1. Describe specific business application examples for each of the following thr
ID: 3875213 • Letter: 1
Question
1. Describe specific business application examples for each of the following three network types: client/server, P2P, Cloud. For EACH network type write at least one paragraph with 5 or more sentences.
2. Imagine participating in a video conferencing session between your home computer and a friend of yours who lives in another country. Describe in detail 4 different IP network segments that your connection traverses. Write 4 separate paragraphs - one for each network segment - with at least 3 sentences in each paragraph.
3. DHCP and Static IPs. Write one paragraph, with at least 5 sentences, for EACH of the following items:
Explain in detail a real world scenario where DHCP services are preferred.
Explain in detail a real world scenario where Static IP services are preferred.
4. Vulnerabilities. Write at least 5 sentences in response to the following questions.
What is a vulnerability?
What is a zero-day attack?
What processes can you perform to ‘harden’ or protect your systems when vulnerabilities are discovered?
Can you successfully protect your systems against every vulnerability?
5. Threats. Write at least 5 sentences in response to the following questions.
What is a threat? What is a threat agent?
Describe 3 or more Types of Attackers. In your opinion, which Attacker type is the most threatening?
Why is it important to perform threat modeling?
Can you protect your systems from attack by every threat?
Explanation / Answer
4)Answer:
vulnerability:
Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat.
Vulnerabilities a. re what information security and information assurance professionals seek to reduce. Cutting down vulnerabilities provides fewer options for malicious users to gain access to secure information.
Computer users and network personnel can protect computer systems from vulnerabilities by keeping software security patches up to date. These patches can remedy flaws or security holes that were found in the initial release. Computer and network personnel should also stay informed about current vulnerabilities in the software they use and seek out ways to protect against them.
zero-day attack:
Zero day or a day zero attack is the term used to describe the threat of an unknown security vulnerability in a computer software or application for which either the patch has not been released or the application developers were unaware of or did not have sufficient time to address.
Since the vulnerability is not known in advance, the exploits often occur without the knowledge of the users. A zero day flaw is considered as an important component when designing an application to be efficient and secure
The salient features of the zero day or day zero attacks are:
Effective methods for protecting against zero day attacks:
5)Answer:
threat:
A threat, in the context of computer security, refers to anything that has the potential to cause serious harm to a computer system. A threat is something that may or may not happen, but has the potential to cause serious damage. Threats can lead to attacks on computer systems, networks and more
Threats are potentials for vulnerabilities to turn into attacks on computer systems, networks, and more. They can put individuals’ computer systems and business computers at risk, so vulnerabilities have to be fixed so that attackers cannot infiltrate the system and cause damage.
Threats can include everything from viruses, trojans, back doors to outright attacks from hackers. Often, the term blended threat is more accurate, as the majority of threats involve multiple exploits. For example, a hacker might use a phishing attack to gain information about a network and break into a network.
Threat agent:
The term Threat Agent is used to indicate an individual or group that can manifest a threat. It is fundamental to identify who would want to exploit the assets of a company, and how they might use them against the company.
A threat agent is a group of "attackers" that carry out an attack. They can be human (intentional or unintentional) or natural (flood, fire, etc...).
Types of Attackers:
1. Cyber Criminals
Cyber Criminals are motivated by money, so their attacks are designed to produce profit. Some of their operations are run like a large business with a call centre, management structure and make obscene profits.
2. Hacktivists
Hacktivists only interest is to undermine your reputation or destabilize your operations. Their approach is a cyber form of vandalism.
3. State-Sponsored Attackers
State-sponsored attackers are after important information and they are not in a hurry. These organisations have highly skilled hackers and specialise in detecting vulnerabilities and exploiting these before the holes are patched. It is very difficult to defeat these attackers due to the huge resources at their disposal.
4. Inside Threats
Insider threats could be malicious, but they could also be well-meaning employees who have been manipulated.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.