#i also think andrew would type in all lowercase
Explore tagged Tumblr posts
theshortjew2 · 9 days ago
Text
today’s shower thoughts: andrew minyard does not strike me as an avid user of emojis the way jeremy knox does, but i do think andrew would get a kick out of the 🫡 emoji
100 notes · View notes
safety-blocks-pub · 6 years ago
Text
Midsem Exam Solutions
Here’s the solution for the midsem exam, credit to my tutor Andrew:
= COMP6[84]41 Midsemester Exam : 2019t2 = == Total number of marks: 55 == == Total duration: 55 minutes + 5 minutes reading time ==
This is a closed book exam. The class textbook is not provided for this exam.
There is one mark for following the examination instructions.
A result of 50 marks will be scaled to be full marks so you can skip 5 marks worth of questions in part A and still get full marks. I suggest you skip the final question in part A if you are tight for time as part B is worth much more.
If you are doing a pen and paper version of the exam write you name and student number here and sign it
{{{ Name: Student Number: Which course: COMP6441/COMP6841 (cross out the wrong one) Signature: }}}
If you are doing the exam on a terminal your answers can be submitted by pressing save on this application. You may submit your solutions as many times as you like. The last submission ONLY will be marked.
Write your name and student number on the top of each sheet of any rough working paper you use, this will not be marked, and write your answers in the computer files as directed in the exam instructions.
You must hand in ALL writing paper at the end of the exam.
Once the exam has commenced you may not leave the exam.
You may only use the viewer, GUI calculator, and the decoding app supplied for the last question. Other programs including scripting or interpreted languages may not be used. We are logging all activity and use of other software etc will result in 0 fail. If you are unsure ask the supervisor.
If no answer seems perfect, or if more than one answer seems correct then give the answer which you think best answers the question.
The use of Top Men, misdirection, or social engineering is prohibited. Strict exam conditions apply, including that you may not attempt to communicate with any other person, or access other computers or external data/information or any internet resources.
If you do not follow these instructions you will get zero marks for the exam and a possible zero marks for the course or a charge of academic misconduct.
Phones must be turned off and not visible, either left outside the room in your bag or sealed in an opaque bag placed under your seat.
v1.4
==== Part A ====
This part is worth 39 marks and consists of 13x3 mark questions.
=== Question 0 === (3 Marks)
You are setting the password policy for your company. What is the best policy according to NIST?
.[A] Users must change password every 6 months .[B] Require passwords to satisfy structural rules such as "at least one uppercase letter, one digit, and one non-alphanumeric symbol" .[C] Passwords must not be on a blacklist of common passwords .[D] Passwords must be of a minimum length .[E] Use a set of personal questions as challenges rather than passwords eg "What was the name of your first teacher" .[F] Generate the password randomly for the user and don't allow them to change it.
=== Question 1 === (3 Marks)
The modulus of a particular RSA key is generated by multiplying two different prime numbers, each having a length of 20 decimal digits (there are about 2x10^18 such primes). The modulus is public, the two primes which produced it are secret. All you need to know about RSA is if an attacker can ever find the two prime factors they can find the private key, and so break the code.
If it takes 8 bits of work to test if one number divides into another how many bits of work would it take on average to brute force one of the two factors of the modulus by repeated trial divisions?
.[A] 0-19 bits of work .[B] 20-29 bits of work .[C] 30-39 bits of work .[D] 40-49 bits of work .[E] 50-59 bits of work .[F] 60-69 bits of work .[G] 70-79 bits of work .[H] 80 or more bits of work
=== Question 2 === (3 Marks)
In a hypothetical electronic voting system the candidate names are "Putin", "Trump", "Xi", "Ahern", "Johnson", "Duterte" and "Trudeau". Candidates vote by encrypting their selected candidate's name, and posting the resulting encrypted candidate name on a public bulletin board which is tamper evident. The ID of the voter is shown alongside their encrypted vote on the bulletin board so everyone can check that no one voted twice, and that only eligible voters voted.
ASSUME THAT ELECTORAL OFFICIALS CAN BE SAFELY TRUSTED i.e. don't consider insider attacks in your answer. For each of the following encryption/hash schemes state whether or not it could safely be used to encrypt the candidate names in order to ensure that no candidate can view the bulletin board and learn who did, or who didn't, vote for them.
Vignere Cipher (each individual voter has a unique key also known to electoral officials) .[Yes] Safe to use .[No] Not safe to use
2048 bit RSA (encrypted using a publicly known public key, only the electoral officials know the private key) .[Yes] Safe to use .[No] Not safe to use
SHA256  .[Yes] Safe to use .[No] Not safe to use
One Time Pad (each individual voter has a unique key also known to electoral officials) .[Yes] Safe to use .[No] Not safe to use
 === Question 3 === (3 Marks)
You encode your favorite quote using METHOD A and paste the cipher text at the end of a long email to your friend - and then you encrypt the whole email using METHOD B before you send it. So the quote has been encrypted twice.
Roughly how much work will it take to find the decryption of the quote if it takes 30 bits of work to decrypt METHOD A and if it takes 30 bits of work to decrypt METHOD B?
.[A] 30 bits .[B] 60 bits .[C] 90 bits .[D] 900 bits .[E] A good quote by Goethe is "You can easily judge the character of a person by how they treat those who can do nothing for them" - however it's not the one you encrypted.
=== Question 4 === (3 Marks)
The following question relates to the Houdini case study done in your analysis group.
The object of the case study was to devise a protocol for Bess to follow. What are the two most important properties the protocol needed to have?
Most important property (use between 4 and 20 characters in your answer) (hint: it is one of the CIA properties) Authentication_____
Second most important property (use between 4 and 20 characters in your answer) (no hints for this one) Non-repudiation ______
  === Question 5 === (3 Marks)
Suppose the president of a country is the only one who knows the 10 digit pin needed to arm the country's nuclear weapons (to prevent unauthorised launches). If you were the country's head of military security what would you be most worried about in this scenario:
.[A] Integrity .[B] Authentication .[C] Security Engineering .[D] Proof of liveness .[E] Security by obscurity .[F] Type I/Type II error tradeoff
=== Question 6 === (3 Marks)
What sort of attack would the following most likely be used in?
.[A] Bump .[B] Rake .[C] Shim .[D] Brute force .[E] Impressioning .[F] Social Engineering
=== Question 7 === (3 Marks)
A locksmith uses the tool below to pick a tumbler lock with 6 pins and 6 possible pin heights. Suppose she already knows the correct sequence in which to try the pins. How many combinations will she have to test in the worst case?
.[A] 6 .[B] 6+6 .[C] 6*6 .[D] 6^6 .[E] 2^(6+6)
=== Question 8 === (3 Marks)
Suppose your company has been hit by a ransomware attack. What is the most likely to have been used in the attack?
.[A] Corrupt Insider .[B] Social engineering .[C] Memory corruption .[D] Brute force .[E] Rainbow table .[F] Security by obscurity .[G] 0-day .[H] Integrity .[I] Confidentiality .[J] Proof of Liveness
=== Question 9 === (3 Marks)
On average how many hashes would be required to succeed in each of the following attacks against SHA-256? You may assume SHA-256 has not yet been broken. Write your answer to the nearest power of 2 eg if you think the answer is 250 enter "8" as your answer (since 2^8 is 256)
Preimage: 2^ 255 hashes
Second preimage: 2^255 hashes
Collision: 2^128 hashes
=== Question 10 === (3 Marks)
Lachlan and I are going to use going to use Merkle Puzzles to securely discuss the exam questions on Friday the day before the exam runs (because he loves Merkle Puzzles). I'll send him 1,000,000 encrypted mini-messages of the form:
{{{ ... ... This is puzzle two hundred thousand and seventeen, the key is jHg4t5ct&rqSg This is puzzle two hundred thousand and eighteen, the key is 3pojygv3x%wD? ... ... }}}
What cipher/hash would be best to use to encrypt these mini-messages?
.[A] One Time Pad .[B] Ceasar .[C] Vigenere .[D] RSA 64 bit modulus (encrypted using my public key) .[E] RSA 2048 bit modulus (encrypted using my public key) .[F] SHA256
=== Question 11 === (3 Marks)
A confident sounding comment about passwords posted on the internet: {{{ I’ve moved to using three word passphrases that use Subject->Action->Object format. They need not be sensible though. Things like:
Obama Punting Cornflakes
or
Grandma Curling Pumpkins
Both of those are over 80 bits, and you’ll never forget them. In fact, if you read this, you’ll never get the image of Obama punting a box of cornflakes out of your head."
- Jonathan Beerhalter 2012-03-08 }}}
Most people have a vocabulary of between 20,000 and 40,000 words that they use or can recognise.
Assume that the three words in each passphrase are randomly chosen from three dictionaries of 10,000 familiar words each (one of Subject words, one of Action words, one of Object words) and are written separated by a space, first letter uppercase, remaining letters lowercase, and that it takes one bit of work to test one passphrase.
How many bits of work would it take on average to break one of Jonathan's passphrases?
.[A] Around 40 bits .[B] Around 50 bits .[C] Around 60 bits .[D] Around 70 bits .[E] Around 80 bits .[F] Around 90 bits .[G] Around 100 bits or more
=== Question 12 === (3 Marks)
I suggest you don't do this question until and unless you have finished Part B below - it is probably not worth it. Remember you can skip 5 marks in Part A and still get full marks.
The ciphertext below has been produced by a Vignere cipher.
OUEYZLWCFMGYOULHEXWWRISCGHGADLWZBKDCXUOEDUHJRTQOFUOEDCXUPMHP WUCIDUJCATBNAPRBEHWUETOJWUEYZLAZSTQUHJRTQHWUEBESGOEXMYECRLGU NYNWUUFNNZDVSCGMGYECSMGYQUEXBIFZHLDXUUCMTLWNUXLCXNUXXUJYANLY JIHLOLWJNKDZGLGADGAZGADSSLRLSLGHTTUIAXGADGAZGADSSLRTMAJSVLSO JVGADGAZGADSSLRATGTFRFZEWNUXLBSOTASSAZGADSSLRKDFSRRWSIAFGADG AZGADSSLRTKFMHVMDXKYCTQULYGADG
What is the likely period of the cipher? (ie length of the cipher key)?
_6_
  ==== Part B ====
This part is worth 15 Marks and consists of one question.
=== Question 13 === (15 Marks)
Decode the ciphertxt in the NSA app (which is in a tab in your web browser). If you close it by mistake you can reopen it by right clicking on the desktop, or ask the exam supervisor for help.
The message has been enciphered using a monoalphabetic substitution cipher.
Write the deciphered plaintext below, use ? symbols for undecrypted letters, partial marks for partial decryptions so long as it is clear.
0 notes
whatdoesseostandfor · 8 years ago
Text
8 Step Guide to Help Your Blog Improve Conversion Rate
What is a blog?
According to Andrew Sullivan (former editor to The New Republic, author, publisher and blogger) a blog is “the first journalistic model that actually harnesses rather than merely exploits the true democratic nature of the web. It’s a new medium finally finding a unique voice.”
Why blogging?
The answer lies in the fact that every human has a voice and wishes their voice to be heard.
I would say a blog is like a vehicle.  All you need to do is to start it and you’ll have to figure out how to keep it running because, as far as I know if the engine stops, all the other vehicles will overtake you and you’ll find yourself as you were before “ no voice to be heard”.
We will focus on optimizing your “vehicle”. Keep it loud and running!
As a blogger in need for fast recognition you will need to find the best way to optimize your blog. I’m thinking here if you are more interested in having a better Search Engine Optimization, Conversion Rate Optimization or both of them. Depending on your profile, you will probably choose one of them. My advice: go for both!
Basic On-Page SEO Tips for Blogs
SEO for blogs is defined by the content the audience wants and needs but also by what you need to tell your search engines, so they can share it to your target audience.
Some of the main keys we need to focus on are:
Keywords
you need to find out what your audience is searching for on search engines
for keyword research you can use tools like Ubersuggest or Soovle.
Title
Title is very important as it leads your audience to your content and the search engines to your audience.
One thing is for sure, you need to think at the search engines as to your audience. Don’t make the difference as one of them might feel offended.
Rules for a properly optimized title:
keep it under 60 characters
use the focus keyword once
don’t stuff it with keywords
title has to be natural, relevant and clear for readers
URL
The URL has to provide relevant information to your audience. You can use the title when possible.
Rules for a properly optimized URL:
no date inside the url (just in case of duplicate URL’s)
no underscores (use dashes if needed)
no uppercase or proper case (use lowercase)
avoid using dynamic parameters in the URL’s (?)
Meta Description
Goes with the title and describes what the people will find on your website
Rules for a properly optimized Meta Description:
keep it under 160 characters
must include page’s main focus keywords but don’t abuse the keyword density
Headings
Headings help both the audience and the search engines. The audience can read the content easier and it’s a signal for the search engines.
Headings must be set accordingly to their importance from H1 to H6.
Internal linking
keeps your audience on your blog
increases traffic and time on site.
Content
How do you write it?
How do you do keyword research?
Check for keyword density.
After we focused on SEO and we managed to acquire a decent percentage of Search Engine for our desired keywords, our main focus should move towards optimizing the page for a better conversion rate.
Optimizing a blog is more about retaining user attention and getting credit for spreading ideas than it is about optimizing content to match search relevancy algorithms.
Conversion Rate Optimization for Blogs
 Conversion Pages Attributes:
The page may rank for keywords but is primarily concerned with direct conversions. Keyword targeting is secondary or may be unnecessary. We need to focus on one particular audience. To have a good start you should put your calls-to-action in people’s natural eye path.
1. Make sure that your CTA buttons look clickable
Clean and contrasting background to text color
A distinct button text (e.g., “Get free access”)
Have white space surrounding them
Rectangular (sometimes rounded) shape
Complementary border
The point of contact between your visitors and your offer is the call-to-action, whether buying, trying or sharing on social media.
2. Define and know the points of interest of your page – Heatmap Usage
I would say, this is your map to success. As long as you will pay attention to this, the content and all the actions your audience will take will lead to conversion.
There is the “F” rule where all the attention of your audience will focus on this magical shape.
Of course, testing is the key but having this hint is easier to check your visitor behavior.
3. Have a compelling and short button copy
It’s time to click: “reading mood” to a “ready to act mood”  has to be encouraged.
4. Use power words in your button copy
It’s proven that power words are the key. Why not to use them where you can confirm your audience impulse.
Here is an example of power words but may be different depending on your blog type.
5. Create anticipation in your copy
According to a research study reported in The Atlantic, 47% of the time, the human mind is wandering. Your mind wanders about a third of the time while you are reading or talking with other people.
It seems that the key to getting people to do what you want – e.g., click a button – is to promise a better experience.
6. Test and use the right font color
“If a good color sells, the right color sells better.”
Since less than 5% of the population suffers from color blindness, color theory should be explored.
There’s no perfect color for any specific emotional state. You can’t accurately say “red is the best color for CTAs,” or that “green symbolizes wealth and productivity, which means that you should always use it in those niches.” There is no one color rule – you just have to test out options for yourself.
7. Use pop-up and slide-in forms the right way.
There are four types of pop-ups. Depending on the information you are about to show, a pop-up may be pleasant or annoying. You have to make sure you will provide the best user experience in order for you to reach your goal.
Welcome mats: Full screen pop-ups that slide above page content
Overlay modals: Center screen pop-ups that appear on top of page content
Top banners: Small banners at the very top of the page
Slide-in boxes: Small boxes that slide in from the side/bottom of the page
Action:
Page entrance:Pop-up appears when the visitor first gets to the page
Page scroll:Pop-up appears when the visitor scrolls to a certain point on the page
Element interaction:Pop-up appears when the visitor clicks on or hovers over a specific element
Time on page:Pop-up appears when the visitor has been on the page for a specific amount of time
Exit intent:Pop-up appears when the visitor scrolls towards the top of the page to leave
Timing:
Wait X seconds before showing the popup Show when user scrolls to X% of your website Show when user attempts to leave your page (exit intent)
TIPS:
Give them a tease. If a visitor closes the form, they can be shown a teaser in the bottom of the site which can be opened at any time. You can see how many visitors sign up after having closed the form.
Keep it closed. If the form is closed, it will not reopen during the same visit/session.
Give it a limit. It’s essential to set a limit for your form. All Sleeknote pop-ups are created with a default limit on four exits from a single person. After this, the visitor will never see it again. You can also modify this to your needs.
Don’t show it again. Finally, if a visitor signs up, they are counted as converted and will not see the form again.
Some additional tips include:
If you’re using a timer, set it to at least five seconds.
Make sure your form is not shown during checkout, receipt pages or other conversion points. After all, you don’t want to interrupt potential customers during the process of buying.
Avoid more than one pop-up on the site at one time. You can easily have a slide-in and pop-up on the same site, but never two different pop-ups.
Think about the copy on your call to action button. For call to action tips, check out our how to create the perfect call to action post.
8. Use social media strategically for lead generation.
The goal of a brand social media page is to get a follower over the blog, not the other way around. If they click over to your social page, they may not return and may not convert.
INCLUDE IT ON THE BUSINESS WEBSITE
Have you provided people with a way to easily access the blog from the company website? Even if you have opted to host your blog on a separate domain from the business website, you still need to make sure that they are both accessible to one another. One of the biggest reasons for this is that the company website gives the blog a level of credibility that may not exist if they don’t realize that the blog is part of the overall web presence of your company.
When the website and blog aren’t able to be navigated from one to the other, vital information that conveys trust to the visitor is missing. If the blog is part of the business website the visitor automatically knows who the author is, what the industry is, who they can contact, etc. The website navigation is right there for them to see. As a result, this establishes a sense of credibility and trust, which could then encourage the website visitor to take the desired action.
The post 8 Step Guide to Help Your Blog Improve Conversion Rate appeared first on SEO Nick.
More articles on my blog: http://ift.tt/1ar6xOc from Blogger http://ift.tt/2s6iken
0 notes