Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1. This question concerns the main security goals (confidentiality, integrity, a

ID: 3541221 • Letter: 1

Question

1. This question concerns the main security goals (confidentiality, integrity, availability). Describe a situation in which the the goal of integrity is important, but there is not a need for confidentiality.


2. In a particular form of two-factor authentication, a user shows their identity by providing a password and then receiving (on their mobile phone) a text message with a number that must be entered as well. Describe an attack that would succeed despite this particular two-factor approach.


3. In the past few years, a type of scam has become common, where a telephone call claims to be from Microsoft Technical Support, telling the customer that their computer has been infected by a virus, and offering to help fix the problem, see http://www.scamwatch.gov.au/content/index.phtml/itemId/792165 Write an explanation suitable for a friend who is not studying any computing courses, to help explain to them about the dangers of allowing remote access to a computer.


4.If file permissions are set inappropriately, security can suffer. Suppose Fred Foolish, the Chief Security Officer of the company you work for, makes a policy that every file must have its permissions checked by a system administrator. Discuss the impact of this policy on the likelihood or extent of damage caused by an attack, and on the normal work of the organization.


5. A typical password is about 8 characters long (and so can be stored in 8 bytes, or 64 bits). However, a typical key for encryption/decryption is much longer, and a key of 64 bits would not be considered secure. Explain this in terms of the difference between the way a secret is used as a password, and the way it is used as a key. Hint: what happens if an attacker takes a few months to discover the secret?

Explanation / Answer

ans 5:

When the secret is used as a password, the message(data) is not scrambled.
when the secret is used as a key, the message(data) is scrambled aka ciphertext.


so the password should be changed periodically. so after few months by the time when the attacker discover user password, the user might have already using new password.

Related Questions

1. This assignment will compare the performance of the dynamic programming appro
Question #3604060
1. This brain chemical, also known as the \"bonding hormone,\" contributes to se
Question #244714
1. This chapter introduces the idea that the species on our planet are all conne
Question #108904
1. This condition is a disturbance of water metabolism resulting in extreme thir
Question #139056
1. This course places special emphasis upon the methodologies and technologies t
Question #663490
1. This discussion stems from the previous chapter on Adolescence, but Young adu
Question #3454865
1. This embryonic tissue is directly involved in the process of implantation, fa
Question #216878
1. This exercise asks you to negate various results that are equivalent to the E
Question #3003745

Navigate

Previous
1. This question and the next three (3) questions all refer to the following inf
Next
1. This question deals with the optimal portfolio choice for an investor with me

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.