cyber security
jackr.0035
hw1.docxAdministrative
|
COVERS |
Chapters 1 and 2 |
|
Date Assigned |
Tuesday, August 28, 2018 |
|
Date Due |
Wednesday, September 3, 2018, @ 11:59 pm |
|
End/Late Date |
Friday, September 4, 2018, @ 11:59 pm. Assignments submitted between the due date and the end/late date are subject to penalties as specified in the syllabus |
|
Value |
3% of the overall grade, or 30 points out of 1000. |
|
Value of each question, and scoring |
Your score is based on a scale of 0 to 100%. Each question has a different value. There are extra credit questions. For example, if you earn 80%, that translates to 24 out of 30. If you earn all 8 extra credit points, you now have an 88% grade, or 26.4 out of 30 |
|
Method of submission |
All assignments are to be uploaded to the corresponding in dropbox. In the event you have a dire emergency requiring another method of submission that has been approved by Prof., your submission MUST be as an attachment to e-mail. No other methods of submission will be accepted for grading. |
|
Formatting of answers |
Answer the questions in the space provided for each question. If a table is provided for you to enter your questions, use it. Your answers MUST be in black Times New Roman, 11 or 12 point font. No other colors or fonts or font sizes are permitted. Your answers must be single-spaced. Do NOT bullet your answers unless you have more than one answer to a question. Do NOT bold or italicize your answers to make them stand out – it is obvious what your answers are. Do not change the numbering of questions to auto-numbering. |
Chapter 1
1 We have discussed the concepts of confidentiality and integrity. Answer the two following questions:
1. Is there ever a case where data possesses confidentiality but NOT integrity, and
1. Is there ever a case where data possesses integrity but NOT confidentiality?
2 Read the Case Study on page 27 of our text. Answer the following questions:
1. The network admin has upgraded each of his five workstations to the Windows XP operating system, with the firewall turned on. Explain why this is or is not a security risk. If it is a security risk, explain what you would do to resolve it, and
1. The network admin is worried about employee passwords being compromised and would like to tighten up security by employing multi-factor authentication. Explain what multi-factor authentication is AND go to my web page on security,
1. go to the Computer Security Resource Center of NIST, look at their expanded publications library, and in the SP 1800 series, find a document that will help the network set up multi-factor authentication. Give its SP #, its title, and the date it was published.
The answer to the first bullet point is worth 8 percent. The explanation of multi-factor authentication is worth 7 percent. The document information is worth 7 percent. The total value of this question is 22 percent. Type your answers immediately below this paragraph.
3 Viruses and Malware. There are new viruses and malware attacking systems every day. Once again, go to my web page on security, and then go to the Current Threat Center from McAfee. Report back on one vulnerability and one ransomware attack.
1. For the vulnerability, give its name, modified date, and a brief explanation.
1. For the ransomware attack, give its name, modified date, and a brief explanation.
Each answer is worth 5 percent. This question is worth 10 percent.
|
Vulnerability |
|
|
Ransomware |
|
Chapter 2
4 You are working at XYZ Company. XYZ has locations in Atlanta, Charlotte, and Greenville, SC, with the corporate HQ in Atlanta, each running their own LAN. Corporate HQ has multiple departments, all running on the same network, but each department, such as Finance and Human Resources, must have their own broadcast domains. What device should connect each location, and why? What device should divide the network in Atlanta, and why? Each answer is worth 6 percent. This question is worth 12 percent.
|
Used to connect the locations & why |
|
|
Used to divide the network in Atlanta & why |
|
5 You are going to launch an attack against Hi Tech Incorporated. In order to do that, you need to use various network commands to find out information regarding HTI. In the table below, give a short description of each network command, and then give a description of how you would use them to launch an attack on HTI (note – you may not use all to launch the attack). Description of each command is worth 3 percent. Description of how you would use them is worth 8 percent. This question is worth 20 percent.
|
Command |
Description |
|
IPConfig |
|
|
Ping |
|
|
Tracert |
|
|
NSlookup |
|
|
How they can be used in an attack |
|
6 Internet history – use the PowerPoint I have provided, do NOT use the textbook’s version of the history of the Internet. Each answer is worth 4 percent, the overall question is worth 16 percent. Answer each question in the table provided.
|
Year and Event |
Significance of the Event |
|
Our text states that in 1968, ARPA commissioned the construction of ARPANET, but according to the PowerPoint, when was the real birth of the Internet and why is it considered to be that year ? |
|
|
Our text states that the TCP/IP protocol was created in 1973, but what occurred regarding it that was important in 1983? |
|
|
MOSAIC was created and initially distributed in 1993 |
|
|
Java was created in 1995 |
|
Extra Credit – worth 8 points
We went over the binary number system in class. It is used to both calculate and represent characters. They are really two different things. Here you are to, using the method in the textbook on page 35, calculate a decimal number into binary and then convert that to hexadecimal. For your binary answer, you MUST include a space between each set of four binary bits. Calculation of decimal to binary is worth 4 points. Conversion of that to hexadecimal is worth 4 points. You MUST “show your work” for the calculation, e.g. it must look like the example on page 35.
Decimal number is 138
