2017394073

QUESTION 1

a) Sniffer
Eavesdropping program that monitors information travelling over network which allow hackers to steal information such as emails etc.

b) Phishing
Setting up of illegal fake web sites or sending e-mail messages that look like legitimate businesses to ask users for confidential personal information of data.

c) Pharming 

Redirects users to a bogus web page, even when individual types correct web page address into his or his own broser browser.

d) Spoofing 

Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else. Redirecting web link to address different from intended one, with site masquerading as intended destination.

a) Distinguish the TWO (2) methods for encrypting network traffic on the Web.

1. Secure Sockets Layer (SSL) and Successor Transport Layer Security (TLS) - Enable client and server computers to manage encryption and decryption activities so that they can able to communicate with each other during secure web session.

used for encrypt data flowing over the internet but it is limited to individual messages. But SSL AND TSL are designed to established a secure connection between two computer.

 

 
b) Briefly explain the following terms.
i. Cyber warfare 
- Designed to cripple and defeat another state or nation by penetrating its computers of networks for purpose to cause damage and disruption.

Much more widespread, sophisticated and potentially devastating.

2. Computer Forensic 

it is Scientific collection, examination, authentication, preservation, and analysis of data from computer storage media for use as evidence in court of law. It includes recovery of ambient and hidden data.

QUESTION 3 

a) Without protection against malware and intruders, connecting to the Internet could be very dangerous. Firewalls, intrusion detection system and antivirus software have become the tools to overcome this problem. Briefly explain these THREE (3) tools. 

1 ) Firewalls - It is combination of hardware and software that prevents unauthorized users from accessing private networks. the technologies include Static packet filtering, Stateful inspection, NAT, Application proxy filtering.

2) Intrusion Detection System - Monitoring hot spots on corporate networks to detect and deter intruders. Examines events as they are happening to discover attacks in progress.

3 ) Antivirus Software - Checks computers for presence of malware and can often eliminate it as well. Requires continual updating too.

b) Information systems controls  one of the components of an organizational framework for security and control. Information systems controls consist of two - general and application control. A company must know how and where to deploy security tools and security personnel must know what controls a company must have in place to protect its information system. Contrast between General Controls and Application Controls

General Controls is a govern design, security, and use of computer programs and security of data files in general throughout organization’s information technology infrastructure. It applies to all computerized applications.

Application Controls is specific controls unique to each computerized application, such as payroll or order processing. Include both automated and manual procedures. Ensure that only authorized data are completely and accurately processed by that application. It includes input controls, processing controls, and output controls.

QUESTION 4

Malicious Software programs are referred to as Malware. Describe FOUR (4) types of malicious software.

1. SPYWARE - Spyware is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information. Spyware is classified as a type of malware — malicious software designed to gain access to or damage your computer, often without your knowledge.

2. VIRUS -  A virus program is a code when executed, replicates itself by modifying other computer programs.

3. WORM - Worm is a independent programs that copy themselves from one computer to other computers over a network.

4.Trojan horses - is a software that appears benign but does something other than expected. it is also a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the certain area on your hard disk. 

 a) Nowadays securing information systems has become an important issue in organization to protect itself against computer crime. Define computer crime and provide an appropriate example.
 
Computer crime describes a very broad category of offenses. Some of them are the same as non-computer offenses, such as larceny or fraud , except that a computer or the Internet is used in the commission of the crime. Others, like hacking, are uniquely related to computers and without authority. Some example like hacking to one system to obtain personal information of the user.

 b) Briefly explain THREE (3) reasons why information systems are vulnerable to destruction, error and abuse?

- internet vulnerabilities
It is because the network is open to anyone and the internet is designed to be an open system and make internal corporate systems more vulnerable to actions from outsiders.

- malware
It is represented in the form of a computer virus, a worm and Trojan Horse. Computer viruses and worms can spread rampantly from system to system, clogging computer memory or destroying programs and data.

- wireless security challenges
Computer can be attack by hacking, viruses and worms, theft and fraud, vandalism, and denial of service attacks-

 c) Discuss the THREE (3) most important tools and technology for safeguarding information resources

1 . Firewall
it is combination of hardware and software that prevents unauthorized users from accessing private networks.

2. Intrusion detection system
it monitors hot spots on corporate networks to detect and deter intruders. it also examines events as they are happening to discover attacks in progress.

3. Antivirus and anti-spyware software
for presence of malware and can often eliminate it as well ad it also require continual updating.

 

Authentication is the technique by which a system checks the identification of a end User who wants to access it. Since entrance or access control is normally based on the identification of the user who demands access to a resource. Authentication is essential to effective security.

b.      Identify and briefly describe FOUR (4) authentication technologies.

1. Password Based Technologies - Most common form of authentication. Password may be of any form (string of alphabets, numbers and special characters). This password is necessarily to be known by the entity or the thing or a person that is being authenticated.

2. E-Token Based Technologies -  Small devices that develop/generates a new odd/random value every time it is used. This random value becomes the basis for authentication (an alternative to a password). It can be implemented on a USB key fob or on a smart card. Data is protected on the device itself. 

3. Bio-metric Based Technologies - It is  realization/recognition/identification of humans by their personality/characteristics such as face, fingerprint, human voice, retina, iris pattern of the eye, vein pattern etc. It's used in computer science as a form of realization/recognition and access control. It is also used to find/select persons in groups that are under consideration/measurement.

4. Two-factor authentication - also known as multi-step verification, which adds another layer of security, supplementing the username and password model with a code that only a specific user has access to (typically sent to something they have immediately to hand

 Ransomware - is a subset of malware in which the data on a victim's computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access returned to the victim.

b) State how do we prevent and protect our computer from ransomware.

i) Make sure one must installed up to date anti-malware or anti virus tool

ii) Scan attachments t ensure no secret virus from entering out system.

iii) Ask before you open the email

c) Discuss the effects of computer crime to an organization.

i. Reputation damage -  Computer crime can damage business' reputation and erode the trust that customers have for the organization. This could potentially lead to loss of customer, loss of sales and reduce the sales of the organization.

2. Loss of personal information - Organization data consists of many personal information of the workers and the clients. It can cause damage especially when the hacker able to get through personal information such bank account etc. The organization also may need to pay fines for the damage. 

Security isn’t simply a technology issues, it’s a business issues. Discuss.

As the traces between work and play blurs due to the advances of technology, it turns into extra apparent that Information Security within the place of work is no longer simply the IT department’s issues. Information or data is a business enabler, it allows operations and productivity so, the protection of it should be considered as vital and promoted at some point of the enterprise but, in most instances it is not. IT Security be viewed as a mission to minimize threat for an organization. This threat administration is no longer just constrained to the IT department or within the office because let’s face it, many of us do work a little when we get home even if its simply checking our emails. Employees use of unauthorized private mobile devices can be a chance due to the fact it is an unknown object on the IT network. For example, if a consumer was once to keep business statistics onto an unauthorized device and then it used to be infected by malware, the information could give up up in the incorrect hands.

Regular IT community assessments are endorsed now not only will it assist protect and minimize attainable safety risks, it can also be an opportunity to check the effectiveness degrees of the network. There will usually be a opportunity of a breach in protection for every company, it ought to be due to a cyber attack, human error, social engineering and many others but,if hazard administration is a frequent goal among every worker no longer simply the IT department, it can help manipulate and minimize protection risks in the long run.

 

An insider assault is one of the biggest threats confronted via corporations for the reason that these kinds of hacks can be very difficult for IT teams to identify. This is due to the fact an insider whether or not he’s an worker or a contractor is already entrusted with authorized get right of entry to to at least some structures and applications on a corporate network. It can be very difficult for those in IT to decipher whether he’s simply performing his regular job tasks, or carrying out something sinister. Outsiders are the ones who have bad intentions, but they don’t have access. Network restrictions are usually strong enough to keep them out. So instead they focus their efforts on tricking unsuspecting insiders into opening the doors for them. And once inside, they are indistinguishable from the insiders. Employee web browsing is one of the most used pathways to accomplish this. Outsiders set up a website capable of exploiting any computer that browses to it, then they send emails to the insiders that entice them to click a link to that site. Most employees will not take the bait, but it just takes one person to give in to curiosity and click the link. In fact, many data breaches resulting from insiders threats are completely unintentionally.

 

There are various types of e-commerce threats. Some are accidental, some are purposeful, and some of them are due to human error. The most common security threats are phishing attacks, money thefts, data misuse, hacking, credit card frauds and unprotected services. Firstly, the inaccurate management. One of the main reason to e-commerce threats is poor management. When security is not up to the mark it poses a very dangerous threat to the networks and systems. Also security threats occur when there are no proper budgets are allocated for purchase of anti-virus software licenses. Secondly, price manipulation. Modern e-commerce systems often face price manipulation problems. These systems are fully automated where right from the first visit to the final payment getaway. Stealing is the most common intention of price manipulation. It allows an intruder to slide or install a lower price into the URL and get away with all the data. Thirdly, other threats. Some other threats which include are data packet sniffing, IP spoofing, and port scanning. Data packet sniffing is also normally called as sniffers. An intruder can use a sniffer to attack a data packet flow and scan individual data packs. With IP spoofing it is very difficult to track the attacker. The purpose here is to change the source address and give it such a look that it should look as though it originated from another computer.

 

Ways to combat e-commerce threats are by developing a through implementation plan is the first step to minimize a cyber threat. Firstly, encryption. It is the process of converting a normal text into an encoded text which cannot be read by anyone except by the one who sends or receives the message. Secondly, perform a security audit. A routine examination of the security procedures of the firm. Thirdly, having digital certificates. It is a digital certificate which is issued by a reliable third party company. A digital certificate contains the following things the name of the company (Only in EV SSL Certificate), the most important digital certificate serial number, expiry date and date of issue. An EV SSL Certificate is necessary which provides a high level of authentication to your website. The very function of this kind of certificate is to exclusively protect an e-commerce website from unwanted attacks such Man-In_middle Attack.  

 

 

Yes, cyberwarfare is a serious problem. This is because cyberwarfare is more complex than conventional warfare. Although many potential targets are military a country’s power grids, financial systems, and a communication network can also be crippled. Non-state actors such as terrorist ore criminal groups can mount attacks, and it is often difficult to tell who is responsible. Most company relies on the internet for emails and internet, and will soon become dependent on it. This is cyber attacks will grow as technology grows especially since the cost is very low. In August 2012, the Shamoon virus infected 30,000 machines at Saudi Arabian oil company, Aramco. It destroys workstations by overwriting the master boot record (MBR), which stores key information about a hard disk drive to help a computer system start up.

One of the solution is to increase security of the networks which have the highest risked of being attacked. In this case, each state should increase its own security measures against cyber-attacks in order to do this as effectively as possible governments should establish. Moreover they should follow the example of the USA and conduct simulations on a regular basis, maybe even in cooperation with other countries, in order to analyze their current security measures. Moreover they should follow the example of the USA and conduct simulations on a regular basis, maybe even in cooperation with other countries, in order to analyze their current security measures. Then, they will have a bigger insight into the strength of their security measures and should try to strengthen the most vulnerable parts.