






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Business Data Communication & Security - Assignment 2 UNICAF
Typology: Essays (university)
1 / 12
This page cannot be seen from the preview
Don't miss anything!







Student Number: R1904D
Course: Business Data Communication and Security, UU-MBA-741-ZM-
Tutor: Giorgos Georgiou Date: November 22, 2020
outcome. This usually occurs when the attacker is seeking to gain access to deeper levels of a system to do more harm. Denial of service attacks are some of the most costly and damaging attacks. These attacks are geared towards reducing a system’s performance or causing failure by overloading it with a plethora of unscrupulous requests. This in turn will affect a legitimate user’s ability to utilize the system as intended.
The main difference between a passive attack and an active attack is that a passive attack seeks to gather information without modifying system resources whereas an active attack is aimed at changing these resources to affect the system’s general operation.
Question 2
What are the roles of the public and private key in Cryptography? Please elaborate on your answer.
The securing of information during transmission is essential to preserving secrecy and data integrity. Having messages being sent over an unencrypted channel allows easy access for hackers seeking to misuse this information; as a result, cryptography should be utilized to mitigate this. According to (Rouse, 2020), cryptography is the process of securing communication and information between two or more hosts; this is achieved through the use of encryption and decryption algorithms which generate public and private keys respectively. Cryptography is classified into three areas, they are: symmetric cryptography, asymmetric cryptography and hashing. Cryptography is useful in many areas such as sending messages over the internet, performing credit card transactions and securing VOIP business communications.
A public key is used for the encryption of data and consists of a string of numbers which only the intended recipient can decipher. The public key is important to cryptography as this ensures that the message is encoded and packaged correctly before it is placed in transit to the recipient. Three common encryption algorithms used in cryptography are Rivest–Shamir– Adleman (RSA), Elliptic curve cryptography (ECC) and Digital signature algorithm (DSA). These algorithms utilize different mathematical and logical operations to generate keys of different length that aren’t easily exploited. The length of a public key determine its overall strength. According to (ComodoSSLStore, 2018), 2048-bit RSA keys are embedded in SSL
certificates issued by their company. This key length offers a very strong cryptographic mechanism that prevents hackers from breaking the algorithm.
A private key is used for the decryption of encrypted data. This key is also referred to as a secret key and is only known by the recipient. Private keys are created with the same cryptographic algorithm as what are used to create the public key. The private key is very important to the cryptographic process as it is also used to verify the digital identity of the information or file once received. This allows the recipient to confirm the validity of the information or file received by comparing the keys to identify if any alterations occurred during transit. Within the scope of cryptography, private keys only grant access to authorized users and helps limit and or eliminate the risk of data being stolen by hackers.
Question 3
What are typical phases of operation of a virus and a worm? Describe and elaborate on each of them.
Viruses and worms continue to be a major security challenge to organizations worldwide. Through there have been many advancements in the development of antivirus and antimalware tools used to detect, prevent and or remove these unwanted nuisances, they remain a significant threat when discovered within critical computer systems or networks. According to (Johansen, 2020), a computer virus is a malicious set of code or program created to alter the normal operation of a computer system or network. It is designed to spread from one computer to another by attaching itself to an authorized file or program to facilitate the execution of its code.
Viruses usually have four phases of operation, they are the dormant phase, propagation phase, triggering phase and the execution phase. Within the dormant phase the virus remains idle. It awaits key triggers such as a specific date, time and execution of a particular program or opening of a file that will allow for its automatic execution. It is to be noted that not all viruses have this phase. The second phase is referred to as the propagation phase. Within this phase, the virus then replicates itself unto key system areas or within specific directories of the hard disk. By doing so, each infected application will then create a copy of the virus after which it will then begin the propagation phase. Next comes the triggering stage. During this phase the virus
extremely vulnerable to DoS attacks as if their system becomes compromised, there would be no other user accounts available to troubleshoot and or resolve the attack. This would mean inevitable data loss if their session is terminated unexpectedly as a result of the attack. The negative effects are further compounded if the system hosts shared resources such as file or print services as each connected node would not have access to theses if the system is taken offline by a DoS attack. Furthermore, the compromised system would most likely be rendered inoperable until an experienced technician is able to identify, isolate and remove any traces of the program or file associated with the DoS attack. This will result in time lost within a business environment and have a negative impact on productivity.
Question 5
What are the benefits that can be provided by an intrusion detection system? Justify your answer with facts.
As the old proverb goes, prevention is better than cure. This simply means that it's easier to stop something from happening in the first place, rather than repair the damage after it has happened. Security attacks can occur at any time and often without warnings. As a result, organizations should be proactive in the methods used to secure their sensitive data. An intrusion detection system (IDS) is one tool which can be utilized to identify and help mitigate these unwanted attacks. According to (Grami, 2016), an IDS is a framework that consistently scans a network’s traffic for irregular activities and sends out alerts whenever these activities are detected. These alerts or reports are usually automatically sent to a systems administrator or logged in a security information and event management system (SIEM). An IDS can either be hardware or software based and is classified into one or more categories; these categories include Network Intrusion Detection System (NIDS), Host Intrusion Detection System (HIDS), Protocol- based Intrusion Detection System (PIDS), Application Protocol-based Intrusion Detection System (APIDS) and Hybrid Intrusion Detection System.
Since an intrusion detection system is able to automatically probe and report anomalies detected within a network, this saves a huge amount of time as it wouldn’t be feasible for a single administrator to manually probe, test and report on each device within a network. An IDS
also allows for visibility and gives you a clear understanding of what’s happening within your organization’s network by providing real-time statistical data. An IDS also serves as an additional layer of defense when placed before a network’s firewall system. This enables the detection of irregular or suspicious data packets entering the network even before they come in contact with the firewall. The proper implementation and use of an IDS also allows for quick response when issues are detected on a network. The timely detection of an attack will certainly assist in providing remedial activities and also help prevent further damage to devices within the network. An IDS can also assist with the tracking of virus propagation. It is possible to determine which computer systems have been compromised as well as how the virus is propagating throughout an affected network. This insight will be very beneficial in slowing and stopping its spread. The gathering of evidence is also an additional benefit of having an IDS. The system is able to generate reports that can be useful in providing lawful evidence against the perpetrator of an attempted attack.
Question 6
List and describe four techniques used by firewalls to control access and enforce a security policy. Please elaborate on your answer.
A network’s security should be an organization’s top priority as hackers continue to create and discover new ways in which to breach computer systems. A firewall is a network security device used to monitor inbound and outbound traffic throughout a network and is capable of allowing or blocking traffic based on defined security parameters (CISCO, 2020). Firewalls can either be a physical device, software package or a combination of both. Firewalls control access and enforce security policies in several different ways; let us explore a few of them in some detail. Firewalls are capable of providing service control for specific applications. This can be seen in a firewall’s ability to allow or deny traffic to a specific range of IP addresses within a given network. A firewall’s service control also allows for the configuration of access to specific programs or shared network resources through the use of protocols or defined port numbers. This allows for greater control in managing access to certain areas of a network or even scheduling access to authorized users for a set amount of hours during each day. Firewalls also
Kerberos version four operates using the receiver makes right encoding system whereas version five utilizes the ASN.1 encoding system. Another key difference between them is that version four does not support cross-realm authentication but version five does. The ticket lifetime of version four was limit to five minutes; however, version five’s allowed for an unrestrained time.
Question 8
What are the differences between a policy, a standard, and a practice? What are the three types of security policies? Where would each be used? What type of policy would be needed to guide use of the Web? E-mail? Office equipment for personal use?
A policy can be defined as a set of guidelines that are enforced to generate specific actions and outcomes. Policies are very important within organizations and information security; on the other hand, a standard is defined as a more detailed structured outline of rules and regulations that must be adhered to. Standards may be formal or informal and can have serious legal implications if not followed correctly; however, a practice is essentially a detailed explanation of how to properly adhere to a policy and or standard. The three types of security policies that form the pillar of cyber security are confidentiality, integrity and availability. Confidentiality can be enforced on an organization’s computer network by only allowing authorized persons access to information. Data integrity can be maintained by ensuing all transactions are completed efficiently without interruptions. Availability should be limited to only users with proper security access and monitored properly. The Issue-Specific Security Policy (ISSP) provides a detailed guideline of best-practice use of technology based systems for users within an organization.
References
Active and Passive attacks in Information Security. (2019). Retrieved from https://www.geeksforgeeks.org/active-and-passive-attacks-in-information-security/
CISCO: What Is a Firewall? (2020). Retrieved from https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html
ComodoSSLStore. (2018). What is Public and Private Key in Cryptography? Retrieved from https://comodosslstore.com/blog/public-key-and-private-key-pair-how-it-works.html
Difference between Kerberos Version 4 and Kerberos Version 5. (2020). Retrieved from https://www.geeksforgeeks.org/difference-between-kerberos-version-4-and-kerberos-version-5/
Grami, A. (2016). Communication Networks. Introduction to Digital Communications, 457 - 491. doi:10.1016/b978- 0 - 12 - 407682 - 2.00011- 9
Johansen, A. (2020). What Is A Computer Virus? Retrieved from https://us.norton.com/internetsecurity-malware-what-is-a-computer-virus.html
Khan, S., Mast, N., Loo, K. K., & Silahuddin, A. (2008). Passive security threats and consequences in IEEE 802.11 wireless mesh networks. 2; 3. Retrieved from https://www.researchgate.net/publication/220670392_Passive_Security_Threats_and_Consequen ces_in_IEEE_80211_Wireless_Mesh_Networks
Microsoft Kerberos (2018). Retrieved from https://docs.microsoft.com/en- us/windows/win32/secauthn/microsoft-kerberos
Rouse, M. (2020). What is cryptography? Retrieved from https://searchsecurity.techtarget.com/definition/cryptography
Simplilearn. (2020). What Is Kerberos, How Does It Work, and What Is It Used For? Retrieved from https://www.simplilearn.com/what-is-kerberos-article