Chat with us, powered by LiveChat Information System and Security Analysis of Scenarios | paledu.org
  

Please review and explain the following 8 scenarios. Each scenario must consist of 1.5 pages long with 1 citation in APA 7 format.

SCENARIO #1:

Consider
an automated teller machine (ATM) in which users provide a personal
identification number (PIN) and a card for account access. Give examples of
confidentiality, integrity, and availability requirements associated with the
system and, in each case, share your thoughts about the degree of importance of
the requirement.

SCENARIO #2:

Many
cyber-attacks happen because of vulnerabilities in a system or application
software. Buffer Overflow, SQL Injection, Code/OS Command Injection, Cross-Site
Scripting (XSS), Cross-Site Request Forgery and Race Conditions are very common
vulnerabilities as noted on these sites:

?
https://nvd.nist.gov/vuln/categories

?
http://cwe.mitre.org/top25/archive/2021/2021_cwe_top25.html

Explain a specific
vulnerability and describe a famous attack that leveraged it. For example, the Morris worm leveraged the buffer
overflow vulnerability. Explain, how the vulnerability can be prevented or
minimized.

SCENARIO #3:

There
are three main types of cryptographic algorithms:

1. Secret
key

2. Public
key

3. Hash
functions.

Read https://www.garykessler.net/library/crypto.html#intro
to gain an understanding of the various applications of crypto. Pick an
algorithm for any one of these types (e.g., DES, AES, RSA, MD5) and describe
how it works and where it is applied. For example, SSL uses 3DES or DES for
message encryption.

SCENARIO #4:

An
early attempt to force users to use less predictable passwords involved
computer-supplied passwords. The passwords were eight characters long and
consisted of lowercase letters and digits. A pseudorandom number generator
produced them with 215 possible starting values. Using the technology of the
time, the time required to search through all character strings of length 8
from a 36- character alphabet was 112 years. Unfortunately, this is not a true
reflection of the actual security of the system. Explain the problem.

SCENARIO #5:

Because
emails are the most common path used for intrusions, it is time for security
professionals to take proactive steps to minimize this threat.

For this scenario, identify
one countermeasure an organization could take to minimize the exposure of this
threat. Be sure to indicate the process of implementing the countermeasure and
the impact it would have on the organization as a whole.

SCENARIO #6:

Recently,
virtualization technology has been in demand. Just like any new technology,
security is an afterthought.

Explain the
vulnerabilities of using virtual machines to host an operating system (OS).
What steps can you take to reduce the risks associated with virtual machines?

SCENARIO #7:

You
learned about database security. We will focus three topics for this
discussion: (1) Inference in ordinary databases, (2) Inference in statistical
databases, and (3) Database privacy (through encryption). Please pick one of
these three topics and explain in your own words what the problem or issue is,
how the issue is being addressed, and some of the concerns with the solutions
being proposed.

SCENARIO #8:

Internet
search engine providers like Google and Microsoft keep track of all the
searches. The data is shared with federal government. Explain the ethical
and legal ramifications of privacy pertaining to searches.