a) One of your friends is concerned that attackers could be exploiting a vulnerability in software...
a) One of your friends is concerned that attackers could be exploiting a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. In this regard he/she has asked for your help. Identify the type of attack for which your friend is worried and propose a solution.
b) You have recently joined a large enterprise as an information security officer. In a recent meeting, you were asked which of the standard networking devices already present on the network could be configured to supplement the specific network security hardware devices that were recently purchased. Identify and discuss two standard networking devices which you would recommend. How could these devices help in securing information in a networked scenario?
Homework Answers
a) Privilege Escalation is the attack where the attackers could be exploiting a vulnerability in the software to gain access to resources that the user normally would be restricted from accessing.
The solutions to privilege escalation are as follows:
i) Try using unique and secure passwords and change them periodically to avoid being hacked or attacked.
ii) Keep two-factor authentication especially using sensitive data in the software.
iii) Keep critical data on the server-side rather than on the client-side.
iv) Keep the system patched or updated.
v) Encrypt the data that is to be sent to the server-side and secure it with digital signature.
b) Router and Switching can be configured to supplement the specific network security hardware devices.
A router is an internetworking device that connects the system distributed over a large area and connects devices with the internet. The router chooses the best path for the information to travel. It acts as a secure networking device as it protects the data from attacks and even blocks the unnecessary incoming data. It also provides a secure path for communication between mobile workers and employees of the organisations.
A switch is an intelligent networking device that can be connected to many systems but sends data packets to the only specified MAC address. Therefore no unnecessary will be created and there will be no unnecessary wastage of bandwidth. Also, because of the specified MAC address, the information is highly secured. Switches works in DLL(Data Link Layer).
Add Answer to:
a) One of your friends is concerned that
attackers could be exploiting a vulnerability in software...
IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is...
IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is a popular type of transport layer security (TLS) software (discussed later in this chapter) that secures numerous websites around the world. Web servers use OpenSSL to encrypt sites. Such sites show up in browsers with a “lock” icon and the “https” prefix in the address bar. The encryption protects Internet sites offering banking, shopping, email, and other private communications. Roughly two out of three...
Plz answer 27 to 40 flooding the network with 27. Which of the following is a...
Plz answer 27 to 40
flooding the network with 27. Which of the following is a type of denial-of-service attack that involves broadcast messages that contain a spoofed source address of an intended victim? a. packet storm b. broadcast flood c. smurf attack d. half-open SYN attack 28. When would you most likely NOT choose to use a leased line connection? a. when high-quality, 24/7 access is needed b. for mission critical applications c. when fast upstream as well as...
TRUE/FALSE QUESTIONS: Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for...
TRUE/FALSE QUESTIONS: Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program. 2. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values. 3. The biggest change of the nature in Windows XP SP2 was to change all anonymous remote procedure call (RPC)...
A new version of the operating system is being planned for installation into your department’s production...
A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...
please I need this, step by step with formulas, avoid using excel. CASE 33 Security Software,...
please I need this, step by step with formulas, avoid using excel.
CASE 33 Security Software, Inc. communication in a highly secure and efficient process. The Market Security Software, Inc. (SSI) was a major provider of application software. The firm was proud to be the number two company in the enterprise firewall market. Firewalls ensure network Security for businesses by determining whether to approve or deny access to corporate networks and applications. They have security software that inspects com- munication...
PART A 21 MARKS SHORT ANSWER QUESTIONS Answer ALL questions from this part. Write your answers...
PART A 21 MARKS
SHORT ANSWER QUESTIONS Answer ALL questions from this part. Write
your answers in the Examination Answer Booklet. Each question is
worth 1.5 marks (14 x 1.5 = 21 marks).
Question 1
An organisation has been granted a block of addresses with the mask
/22. If the organisation creates 8 equal-sized subnets, how many
addresses (including the special addresses) are available in each
subnet? Show your calculations.
Question 2
Give an example of a valid classful address...
Read the case study "Google, Apple, and Facebook Struggle for Your Internet Experience" on page 255....
Read the case study "Google, Apple, and Facebook Struggle for
Your Internet Experience" on page 255. Then discuss the advantages
and disadvantages for each company.
BUSINESS PROBLEM-SOLVING CASE Google, Apple, and Facebook Battle for Your Internet Experience Apple has a legacy of innovation on its side. In Three Internet titans Google, Apple, and 2011, it unveiled the potentially market disrupting Facebook are in an epic struggle to dominate your Siri (Speech Interpretation and Recognition Internet experience, and caught in the...
CASE 8 Unlocking the Secrets of the Apple iPhone in the Name of access the male...
CASE 8 Unlocking the Secrets of the Apple iPhone in the Name of access the male San Bernardino suspect's iPhone 5c. Cook stated: Antiterrorism We are challenging the FBI's demands with the deepes respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications While we believe the FBI's intentions are good, if would be wrong for the w e nt to force...
Plz answer 27 to 40
flooding the network with 27. Which of the following is a type of denial-of-service attack that involves broadcast messages that contain a spoofed source address of an intended victim? a. packet storm b. broadcast flood c. smurf attack d. half-open SYN attack 28. When would you most likely NOT choose to use a leased line connection? a. when high-quality, 24/7 access is needed b. for mission critical applications c. when fast upstream as well as...
please I need this, step by step with formulas, avoid using excel.
CASE 33 Security Software, Inc. communication in a highly secure and efficient process. The Market Security Software, Inc. (SSI) was a major provider of application software. The firm was proud to be the number two company in the enterprise firewall market. Firewalls ensure network Security for businesses by determining whether to approve or deny access to corporate networks and applications. They have security software that inspects com- munication...
PART A 21 MARKS
SHORT ANSWER QUESTIONS Answer ALL questions from this part. Write
your answers in the Examination Answer Booklet. Each question is
worth 1.5 marks (14 x 1.5 = 21 marks).
Question 1
An organisation has been granted a block of addresses with the mask
/22. If the organisation creates 8 equal-sized subnets, how many
addresses (including the special addresses) are available in each
subnet? Show your calculations.
Question 2
Give an example of a valid classful address...
Read the case study "Google, Apple, and Facebook Struggle for
Your Internet Experience" on page 255. Then discuss the advantages
and disadvantages for each company.
BUSINESS PROBLEM-SOLVING CASE Google, Apple, and Facebook Battle for Your Internet Experience Apple has a legacy of innovation on its side. In Three Internet titans Google, Apple, and 2011, it unveiled the potentially market disrupting Facebook are in an epic struggle to dominate your Siri (Speech Interpretation and Recognition Internet experience, and caught in the...
CASE 8 Unlocking the Secrets of the Apple iPhone in the Name of access the male San Bernardino suspect's iPhone 5c. Cook stated: Antiterrorism We are challenging the FBI's demands with the deepes respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications While we believe the FBI's intentions are good, if would be wrong for the w e nt to force...
Most questions answered within 3 hours.
-
(63
#14)
which of the following statments best describes how chamging
the concentration of the substances...
asked 1 hour ago -
In the following reaction, which element is undergoing
oxidation: Na2SO3 + N2O --> N2 + Na2SO4...
asked 2 hours ago -
Which of the following pairs of ions have the same electron
configuration?
I: Br− and Se2−...
asked 5 hours ago -
The Foremost Composite Materials Company is planning a two-day
sales conference for October 19-20. The conference...
asked 5 hours ago -
3) Illustrate the observed pattern of relatedness of organisms
versus adaptations to specific conditions. This means...
asked 5 hours ago -
In winter a lake has a 0.35 m thick ice layer over 1.10 m of
water....
asked 6 hours ago -
Assuming the following has been encrypted with a Vigenere cipher
below, use the method(s) and assumptions...
asked 7 hours ago -
How would I use switch statements to write a program that will
take an input of...
asked 7 hours ago -
Imagine a reaction in which methane gas combusts at a constant
pressure of 1 atm and...
asked 7 hours ago -
Two parallel wires (each 12 m in length) are separated by a
distance of 0.065 m...
asked 7 hours ago -
Suppose there were three masses at the corner of uniform
equilateral triangle. The masses are m1...
asked 7 hours ago -
Situation: A building that is 618 m above the ground floor. How
many times would a...
asked 7 hours ago