<?xml version="1.0"?>
<rss version="2.0">
   <channel>
      <title>CSC 408 REVISION by Alif Azri Anuar</title>
      <link>https://padlet.com/ayieanuar97/csc408revision</link>
      <description>CHAPTER 7/8</description>
      <language>en-us</language>
      <pubDate>2018-12-19 17:18:24 UTC</pubDate>
      <lastBuildDate>2018-12-31 13:51:27 UTC</lastBuildDate>
      <webMaster>hello@padlet.com</webMaster>
      <image>
         <url>https://padlet-assets.s3.amazonaws.com/icons/Templeball.png</url>
      </image>
      <item>
         <title>PART A</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315946623</link>
         <description><![CDATA[<div><strong><em>QUESTION 1<br>Briefly explain the following computer crimes.</em></strong><strong><br><br></strong>1) Sniffer - It is an eavesdropping program that monitors information traveling over network and     enables hackers to steal proprietary information such as e-mail, company files, and so on.<br><br></div><div>2) Phishing - It setting up fake Web sites or sending e-mail messages that look like legitimate businesses to ask users for confidential personal data. <br><br></div><div>3) Pharming - It redirects users to a bogus Web page, even when individual types correct Web page address into his or her browser.<br><br></div><div>4) Spoofing  - It misrepresenting oneself by using fake e-mail addresses or masquerading as someone else and redirecting Web link to address different from intended one, with site masquerading as intended destination.</div><div><strong><br></strong><br></div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 17:22:59 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315946623</guid>
      </item>
      <item>
         <title>PART A</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315947811</link>
         <description><![CDATA[<div><strong><em>QUESTION 2<br>a) Distinguish the TWO (2) methods for encrypting network traffic on the Web.</em></strong><strong><br><br></strong>1) Secure Sockets Layer (SSL) and successor Transport Layer Security (TLS) enables client &amp; server computers to manage encryption &amp; decryption activities; so they communicate with each other during a secure web session.<br> </div><div>2) Secure Hypertext Transfer Protocol (SHTTP) is used for encrypting data flowing over the Internet but it is limited to individual messages, whereas SSL &amp; TLS are designed to establish a secure connection between 2 computers.<br><br><strong><em>b) Briefly explain the following terms.</em></strong><strong><br></strong><br></div><div>1) Cyber warfare - State-sponsored activity designed to cripple &amp; defeat another state or nation by penetrating its computers or networks for the purposes of causing damage &amp; disruption.<br><br></div><div>2) Computer Forensic - Scientific collection, examination, authentication, preservation, and analysis of data from computer storage media for use as evidence in court of law and it includes recovery of ambient and hidden data.</div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 17:26:07 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315947811</guid>
      </item>
      <item>
         <title>PART A</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315948900</link>
         <description><![CDATA[<div><strong><em>QUESTION 3</em></strong><br><strong><em>a) Without protection against malware and intruders, connecting to the Internet could be very dangerous. Firewalls, intrusion detection system and antivirus software have become the tools to overcome this problem. Briefly explain these THREE (3) tools.</em></strong><strong><br></strong><br></div><div>1) Firewall - combination of hardware and software that prevents unauthorized users from accessing private networks Static packet filtering - examines selected fields in the header of data packet flowing back and forth between the trusted network &amp; Internet, examining individual packets in isolation.<br><br></div><div>2) Intrusion detection system - monitors hot spots on corporate networks to detect and deter intruders and examines events as they are happening to discover attacks in progress.<br><br></div><div>3) Antivirus software - checks computers for presence of malware and can often eliminate it as well. It requires continual updating. <br><br></div><div><strong><em>b) Information systems controls is one of the components of an organizational framework for security and control. Information systems controls consist of two - general and application control. A company must know how and where to deploy security tools and security personnel must know what controls a company must have in place to protect its information system. Contrast between General Controls and Application Controls.<br><br></em></strong>1) General Controls – It is a for govern design, security and use of computer programs and security of data files in general through out organization information technology infrastructure. It apply to all computerized applications. Moreover it is a combination of hardware, software and manual to create overall control environment.<br><br></div><div>2) Application controls – It specific controls unique to each computerized application such as payroll or order processing. It includes both automated ad manual procedure, for example input control, output control and processing controls. Moreover, it ensures that only authorized data are completely and accurately can processed by that applications. </div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 17:28:36 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315948900</guid>
      </item>
      <item>
         <title>PART A</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315951446</link>
         <description><![CDATA[<div><strong><em>QUESTION 4<br>Malicious Software programs are referred to as Malware. Describe FOUR (4) types of malicious software.<br><br></em></strong><em>1) </em>Spyware is any technology that aids in gathering information about a person or organization without their knowledge. On the Internet (where it is sometimes called a Spybot or tracking software), Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. <br><br></div><div>2) Virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD.<br><br></div><div>3) Worm is a self-replicating virus that does not alter files but duplicates itself. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.<br><br></div><div>4) Trojan (Trojan Horse) is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the certain area on your hard disk. A Trojan horse may be widely redistributed as part of a computer virus.</div><div><strong><br></strong><br></div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 17:35:00 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315951446</guid>
      </item>
      <item>
         <title>PART A</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315953198</link>
         <description><![CDATA[<div><strong><em>QUESTION 5<br>a) Nowadays securing information systems has become an important issue in organization to protect itself against computer crime. Define computer crime and provide an appropriate example. </em></strong><strong><br></strong><br></div><div>Computer crime means any violations of criminal law that involves knowledge of computer technology for their perpetration, investigation, or prosecution. Some examples are breaching confidentiality of protected computerized data and accessing a computer system without authority. <br><br></div><div><strong><em>b) Briefly explain THREE (3) reasons why information systems are vulnerable to destruction, error and abuse? </em></strong><strong><br></strong><br></div><div>1) There are internet vulnerabilities which mean network is open to anyone and size of Internet means abuses can have wide impact. <br><br></div><div>2) There are wireless security challenges whereby eavesdroppers can drive by buildings and try to intercept network traffic and hacker that gains access to SSID, has access to network’s resources. <br><br></div><div>3) There are malicious software such as worms, viruses, Trojan horses and spyware. <br><br></div><div><strong><em>c) Discuss the THREE (3) most important tools and technology for safeguarding information resources.</em></strong></div><div><strong> </strong></div><div>1) Identity management software which automatically keeps track of all users &amp; privileges authenticates users, protecting identities, and controlling access.</div><div> </div><div>2) Authentication which is a system that checks the identification of an end user who wants to access it. Some types of authentications are token, smart cards, biometric authentication and two-factor authentication.</div><div> </div><div>3) Firewalls which is a combination of hardware and software that prevents unauthorized users from accessing private networks and provides additional security by determining whether packets are part of an on-going dialogue between sender &amp; receiver.</div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 17:39:08 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315953198</guid>
      </item>
      <item>
         <title>PART A</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315954215</link>
         <description><![CDATA[<div><strong><em>QUESTION 6<br>a) Identity management software automates the process of keeping track of all information systems users and their system privileges, assigning each user a unique digital identity for accessing each system. Define authentication.</em></strong></div><div> </div><div>Authentication is the technique by which a system checks the identification of a end User who wants to access it. Since entrance or access control is normally based on the identification of the user who demands access to a resource. Authentication is essential to effective security. Four types of authentication technologies are:</div><div> </div><div>1) Password Based Technologies which is the most common form of authentication. Password may be of any form (String of alphabets, numbers and special characters). This password is necessarily to be known by the entity or the thing or a person that is being authenticated.</div><div> </div><div>2) E-Token Based Technologies which is a small device that develop/generates a new odd/random value every time it is used. This random value becomes the basis for authentication (an alternative to a password). It can be implemented on a USB key fob or on a smart card. Data is protected on the device itself.</div><div> </div><div>3) Biometric Based Technologies which is an authentication mention to the realization/recognition/identification of humans by their personality/characteristics such as Face, fingerprint, human voice, Retina, Iris pattern of the eye, vein pattern etc. It's used in computer science as a form of realization/recognition and access control. </div><div> </div><div>4) Two Factor Authentication also known as multi-step verification, which adds another layer of security, supplementing the username and password model with a code that only a specific user has access to (typically sent to something they have immediately to hand). </div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 17:41:19 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315954215</guid>
      </item>
      <item>
         <title>PART A</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315957049</link>
         <description><![CDATA[<div><strong><em>QUESTION 7<br>a) Describe ransomware.</em></strong><strong> </strong></div><div><strong> </strong></div><div>Ransomware is proliferating on both desktop &amp; mobile devices that try to extort money from users by taking control of their computers or displaying annoying pop-up messages such as CryptoLocker that encrypts an infected computer files, forcing users to pay hundreds of dollars to regain access.</div><div> </div><div><strong><em>b) State how do we prevent and protect our computer from ransomware.</em></strong></div><div> </div><div>1) Install an up-to-date anti-malware or anti-virus tool like Malwarebytes or McAfee Anti-Malware which is an important part of computer’s security system. </div><div> </div><div>2) Scan attachments. Most malware tools give the ability to scan any emails or attachments before opening them. Emails and email attachments should be scanned before for malware before it is opened especially if they’re coming from an unknown sender.</div><div> </div><div>3) Ask before open. If there’s uncertainty about an email attachment or link in an email, send a quick note to the person who sent it and ask them if it is legitimate. If the person doesn’t respond or gives a cryptic answer, do not open it.</div><div> </div><div><strong><em>c) Discuss the effects of computer crime to an organization. </em></strong></div><div> </div><div>1) Reputational damage</div><div>Trust is an essential element of customer relationship. Computer crime can damage business' reputation and erode the trust that customers have for the organization. This could potentially lead to loss of customer, loss of sales and reduction in profits</div><div>The effect of reputational damage can even impact on suppliers, or affect relationships with partners, investors and other third parties vested in the business.</div><div><strong> </strong></div><div>2) Legal consequences of computer crime</div><div>Data protection and privacy laws require organizations to manage the security of all personal data they hold whether on the staff or their customers. If this data is accidentally or deliberately compromised, and they have failed to deploy appropriate security measures, they may face fines and regulatory sanctions.</div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 17:48:05 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315957049</guid>
      </item>
      <item>
         <title>PART B</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315963004</link>
         <description><![CDATA[<div><strong><em>CHAPTER 7 QUESTION</em></strong><br><strong><em>1. Security isn’t simply a technology issue, it’s a business issue. Discuss.</em></strong><br><br>Security is no longer just a technology issue, it is also a business issue as well because majority of the companies out there today rely on computer systems to keep their employees information secure as well as their customers’ information, sales transactions, and the details on their vendors, their success is dependent on the secureness of this information. For a non-technologies business especially, they need to understand enough about security that they can take ownership of security approval processes. Ultimately it is because the business themselves that will bear the consequences of a poorly secured system. It is difficult to say that a case of internal fraud or financial misstatement is a purely IT issue. However, such incidents are preventable through a well-defined security structures allocated to the appropriate business users. Since the business bears the risk it is logical that they should be fully engaged in the design of the solutions to prevent the occurrence of such risks. Without adequate understanding and design of the computer security structures, users are not able to use the functions that they require in order to run the business processes. If incorrectly designed, the same security structures will allow users access data and functions that they should not be using including system administration functions, access to sensitive personal data or commercially sensitive data such as sales figures. <br><br></div><div><strong><em>2. Who poses the biggest security threat: insiders or outsiders?</em></strong><br><br>Insiders is the person who poses the biggest security threat because the insiders have the knowledge about the security of an organization. one of the things that the insiders to is hacking the security because they know better the flow of the organization compared to the outsiders. this is because the insiders have already entrusted with authorized access to at least some systems and applications on a corporate network. It can be very hard for those in IT to decipher whether he’s just performing his regular job tasks, or carrying out something sinister. An angry employee who already has access to company files could be secretly leaking documents to competitors, or he could be sabotaging systems or corrupting data because he is miffed at his employer.<br><br></div><div><strong><em>3. Suppose your business had an e-commerce Web site where it sold goods and accepted credit card payments. Discuss the major security threats to this Web site and their potential impact. What can be done to minimize these threats?</em></strong><strong><br><br></strong> Malware which is the malicious software that attackers insert into the web files or pages once they have gained access to the site. Malware may be found on an individual’s computer if they have themselves fallen victim to a phishing attack or otherwise been compromised, or it may be inserted directly onto the website after a successful SQL injection or if administrative account access has been granted to a harmful entity. As with software, malware can perform an extremely wide range of activities, from turning the computer into a botnet that can be part of a DDoS attack, to stealing credit card and account information from the website users. One type of malware that targeted Magento site<strong> </strong>was able to take credit card information and store it in images so that the attacker could easily access it without flags being raised. In order to minimize these threats, ones need to update the computer operating systems and patch regularly in order to defend against malware and phishing. This will help prevent vulnerabilities from being exploited and help detect and block threats from entering the system. </div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 18:03:17 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315963004</guid>
      </item>
      <item>
         <title>PART C</title>
         <author>ayieanuar97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/315964869</link>
         <description><![CDATA[<div><strong><em>CASE STUDY QUESTION<br>1. Is cyberwarfare a serious problem? Why or why not?</em></strong><br><br></div><div>Yes, it is a serious problem. Cyberwarfare is a state-sponsored activity designed to cripple &amp; defeat another state or nation by penetrating its computers or networks for the purposes of causing damage &amp; disruption. It is becoming a major threat to the security and economy of countries as it can cripple country’s power grids, financial systems, and communication network. The person behind this could be anybody including non-state actors such as terrorist criminal groups. The ability to destroy via cyber now also rests in the hands of small groups and individuals which started from terrorist groups to organised crime, and hackers to industrial spies to foreign intelligence services. This cyberwarfare has been occurring between many major countries such as United States and Iran, Israel and Iran, United States and China despite their open diplomatic relationship, and also between North Korea and South Korea. Not to mention this cyberwarfare also indirectly involved many other countries such as Indonesia, India and many more. In US, at least twelve financial institutions were targeted in attacks that slowed their server to crawl and then shut down. The data centers of these organizations had been infected with a long available malware agent name Itsoknoproblembro, which creates botnets of salve servers. The goal of the attacker was to inflict an unprecedented level of strain on as many financial institutions as possible. No account information was stolen and no financial gain sought, leading experts to think it was a state-sponsored attack which actually turns out to be because of Izzad-Din Al-Qassam Cyber Fighters seeking revenge for an anti-Islam video. Although, U.S government officials does believe the perpetrator is actually Iran, retaliating for economic sanctions imposed to halt its nuclear program and for what it believes were U.S cyber-attacks. Another cyberwarfare caused by political tensions involved Saudi Aramco, one of the world’s largest oil companies that were hacked whereby 35,000 computers were partially or totally destroyed. U.S. officials suspect Iran was the culprit in this case as well. <br><br></div><div>Cyberwarfare is getting out of hand because hostile governments could hide behind rapidly advancing technology to launch attacks undetected and unlike conventional and nuclear arms, there were no agreed international controls on the use of cyber weapons. Hackers have obtained information strategies of major corporations, designs of more than two dozen major U.S weapons systems, and the workings of America’s power grid, possibly laying groundwork for acts of sabotage. North Korea, another budding cyberwarfare adversary, was accused of launching its most damaging attack to date where they perpetrated attacks on both South Korean and American commercial, educational, governmental, military institution. This damaging attack has caused both countries major losses. Many organizations and industries were affected by this cyberwarfare. These shows that cyberwarfare is becoming a very serious problem. Attacks have become more widespread, sophisticated, and potentially devastating. Be it in the form of malwares such as trojan, botnets, spyware, viruses, or even worms. It all acts as a cyber-weapon that possess major risk and threat to any countries or organizations involved globally. Therefore, the severity of this issue should not be taken lightly as most companies rely on the internet for emails and internet, and will soon become dependent on it. Cyber-attacks will grow as technology grows, especially since the cost is relatively low.<br><br></div><div><strong><em>2. What solutions are available for this problem? Do you think they will be effective? Why or why not?<br></em></strong><br></div><div>Because the whole issue of cyberspace and the problems and damage it can cause is quite new and is still on the rise, many things have not yet been internationally agreed on and many states take different measures. Cyber attacks can be prevented with two different types of measures: The first type intending to prevent states from carrying out cyber attacks and the second type being measures to increase security of the networks which have the highest risk of being attacked. Most states have laws regulating computer crimes done by individuals or non-state actors to hopefully prevent any cyber attacks but other states are not bound to any rules yet. They would only have to be aware of the reaction of the attacked country. Besides definitions of cyber warfare and information warfare and other important terms, an internationally agreed list of computer crimes or rules should therefore be established, maybe in combination with an organization monitoring the cyberspace, with large and serious consequences against states violating these rules. Each state should increase its own security measures against cyber attacks. In order to do this as effectively as possible governments should establish, if not yet done so, an agency whose solely focus is on the cyberspace and cyber attacks. Moreover they should follow the example of the USA and conduct simulations on a regular basis, maybe even in cooperation with other countries, in order to analyse their current security measures. Once they have done that, they will have a bigger insight into the strength of their security measures and should try to strengthen the most vulnerable parts. It is important to notice, that many internet networks are all connected to a big network which is like the gateway to the whole internet. These are in most cases not managed by the governments but by large technological companies or universities. Governments should hence support these companies and organizations financially to protect their network as well as possible. If these gateways are protected well, then a large number of cyber attacks can be stopped and the government, banks, companies and all other entities threatened could handle the few remaining attacks more easily. <br><br>However, the strength of a security system is not always the most important part as the potential strength of attacks is steadily growing, sometimes it’s more important to take different measures. Two very controversial ideas are the kill switch and the electrical wall. The kill switch could shut down the internet of certain areas, whether it is only concerning a company, a city or a whole country, in case of serious cyber attacks. The electrical wall intends to inspect every data package coming into the country’s network and compares it to known signatures and in case of a match do not let them through. Both these ideas can be very useful and even save lives, however, if used by the wrong person or government, they can violate basic human rights by censoring certain parts of the internet. Therefore such measures have to be evaluated very carefully and include certain restrictions. In general all states should consider their possibilities with care as the internet is a symbol for freedom and a state interfering with the internet could lead to protest of the civilians. Because the internet connects everyone worldwide, each state is equally affected. Cooperations between countries and international agreements could therefore prove very useful leaving only non-state actors as a possible cyber threat.</div><div><br><br></div>]]></description>
         <enclosure url="" />
         <pubDate>2018-12-19 18:07:50 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/315964869</guid>
      </item>
      <item>
         <title></title>
         <author>pianhafiyyan</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/316590746</link>
         <description><![CDATA[
PART A
PART A
QUESTION 1
Briefly explain the following computer crimes.

1) Sniffer - It is an eavesdropping program that monitors information traveling over network and     enables hackers to steal proprietary information such as e-mail, company files, and so on.

2) Phishing - It setting up fake Web sites or sending e-mail messages that look like legitimate businesses to ask users for confidential personal data. 

3) Pharming - It redirects users to a bogus Web page, even when individual types correct Web page address into his or her browser.

4) Spoofing  - It misrepresenting oneself by using fake e-mail addresses or masquerading as someone else and redirecting Web link to address different from intended one, with site masquerading as intended destination.


PART A
PART A
QUESTION 2
a) Distinguish the TWO (2) methods for encrypting network traffic on the Web.

1) Secure Sockets Layer (SSL) and successor Transport Layer Security (TLS) enables client &amp; server computers to manage encryption &amp; decryption activities; so they communicate with each other during a secure web session.
 
2) Secure Hypertext Transfer Protocol (SHTTP) is used for encrypting data flowing over the Internet but it is limited to individual messages, whereas SSL &amp; TLS are designed to establish a secure connection between 2 computers.

b) Briefly explain the following terms.

1) Cyber warfare - State-sponsored activity designed to cripple &amp; defeat another state or nation by penetrating its computers or networks for the purposes of causing damage &amp; disruption.

2) Computer Forensic - Scientific collection, examination, authentication, preservation, and analysis of data from computer storage media for use as evidence in court of law and it includes recovery of ambient and hidden data.
PART A
PART A
QUESTION 3
a) Without protection against malware and intruders, connecting to the Internet could be very dangerous. Firewalls, intrusion detection system and antivirus software have become the tools to overcome this problem. Briefly explain these THREE (3) tools.

1) Firewall - combination of hardware and software that prevents unauthorized users from accessing private networks Static packet filtering - examines selected fields in the header of data packet flowing back and forth between the trusted network &amp; Internet, examining individual packets in isolation.

2) Intrusion detection system - monitors hot spots on corporate networks to detect and deter intruders and examines events as they are happening to discover attacks in progress.

3) Antivirus software - checks computers for presence of malware and can often eliminate it as well. It requires continual updating. 

b) Information systems controls is one of the components of an organizational framework for security and control. Information systems controls consist of two - general and application control. A company must know how and where to deploy security tools and security personnel must know what controls a company must have in place to protect its information system. Contrast between General Controls and Application Controls.

1) General Controls – It is a for govern design, security and use of computer programs and security of data files in general through out organization information technology infrastructure. It apply to all computerized applications. Moreover it is a combination of hardware, software and manual to create overall control environment.

2) Application controls – It specific controls unique to each computerized application such as payroll or order processing. It includes both automated ad manual procedure, for example input control, output control and processing controls. Moreover, it ensures that only authorized data are completely and accurately can processed by that applications. 
PART A
PART A
QUESTION 4
Malicious Software programs are referred to as Malware. Describe FOUR (4) types of malicious software.

1) Spyware is any technology that aids in gathering information about a person or organization without their knowledge. On the Internet (where it is sometimes called a Spybot or tracking software), Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. 

2) Virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD.

3) Worm is a self-replicating virus that does not alter files but duplicates itself. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.

4) Trojan (Trojan Horse) is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the certain area on your hard disk. A Trojan horse may be widely redistributed as part of a computer virus.


PART A
PART A
QUESTION 5
a) Nowadays securing information systems has become an important issue in organization to protect itself against computer crime. Define computer crime and provide an appropriate example. 

Computer crime means any violations of criminal law that involves knowledge of computer technology for their perpetration, investigation, or prosecution. Some examples are breaching confidentiality of protected computerized data and accessing a computer system without authority. 

b) Briefly explain THREE (3) reasons why information systems are vulnerable to destruction, error and abuse? 

1) There are internet vulnerabilities which mean network is open to anyone and size of Internet means abuses can have wide impact. 

2) There are wireless security challenges whereby eavesdroppers can drive by buildings and try to intercept network traffic and hacker that gains access to SSID, has access to network’s resources. 

3) There are malicious software such as worms, viruses, Trojan horses and spyware. 

c) Discuss the THREE (3) most important tools and technology for safeguarding information resources.
 
1) Identity management software which automatically keeps track of all users &amp; privileges authenticates users, protecting identities, and controlling access.
 
2) Authentication which is a system that checks the identification of an end user who wants to access it. Some types of authentications are token, smart cards, biometric authentication and two-factor authentication.
 
3) Firewalls which is a combination of hardware and software that prevents unauthorized users from accessing private networks and provides additional security by determining whether packets are part of an on-going dialogue between sender &amp; receiver.
PART A
PART A
QUESTION 6
a) Identity management software automates the process of keeping track of all information systems users and their system privileges, assigning each user a unique digital identity for accessing each system. Define authentication.
 
Authentication is the technique by which a system checks the identification of a end User who wants to access it. Since entrance or access control is normally based on the identification of the user who demands access to a resource. Authentication is essential to effective security. Four types of authentication technologies are:
 
1) Password Based Technologies which is the most common form of authentication. Password may be of any form (String of alphabets, numbers and special characters). This password is necessarily to be known by the entity or the thing or a person that is being authenticated.
 
2) E-Token Based Technologies which is a small device that develop/generates a new odd/random value every time it is used. This random value becomes the basis for authentication (an alternative to a password). It can be implemented on a USB key fob or on a smart card. Data is protected on the device itself.
 
3) Biometric Based Technologies which is an authentication mention to the realization/recognition/identification of humans by their personality/characteristics such as Face, fingerprint, human voice, Retina, Iris pattern of the eye, vein pattern etc. It's used in computer science as a form of realization/recognition and access control. 
 
4) Two Factor Authentication also known as multi-step verification, which adds another layer of security, supplementing the username and password model with a code that only a specific user has access to (typically sent to something they have immediately to hand). 
PART A
PART A
QUESTION 7
a) Describe ransomware. 
 
Ransomware is proliferating on both desktop &amp; mobile devices that try to extort money from users by taking control of their computers or displaying annoying pop-up messages such as CryptoLocker that encrypts an infected computer files, forcing users to pay hundreds of dollars to regain access.
 
b) State how do we prevent and protect our computer from ransomware.
 
1) Install an up-to-date anti-malware or anti-virus tool like Malwarebytes or McAfee Anti-Malware which is an important part of computer’s security system. 
 
2) Scan attachments. Most malware tools give the ability to scan any emails or attachments before opening them. Emails and email attachments should be scanned before for malware before it is opened especially if they’re coming from an unknown sender.
 
3) Ask before open. If there’s uncertainty about an email attachment or link in an email, send a quick note to the person who sent it and ask them if it is legitimate. If the person doesn’t respond or gives a cryptic answer, do not open it.
 
c) Discuss the effects of computer crime to an organization. 
 
1) Reputational damage
Trust is an essential element of customer relationship. Computer crime can damage business' reputation and erode the trust that customers have for the organization. This could potentially lead to loss of customer, loss of sales and reduction in profits
The effect of reputational damage can even impact on suppliers, or affect relationships with partners, investors and other third parties vested in the business.
 
2) Legal consequences of computer crime
Data protection and privacy laws require organizations to manage the security of all personal data they hold whether on the staff or their customers. If this data is accidentally or deliberately compromised, and they have failed to deploy appropriate security measures, they may face fines and regulatory sanctions.
PART B
PART B
CHAPTER 7 QUESTION
1. Security isn’t simply a technology issue, it’s a business issue. Discuss.

Security is no longer just a technology issue, it is also a business issue as well because majority of the companies out there today rely on computer systems to keep their employees information secure as well as their customers’ information, sales transactions, and the details on their vendors, their success is dependent on the secureness of this information. For a non-technologies business especially, they need to understand enough about security that they can take ownership of security approval processes. Ultimately it is because the business themselves that will bear the consequences of a poorly secured system. It is difficult to say that a case of internal fraud or financial misstatement is a purely IT issue. However, such incidents are preventable through a well-defined security structures allocated to the appropriate business users. Since the business bears the risk it is logical that they should be fully engaged in the design of the solutions to prevent the occurrence of such risks. Without adequate understanding and design of the computer security structures, users are not able to use the functions that they require in order to run the business processes. If incorrectly designed, the same security structures will allow users access data and functions that they should not be using including system administration functions, access to sensitive personal data or commercially sensitive data such as sales figures. 

2. Who poses the biggest security threat: insiders or outsiders?

Insiders is the person who poses the biggest security threat because the insiders have the knowledge about the security of an organization. one of the things that the insiders to is hacking the security because they know better the flow of the organization compared to the outsiders. this is because the insiders have already entrusted with authorized access to at least some systems and applications on a corporate network. It can be very hard for those in IT to decipher whether he’s just performing his regular job tasks, or carrying out something sinister. An angry employee who already has access to company files could be secretly leaking documents to competitors, or he could be sabotaging systems or corrupting data because he is miffed at his employer.

3. Suppose your business had an e-commerce Web site where it sold goods and accepted credit card payments. Discuss the major security threats to this Web site and their potential impact. What can be done to minimize these threats?

 Malware which is the malicious software that attackers insert into the web files or pages once they have gained access to the site. Malware may be found on an individual’s computer if they have themselves fallen victim to a phishing attack or otherwise been compromised, or it may be inserted directly onto the website after a successful SQL injection or if administrative account access has been granted to a harmful entity. As with software, malware can perform an extremely wide range of activities, from turning the computer into a botnet that can be part of a DDoS attack, to stealing credit card and account information from the website users. One type of malware that targeted Magento site was able to take credit card information and store it in images so that the attacker could easily access it without flags being raised. In order to minimize these threats, ones need to update the computer operating systems and patch regularly in order to defend against malware and phishing. This will help prevent vulnerabilities from being exploited and help detect and block threats from entering the system. 
PART C
PART C
CASE STUDY QUESTION
1. Is cyberwarfare a serious problem? Why or why not?

Yes, it is a serious problem. Cyberwarfare is a state-sponsored activity designed to cripple &amp; defeat another state or nation by penetrating its computers or networks for the purposes of causing damage &amp; disruption. It is becoming a major threat to the security and economy of countries as it can cripple country’s power grids, financial systems, and communication network. The person behind this could be anybody including non-state actors such as terrorist criminal groups. The ability to destroy via cyber now also rests in the hands of small groups and individuals which started from terrorist groups to organised crime, and hackers to industrial spies to foreign intelligence services. This cyberwarfare has been occurring between many major countries such as United States and Iran, Israel and Iran, United States and China despite their open diplomatic relationship, and also between North Korea and South Korea. Not to mention this cyberwarfare also indirectly involved many other countries such as Indonesia, India and many more. In US, at least twelve financial institutions were targeted in attacks that slowed their server to crawl and then shut down. The data centers of these organizations had been infected with a long available malware agent name Itsoknoproblembro, which creates botnets of salve servers. The goal of the attacker was to inflict an unprecedented level of strain on as many financial institutions as possible. No account information was stolen and no financial gain sought, leading experts to think it was a state-sponsored attack which actually turns out to be because of Izzad-Din Al-Qassam Cyber Fighters seeking revenge for an anti-Islam video. Although, U.S government officials does believe the perpetrator is actually Iran, retaliating for economic sanctions imposed to halt its nuclear program and for what it believes were U.S cyber-attacks. Another cyberwarfare caused by political tensions involved Saudi Aramco, one of the world’s largest oil companies that were hacked whereby 35,000 computers were partially or totally destroyed. U.S. officials suspect Iran was the culprit in this case as well. 

Cyberwarfare is getting out of hand because hostile governments could hide behind rapidly advancing technology to launch attacks undetected and unlike conventional and nuclear arms, there were no agreed international controls on the use of cyber weapons. Hackers have obtained information strategies of major corporations, designs of more than two dozen major U.S weapons systems, and the workings of America’s power grid, possibly laying groundwork for acts of sabotage. North Korea, another budding cyberwarfare adversary, was accused of launching its most damaging attack to date where they perpetrated attacks on both South Korean and American commercial, educational, governmental, military institution. This damaging attack has caused both countries major losses. Many organizations and industries were affected by this cyberwarfare. These shows that cyberwarfare is becoming a very serious problem. Attacks have become more widespread, sophisticated, and potentially devastating. Be it in the form of malwares such as trojan, botnets, spyware, viruses, or even worms. It all acts as a cyber-weapon that possess major risk and threat to any countries or organizations involved globally. Therefore, the severity of this issue should not be taken lightly as most companies rely on the internet for emails and internet, and will soon become dependent on it. Cyber-attacks will grow as technology grows, especially since the cost is relatively low.

2. What solutions are available for this problem? Do you think they will be effective? Why or why not?

Because the whole issue of cyberspace and the problems and damage it can cause is quite new and is still on the rise, many things have not yet been internationally agreed on and many states take different measures. Cyber attacks can be prevented with two different types of measures: The first type intending to prevent states from carrying out cyber attacks and the second type being measures to increase security of the networks which have the highest risk of being attacked. Most states have laws regulating computer crimes done by individuals or non-state actors to hopefully prevent any cyber attacks but other states are not bound to any rules yet. They would only have to be aware of the reaction of the attacked country. Besides definitions of cyber warfare and information warfare and other important terms, an internationally agreed list of computer crimes or rules should therefore be established, maybe in combination with an organization monitoring the cyberspace, with large and serious consequences against states violating these rules. Each state should increase its own security measures against cyber attacks. In order to do this as effectively as possible governments should establish, if not yet done so, an agency whose solely focus is on the cyberspace and cyber attacks. Moreover they should follow the example of the USA and conduct simulations on a regular basis, maybe even in cooperation with other countries, in order to analyse their current security measures. Once they have done that, they will have a bigger insight into the strength of their security measures and should try to strengthen the most vulnerable parts. It is important to notice, that many internet networks are all connected to a big network which is like the gateway to the whole internet. These are in most cases not managed by the governments but by large technological companies or universities. Governments should hence support these companies and organizations financially to protect their network as well as possible. If these gateways are protected well, then a large number of cyber attacks can be stopped and the government, banks, companies and all other entities threatened could handle the few remaining attacks more easily. 

However, the strength of a security system is not always the most important part as the potential strength of attacks is steadily growing, sometimes it’s more important to take different measures. Two very controversial ideas are the kill switch and the electrical wall. The kill switch could shut down the internet of certain areas, whether it is only concerning a company, a city or a whole country, in case of serious cyber attacks. The electrical wall intends to inspect every data package coming into the country’s network and compares it to known signatures and in case of a match do not let them through. Both these ideas can be very useful and even save lives, however, if used by the wrong person or government, they can violate basic human rights by censoring certain parts of the internet. Therefore such measures have to be evaluated very carefully and include certain restrictions. In general all states should consider their possibilities with care as the internet is a symbol for freedom and a state interfering with the internet could lead to protest of the civilians. Because the internet connects everyone worldwide, each state is equally affected. Cooperations between countries and international agreements could therefore prove very useful leaving only non-state actors as a possible cyber threat.


 
Post copied successfully.
GO TO PADLET]]></description>
         <enclosure url="" />
         <pubDate>2018-12-24 05:17:11 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/316590746</guid>
      </item>
      <item>
         <title></title>
         <author>zul_gempak97</author>
         <link>https://padlet.com/ayieanuar97/csc408revision/wish/316926892</link>
         <description><![CDATA[CSC 408 REVISION
]]></description>
         <enclosure url="" />
         <pubDate>2018-12-31 13:51:27 UTC</pubDate>
         <guid>https://padlet.com/ayieanuar97/csc408revision/wish/316926892</guid>
      </item>
   </channel>
</rss>
