Faculty: Technology, art and design Education: Technological subjects Course name: Computer Security Course code: ITPE3100 Language: English __________________________________________________________________________________________________ Date: 28.02.2024 Time: 09.00- 12.00 (3 hours) Number of questions: 19 Permitted aids: None Note: The candidate must make sure that the task set is complete. In the event of any ambiguities in the assignment text, please explain the assumptions you provide for the solution. Support: If you have any questions or problems with Inspera please contact
[email protected] or by phone: 67 23 88 88. Email inquiries will be processed continuously, remember to enter student number, candidate number and subject code in the email for faster processing. If you experience problems with the submission, you must contact the examination office before the deadline for submission. Instructor: Ismail Hassan
Some of the questions will require you to use the Linux terminal that we used in the course to conduct the practical weekly assignments. Resources that are provided to candidates are as follows: The link to the Linux terminal is available at the bottom. A PDF file containing a list of commands used in the course
1 As the network security administrator, you would like to find out what type of software that is running on the host 10.5.2.110 and is exposed to the network. You will need the Linux terminal to solve this question. username = exam-v24 password = DgC7NaT*UKbk Use the tools and methods learned in the course ITPE3100 to find out what is running on the host 10.5.2.110 The process might take about 1 minute, so be patient. The port nginx is running on is The port Apache is running on is The port OpenSSH is running on is The port MariaDB is running on is The port lighttpd is running on is NB! 1 point for each correct answer, 0 points for each wrong answer, 0 points for not answering. (8888) (8088) (2323) (3306) (9099) Maximum marks: 5
2 Asymmetric cryptography, also known as public-key cryptography, is a process that uses a pair of related keys, one public key and one private key to encrypt and decrypt a message and protect it from unauthorized access or use. Asymmetric cryptography has a very essential role in todays modern IT world and security professionals must know how to use it. You will need the Linux terminal to solve this question. username = exam-v24 password = DgC7NaT*UKbk Unzip/uncompress the file under the directory Dir2 by using the following command: unzip file-2.zip The command will ask for a password. The password is eiciePh7 Once the file is unzipped, it will produce the following 2 files: 1. secret.enc which is encrypted with the RSA asymmetric encryption 2. privkey.pem Use Openssl to decrypt the file using the private key and then read the content. What is the decrypted content? The decrypted content is: NB! Please make sure you write the whole value. Points will only be awarded if your answer contains the correct and complete value, otherwise 0 points will be awarded. (Never let the fear of striking out keep you from playing the game) Maximum marks: 5