, and list two malicious activities the intruder cannot perform. Answer : He can use my password to my site ,he can scan the information in my site 
he can’t use my password to change my personal information 
he can’t use my passwoed to 
d. On the other side, as a network administrator working for eSale, list three actions you would perform after you found out that illegitimate users have been tampering with data on your site (assuming you already have a firewall)?
Answer : 

Question 4. Data Backups
Consider the process of restoring data to a server from backup media. Assume the server failed Friday, November 14, at 3:00 P.M.
For each backup procedure below, indicate what data is lost, and describe the procedures for restoring data. 
a. Full backup every Friday at 6:00 P.M. Answer : The data from last Friday’s full backup are all lost .
Restore the data from the hard disk .
b. Full backup every Friday at 6:00 P.M. and differential backup every Wednesday at 6:00 P.M. Answer : The data from last Friday’s full backup and the Wednesday’s siffedrential backup are lost .
I will restore the data from last Friday’s full backup and then  Wednesday’s seffirential backup 
c. Full backup every Friday at 6:00 P.M. and incremental backup every Monday, Tuesday, Wednesday, and Thursday at 6:00 P.M.
Answer : The data from last Friday’s full backup and the incremental backup from the Monday to Thursday are all lost .
First restore data from last Friday's full backup, then Monday’s differential ,then Tuesday’s differential ,then Wednesday's differential backup, and finally Thursday's incremental backup.