****Need it by tomorrow 5 PM EST (10/26/2019) Answer the below questions. The answer to each question should be more than  150 words. NO plagiarism. Question: What is the OSI security architecture? Question: What is the difference between passive and active security threats? Question: List and briefly define categories of passive and active security attacks. Question: List and briefly define categories of security services. Question: List and briefly define categories of security mechanisms. Question: List and briefly define the fundamental security design principles. Question: Explain the difference between an attack surface and an attack tree. Question: What are the essential ingredients of a symmetric cipher? Question: What are the two basic functions used in encryption algorithms? Question: How many keys are required for two people to communicate via a symmetric cipher? Question: What is the difference between a block cipher and a stream cipher? Question: What are the two general approaches to attacking a cipher? Question: Why do some block cipher modes of operation only use encryption while others use both encryption and decryption? Question: What is triple encryption? Question: Why is the middle portion of 3DES a decryption rather than an encryption?

The OSI security architecture, which stands for Open Systems Interconnection security architecture, is a framework for understanding and implementing security measures in computer networks. It is based on the concept of layered security, where various security mechanisms and protocols are organized into different layers to provide a comprehensive approach to network security.

The OSI security architecture consists of seven layers, each responsible for a specific aspect of security. These layers include the physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer. Each layer has its own set of security protocols and mechanisms to ensure the confidentiality, integrity, and availability of data transmitted over a network.

Passive and active security threats are two types of threats that can jeopardize the security of a computer system or network. Passive threats refer to attempts to gain unauthorized access to information without altering or affecting the systems being attacked. These threats can include eavesdropping, monitoring, or collecting sensitive information without the knowledge or consent of the system’s owner.

On the other hand, active security threats involve actions that deliberately disrupt or alter the normal operation of a system or network. These threats are more intrusive and can include activities such as denial of service attacks, malware infections, or unauthorized access attempts. Unlike passive threats, active threats actively exploit vulnerabilities in a system to cause harm or gain unauthorized access.

Categories of passive security attacks include eavesdropping or interception of sensitive information in transit, traffic analysis to gain insights about network patterns, and data modification or tampering without detection. Examples of active security attacks include denial of service attacks, in which the attacker overwhelms a system with excessive requests or traffic to render it unavailable, and unauthorized access attempts through the exploitation of vulnerabilities or weak passwords.

Security services can be categorized into several types, including confidentiality, integrity, availability, authentication, and non-repudiation. Confidentiality ensures that information is only accessible to authorized individuals or entities, while integrity ensures that data remains unchanged and unaltered during transmission or storage. Availability ensures that systems and resources are accessible and functional when needed. Authentication provides a means to verify the identities of users or systems, while non-repudiation prevents individuals from denying their actions or transactions.

Security mechanisms refer to the specific techniques and protocols used to implement security services. These mechanisms include encryption, access control, firewalls, intrusion detection systems, and secure protocols such as SSL/TLS. Encryption is the process of converting data into an unreadable format to protect it from unauthorized access. Access control ensures that only authorized individuals or entities have access to resources or data. Firewalls filter network traffic based on specified rules, while intrusion detection systems identify potential attacks or suspicious activities. Secure protocols such as SSL/TLS provide secure communication channels for data transmission.

The fundamental security design principles guide the development of secure systems and include principles such as least privilege, separation of duties, defense in depth, and fail-safe defaults. Least privilege ensures that individuals or systems have only the necessary privileges to perform their intended tasks, reducing the risk of unauthorized access or misuse. Separation of duties divides responsibilities among different individuals or entities to prevent collusion or unauthorized actions. Defense in depth involves implementing multiple layers of security controls to protect against different types of threats. Fail-safe defaults ensure that systems are designed to be secure by default and require manual configuration to enable potentially insecure features.

In summary, the OSI security architecture provides a framework for implementing security measures in computer networks. It consists of seven layers, each responsible for different aspects of security. Passive threats involve unauthorized access attempts without altering systems, while active threats disrupt or alter the normal operation of a system. Security services include confidentiality, integrity, availability, authentication, and non-repudiation, and are implemented using various security mechanisms. The fundamental security design principles guide the development of secure systems.