$($a$)$ sending out the server's certificate,

$($b$)$ asking the server operator to type the password that is used to protect

the server's

private key

$($c$)$ decrypting the data from the client,

$($d$)$ encrypting the data sent to the client.

with appropriate code:

SSL read$()$

SSL write $()$

SSL accept$()$

PrivateKey file$()$

$3..$ If a company

example.com wants to use the same certificate for several of its

severs,

such as

www$.$example.com,

mail.example.com,

vpn$.$example.com, etc., how

can they do that?

Multiple Choice: $($based on slides and lecture. Please circle or list the correct answers; there

may be more than one correct answer$)$

How does TLS attempt to verify a server's certificate during the handshake process? $()$

a$.$ The client directly contacts the certificate authority $($CA$)$ to verify the certificate.

b$.$ The client already knows server's certificate so there is no need to validate the

certificate's authenticity

c$.$ The server sends its private key to the client for verification.

d$.$ The client checks the certificate's expiration date and domain$/$IP address match

What are the three basic entities that comprise a valid chain of trust in TLS certificate

verification? $()$

a$.$ Root certificate: The Trust Anchor

b$.$ Intermediate certificate: The Certificate Authority $($CA$)$

c$.$ End$-$entity certificate: The Web Server

d$.$ Client certificate: The User's Browser

Why should businesses and web applications use the TLS protocol? $()$

a$.$ To perform a dance$-$off with servers for authentication.

b$.$ To ensure that data retains its initial integrity.

c$.$ To directly contact the certificate authority $($CA$)$ for certificate verification.

d$.$ To encrypt communication between web applications and servers.

True or False based on slides and lecture.

While verifying a server certificate the client encounters with the error statement stating

"certificate verify failed", this is because of an expired certificate or corrupted certificate. $()$

Transport Layer Security $($TLS$)$ is a stateless protocol and should be set up first before

Transmission Control Protocol $($TCP$)$ because TLS lies above the TCP and below the

Application Layer. $()$

If we use the Transport Layer Security $($TLS$)$ or Secure Socket Layer $($SSL$)$ encryption

protocol, during the data transmission it contains the unencrypted data so because of this attacker

can get access to the data and modify the content. $()$

IVDNS & Attacks

What is DNS cache poisoning attack?

Instead of referring your own computer as localhost, you would like to

refer it as

myhost. What should you do to make that happen?

What are the fundamental problems of the DNS protocol that makes DNS

vulnerable to

DNS cache poisoning attacks?

Which of the following DNS Servers is found at the top of the DNS hierarchy? a$)$ Root servers b$)$

Authoritative Servers c$)$ Recursive Servers d$)$ None of the above