Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1. “Security by Obscurity” – hiding the inner working of a system to make it sec

ID: 3726454 • Letter: 1

Question

1.      “Security by Obscurity” – hiding the inner working of a system to make it secure – is often considered a bad idea to achieve security. However, since we are students of science, we should be prepared to make arguments both for and against a notion and then weigh the two. Give two examples, one in favor of the statement and one against it and argue that there definitely are scenarios in which hiding information about inner working of a system do not add appreciably to security; however, there are also scenarios in which hiding such information can help enhance security.                                                                              

Explanation / Answer

Answer)

Security by Obscurity is a means for hiding the inner working of te system to make it secure. This idea is sometime mostly a bad idea and sometimes a good idea. Hiding information about an application to secure the application is not actually security. It is concealing information or technique to secure the system. A system should be secure because of its design, not because the design is unknown to an adversary. Security through Obscurity wouldn't completely block the attack vector, but it would significantly mitigate the problem. This approach merely conceals the measure to take security on and thus this is not actually a security feature.

For example as against the approach, you may decide to move the Web server to port 81 instead of 80 so only those who know where to find your Web server will be able to do so. In reality, moving your Web server to port 81 stops only some attacks, and mostly just inconveniences the end user. Thus this approach is not correct and inner working of a system do not add appreciably to security. An attacker who is smart can guess that but it will primarily cause inconveniences.

For example as for the approach, ATM machines and algorithms which operate them, they are better off if concealed. But that doesn't mean that they'll not be having additional protection measures as a part of the security. It is just that the hiding information about inner working of a system in case of ATM machines or likely machines, will add additional benefits to the protection of the system and enhance security.

Related Questions

1. write a chtlopenGL program simulating the double pendulum of strings of unit
Question #2327130
1. write a class called TelDirectory that implements the Comparable interface. T
Question #3671780
1. write a function of c program to return the vector-vector product of two vect
Question #3722584
1. write a function which generates data from a linear model. Your function shou
Question #3047908
1. write a java program having a String array, with global visibility 2. Add a m
Question #3639621
1. write a paragraph about how you will avoid procrastination. consider these id
Question #386058
1. write a paragraph about how you will avoid procrastination. consider these id
Question #2817842
1. write a paragraph about how you will avoid procrastination. consider these id
Question #3501683

Navigate

Previous
1. “Identify Risks” step of the risk management process identifies both knowable
Next
1. “The North Carolina Board of Dental Examiners was established under North Car

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.