What is ReEnforcement?

Download Solution: Click to Download Solution
Solution File Name: ReEnforcement.docx
Unzip Password: prestobear.com

R3.3 If a process forks two processes and these each fork two processes, how many processes are in this part of the process tree?
Answer:

R3.12 If a password is salted with a 24 bit random number, how big is the dictionary attack search space for a 200,000 word dictionary?
Answer:

R3.13 Eve has just discovered and decrypted the file that associates each userid with its 32 bits random salt value, and she has discovered and decrypted the password file, which contain the salted and hashed passwords for the 100 people in her building. If she has a dictionary of 500,000 words and she is confident all 100 people have passwords from this dictionary, what is the size of her search space for performing a dictionary attack on their password?
Answer:

C3.1 Bob thinks that generating and storing a random salt value for each userid is a waste. Instead, he is proposing that his system administrators use a SHA-1 hash of the userid as its salt. Describe whether this choice impacts the security of salted passwords and include an analysis of the respective search spaces size.
Answer:

C3.2 Alice has a picture-based password system, where she has each user pick a set of their 20 favorite pictures, say, of cats, dogs, cars, etc. To login, a user is shown a series of pictures in pairs one on the left and one on the right. In each pair, the user has to pick the one that is in his set of favorites. If the user picks the correct 20 out of the 40 he is shown (as 20 pairs), then the system logs him in. Analyze the security of this system, including the size of the search space. Is it more secure than a standard password system?
Answer:

C3.3 Charlie likes Alice’s picture-password system of the previous exercise, but he has changed the login so that it just shows the user 40 different pictures in random order and they have to indicate which 20 of these are from their set of favorites. Is this an improvement over Alice’s system? Why or why not?
Answer:

C3.7 Dr.Blahbah has implemented a system with an 8-bit random canary that is used to detect and prevent stack-based buffer overflow attacks. Describes an effective attack against Dr.Blahbah’s system and analyze its likelihood of success
Answer:

C3.8 A. Is this code vulnerable to a buffer overflow attack with reference to the variables password[] and continue? If yes, describe how an attacker can achieve this and give an ideal ordering of the memory cells (assume that the memory addresses increase from left to right) that correspond the variables password[] and continue of the code so that this attack can be avoided.
Answer:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.