Application SecurityExercise 01: Overflow AttacksReview some of the recent vulnerability announcements from CERT, SANS or similar organizations. Identify a number that occur as a result of a buffer overflow attack.Exercise 02: Integer overflow attackInvestigate the details of the integer overflow attack, how it works, and how the attack string it uses is designed. Then experiment with implementing this attack against a suitably vulnerable test program if you can.Exercise 03: Static Analysis Tool.Another approach to improving program safety is to use a static analysis tool, which scans the program source looking for known program deficiencies. Identify some suitable static analysis tools for a language that you know. Determine the cost, availability, and ease of use of these tools. Also indicate the types of development projects they would be suitable to use in.Exercise 04: Java applets and ActiveX controls.Go online and search for information about security threats posed by Java applets and ActiveX controls. Note that most of these programs are small in size and downloaded onto computers over the Internet. Look for a specific example of a security problem resulting from either Java or ActiveX, and document the problem.CryptographyExercise 01: Future of PKIWhat is the future of PKI? Acceptance of PKI solutions and product sales has fallen short of early estimates. What would the "killer app" for PKI sales look like?Exercise 02: Encryption and biometricsWill biometrics involve encryption? How are biometric technologies dependent on the use of cryptography?Exercise 3: Digital CertificatesIf you want to send encrypted e-mail messages to other users, and let them decrypt your messages, you need to acquire a digital certificate. Research this topic. Start by opening your e-mail program's help system and look for information about digital certificates. The help information should tell you what a digital certificate is, how it works, why it is needed, and where to get one. Next, go online and search for information on digital certificates. Locate a certificate authority—a vendor that sells these certificates to consumers. Assuming that this technology is secure (it is), would you use it and recommend it to others? Write a short paragraph describing your experience.Exercise 4: Security of WebsitesVisit a variety of Web pages that you would expect to be secure. (Entire Web sites are seldom secure, but individual pages are frequently secure.) Are they secure? How can you tell? What should you do if you are asked to provide data to a Web page that is not secure?