a) How can information be gathered from encrypted network traffic? An attacker looks for misconfigured network devices to exploit. Common vulnerabilities include weak default installation settings, open access controls, and unpatched devices. To gather information from encrypted network traffic, the attacker inserts packet sniffing tool into the network. Sniffing is the act of monitoring network traffic for data such as plaintext passwords or other configuration credentials. Usually the information transmitted during a Secure SHELL session cannot be seen, but other information such as sender and recipient IP addresses, DNS requests to resolve the host name, port numbers, and amount of data are visible. If the traffic along the network is encrypted by the attacker, the attacker can see which sites are visited, the amount of data received and sent, and the port numbers used to connect. Using a simple packet sniffer, all plaintext traffic can be read easily. This becomes possible due to weak physical security or lack of encryption during the sending process...