Briefly explain the following computer crimes. (8 marks)

a) Sniffer –Eavesdropping program which monitors into travelling from over network. It enables hackers to steal proprietary information such as e-mails and company files.

b) Phishing –Set up fake web sites or send e-mail messages that look like legitimate businesses to ask users for confidential personal data. 

c) Pharming -Redirect users to a fake web page, even when individual types correct web page address into his or her browser. 

d) Spoofing –Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else. It is also redirecting web link to address different from intended one, with site masquerading as intended destination. 

Q2: 

a)     Distinguish the TWO (2) methods for encrypting network traffic on the Web. (4 marks) 

i. Secure Sockets Layer (SSL) and successor Transport Layer Security (TLS) -It enables client & server computers to manage encryption & decryption activities; so they communicate with each other during a secure web session. 

ii. Secure Hypertext Transfer Protocol (S-HTTP) - Used for encrypt data flowing over the Internet but it is limited to individual messages, whereas SSL & TLS are designed to establish a secure connection between 2 computers.

b)  Briefly explain the following terms. (4 marks)

i. Cyber warfare -State-sponsored activity designed to cripple & defeat another state or nation by penetrating its computers or networks for the purposes of causing damage and disruption. Have become much more widespread, sophisticated & potentially devastating.

 ii. Computer Forensic –Scientific collection, examination, authentication, preservation and analysis of data from computer storage media for use as evidence in court of law. It includes recovery of ambient and hidden data.

Q3:

a)  Without protection against malware and intruders, connecting to the Internet could be very dangerous. Firewalls, intrusion detection system and antivirus software have become the tools to overcome this problem. Briefly explain these THREE (3) tools.  (6 marks) 

Firewalls: Firstly, for firewalls, it is combination of hardware and software that prevents unauthorized users from accessing private networks. Technologies include static packet filtering, stateful inspection, network address translation (NAT) and application proxy filtering. 

Secondly, intrusion detection system which monitor hot spots on corporate networks to detect and deter intruders. It examines events as they are happening to discover attacks in progress.

Lastly, Antivirus and Antispyware System. Checks computers for presence of malware and can often eliminate it as well. It requires continual updating.

b)  Information systems controls is one of the components of an organizational framework for security and control. Information systems controls consist of two - general and application control. A company must know how and where to deploy security tools and security personnel must know what controls a company must have in place to protect its information system. Contrast between General Controls and Application Controls. (8 marks) 
General control- it for govern design, security and use of computer programs and security of data files in general throughout organization’s information technology infrastructure. It apply to all computerized applications. Moreover it combination of hardware, software and manual procedure to create overall environment.

Application controls- specific controls unique to each computerized application such as payroll or order processing controls. Moreover, it ensures that only authorized data are completely and accurately can processed by that application. 

Q4:

Malicious Software programs are referred to as Malware. Describe FOUR (4) types of malicious software. (8 marks) 

1.     Viruses–Rogue software program that attaches itself to other software programs or data files in order to be executed.

2.     Worms-Independence programs that copy themselves from one computer to other computer over a network.

3.     SQL injection attacks-Hackers submit data to site’s unprotected software and sends rogue SQL query to database.

4.     Trojan horses-Software appears beneign but does something other than expected. For example, Zeus Trojan runs on computer with MS Windows OS which used to steal login credentials for banking.

Q5:

a)     Nowadays securing information systems has become an important issue in organization to protect itself against computer crime. Define computer crime and provide an appropriate example. (3 marks) 

Definition: Any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation or prosecution. Computer may be target and instrument of crime. For example, breaching confidentiality of protected computerized data. Accessing a computer system without authority. 

b)    Briefly explain THREE (3) reasons why information systems are vulnerable to destruction, error and abuse? (6 marks) 

-Internet vulnerabilities- Network is open to anyone. The internet is designed to be open system and make internal corporate systems more vulnerable to actions from outsiders.

-Wireless security challenges- Many Wi-Fi networks can be easily penetrated by intruders using sniffer program to obtain address to access the resources of a network without authorization.

-Malware- represented in the form of computer virus, worm and Trojan Horses. Computer viruses and worms can be spread rampantly from system to system, clogging computer memory or destroying programs and data.

 

 

c)     Discuss the THREE (3) most important tools and technology for safeguarding information resources. (6 marks) 

-Firewalls-Combination of hardware and software that prevents unauthorized users from accessing private networks.

-Intrusion Detection System-Monitor hot spots on corporate networks to detect and deter intruders.

-Antivirus and Antispyware System- Checks computers for presence of malware and can often eliminate it as well.

 

Q6:

a)     Identity management software automates the process of keeping track of all information systems users and their system privileges, assigning each user a unique digital identity for accessing each system. Define authentication. (2 marks)

-Authentication is the process of recognizing a user’s identity. It is the process or action of verifying the identity of a user or process. 

b) Identify and briefly describe FOUR (4) authentication technologies. (8 marks)

-Password based technologies- Passwords are the most common form of authentication. Password may be form such as string of alphabets, numbers and special characters. 

-Certificate based technologies- It is a digital document which digitally signed by a reliable third party known as Certificate Authority. These Digital Certificate can be reused for authentication.

-Biometric based technologies- Biometric authentication mention to the realization of humans by their personality such as fingerprint, face, retina and human voice. Used in computer science as form of realization and access control.

Q7:
a)  Describe ransomware. (3 marks)

-Proliferating on both desktop and mobile devices which tries to extort money from users by taking control of their computer or displaying annoying pop-up messages. For example, CrypoLocker which encrypts an infected computer files, forcing users to pay hundreds of dollars to regain access.

b)  State how do we prevent and protect our computer from ransomware. (3 marks)

-Adopting Safer internet practices

-Backing up files

-Securing computer systems

 c)  Discuss the effects of computer crime to an organization. (4 marks)

-Damage to intellectual property resulting in loss of a competitive edge. It is because people easily can stole the data and create new one with the cheap brand. It ruins the original brand and the original need to decrease the price as there is fake product of their brand. It will make the brand look mainstream which people do not want it anymore and people will choose to buy the other product or the fake one with the cheaper price.



PART B

1. Security isn’t simply a technology issue, it’s a business issue. Discuss.

Most of companies in modern world use to keep all data in computer as well as on internet. They put a lot of important data such as customers’ transaction and their employees details. Obviously they will use password or visual detection to log in to the information such as fingerprint or face detection. But they did not know how to maintain the security it well such as the top management just simply give password to everyone in the organization which they should not do it because these workers can easily access to the information especially the confidential information which cannot be published to other people. They will stole the information and sale it to the other organization which will ruin the operation of the organization itself. 

2. Who poses the biggest security threat: insiders or outsiders?

Insiders poses the biggest security threat because they can easily access to the information compare to the outsiders. They already know security pass to access to the information. If they want to do it for the self-benefits, so they will stole the information and sell it to the people or organization and they will make profit without the other people know who sell the information since all of them can access to the information. Other than that, when one of them feel dissasstifaction with the organization especially with top management, he or she can easily sabotage by clearing the data or injecting the virus in it so the top management and everyone cannot access to the files.

 

3. Suppose your business had an e-commerce Web site where it sold goods and accepted credit card payments. Discuss the major security threats to this Web site and their potential impact. What can be done to minimize these threats?

The malicious software come to crush the website which make the website lose all the information because of viruses attacked on the computer and website and in the same time losses to the e-commerce business. It will lead to the clients lose their trust in business and they will stop dealing with the organization. Organization and clients will feel stress since they lose the information especially when they did not back up the data. Besides, the Trojan horse can stole the clients information even before the software make it encrypt. To minimize it, the users must keep on updating the software computer operating systems and install anti virus so that it can prevents from the virus to attack the computers.



PART C

1.    Is cyberwarfare a serious problem? Why or why not? 

Yes. Cyberware is a serious problem. It is because it poses an exclusive and frightening set of tests for security experts. It is not only in noticing and avoiding disturbances but also in tracking down criminals and bringing them to justice. The term describes any conflict between two entities which takes place in the cyberspace and involves hacking. It includes any political motivated attacks on technical devices where classified data is stolen, altered or deleted, websites are disabled or essential systems and services are disabled or corrupted. This can go as far as to manipulate the power grid of a region and possibly even disable it. Cyber warfare does not necessarily have to be a state versus state conflict, but can also be started by non-state actors. However, an international definition still has to be agreed on. 

2. What solutions are available for this problem? Do you think they will be effective? Why or why not?
Recommendations that can help both governmental and private actors abound. Most of these are directed at building defenses around their IT systems to minimize or eliminate damage inflicted by cyber attackers. Capacitating incident response teams is one of the most sensible defensive measures, as the costs and losses of a cyber attack are minimized with a faster response. The use of security analytics and cooperation and sharing of data on security breaches and vulnerabilities with other organizations can serve to make each other aware of possible threats. Segmenting networks is another viable cautionary measure given that in the event of a cyber attack against a centralized network, all data would be compromised.

Regarding security measures that can be undertaken by countries to propel their defenses individually, both state and non-state actors commonlyrecruitwhite hat hackers and programmers to break into their secure systems and “perfect” their software to avoid future breaks in. It would be advisable for international organizations to aid vulnerable states in the development of appropriate response systems.

A crucial solution would be the establishment of a universally accepted legal framework to regulate cyber warfare, given that no sufficiently specific international regulations are currently in place. Defining what constitutes cyber crime and terrorism, among other measures, would facilitate the prosecution of offending parties. Measures to prevent the proliferation of offensive cyber weapons should also be introduced.

Further operations against criminal networks in the deep web would be an advisable though ambitious feat.