Question Set 4 – 4.1 Deep learning has been used to establis…

Question Set 4 – 4.1 Deep learning has been used to establish an anomaly detection model. The infrastructure of a biology-inspired neural network for building anomaly detection models can be illustrated as shown in Figure 4.1 below. More specifically, this figure illustrates a feedforward neural network (FNN) that can generate normal or abnormal traffic behavior patterns using supervised or semi-supervised ML strategies. In this model, network traffic can be first categorized by multiple features, which later will be used as inputs of the FNN. The following questions are based on the presented FNN neural network solutions. Recall that a neuron contains an activation function ϕ(∗). Which of the following statements regarding the activation function are correct? (select all that apply) Figure 4.1. Feedforward Neural Network Illustration of a biological neuron and a schematic of an artificial neural network, comparing their structures and signal processing, with labels indicating input and output signals and a question about pattern recognition in the artificial network.

Question Set 3 – 3.7 You can also use the attack countermeas…

Question Set 3 – 3.7 You can also use the attack countermeasure tree (ACT) to model the attack scenarios. For example, Figure 3.4 presents a BGP attack scenario. In the figure, the money value ($) are used to represent how much effort an attacker needs to expend to deploy the attack. Referring to Figure 3.4 and if the attacker’s budget constraint is $2900 (so the sum of the effort spent by the attacker cannot exceed $2900 ), which attack scenarios are possible? (select all that apply) Figure 3.4. Attack Countermeasure Tree Flowchart depicting alternative methods for resetting a BGP session with decision points, actions, and associated costs ranging from 800 to 4000.  

Question Set 4 – 4.4 The list below presents the procedural…

Question Set 4 – 4.4 The list below presents the procedural steps of FNN. Which of the answer options presents their correct order? STEP A: Input the first observation of your dataset in the input layer, each feature in one input node. STEP B:Compare the predicted result to the actual result. Measure the generated error. STEP C: Forward-propagation: from left to right, the neurons are activated in a way that the impact of each neuron’s activation is limited by the weights. Propagate the activations until getting the predicted result y. STEP D: Randomly initialize the network, set weights to small numbers close to 0 (but not 0). STEP E: Repeat previous steps and update the weights after each observation. Or, repeat previous steps but update the weights only after a batch of observations (Batch Learning). STEP F:Back-Propagation: From right to left, the error is back-propagated. Update the weights according to how much they are responsible for the error. The learning rate decides by how much we update the weights.

Question Set 3 – 3.5 Referring to Figure 3.3, which of the f…

Question Set 3 – 3.5 Referring to Figure 3.3, which of the following attack scenarios are presented based on the given AG? (select all that apply) Figure 3.3. Network Setup and Attack Scenario Computer network attack diagram with an attacker, firewall, router, FTP, and a database server, connected by a flowchart of probable attack steps reaching a “local_bof()” function with numerical probabilities.  

Question Set 1 – Question 1.1 Suppose you are an IT staff me…

Question Set 1 – Question 1.1 Suppose you are an IT staff member and it is your organization’s network that is shown to the left side of the Internet in Figure 1.1.  You have a private network 192.168.0.0/24 and this private network is behind the gateway G. I1-I6 represent network interfaces of host/server/gateway/router. If G is the one that connects your organization to the public Internet, you need to assign a public IP address from your local ISP.  Which of the following IP addresses that you may get from your ISP should be assigned on your gateway G’s interface I3 that connects to the Internet? Figure 1.1 Network Setup  Diagram showing a network configuration with labeled components. From left to right: interface I1, gateway G, Internet cloud, interface I5, and server/router I6.  

Q​uestion Set 1 – Q​uestion 1.12 Now, you become busier and…

Q​uestion Set 1 – Q​uestion 1.12 Now, you become busier and would like to provide stronger security protection on your local office site. You want to upgrade your firewall system from a dual-home server to DMZ. The initial design is presented below in Figure 1.3.  Figure 1.3 System with DMZ Network diagram for a system with DMZ including two servers connected to an interior router, a webserver in the DMZ between two routers, and a public-facing server connected to the external router. A monitor is also present in the diagram.   In the new system, because the website is accessible from the public domain, ideally the webserver should be allocated on a separate private network guarded by an interior firewall. Thus, you designed a screened network firewall, where the internal network system is separated as a private network containing a host and a DB, the webserver is placed in the perimeter network (DMZ) set between the interior router and exterior router. The IP addresses in your system are set as as shown in the table below (Table 1.2): In this network setup, both DMZ and private networks will set up using private network addresses.  Node-to-IP Mapping in Network Setup Node IP Host 192.168.0.10 Interior Router 192.168.0.30 Exterior Router 172.16.0.10 Webserver 172.16.0.20 DB 192.168.0.20 Which of the following suggested setups can maximize the system’s security? (select all that apply)    

Question Set 2 – 1.17 Continuing the scenario presented in Q…

Question Set 2 – 1.17 Continuing the scenario presented in Question Set 1, you would now like to migrate your organization’s networking system to a cloud platform. Specifically, you want to use SDN and NFV techniques to build up your network infrastructure. In order to set up a programmable networking environment, you need to understand some foundations of virtual networking solutions. Which of the following statements are not true regarding classifying VPN protocols? (select all that apply)   Figure 1.1 Network Setup Diagram showing a network configuration with labeled components. From left to right: interface I1, gateway G, Internet cloud, interface I5, and server/router I6.     Figure 1.2. Updated Network Setup Network diagram with a switch divided into VLAN A and VLAN B, connecting to servers and routers, which are linked to the Internet cloud, illustrating the segregation of sales/marketing and back-office networks via VLANs.   Figure 1.3 System with DMZ Network diagram for a system with DMZ including two servers connected to an interior router, a webserver in the DMZ between two routers, and a public-facing server connected to the external router. A monitor is also present in the diagram.

Question Set 1 – 1.13 If you also set up NAT on the interior…

Question Set 1 – 1.13 If you also set up NAT on the interior router, the traffic initiated from the host to the web server (202.10.19.132) on the public domain needs to traverse two NAT (double NAT).  Assuming that the default firewall policy is DROP, and IPs are shown in the table in Q1.11. Which of the following iptables NAT configurations is correct? (Only consider one way traffic going from the host to internet.) Figure 1.3 System with DMZ Network diagram for a system with DMZ including two servers connected to an interior router, a webserver in the DMZ between two routers, and a public-facing server connected to the external router. A monitor is also present in the diagram.   Node-to-IP Mapping in Network Setup Node IP Host 192.168.0.10 Interior Router 192.168.0.30 Exterior Router 172.16.0.10 Webserver 172.16.0.20 DB 192.168.0.20