I have done a lot of stuff for this assignment but Im running out of time with a lot more things to do. So since we have a lot of tech experts here such as WAI and Uber, I thought I'd give posting these questions that I have left to do over here for some help with answering them.
Bullet points and suggestions will really help. So those who can thanks.
These are the questions that are left.
1. The case from the textbook:
HENRY MAGRUDER made a mistake: he left a CD at the coffee station. Later, Iris Brown was at the coffee station, topping off her coffee cup, hoping to wrap up her work on the current SQL code module before it was time to go home. As she turned to leave, she saw the unlabeled CD on the counter. Being the helpful sort, she picked it up, intending to return it to the person who'd left it behind.
Expecting to find perhaps the latest device drivers, or someone's work from the development team's office, Iris slipped the disk into the drive of her computer and ran a virus scan against its contents. She then opened the file explorer program. She had been correct in assuming the CD contained data files, lots of them. She opened a file at random, and names, addresses, and Social Security numbers scrolled down her screen. These were not the test records she expected; instead they looked more like critical payroll data. Concerned, she found a readme.txt file and opened it. It read:
Jill, see files on this disc. Hope they meet your expectations. Wire money to my account as arranged. Rest of data sent on payment.
Iris realized that someone was selling sensitive company data to an outside information broker. She looked back at the directory listing and saw that the files spanned the range of every department at Sequential Label and Supply-everything from customer lists to shipping invoices. She saw one file that she knew contained the credit card numbers for every Web customer the company supplied. She opened another file and saw that it stopped about halfway through the data. Whoever did this had split the data into two parts. That made sense: payment on delivery of the first half.
Now, who did this belong to? She opened up the file properties option on the readme.txt file. The file owner was listed as 'hmagruder.' That must be Henry Magruder, the developer two cubes over in the next aisle. Iris pondered her next action.
Assume, the above story took place in Auckland, New Zealand.
Answer two INDEPENDENT questions:
oWhat would be your next step in the Iris™s situation?
oWhat would you do as an IT manager in terms of handling such situations?
Note that the answer to each of these questions may not necessary be the same.
2.
Information Security Policy is perhaps the most important document outlining rules of safe computing within a business organization. Your boss gave you request to prepare such a document for your company. Which issues should be addresses in such a document and why? Take a note that this question is not about the rules itself (like œAll the files must be protected by a password) but rather about existence of such rules (œThere are rules regulating methods of accessing computer files).
Assume that the organization is a typical Microsoft installation having several LANs communicating via virtual channels plus extensive set of WEB facilities used by the contractors and clients for conducting online transactions with the company. Also broadband facilities for the top management have been installed.
3.
There is a file encrypted with triple DES cipher and using 128 bit key. Then the same file was encrypted using RSA asymmetric cipher with a public key of the same length. Which encrypted file would be more difficult to break and by what factor? Explain your reasoning.
4.
The case:
Jerry Babcock, president of Babcock Poultry Company, located in Hamilton, NZ, is a regional supplier of poultry products covering the whole North Island.
Recently, Mr. Babcock converted his record-keeping operations from a manual process that was done by production workers in the processing plant to a computerized process completed by bar coding and scanners. Everything was working out very well, and Mr. Babcock was extremely pleased with the up-to-date, thorough reports made available to key managers.
Recently, Mr. Babcock has noticed, however, that one of the managers is making copies of files and additional printouts on a regular basis. Mr. Babcock was able to determine, after watching this manager for several weeks, that one of the items he was leaving with was a copy of customers, sales volumes, suppliers, etc. This information could be extremely valuable to a competitor.
1.How could this problem have been avoided?
2.How could Mr. Babcock determine what the manager was doing with the information?
3.What course of action should be followed-fire the manager, confront the manager, tighten up the system, etc.?
5. The case
Allison Roderick, president of Roderick Design Systems, located in Auckland, NZ, has been reading in newspapers and magazines and hearing on TV about the spread of viruses throughout computer systems. Her firm is an organization that distributes unique office layout designs for corporate offices in North Island area. In most cases, the designs are custom-fit to each client and take a great deal of time and effort to create. The client usually sets strict completion deadlines, so time is of the essence as the project nears completion. (Otherwise, RDS must assume a substantial completion penalty.) Ms. Roderick does not want the "messiness" and inconvenience of a virus entering the organization's computers and designs, shutting down the system or altering data in any way. She has decided to call in a well-known computer security expert as a consultant to assess the organization's current risk and to set up a workable virus protection program.
What criteria should Ms. Roderick adopt in working with the consultant so that the situation can be assessed quickly, efficiently, and at a reasonable cost?
6.
The steps of the login spoof attack using such a program can be summarized as follows:
1.The attacker gains physical access to the target individual's computer terminal (perhaps after target has gone home).
2.The attacker logs onto the target computer system using whatever login and password are available to the attacker (if the attacker is an insider, then they could be his own). It is possible to use a different target computer system than the one the target individual uses, but this requires that certain procedures be changed.
3.The Trojan horse spoof program is left on the terminal for the target individual. The program is usually disguised to look as normal as possible (e.g., by dimming the screen intensity).
Develop a system preventing such spoof attacks.
Assignment Help
- Deepak
- Posts: 2789
- Joined: Fri Nov 19, 2004 3:02 am
- Contact:
- Deepak
- Posts: 2789
- Joined: Fri Nov 19, 2004 3:02 am
- Contact:
Question 1 and question 4 are done. BUMP!!!!
WHEN THE RICH WAGE WAR ITS THE POOR WHO DIE
BBcode: | |
Hide post links |
- Adtz
- Posts: 719
- Joined: Thu Mar 08, 2007 4:01 am
- Location: Katy, TX
6) Well the most obvious way of handling case 6 is to automatically log the system off after some period of inactivity. Generally this is 20 minutes or so. Also, locking the system down so new executables can not be easily added could be done, but only at the cost of hampering the ability of individuals to get work done.
Frequent password change requirements would limit the impact of the spoof but not prevent it.
5) She needs to be clear to the consultant that she is only concerned about viruses. In order for a concise survey to be made, the consultant needs to understand how information enters the company - internet, disks, e-mail, tapes, etc. All of these are avenues for viruses to enter. Once the inputs are known the consultant can come up with protections for each avenue of approach.
3) The asymmetric key is safer because you have to break the division algorithm. The symmetric key, though triple encrypted can be partially broken, especially if there are examples of encrypted / unencrypted messages available. This is not true for asymmetric, I believe -- but take this with a grain of salt - I am not a security expert.
2) Such documents are total BS in the real world. However, what needs to be done is to balance the security requirements of the company versus the needs of the employees for access. For instance, if this is a military operation the security needs are high and outweigh any specific information requirement.
OTOH, if this is a public service, then availability is a major requirement and security must stay out of the way, but be reasonable. So in your hypothetical company, decide what access your employees have to have, want to have and would be nice to have and then the cost of doing a reasonable job of securing those items.
Frequent password change requirements would limit the impact of the spoof but not prevent it.
5) She needs to be clear to the consultant that she is only concerned about viruses. In order for a concise survey to be made, the consultant needs to understand how information enters the company - internet, disks, e-mail, tapes, etc. All of these are avenues for viruses to enter. Once the inputs are known the consultant can come up with protections for each avenue of approach.
3) The asymmetric key is safer because you have to break the division algorithm. The symmetric key, though triple encrypted can be partially broken, especially if there are examples of encrypted / unencrypted messages available. This is not true for asymmetric, I believe -- but take this with a grain of salt - I am not a security expert.
2) Such documents are total BS in the real world. However, what needs to be done is to balance the security requirements of the company versus the needs of the employees for access. For instance, if this is a military operation the security needs are high and outweigh any specific information requirement.
OTOH, if this is a public service, then availability is a major requirement and security must stay out of the way, but be reasonable. So in your hypothetical company, decide what access your employees have to have, want to have and would be nice to have and then the cost of doing a reasonable job of securing those items.
BBcode: | |
Hide post links |
- AYHJA
- 392
- Posts: 37990
- Joined: Fri Sep 17, 2004 2:25 pm
- Location: Washington, D.C.
- Contact:
Shit Deep, I didn't even see this, and wish that I had, this is great stuff..! I like Adtz's answers though, they are logical and make sense...
OK, 1 at a time here, lets take scenario 6...
QUOTE6.
The steps of the login spoof attack using such a program can be summarized as follows:
1.The attacker gains physical access to the target individual's computer terminal (perhaps after target has gone home).
2.The attacker logs onto the target computer system using whatever login and password are available to the attacker (if the attacker is an insider, then they could be his own). It is possible to use a different target computer system than the one the target individual uses, but this requires that certain procedures be changed.
3.The Trojan horse spoof program is left on the terminal for the target individual. The program is usually disguised to look as normal as possible (e.g., by dimming the screen intensity).
Develop a system preventing such spoof attacks.
Of course, like Adtz mentioned, logging out of the computer, and or password protecting it makes tons of sense...But, as the question pointed out, this person may or may not have their own login information, which would then make this a non factor...
1. Secure the machine and or network by running systems like Novell, which disallow access to parts of the machine and software that would permit the installation of such things...If the workstation is privately operated, system or BIOS passwords could be effective...But when in doubt...DISALLOW Admin access, lol...
2. Information is key...You should always hope for the best, but prepare for the worse...Educate your employees on running processes, and things to look for...A good virus company is a good virus company because they employ proactive tactics...Let IT guys earn their money by staying afloat of security issues and having disaster programs in place to deal with tragedies...
3. Technology...In a situation where information is critical, why risk the hassle..? Run network and system integrity checks when everyone's gone for the day....Assume nothing, and be as thorough as possible...Reset machine clearance codes daily, and have them expire within' five minutes of activity...You get up and go to the bathroom without manually locking your system, after 5 minutes, your system is locked by the network and you need to obtain a new pass from the IT guy to get back into the system...Your system is then scanned for changes, and you look like a dumbass...
4. Lastly, big brother should always be watching...Logs rock...
We can discuss if I'm off the mark Deep, or go to the next question if that's OK...
OK, 1 at a time here, lets take scenario 6...
QUOTE6.
The steps of the login spoof attack using such a program can be summarized as follows:
1.The attacker gains physical access to the target individual's computer terminal (perhaps after target has gone home).
2.The attacker logs onto the target computer system using whatever login and password are available to the attacker (if the attacker is an insider, then they could be his own). It is possible to use a different target computer system than the one the target individual uses, but this requires that certain procedures be changed.
3.The Trojan horse spoof program is left on the terminal for the target individual. The program is usually disguised to look as normal as possible (e.g., by dimming the screen intensity).
Develop a system preventing such spoof attacks.
Of course, like Adtz mentioned, logging out of the computer, and or password protecting it makes tons of sense...But, as the question pointed out, this person may or may not have their own login information, which would then make this a non factor...
1. Secure the machine and or network by running systems like Novell, which disallow access to parts of the machine and software that would permit the installation of such things...If the workstation is privately operated, system or BIOS passwords could be effective...But when in doubt...DISALLOW Admin access, lol...
2. Information is key...You should always hope for the best, but prepare for the worse...Educate your employees on running processes, and things to look for...A good virus company is a good virus company because they employ proactive tactics...Let IT guys earn their money by staying afloat of security issues and having disaster programs in place to deal with tragedies...
3. Technology...In a situation where information is critical, why risk the hassle..? Run network and system integrity checks when everyone's gone for the day....Assume nothing, and be as thorough as possible...Reset machine clearance codes daily, and have them expire within' five minutes of activity...You get up and go to the bathroom without manually locking your system, after 5 minutes, your system is locked by the network and you need to obtain a new pass from the IT guy to get back into the system...Your system is then scanned for changes, and you look like a dumbass...
4. Lastly, big brother should always be watching...Logs rock...
We can discuss if I'm off the mark Deep, or go to the next question if that's OK...
BBcode: | |
Hide post links |
-
- Site Admin
- Posts: 2411
- Joined: Sat Nov 06, 2004 4:43 am
- Location: Sydney, Australia
- Contact:
Holy crap, I totally missed this thread..
Sadly, everyone's beaten me to answering it.. lol
Question 3 is RSA, simply because Triple DES has been phased out, and has been proven to be extremely insecure (brute force has been used for many years) - the original algorithm was published about 1975 - whereas RSA has not. Adtz's explanation is fairly correct, the flaw in the XOR operation allows you to crack the encryption in one go pretty much, provided you have plaintext, or something similar..
Otherwise, the rest should be fine.. lol
Sadly, everyone's beaten me to answering it.. lol
Question 3 is RSA, simply because Triple DES has been phased out, and has been proven to be extremely insecure (brute force has been used for many years) - the original algorithm was published about 1975 - whereas RSA has not. Adtz's explanation is fairly correct, the flaw in the XOR operation allows you to crack the encryption in one go pretty much, provided you have plaintext, or something similar..
Otherwise, the rest should be fine.. lol
BBcode: | |
Hide post links |
- gmsnctry
- Posts: 642
- Joined: Wed Apr 11, 2007 11:56 am
- Location: THE LeftCoast just outside Porn Capitol USA
QUOTE(œbermensch @ Apr 25 2007, 01:52 AM) Shit Deep, I didn't even see this, and wish that I had, this is great stuff..! I like Adtz's answers though, they are logical and make sense...
OK, 1 at a time here, lets take scenario 6...
Of course, like Adtz mentioned, logging out of the computer, and or password protecting it makes tons of sense...But, as the question pointed out, this person may or may not have their own login information, which would then make this a non factor...
3. Technology...In a situation where information is critical, why risk the hassle..? Run network and system integrity checks when everyone's gone for the day....Assume nothing, and be as thorough as possible...Reset machine clearance codes daily, and have them expire within' five minutes of activity...You get up and go to the bathroom without manually locking your system, after 5 minutes, your system is locked by the network and you need to obtain a new pass from the IT guy to get back into the system...Your system is then scanned for changes, and you look like a dumbass...
4. Lastly, big brother should always be watching...Logs rock...
We can discuss if I'm off the mark Deep, or go to the next question if that's OK...
3. We have a system that logs you off after 5 min of inactivity - but the employee has a pager that assigns a new password plus all password change every 24 hrs regardless- so us IT's dont have to mess with it- the company we contract with set it up - I have no idea what the appz name is though. Not my cup of tea
4. We check all logs once a week or sooner if we have downtime (ie no one FUBAR'ed anything, no upgrades- kinda like the fastfood industry 'IF ya aint flipping, your cleaning')
OK, 1 at a time here, lets take scenario 6...
Of course, like Adtz mentioned, logging out of the computer, and or password protecting it makes tons of sense...But, as the question pointed out, this person may or may not have their own login information, which would then make this a non factor...
3. Technology...In a situation where information is critical, why risk the hassle..? Run network and system integrity checks when everyone's gone for the day....Assume nothing, and be as thorough as possible...Reset machine clearance codes daily, and have them expire within' five minutes of activity...You get up and go to the bathroom without manually locking your system, after 5 minutes, your system is locked by the network and you need to obtain a new pass from the IT guy to get back into the system...Your system is then scanned for changes, and you look like a dumbass...
4. Lastly, big brother should always be watching...Logs rock...
We can discuss if I'm off the mark Deep, or go to the next question if that's OK...
3. We have a system that logs you off after 5 min of inactivity - but the employee has a pager that assigns a new password plus all password change every 24 hrs regardless- so us IT's dont have to mess with it- the company we contract with set it up - I have no idea what the appz name is though. Not my cup of tea
4. We check all logs once a week or sooner if we have downtime (ie no one FUBAR'ed anything, no upgrades- kinda like the fastfood industry 'IF ya aint flipping, your cleaning')
<-------- Team DD -------->
Liberalism is not an affiliation; its a curable disease
Always do right. This will gratify many people, and astonish the rest.
~Wisdom of Shawnshuefus
---------------------- [ ∞ ] ----------------------
Liberalism is not an affiliation; its a curable disease
Always do right. This will gratify many people, and astonish the rest.
~Wisdom of Shawnshuefus
---------------------- [ ∞ ] ----------------------
BBcode: | |
Hide post links |
- Deepak
- Posts: 2789
- Joined: Fri Nov 19, 2004 3:02 am
- Contact:
Thanks guys. I will check these out later today. Right now I gotta study for a test.
WHEN THE RICH WAGE WAR ITS THE POOR WHO DIE
BBcode: | |
Hide post links |