信息安全原理与实践第二版课后思考题解析(英文版)

1) Initially the hacker is a skilled writing and debugging of computer programming skills, and the use of these techniques to obtain illegal or unauthorized network or file access, invasion of Intranet for the people. With a variety of powerful hacking tools are widely spread, the computer technology to understand very few people can also implement of hacker attack behavior, so the network system hacking attacks significantly increased the likelihood of.2) Active attack can cause network system status and service change. Active attacks include attempting to stop or break protection mechanism, introduce malicious code, theft or tamper with the information. Active attack may cause data disclosure and dissemination, or cause a denial of service and data tampering, including most of the unauthorized user attempts to abnormal means and the normal means of access to the remote host.3) General complete attack process is to hide themselves, hiding yourself after the attack detection, detection of target machines with various properties, and have been attack condition; then take corresponding attack methods were destroyed, achieve his goal after the attacker will remove their behavior in the target system log.4) General complete attack process is to hide themselves, hiding yourself after the attack detection, detection of target machines with various properties, and have been attack condition; then take corresponding attack methods were destroyed, achieve his goal after the attacker will remove their behavior in the target system log.5) Denial of service attack, is through illegal monopoly target system services, ultimately trying to prevent legitimate users target to provide network services. Denial of service attack is the most common attack through the resulting in a large number of flows to the victim network packet, the network consume all available bandwidth.6) Modern cryptography is one of the basic principles are: all secrets are present and the key. The implication is that, in the design of encryption system, always assume the cipher algorithm is disclosed, really need to keep it secret. This is because the cipher algorithm is easier to reveal the relative key.7) Symmetric cipher password required to achieve through the security code channel by sender to receiver. The password system 's advantages are: high safety, fast encryption speed. The shortcoming is: with the expansion of network scale, key management becomes a difficulty;cannot solve the message confirmation problems; lack of automatic detection of key leakage ability.8) Cryptographic protocol has the following characteristics: agreement from first to last is a sequential process, every step must be performed, in the former step without prior to implementation, the following steps are not possible; protocol requires at least two participants; the protocol must be able to complete a certain task; protocol must meet certain security requirements.9) As a result of cryptography for communication to provide strong security, the attacker has turned to loopholes in the system. Loopholes in the system is a software system, network protocols such as in the preparation of safe flaw, the attacker can use these flaw carries on the attack to the system. For this type of attack, there are a variety of different coping techniques, and cryptography has to a certain extent, can play a role in.10) Public key cryptography is also known as asymmetric key cipher. Using public key cryptography each user separately has two key: encryption keys and decryption key, both of them are not the same, and the encryption key decryption keys on the computer is not feasible. Each user's encryption key are open (and hence, also known as the public key encryption key ).11) If the Internet and are accessed through the firewall, then the firewall, can record various visits, and provides information about network utilization value statistics. If a firewall in suspicious activity occurred when the alarm, it also provides the firewall and network are affected by the trial or attack details.12) The present firewall values are provided on external network user attack protection, from the internal network users to attack to rely on internal network host system by. The firewall can't forbid apostates or company spy sensitive data is copied to a floppy disk or PCMCIA card, and took them out of the company.13) The firewall can prevent data driven attack. If the user is graspinga program on the local operation, the program is likely to include a malicious code. With the Java, JavaScript and ActiveX controls a large number of use, this problem becomes more and more sharp.14) Packet filtering technology, as the name suggests is in proper position on the network data packets carried out selectively by, selectionbasis, namely system within a set of filter rules ( often referred to as the access control list -- Access Control List ), only to meet the data packet filtering rules to be forwarded to the corresponding network interface, the remaining data package is removed from the data stream.15) D ifferent types of firewalls are able to provide identification and authentication functions, the network user is usually considered credible, outside the network of users in access network resources are usually certified. Password authentication from the technical point of view, is not a very strong authentication, password based attack is a common attack, firewall, other filter access authentication method: one time password, the password based on time and challenge response scheme.16) I ntrusion detection is the rational supplement of the firewall, the help system against network attack, expanded the safe management of system administrator ( including safe audit, surveillance, attack recognition and response), improve the integrity of the information security foundation structure. It is thought to be behind a firewall second security gate, without affecting the performance of network condition on the network can be detected, thereby providing for internal attacks, external attack and wrong operation real time protection.17) I ntrusion detection, Intrusion Detection, is on the intrusion behavior found, through the computer network or computer systems in a number of key point of collecting and analyzing the information, found from the network or system of violating security policy behavior and signs of attack.18) The IDS system 's two major functions: real-time detection and safety audit. Real time detection of real-time monitoring, analysis of the network of all data packets, and real-time processing of the captured data packets; security audit based on IDS system records the network time for statistical analysis, found that the abnormal phenomenon, that the security state of the system, find out the evidence required.19) Most of the traditional intrusion detection system ( IDS ) take based on network or host based approach to identify and avoid attack. In either case, the product will be looking for" the attack flag", i.e. a malicious or questionable intent to attack mode. When the IDS in the network to find these patterns, it is based on the network. And when the IDS in a record file for the attack when the mark, which is based on host.20) Based on sentence due to IDS (HIDS) using data is the main source of audit log, system log, application logs and network connection data, these data have the success / failure event information, so it can becompared based on network IDS more accurately determine whether the attack was successful.21) IEFE based on IP draft definition VPN: using IP mechanism simulation of a private network, through private tunnel in public data network technology in simulation of a point-to-point line technology. Virtual private network is to rely on the ISP ( Internet service provider ) and other network service provider, in a public network for data communication network technology.22) VPN also made up of 3 components, different VPN connection using a tunnel as a transmission channel, the tunnel is built in a public network or a private network on the basis of, such as Internet or Intranet, users no longer need to have special long-distance data line.23) Security is one of the important features of the special network. Because VPN directly built on the public network, the realization of a simple, convenient and flexible, but at the same time, the security problem is more prominent. The enterprise must make sure that the VPN transmitted data are not the attacker snoops and tamper with, and to prevent the illegal user from cyber source or private information access. ExtranetVPN enterprise network expansion to partners and customers, for the safety of a higher demand.24) VPN requires the enterprise of its network management functions from the local area network seamlessly extends to the public network, or even customers and partners, although can be some minor network management task to the service provider to complete, enterprises still need to accomplish many tasks of network management, so, the VPN system should support the user management. The VPN management including safety management, equipment management, configuration management, access control list management, QoS management, to achieve reduced network risk, with high scalability, economy, high reliability target.25) VPN through the public network to establish links, so it is necessary to use encryption to prevent eavesdropping, protection of corporate data security. Common encryption algorithm including DES,3DES etc.. DES key length of 56 bits, easily deciphered, 3DES uses three encryption of increased safety.26) Computer virus epidemic began in November 2, 1988. The United States Cornell University 23 years of graduate Lott Maurice produced a worm, and putting it on the Internet to the United States, resulting in the computer network of more than 6000 computers were infected, manynetworked computers to shutdown, the direct economic losses of $96000000.27) A computer virus is a small program, able to replicate themselves, will own the virus code attached to other procedures, through the execution of other programs, for the propagation of the virus program, have a certain latency, when conditions are ripe, they are all sorts of sabotage, the effects of computer use.28) Now popular virus is composed of that deliberately prepared, most viruses can be found on the author information and the origin of information, through the analysis of large volumes of data statistics, virus author main condition and objective is: some talented programmer to show and prove their ability, due to the dissatisfaction of boss, for the curious, in retaliation, in order to congratulate and courtship, in order to get control of the password, to prevent software to get paid for the trap.29) Hybrid virus is not a simple file type virus and boot viruses simply added together, there is a conversion process, which is the most key. Generally take the gimmick: files for viruses when performing the virus writes the boot area, it is easy to understand.30) The computer virus is an objective existence, objective existence has its characteristics, computer virus is no exception. Essentially, a computer virus is a program code, although it may well hidden, but also left many traces. Through to these traces of discrimination, we can find the computer virus in the presence of.。

Review Questions第一章1.Which characteristics of a multiterminal system make it different from a computer network?A processing power of multiterminal systems remained fully centralized, whilecomputer networks have a distributed processing power.一个多端系统处理能力仍然完全集中，而计算机网络具有分布式处理能力。

2.When were the first important results achieved in the field of joining computers using long-haul links?In the late 60s在60年代后期3.What is ARPANET?A.A network of supercomputers belonging to military organizations and research institutes in the United StatesB.An international scientific research networkC.The technology of creating WANsA is correct4.When did the first network operating systems appear?In the late 60s60年代后期5.In what order did the events listed here take place?A.The invention of WebB.The development of standard LAN technologiesC.The start of voice transmission in digital form through telephone networksThe invention of World Wide Web互联网的诞生6.Which of the events stimulated LAN development?Appearance of large-scale integrated circuits (LSI devices) resulted in invention of microcomputers which in its turn stimulated a research activity in the area of local computer networks (LANs). The adoption of personal computers was a powerful incentive for the development of LANs.大规模集成电路（LSI器件出现）导致这反过来刺激了研究活动在本地计算机网络（LAN）的微型计算机的发明。

信息管理专业英语第⼆版参考答案Unit 1【Ex1.】根据课⽂容，回答以下问题。

1．In human terms and in the broadest sense, information is anything that you are capable of perceiving.2．It includes written communications, spoken communications, photographs, art, music, and nearly anything that is perceptible.3．If we consider information in the sense of all stimuli as information, then we can’t really find organization in all cases. 4．No.5．Traditionally, in libraries, information was contained in books, periodicals, newspapers, and other types of recorded media. People access it through a library’s catalog and with the assistance of indexes, in the case of periodical and newspaper articles.6．Computerized “information systems”.7．The problem for most researchers is that they have yet to discover the organizing principles that are designed to help them find the information they need.8．For library materials, the organizing principle is a detailed subject classification system available for searching in an online “catalog”.9．The one thing common to all of these access systems is organization.10．No, it isn’t.【Ex2.】根据给出的汉语词义和规定的词类写出相应的英语单词。

《信息安全原理与技术》第2版部分习题与参考答案选择题1.如果m表示明文,c表示密文,E代表加密变换,D代表解密变换,则下列表达式中描述加密过程的是( A )A、c=E(m)B、c=D(m)C、m=E(c)D、m=D(c)2.将获得的信息再次发送以在非授权情况下进行传输，这属于（D ）A 窃听B篡改C 伪装D 重放3. DES加密过程用以下形式交换，其中正确的是( B )A、L i-1=R i-1R i-1=L i-1⊕f(R i,K i) i=1,2,3, (16)B、L i=R i-1R i=L i-1⊕f(R i-1,K i) i=1,2,3, (16)C、L i-1=R i+1 R i=L i+1⊕f(R i-1,K i) i=1,2,3, (16)D、L i-1=R i-1R i=L i+1⊕f(R i-1,K i) i=0,1,2,3, (15)4. 在不知道密钥的情况下，通过获取密文而恢复明文的方法是。

（ C ）A、密钥管理B、数据加密解密算法C、密码分析D、密码编码5. RSA属于（ B ）A、传统密码体制B、非对称密码体制C、现代密码体制D、对称密码体制6.下面哪个加密算法被选为AES( B )A MARSB RijndaelC TwofishD E27. AES中输入密钥扩展为44个字所组成的数组，每一轮有4个字的密钥，这里一个字的位数是（ C ）A、8B、16C、32D、648. DES中子密钥的位数是（ B ）A、32B、48C、56D、649. 如果使用两密钥的Triple-DES，则下面正确的是（A ）A C = E K1[D K2[E K1[P]]]BC = E K1[E K2[E K1[P]]]C C = E K3[D K2[E K1[P]]] D C = E K1[D K2[D K1[P]]]答案：ADBCB BCBA1. DES中如果S盒输入为110011，则对应输入位置为（ B ）A、第2行第9列B、第4行第10列C、第3行第10列D、第3行第11列2. 密码编码学的目的是（ A ）A．伪装信息B．破译加密消息C．窃取信息 D．密码分析3. 每次加密一位或者一个字节是（ B ）A、离散密码B、流密码C、随机密码D、分组密码4. 在下列密码体制中，加密密钥k1 解密密钥k2 是相同的。

计算机网络安全第二版课后答案【篇一：计算机网络安全教程第2版__亲自整理最全课后答案】txt>一、选择题1. 狭义上说的信息安全，只是从自然科学的角度介绍信息安全的研究内容。

2. 信息安全从总体上可以分成5个层次，密码技术是信息安全中研究的关键点。

3. 信息安全的目标cia指的是机密性，完整性，可用性。

4. 1999年10月经过国家质量技术监督局批准发布的《计算机信息系统安全保护等级划分准则》将计算机安全保护划分为以下5个级别。

二、填空题1. 信息保障的核心思想是对系统或者数据的4个方面的要求：保护（protect），检测（detect），反应（react），恢复（restore）。

2. tcg目的是在计算和通信系统中广泛使用基于硬件安全模块支持下的可信计算平台trusted computing platform，以提高整体的安全性。

3. 从1998年到2006年，平均年增长幅度达50％左右，使这些安全事件的主要因素是系统和网络安全脆弱性（vulnerability）层出不穷，这些安全威胁事件给internet带来巨大的经济损失。

4. b2级，又叫结构保护（structured protection）级别，它要求计算机系统中所有的对象都要加上标签，而且给设备（磁盘、磁带和终端）分配单个或者多个安全级别。

5. 从系统安全的角度可以把网络安全的研究内容分成两大体系：攻击和防御。

三、简答题1. 网络攻击和防御分别包括哪些内容？答：①攻击技术：网络扫描，网络监听，网络入侵，网络后门，网络隐身②防御技术：安全操作系统和操作系统的安全配置，加密技术，防火墙技术，入侵检测，网络安全协议。

2. 从层次上，网络安全可以分成哪几层？每层有什么特点？答：从层次体系上，可以将网络安全分为4个层次上的安全：（1）物理安全特点：防火，防盗，防静电，防雷击和防电磁泄露。

（2）逻辑安全特点：计算机的逻辑安全需要用口令、文件许可等方法实现。