Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Question 1: Briefly explain the goals of Network Security as addressed in the fo

ID: 3748995 • Letter: Q

Question

Question 1: Briefly explain the goals of Network Security as addressed in the following diagram (organizational People ( Products Integrity Information Availability Hardware Software Question 2: What is a Zero-day vulnerability? Can this be stopped. Briefly explain the scenario with an example from the Web which happened recently. Question 3: If your goal is to hack a website such as http:certificdhacker.com/list out the various steps of attack and what are the protection measure to be followed from a defensive point of view for cach step (logically and wherever applies). Question 4: a What does zero day vulnerability mean? b. What is a zero-day exploit and why are they dangerous? c. List a few zero day vlnerabilities based on Windows and Linux systems. d. Discuss your points on speed and sophistication of attacks of a specific zero day exploit (examples can be found online) Question S: List a few ways to achieve Obscurity in a networked system.

Explanation / Answer

1.
The innermost layer contains the major goals of network security. The major goals include maintaining data confidentiality, protecting the integrity of the information and availability of the information.

Network devices are hardware, computing network programs are software and communication devices interact to protect this information.

Physical security is the process of protecting personnel, software, hardware, networks and data from a physical loss like fire, disasters, theft, vandalism etc. This layer is responsible for it.

Personnel Security is the process of protecting the confidential information as well to control the user access to the network. This layer is responsible for it.

Organizational Security contains the policies, procedures, and practices adopted by an organization to prevent misuse, modification and other network attacks. This layer is responsible for it.

2. 'Zero-day vulnerability' is a software vulnerability in which the user is newly aware of vulnerability and security patch for that is not known yet.

A zero-day vulnerability has been detected by FirstEye from Microsoft Office RTF document. It allows a malicious code to be injected as an arbitrary package during parsing. The hackers get unauthorized control during this period and can change the behavior of the software, steal data as well.

3.

-> The website is hosted publicly makes easier to perform various attacks on it. "certifiedhacker.com" *** Complex login measures need to be placed. ***
-> It is an HTTP unsecured website which allows transmission of confidential information during network data transmission. The transducer can interfere and get the data. *** HTTP needs to be converted to HTTPS Secure Certifications ***
-> The login webpage allows data to be entered in any format. I can inject my malicious code to get it stored in the database. SQL injection attack. *** Proper validations should be in place ***
-> There are different add-ons to get session data from the unsecured website. Example Tamper Data Addon using firefox. This addon will hijack session data. *** HTTPS website ***

4.
a. 'Zero-day vulnerability' is a software vulnerability in which the user is newly aware of vulnerability and security patch for that is not known yet.

b. It is difficult to recognize it.
It looks like a normal program.
The package is written by understanding the existing software model
It gains control during parsing.

c. Windows Task Manager
Microsoft Office
XBox VR gaming set
Apache structs

d.
The speed and sophistication of attacks are much more in Zero Vulnerability since access granted during parsing, the package is written compatible with the software, the code looks normal etc.

5.
Obscurity is a process of implementing the secure system by enforcing complex procedures in the internal architecture of a system. The internal architecture must be robust enough to handle it.

Related Questions

Question 1: A metal is found to have BCC structure, a lattice constant of 3.31 A
Question #2073557
Question 1: A near-sighted person might correct his vision by wearing diverging
Question #2297919
Question 1: A palindrome is a word (sequence of characters) that reads the same
Question #3754024
Question 1: A palindrome is a word (sequence of characters) that reads the same
Question #3754335
Question 1: A patient appears in the ER. He is hyperventilating and his blood pH
Question #571334
Question 1: A patient appears in the ER. He is hyperventilating and his blood pH
Question #1075667
Question 1: A person who weighs 150 pounds rides a bicycle. The pedals move in a
Question #2289501
Question 1: A point charge is released from rest in a region containing an elect
Question #1274219
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Question 1: Briefly explain the goals of Network Security as addressed in the fo
Next
Question 1: Bubba\'s steakhouse has budgeted the following costs for a month in

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.