Assignment 2

Student number: 79127371

Semester 1 :

722252

1. Chapter 1: What is information security?

1.1. Discuss the difficulties of defending against attacks
- It is difficult because nearly all computers, tablets and cellphones
(Smartphones) are all interconnected via the internet. It is very easy for an
attacker in a foreign country to launch an attack on a network or device in another
country.
- Attackers usually use the advantages of internet speeds to quickly scan and
exploit vulnerabilities without much human interaction.
- The ease of use that come with modern attack tools makes it easy for anyone to
launch an attack.
- The delay in rolling out security patches for antivirus and other software, makes
it difficult to defend against attackers. Attackers can easily exploit vulnerabilities
in a system.
- An attacker sometimes uses hundreds of computers in an attack against a
single server or network. This makes it very difficult to stop or block an attack
using a single source.
1.2.
-

1.3.

Discuss different attackers

Cybercriminals These are attackers who launch attacks against other users,
they are not an organised group. Mostly identity thieves and fraudsters.
Cyberterrorist These are a network of attackers usually with a similar belief
and principles. They attack countries and corporations which they feel violate
their beliefs.
Script kiddies These are individuals with limited knowledge of computer
hacking.
Spies They are professional computer experts who are hired to break into a
computer to access information, they do not randomly attack any computer
but they target specific computer with the intention off accessing the
information without the user ever knowing.
Insiders These are individuals with close ties to an organization. Attacks
instigated by insiders include theft of intellectual property and sabotage from
employees, clients and suppliers.
Government agencies These institutions sometimes hack civilians devices
into to monitor and listen on potential threats to the government and country.
Discuss Confidentiality, Integrity and availability

1|Page

Confidentiality ensures that only approved or authorized individuals are able

to access sensitive information. Confidentiality can be achieved by software
that scrambles transmission of sensitive information.
Integrity ensures that the data has not been tampered with. This means if you
make an online purchase, the information that you provide should not be
altered to reflect differently from what you provided.
Availability ensures that secured data is made available to only authorized
individuals when it is requested.

2. Chapter 2: Personal Security

2.1.
-

Discuss password protection

Password protection is a security system that authenticates a user by what he
knows. It ensures that the user meets certain security levels by proving that
the has knowledge of a combination of letters and numbers that prove he has
the necessary authority to access data by providing a password. A password
can only prove authorization by what a user has, it has no way of proving that
a user is who he claims to be, because passwords can be lost or hacked.

2.2.
-

Explain social engineering

Impersonation is the use of an alias to trick the system by pretending to be
an authorized person in order to gain access to sensitive data.
Phishing This involves falsely display web announcement through e-mail
services to mislead users into giving their private information there are four
types of phishing [pharming, spear, whaling, vishing]
Hoaxes a hoax plays on the mind of the user, usual a warning claiming to
come from a reputable source ask you to confirm your private information with
the intention of stealing that information for fraudulent activities.

3. Chapter 3: Computer security

3.1.
-

Discuss malware
Malware is a computer software that enters a system without the users
knowledge or consent, the objective of malware is to hide its intended
purpose, to illegally enrich its creator and to spread rapidly. Malware that are
designed to spread rapidly are viruses and worms. A computer virus attaches
itself to a file and is usually activated when that file is run on a computer. A
worm is designed to look for vulnerabilities in the system, once it has infected
the computer, it replicates to another system through the network.
Malware that are primarily for concealing their purpose, are Trojans, rootkit,
backdoor, keyloggers, arbitrary code execution.
Malware that are designed to benefit the creator financially are botnet. A
botnet is a large network of computers that are infected and turned into
zombie computers without the knowledge of the user. Another type of
financially beneficial malware are spyware, which is malware that steals

2|Page

sensitive information without the users consent therefore violating their

privacy.
3.2.
-

Write a memo to your boss explaining Computer defences

Computer defences can be achieved when information systems are protected
against attacks by means of security applications such as, availability,
integrity, authentication, confidentiality.
The most important factor in computer security is a balanced strategy
focussing on people, technology products, procedures policies.
People firstly, achieving computer defence begins with well-equipped and
informed personnel. This includes, assignment of roles and duties, training
critical security personnel, system users, and systems administrators.
Products - secondly, theres a variety of products and services available for
provision of computer defences systems and deflecting threats. To ensure
that the correct technologies are deployed, an organization should identify
vulnerabilities, potential threats and potential threat agents. Then appropriate
infrastructure can be deployed, this infrastructure can be locks to regulate
access control, antivirus software to detect and remove malware, etc.
Procedures These focuses mainly on activities required by the people and
products in order to sustain an organizations security posture on a daily
basis.
Procedures should be, maintaining visible and up to date system security
policy. Performing system security assessments. (Ref The National
Information Systems Security [INFOSEC] Information Assurance Solutions
Group STE6737)

4. Chapter 4: Internet Security

4.1.
-

Explain how the WWW and email works

The WWW (Internet) is an interconnected network of networks globally, a
computer user connects to the internet using a device called a modem or
router. The router connects to an Internet Service Provider (ISP) using a Point
of Presence (POP). The ISP servers are connected to other ISP servers using
Network Access Points (NAPs).
The internet uses a protocol called Transmission Control Protocol/Internet
Protocol(TCP/IP) to interconnect devices globally, to transmit information
pages, the internet uses an Hypertext Transmission Protocol (HTTP) to
distribute web pages (HTML)
E-mail is an internet protocol that transports messages using 2 protocols
namely, Simple Message Transfer Protocol (SMTP) for handling outbound
messages, and Post Office Protocol to handle inbound messages. Email uses
port numbers to distinguish which applications are required for decoding
transmissions, inbound messages use port number 25, while outbound
messages use port number 110.

3|Page

4.2.
-

4.3.
-

List and discuss the different types of Internal attacks

Mobile code This is HTML Code that is obtained from third parties, it can
operate outside the computers security perimeters and is used without the
user ever knowing.
Javascript these are instructions that are imbedded within an HTML
document, when a web browser opens a site that uses javascript, the
javascript is downloaded onto the users computer. A malicious javascript can
capture and transmit a users sensitive information without them knowing.
Java this is a complete computer coding language that programs called java
applets are coded on. There are two types of java applets, signed & unsigned
java applets. Signed java applets are distributed by reputable organizations
and pose minimal security risk, unsigned java applets are distributed by
unknown organizations. Because of the risk unsigned java applets can cause,
they operate within a security sandbox.
Cookies is an HTTP mechanism that is stored on a users computer to help
track web traffic. First party cookies are created from a website that a user
visits.
Third party cookies, are created by an external user advertising on a website.
These are intended to tailor advertising for a user.
Explain cryptography
Cryptography refers to the process of converting data into unintelligible text,
called cipher text. This is often done to protect the integrity of sensitive
information. This process of securing data is called encryption, and the
reverse process is known as decryption.

5. Chapter 5: Mobile Security

5.1.
-

Define Wi fi
Wi fi is a wireless data network that is designed to provide high speed data
connections for mobile devices to connect to. The technical term for wi fi is,
wireless local area network (WLAN)

5.2.
-

Explain attacks on WI-FI

Attacks on wi-fi include theft of information by accessing a local network
through a wireless access point. Once breached, an intruder can read, alter,
steal sensitive information or even inject malicious malware on the network or
the computer.

5.3.
-

List 8 best practices for using mobile devises.

Take appropriate physical security measures to prevent the theft of mobile
devices.
Never leave a mobile device unattended.
Report lost or stolen devices immediately.

4|Page

Use appropriate sanitation and disposal procedures for mobile devices. Users
should delete all information stored in a mobile device before discarding,
exchanging or donating it.
Back up data stored on a mobile device on a regular basis.
Be cautious when opening email and text message attachments or clicking on
links.
Do not call telephone numbers contained in unsolicited e-mails or text
messages.
Do not jailbreak a mobile device.
Be aware of current threats affecting mobile devices.

6. Chapter: 6
6.1.
-

Name 10 Security policy sub-policies

Acceptable encryption policy
Anti-virus policy
Audit vulnerability scanning policy
Automatically forwarded e-mail policy
Database credentials coding policy
E-mail policy
E-mail retention policy
Information sensitivity policy
Server security policy
VPN security policy
Wireless communication policy

6.2.
-

What is computer forensics?

Computer forensics is also known as forensics science, it is the application of
science to questions that are of interest to the legal profession. Computer
forensics is the use of digital technology to search for evidence of a criminal
activity. Its a system used to retrieve information from a digital device even
if it has been altered or erased.

References:
Security Awareness Applying practical security in your world (Mark Ciampa)
(Ref The National Information Systems Security [INFOSEC] Information
Assurance Solutions Group STE6737)

5|Page