User Account

All Pages

Find out severe distributed denial of service attack

Assignment Help Computer Network Security
Reference no: EM132196617

QUESTIONS

1. This question is about the public key used in web site encryption. The key is called a "digital certificate". Web sites with encryption start with https not http.

a. Go to your favorite encrypted web site, such as a bank, or any web site which asks for a password.

Click on the padlock symbol, and it will tell you the name of the company that issued the digital certificate for the web site.
Alternatively, you could just pick a company from the list of recognized digital certificates for the Mozilla web browser

Either way, find the name of a company that issues digital certificates for web sites.

b. Go to the web site of that company that issues digital certificates. Look up their contact details, and write down the company's street address and phone number.

c. Browse the web site of the company that sells digital certificate. Find how much does it cost for a digital certificate for a year? (Use the cheapest choice, e.g., single-name certificate).

d. How does someone apply for a digital certificate from this company? Do they ask for a driver's licence? An incorporation certificate? Or do they only ask that you generate a CSR (certificate signing request), which a web server program can make using its domain name.

e. In your opinion, could a criminal obtain a digital certificate from this company?

2. A few short questions about computer security.

a. Anti-virus software is popular for Microsoft Windows. Find the typical detection rate for popular anti-virus software. Please give recent references for what you find (i.e., since 2018 began, or as new as possible)

b. Using the web, find out one recently severe distributed denial of service (DDoS) attack. Who and how did they launch the attack? What were the damages?

c. How big is the biggest botnet currently in use? What country is it likely to have come from? Please give references for what you find.

Note that the BredoLab Botnet (also known as Oficla) used to run on about thirty million computers, but it was mostly dismantled back in 2010.

3. For identity theft events,

Click on "Data Breaches", and then scroll down a little, and for the types of breaches and organizations, pick "Select All", but only for the year 2018.

a. For identity thefts in 2018, scroll down and find one that's fairly large (at least 10,000 people).

Briefly describe the date, the organization, how many people were affected, and what happened.

b. Click on the back button to return to the search page, and this time pick "Select All" for all 3 choices,

Instead of scrolling down the list, look for the button to download all the breaches as a single spreadsheet.

Just above that button is the "Records total:" that says how many people have had their personal data stolen. Is that bigger than the population of the world?

c. Download the large spreadsheet, and highlight all columns, so you can sort the lines by column F, "Total Records". What is the biggest security breach, and how many people had their personal information stolen? Briefly describe the date, the organization, how many people were affected, and what happened.

4. Some fun questions about criminal web sites.

a. Go to the web site and write down how many web sites there are in the world today.

b. Scroll down a little, and look for how many web sites have been hacked today. How many have been hacked so far today?

c. Practically every 4-letter domain name in ".com" has already been registered. Make up five different random 4-letter domain names, such as (as a random example) tiyu.com ptjh.com cjqx.com and so forth.

Use thewhois search to look up those random 4-letter domain names, and find out how many of them are registered. Many web sites link to whois for free,such as

Of your 5 random 4-letter domain names:
- How many are registered?
- From Whois, what is the name of the contact person? It should be listed as "Registrant Name"?
- Is there a phone number, email address, or physical address?

d. For one of the registered domain names (or if they're all unregistered, try zzz4.com as that's a real web site). For the web site, run a traceroute program on your computer, or go to a web site with a traceroute interface (look for one on Google). There is an online traceroute tool at www.net.princeton.edu/cgi-bin/traceroute.pl

A visual traceroute program is nice, even though it's a bit slow.

Using traceroute, can you find in which country (and, if you can figure it out, which city) is the web site physically hosted?

5. Remember how your phone's MAC address lets people track where you go?

a. For your favorite type of phone or laptop (Android / iPhone / Windows / Apple / etc.), search for a free app that lets you change your MAC address to a different MAC address. What is the name of one such app?

b. Search for a review of that program. Does the review seem positive or negative? If you were a criminal (or just interested in privacy) would this program be good enough for you to use for changing your MAC address? Why or why not?

c. Go to the Google news web site, and search for change mac address

Are there any news articles about computer network security? Pick one news story, and briefly describe what it's about.

6. There are several organizations that sell spy software, which turns your mobile phone into a spying machine. These organizations include:

 

Organization

Spy Software

1

NSO Group

Pegasus

2

Gamma Group

FinFisher / FinSpy

3

Hacking Team

Galileo / Da Vinci

4

Swiss Government, Dept. of the Environment

MiniPanzer  / MegaPanzer

Pick just one of the above, and do some reading about their spy software (for example, each kind of spy software has its own Wikipedia article).

a. Can anyone buy this software? Or do they only sell it to governments? (Usually corrupt dictatorships with poor human rights records)?

b. Has the software been sold to corrupt dictatorships, and other governments with poor records on human rights?

c. What kind of data do they steal? Is it only the Apple iPhone? Or every kind of mobile phone? Conversations in Skype? Keylogging? Stealing Bitcoin from your cryptocurrency wallet? Or what?

d. Find a recent (within the last year or so) news story, which mentions this software. Give a short summary of the news story.

7. Cost-benefit analysis!Your company's web site is sometimes broken into by hackers, with the following estimates of probabilities and costs:

- Each day there is a 0.4% chancethat a script kiddie will only deface the web site, but cause no other damage. This would cost only $10,000 in lost sales.

- Each day there is a 0.2% chance (once everythree hundred days) that an expert hacker will delete data and steal customers' credit card numbers, costing $250,000.

- Remember how hackers stole all the data from Ashley Madison and killed the company? We estimate that each day there is a 0.02% chance (once in ten thousand days) that an expert hacker will steal all the company's data, costing $1,000,000.

The big boss wants you to advise on which of these three solutions to buy:

I. We could do nothing and accept the problem.

II. A nice IBM firewall costs a huge $50,000 per year. It claims to prevent all script kiddie hackers and 95% of expert hackers.

III. A cheap Microsoft firewall costs only $8,000 per year. It claims to prevent 90% of script kiddie hackers and 50% of expert hackers.

The big boss wants you to advise which to choose. Feel free to use a spreadsheet or calculator or whatever you find the most convenient to answer these questions:

- Calculate the annualized loss expectancy (ALE) for the three kinds of hacker attacks. What is the total annual loss expectancy?
- For the three possible solutions, calculate the total annualized loss expectancy (ALE) if that solution was used?
- Calculate the cost-benefit of the three different solutions
- If the boss asks, is there a large difference between the solutions (are two solutions about the same), or is there a clear winner?
- A magazine article claims that the IBM firewall doesn't stop 95% of expert hackers, it only stops 90% of expert hackers. Would this small difference cause you to change your advice?
- The Microsoft salesperson offers to reduce the price from $8,000 per year, to completely free. Would free software change your advice?

Attachment:- Assignment.rar

Verified Expert

In this assignment we have write report for the network security and here we have perform the operation on the network security. Here I have done analysis of the digital certificate. Here we have also studied spyware software and also create ALE and SLE.

Reference no: EM132196617

Questions Cloud

Write a signal handler function : Write a signal handler function, When a SIGALRM signal arrives this function will be called in which variable will be set.
Prompt the user to input the elapsed time for an event : Write a C++ program that prompts the user to input the elapsed time for an event in seconds.
How happy is jim in utiles : How happy is Jim in utiles? Brian is risk neutral (e.g. A=0) how much would he be willing to pay for the same coin toss gamble if not doing anything makes.
Display the sorted vector values : Write a C program to perform the following tasks: Read the values of a vector of integer numbers. Display the values.
Find out severe distributed denial of service attack : CP5603 - Advanced E-Security - How does someone apply for a digital certificate from this company? Do they ask for a driver's licence
Print out all of the command line arguments passed : Write a C++ program that prints out all of the command line arguments passed to the program.
How many hours of leisure he should give up : Ivan had 200 rubles from his parents weekly. Since this week Ivan will start to get 1000 rubles weekly from parents and grandmother.
Read the epresentation of a binary tree : Write a C++ program that will read in a left child - right child array representation of a binary tree.
The court stated that this interest must be expressed : The Court stated that this interest must be expressed? _______________ that the patient did not want to be sustained by artificial means.

Reviews

len2196617

12/17/2018 11:20:03 PM

Please answer the following questions You can read any documents, or talk to any people, or ask the lecturer. Feel free to discuss the issues with your classmates, or with anyone else. Make sure you write your own answers.

Write a Review

Computer Network Security Questions & Answers

  Intrusion detection system (ids)

concept of Data, information and knowledge in information warfare, politically motivated computer misdeeds, McClintock Manufacturing, Percentage of Windows systems that run antivirus software that is updated each day, network traffic that is evaluate..

  What is the current cost of comptias security certification

What is the current cost of CompTIA's Security+ certification?

  Explain importance of explicit enterprise security policies

Identify the predominant electronic and physical threats to communications networks. Explain the importance of explicit enterprise security policies and procedures. Describe potential threat detection and protection techniques. Explain the importance..

  Identify potential physical threats that require attention

Identify at least five potential physical threats that require attention. Determine the impact of at least five potential logical threats that require attention.

  How use of such control may affect democracy and society

How the use of such control may affect democracy and society. For this Discussion, you will view and react to Pariser's TED Talk online.

  What role does cryptography provide in the application

Discuss an application that you currently use that either includes encryption technology. What role does cryptography provide in the application?

  Identify the virus software running on your computer

Explain the origin and effects of at least 3 different types of viruses/malicious programs as well as how your computer can become vulnerable to these threats.

  Is the research informed by primary sources of theories

Is the research informed by primary sources of theories, concepts, principles and models in the field, and are they referred to specifically? Are methods of data collection appropriately explained - Is data analysis complete and presented logically..

  Design and provide the ip scheme for the network

Design a Secure Network using either Visio, Paint, Word, etc showing the All locations. Design and provide the IP Scheme for the network. Establish a VPN between the All offices and allow the ability to work from home

  Prepare a survey report of a particular security issue

Suppose you work in a network security company, and you need to prepare a survey report of a particular security issue of wireless networking.

  Enterprise network design and network size

In small networks, the web of router links is not complex, and paths to individual destinations are easily deduced. However, in large networks, the resulting web is highly complex, and the number of potential paths to each destination is large.

  Discuss preventing cyberbullying and harassment

Discuss Preventing cyberbullying and harassment. Create a 2- to 3-page handout that can be distributed to the attendees at the seminar.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd