cyber security question

profilejackr.0035
hwsent.docx
Home>Computer Science homework help>cyber security question

Administrative

COVERS

Chapters 3 and 4

Date Assigned

Sunday, September 9, 2018

Date Due

friday, September 15, 2018, @ 11:59 pm

Value

3% of the overall grade, or 30 points out of 1000.

Value of each question, and scoring

Your score is based on a scale of 0 to 100%. Each question has a different value. There are extra credit questions. For example, if you earn 80%, that translates to 24 out of 30. If you earn all 8 extra credit points, you now have an 88% grade, or 26.4 out of 30

Method of submission

All assignments are to be uploaded to the corresponding Folio dropbox. In the event you have a dire emergency requiring another method of submission that has been approved by Professor. your submission MUST be as an attachment to a Folio e-mail. No other methods of submission will be accepted for grading.

Formatting of answers

Answer the questions in the space provided for each question. If a table is provided for you to enter your questions, use it. Your answers MUST be in black Times New Roman, 11 or 12 point font. No other colors or fonts or font sizes are permitted. Your answers must be single-spaced. Do NOT bullet your answers unless you have more than one answer to a question. Do NOT bold or italicize your answers to make them stand out – it is obvious what your answers are. Do not change the numbering of questions to auto-numbering.

Chapter 3

1 Write about a half page, single-spaced, response, discussing this case below, with particular attention to steps you think might have helped avoid or ameliorate the situation. This problem is worth 40% of the value of this assignment, or a max of 12 points out of 30.

Scoring rubric for this question: Spelling and Grammar errors (one obvious spelling error may be a typo, two of the same is an error), 2 pts out of the 12. Content, 10 pts out of the 12

Formatting: again, single-spaced; separate paragraphs by 12 pts (= to double space); no first-line indent on paragraphs (even if you like to do that, don’t); fully justify your paragraphs (see below for that).

The case:

Consider the case of an intrepid identity thief. The perpetrator, Jane, encounters the victim, John, online in a chat room. John is using his real first name but only his last initial. However, over a series of online conversations between Jane and John, he does reveal personal details about his life (marital status, children, occupation, region he lives in, and so forth). Eventually, Jane offers John some piece of information, such as perhaps an investment tip, as a trick to get John’s email address from him. Once she gets his email address, an email exchange begins outside of the chat room, wherein Jane purports to give John her real name, thus encouraging John to do the same. Of course, the perpetrator’s name is fictitious, such as “Mary.” But Jane now has John’s real name, city, marital status, occupation, and so on.

Jane has a number of options she can try, but we will choose a simple one. She begins by using the phone book or the Web to get John’s home address and phone number. She can then use this information to get John’s social security number in a variety of ways. The most straightforward would be to go through John’s trash while he is at work. However, if John works in a large company, Jane can just call (or enlist someone to call), claiming to be John’s wife or another close relative, wanting to verify personnel data. If Jane is clever enough, she may come away with John’s social security number. Then it is a trivial matter (as we will see in Chapter 13, “Cyber Detective”) to get John’s credit report and to get credit cards in his name.

From this scenario, consider the following questions:

1. What reasonable steps could John have taken to protect his identity in the chat room?

2. What steps should any employer take to prevent being unwittingly complicit in identity theft?

Write your answer here.

2 For this question, I want you to research the FBI’s Internet Crime Complaint Center’s (IC3) annual report for 2017 (most recent available). https://www.ic3.gov/default.aspx

Once you have successfully opened it up, I want you to answer the questions below. Do NOT place your answers in the middle of the bullet points. Answer them in the table provided.

· For all the states , what percent of complaints were logged by all complainants (which means you will have to “do the math”). You will be using data from the 2017 Victims by Age Group table:

· Ages (under-20 + 20 to 29)

· And then for ages (50 to 59 + ages 60 and over)

· Can you draw a conclusion from these statistics by age, especially for the complainants ages 50 and over (total) as compared to those 29 and under (total)? You could come up with two reasonable conclusions. Do not restate the calculated results as your conclusion – they are just the data.

NOTE: since the data is not listed in terms of percentages, you are going to have to add up all of the data and determine the percentages on your own.

Age data is worth 1 point each (not percent); conclusion is worth 4 points (not percent). Total of 6 points out of 30.

Under 20 + 20 to 29

50 to 59 + Over 60

Your conclusion

Chapter 4

3 Write about a half page, single-spaced, response, discussing this case below, with particular attention to steps you think might have helped avoid or ameliorate the situation. This problem is worth a max of 12 points out of 30.

Scoring rubric for this question: Spelling and Grammar errors (one obvious spelling error may be a typo, two of the same is an error), 2 pts out of the 12. Content, 10 pts out of the 12

Formatting: again, single-spaced; separate paragraphs by 12 pts (= to double space); no first-line indent on paragraphs (even if you like to do that, don’t); fully justify your paragraphs (see below for that).

The case:

Runa Singh is the network administrator in charge of network security for a medium-sized company. The firm already has a firewall, its network is divided into multiple segments separated by routers, and it has updated virus scanners on all machines. Runa wants to take extra precautions to prevent DoS attacks. She takes the following actions:

· She adjusts her firewall so that no incoming ICMP packets are allowed

· She changes the web server so that it uses SYN cookies.

From this scenario, consider the following questions:

1. Are there problems with any of her precautions? If so, what are the problems?

2. What additional steps would you recommend to Runa?

Write your answer here, and if necessary, continue it onto the next page.

4