Question 1: Leak of information is one of the serious issues to information secu
ID: 3574977 • Letter: Q
Question
Question 1: Leak of information is one of the serious issues to information security. electronic mail system can be used to leak the information. a. Explain how this leakage could occur. ( 1 mark) b. What are the security controls to prevent this leakage. ( 1 mark)
Question 2: In 2013, ransomeware named CryptoLocker had been spread and many users' devices and files were affected. Search and find more information about Ransomeware (main concept, how its work, some countermeasure). (1 mark)
Question 3: There are different types of attack ( browser attack, web attack and mail attack), in the following examples; specify the type of attack and which security objectives (C.I.A) is affected by this attack, clarify your answers with breif explanation. (2 marks) a) website defacement. b) Man-in-The-Browser.
Question 1: Leak of information is one of the serious issues to information security. electronic mail system can be used to leak the information. a. Explain how this leakage could occur. ( 1 mark) b. What are the security controls to prevent this leakage. ( 1 mark)
Question 2: In 2013, ransomeware named CryptoLocker had been spread and many users' devices and files were affected. Search and find more information about Ransomeware (main concept, how its work, some countermeasure). (1 mark)
Question 3: There are different types of attack ( browser attack, web attack and mail attack), in the following examples; specify the type of attack and which security objectives (C.I.A) is affected by this attack, clarify your answers with breif explanation. (2 marks) a) website defacement. b) Man-in-The-Browser.
Question 1: Leak of information is one of the serious issues to information security. electronic mail system can be used to leak the information. a. Explain how this leakage could occur. ( 1 mark) b. What are the security controls to prevent this leakage. ( 1 mark)
Question 2: In 2013, ransomeware named CryptoLocker had been spread and many users' devices and files were affected. Search and find more information about Ransomeware (main concept, how its work, some countermeasure). (1 mark)
Question 3: There are different types of attack ( browser attack, web attack and mail attack), in the following examples; specify the type of attack and which security objectives (C.I.A) is affected by this attack, clarify your answers with breif explanation. (2 marks) a) website defacement. b) Man-in-The-Browser.
Explanation / Answer
Hi there check this Explanation:
Question 2:
CryptoLocker, detected by Sophos as Troj/Ransom-ACP, is a malicious program known as ransomware.Some ransomware just freezes your computer and asks you to pay a fee. (These threats can usually be unlocked without paying up, using a decent anti-virus program as a recovery tool.)CryptoLocker is different: your computer and software keep on working, but your personal files, such as documents, spreadsheets and images, are encrypted.The criminals retain the only copy of the decryption key on their server – it is not saved on your computer, so you cannot unlock your files without their assistanceThey then give you a short time (e.g. 72 hours, or three days) to pay them for the key.The decryption key is unique to your computer, so you can’t just take someone else’s key to unscramble your files.The fee is $300 or EUR300, paid by MoneyPak; or BTC2 (two Bitcoins, currently about $280).To understand how CryptoLocker goes about its dirty work, please see our step-by-step description.
How to detect it and remove it ?You can use the free Sophos Virus Removal Tool (VRT).This program isn’t a replacement for your existing security software, because it doesn’t provide active protection (also known as on-access or real-time scanning), but that means it can co-exist with any active software you already have installed.The Virus Removal Tool will load, update itself, and scan memory, in case you have malware that is already active.Once it has checked for running malware, and got rid of it, then it scans your hard disk.If it finds any malicious files, you can click a button to clean them up.If CryptoLocker is running and has already popped up its payment demand page, you can still remove it and clean up, but the Virus Removal Tool cannot decrypt your scrambled files – the contents are unrecoverable without the key, so you may as well delete them.Even if you don’t have CryptoLocker, it is well worth scanning your computer for malware.The criminals are known to be using existing malware infections as “backdoors” to copy CryptoLocker onto victims’ computers.We assume their reasoning is that if you have existing, older malware that you haven’t spotted yet, you probably won’t spot CryptoLocker either, and you probably won’t have backup – and that means they’re more likely to be able to squeeze you for money later on.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.