cyber security

Nobody

ASSIGNMENT2.docx

Home >Computer Science homework help >cyber security

RUNNING HEAD: INFORMATION SECURITY 2

INFORMATION SECURITY 2

ASSIGNMENT 2

INFORMATION SECURITY

Student Name

Institution Affiliation

Task one: Computer attack (5 marks)

1. Based on your personal experiences or those of someone you know (you may have to interview other students or a friend), write a paragraph regarding a computer attack that occurred.

“When did it happen and what was the attack? And What type of damage did it inflict?”

Earlier this year, after constantly receiving notifications that indicated that there was the need to update my antivirus, I decided to disable it to avoid the nagging notifications after each boot session. I, however, forgot to update the antivirus or even turn it back on before connecting a thumb drive that had been passed over multiple other computers that contained some class notes and some other stuff. Soon afterward, my entire drive was encrypted, requiring special permission from an administrator account even though my computer runs on only my Microsoft account. Although all my files were visibly present, they could not be accessed or even copied. It was after some inquiry that I realized my grievous error as I was facing a Ransomware attack, where my files had been encrypted.

“The reason or reasons you think that the attack was successful?” It was hopeless trying to retrieve my files from the computer as they could not be accessed. Luckily enough, I always periodically update the important documents to my google drive account, otherwise, I would have lost all the critical documents. The attack was with no doubt successful, since, none of the files on my drive were accessible.

“How was the computer fixed after the attack? And What could have prevented it?”

The only possible solution I could think about was to format the computer and reinstall all important programs, starting with an updated version of the Avast antivirus. I then downloaded the files saved on my Google Drive account to my personal computer. Since that dreadful experience, I have learned to enact preventive measures such as constantly checking for updates for my antivirus and scanning portable devices before retrieving files from them in order to prevent this type of attacks in the future.

Task two: The netstat-an command (5 marks)

The server is connected to the port 6000. The port with address 123 is used for NTP while that with the address 22 is open and used for SSH connections.

“Download PGP (freeware or paid) and try to encrypt an email using someone's public key. Describe other functions that you can do with PGP”

Task three: PGP (5 marks)

Using the Kleopatra computing tool, PGP (Pretty Good Privacy) encryption of emails is achieved (Yeh et al., 2018). Each terminal has a public and private key. The public key is sent to the recipient for decoding the sent message and a private key is used to decrypt the feedback. During the creation of the public key, the RSA standard with 4096 bits is selected. Signing is also set to ensure the message has not been tampered with during transit. The first step is thus sending the public key to the recipient so that he or she can encrypt the feedback with the sent public key. PGP provides functions such as authentication and privacy. Authentication is achieved where a passphrase is required to make any changes that would affect the private key. Privacy is achieved when the plaintext is converted to cyphertext. The digital signature

“Download any steganography software and demonstrate hiding a 500kB document in the software– “

Task four: Steganography (5 marks)

The Quickcrypto software is a steganographic tool developed by Cybernescence which allows for both the encoding and decoding of messages within pictures or images. It provides a text panel for inputting the text or message to be encoded and a panel for uploading the image file.

In this task, you will use VirusTotal to scan a file and a URL. You can create a file or upload an existing file to check for malicious signatures.

Task five: VirusTotal (10 marks)

VirusTotal is an online tool that identifies suspicious sites by comparing it against a blacklist that preidentified sites that were linked to malicious content by other vendors, such as Sophos and BitDefender (Srivastava et al., 2018). To scan a URL, simply copy its address and paste it in the URL bar then click the scan button. To scan a file, simply upload it to the website and click scan.

References

Srivastava, A., Chauhan, A. S., Gupta, S., Gautam, A., & Kaur, G. (2018, April). Malware Detection Using Online Information Sharing Platforms and Behavior Based Analysis. In Proceedings of 3rd International Conference on Internet of Things and Connected Technologies (ICIoTCT) (pp. 26-27).

Yeh, J. H., Sridhar, S., Dagher, G. G., Sun, H. M., Shen, N., & White, K. D. (2018, December). A certificateless one-way group key agreement protocol for end-to-end email encryption. In 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC) (pp. 34-43). IEEE.