Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Information Assurance - Computer Security I - Homework 2 Answers | CS 461, Assignments of Computer Science

Material Type: Assignment; Class: Computer Security I; Subject: Computer Science; University: University of Illinois - Urbana-Champaign; Term: Fall 2008;

Typology: Assignments

Pre 2010

Uploaded on 03/16/2009

koofers-user-2qb
koofers-user-2qb 🇺🇸

10 documents

1 / 4

Toggle sidebar

Related documents


Partial preview of the text

Download Information Assurance - Computer Security I - Homework 2 Answers | CS 461 and more Assignments Computer Science in PDF only on Docsity!

Information Assurance: Homework 2 Answers and Comments

Due September 10, 2008 on compass.

  1. Critique CITE's Standard for Digital Media (https://wiki.cites.uiuc.edu/wiki/display/PPG/Standard+for+the+Disposal+of+Dig ital+Media) a) What policy is it expanding on? - The Cross-campus University policy on Disposal of Digital Media. b) Identify the purpose of that policy. - From the cross-campus policy “The goal of this regulation was to ensure that sensitive or personal information stored on magnetic media was unrecoverably erased before entering the State surplus stream” - This is similarly restated in the first part of the standard. c) Identify the responsible agents in the policy and/or standard. - For material leaving the University, a third party vendor selected by the state will be responsible for sanitizing the data. - The Chief Information Officer at each campus is responsible for ensuring that the policy is followed. - Most people identified data owners or everyone as responsible. This may be implied by the policy/standard but it is not explicitly stated as the others were. d) Identify one assumption made by the standard. - The third party vendor will not attempt to restore and copy sensitive data on the disks sent to it for sanitizing. e) Suggest an improvement to one aspect of the standard. Why is this an improvement? - I'm sure there are multiple areas that can be improved. - I was unclear on the requirements for cleansing disks moving between units of the university. All cases are not clearly enumerated. I assume only 1 pass of cleansing is required, but that doesn't seem like enough. If a disk containing sensitive HR data is being moved to a random student lab, it seems like it is vulnerable to attack from an inquisitive student. - A number of you stated that destroying keys was not sufficient to sanitize encrypted disks particularly for weaker forms of encryption.
  1. Policy or mechanism. For each item below, is it a policy or an enforcing mechanism? If it is a policy, identify a mechanism that could enforce it. If it is a mechanism, identify a policy it could be enforcing. This was more challenging than I intended it to be. Lars was very lenient in grading this and gave feedback in the grade comments. The difference between the policy and mechanism is not that the policy is generalized and the mechanism is specific, although it often appears that way. A policy is a “guiding principle” that specifies the purpose of protection. It should be clear what is being protected and what the threat is. It's the reason for implementing the mechanism. A mechanism is an implementation, but that doesn't necessarily mean it is an algorithm specification. Something like “web connections should be encrypted” is rather vague but it still is a mechanism. Where something like “Alice's student records can only be accessed by herself, her teacher, the university registrar, and Alice's legal representative” is a policy, even though it specifies very specify details. (Note that the policy does not specify the threat exactly, but it's clear that anyone not satisfying one of these conditions is unauthorized, so the threat is anyone else trying to access the data). Also, policies should not use terminology like “safe”, “secure”, or “malicious users”, since this ends up being a rather circular definition. Security is defined from policy, not the other way around. All this said, real world policies do deviate. For example, the University policy we examined in class had a phrase like part e), so we accepted either policy or mechanism in that case. a) Customers must call from their home phone to activate new credit cards.
  • Mechanism. One policy it could enforce is “Verify that owner of the card is the only individual who can make charges to the card”. b) All customers should return shopping carts to the cart parking area.
  • Mechanism. One policy could be each store should attempt to limit damage to customers' cars. c) All remote accesses must be authenticated by one time passwords.
  • Mechanism. One policy could be only authorized individuals should be able to access University computers. d) Passwords must be at least 15 characters long, include upper and lower case letters, numbers, and punctuation characters.
  • Mechanism. One policy could be “Only university students and employees may use University computers”. e) High risk data must be encrypted when traveling over unsecured networks.
  • Mechanism. One policy could be only data owners and authorized recipients should be able to access high risk data. This is the most exact answer.
  • Policy. One mechanism would implement IPSec tunnels using AES- encryption. The University policy we reviewed in class had a similar statement.
  1. For each threat below identify one control or safeguard for two of the three types of controls (avoidance, detection, recovery). a) Flood
  • Avoidance – Build levees.
  • Recovery – Buy insurance. Store critical objects at a flood proof site.
  • Detection – Install water sensors in basement. Wire sensors to send alarm to guard. b) Distributed denial of service
  • Avoidance – White list. Only allow traffic from a white list of addresses to access network. This is a hard one. Difficult to completely avoid DDOS attack.
  • Recovery – Block addresses that are sources of the attack.
  • Detection – Analyze logs or traffic to identify unusual spikes in traffic. c) Unauthorized access to customer accounts via the web interface
  • Avoidance – Implement strong authentication for customer accounts (strong password requirements, send them one time password cards).
  • Recovery – Refund customer costs due to unauthorized access. Reset their authentication mechanism.
  • Detection – Identify unusual activity in customer account from logs. d) Unauthorized entry into your home
  • Avoidance – Install a good lock.
  • Detection – Enroll with an alarm company.
  • Recovery – File an insurance claim to replace stolen material and repair house damage.
  1. You own a gas station. On average you have two drivers a day leave without paying for their gas (average of $50 of gas each time). Your insurance company tells you that your store will likely be destroyed by a tornado every 65 years. It would cost you $250,000 to rebuild your gas station. a) Compute the annual loss expectancy for the gas loss threat and the tornado threat.
  • ALE for unpaid gas = 250365 = $36,
  • ALE for tornado = 250,000/65 = $3,846. b) Which threat would you be most immediately concerned with and why?
  • Based on the ALE, I would be most concerned with reducing the number of people stealing gas. However, the one time cost of a tornado would be unrecoverable that one year in 65 when it occurs. So although the ALE indicates I should address the gas theft first, I would first make sure that I could afford some insurance, or that I had sufficient savings to recover from the tornado catastrophe.
  • A case for either threat could be made.