There is a public key authentication service. The service has the public keys of

Question

There is a public key authentication service. The service has the public keys of all participants: Where is the advantage of public key authentication compared to password authentication? A new participant logs in to the service. How can the service be authenticity of the new subscriber? The communication is carried out via a secure channel. What needs to be changed in the previous scenario when communicating over an unsecured channel?

A company has an internal network. What can you do to make TCP connections from the corporate network to the Internet
are possible, but not vice versa?

Cloud services tend to be well scalable, so DOS attacks often have less impact.
What problems do cloud services have with DDOS attacks?

A cloud service is affected by a DDOS attack. It succeeds the offerer, the IPs of the
blocking the attacking computer.
The service utilization never exceeded 25%, yet the service was for a while
unreachable - how does that explain?

Explanation / Answer

Public-key authentication is more secured than password based authentication. It includes strong identity checking. An attacker needs to obtain the private key of a user then only will mount a brute-force or dictionary attack to break the user's security while in a password based authentication, attacker is only needing to break the password as well as the security.
Public key authentication enables SSH users to logging in to their accounts with SSH Keys. These keys are also more secured than passphrases, as it uses private key which can further be encrypted hence service becomes the authenticity of the new subscriber. In the previous scenario, the password based authentication was being used and the connection was not encrypted which needs to be changed to ensure the security.
To make the TCP connections going from internal organization to internet but not vice versa, we will need a network firewall which can be configured to allow all outgoing traffic using TCP connection to paas but all incoming TCP connection to fail.
Cloud services are more scalable and are less affected by DOS attacks as the cloud service is providing Services to the users at larger extent and attackers will always need huge resources to throw a DOS attack. Cloud availability is managed by the vendor only. In case of a DOS attack the services enabled by cloud will be affected like if the organization has availed Pltform as a service then platform will be affected similarly if organization has availed Software as a service then it will be affected. The service utilization never exceeded 25%, yet the service was for a while unreachable as the attacker attacked at the connection between the cloud and the organization hence resulting into unavailablity of service.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.