User Account

All Pages

Briefly how above outlined security mechanisms would fail

Assignment Help Computer Network Security
Reference no: EM132134531

Part I

An attacker seeks to view the contents of a specific Microsoft Word document file to which they do not have any kind of access.

You may assume that:
- no exploitable vulnerabilities of any kind exist;
- the attacker has a non-privileged account on the system;
- basic system access controls do not currently permit the attacker to access the file and the attacker cannot directly change these controls; and
- the attacker cannot physically tamper with the system in any way.

Based on your study in this unit, outline and describe the core security mechanisms that Windows implements to prevent the attacker achieving that goal. Include a brief discussion of the low-level mechanisms that protect the operating system from an attack that targets the layer below. The marks breakdown table below may assist you in identifying the general issues that need to be covered.

In completing this task, you must use an approach based on the architectural divisions discussed during lectures to organise your answer. You may find that the information discussed in lectures and contained in the textbook substantially assist you to frame your answer. However, you may wish to do some additional research.

You should include a complete reference list of any additional sources that you have used.

Part II
Now assume that the attacker has been able to gain control over the system such that they have gained administrator access.

Discuss briefly how the above outlined security mechanisms would fail, and the reasons for this failure. Outline an alternative security architecture that could continue to achieve the specified security goal despite this new scenario. You must include in your discussion of the security limitations of your approach.

Note that this is intended to be an open-ended problem and your alternative security architecture may or may not exist as a specific product or system, so you are expected to think creatively about this solution. It is likely that you will need to undertake some research to assist in answering this part of the problem.

Reference no: EM132134531

Questions Cloud

How many days long should your warranty be : How many days long should your warranty be?
Customer make a purchase : Assumes the following probability" P(customer make a purchase) = 0.300 P(Customer does not make a purchase) = 1-0.300
What policies should you establish and enforce : Discuss the pros and cons of providing credit to customer’s, what policies should you establish and enforce?
Describe and discuss at least two backup strategies : Describe and discuss at least two backup strategies. Discuss the use of cloud backup strategies, as well?
Briefly how above outlined security mechanisms would fail : An attacker seeks to view the contents of a specific Microsoft Word document file to which they do not have any kind of access
What is the schedule that shows the computation of budgeted : What is the schedule that shows the computation of budgeted ending inventories (in units) for April, May, June, and July
Avoid unethical behavior in the future : Is there anything else that mr smith can do to improve ethical decision making and avoid unethical behavior in the future?
Discuss what policies were missing in the particular case : Write a 2 page paper that discusses what policies were missing in the particular case. Do additional research than what was provided in the text.
Positive or negative effects to company with his strategy : From ethical point of view are there any positive or negative effects to the company with his strategy?

Reviews

len2134531

10/8/2018 3:12:25 AM

• The maximum word limit is intended to make you stop and think about every word that you put in and how it can earn you marks: use each word wisely. Assignments that simply fill the word limit with vague or irrelevant statements or unnecessary tables of contents etc. will almost certainly fail. • Employers of IT graduates consistently rate communication skills as the most important attribute they look for when hiring. Your ability to explain technical concepts clearly and concisely is central to your employability and career prospects.

len2134531

10/8/2018 3:12:20 AM

Expectations • Students are expected to demonstrate a significant level of engagement with the topic as appropriate for someone in the final year of a degree. Superficial answers or irrelevant material will not be awarded any marks. • This assignment is deliberately designed to require you to think about what information to include and how best to present it.

len2134531

10/8/2018 3:12:14 AM

Description of security architecture • Should be described at a sufficient level of detail to be understood and subject to a basic analysis. 20% Analysis of limitations • Unless your architecture is perfect, explain what its weaknesses are. 15% Clarity and quality of writing, including organisation and evidence of research where necessary. 5%

len2134531

10/8/2018 3:12:09 AM

Component Percentage Discussion of failure of existing architectures • How does the architecture discussed fail in this new context? • What is the underlying nature of the problem here? 10% • Do not discuss the ways in which the attacker may have gained administrator access. This is given to you as an assumption. For the purposes of the question you may assume that their access is legitimate.

len2134531

10/8/2018 3:12:03 AM

Operation of relevant access control mechanisms. Describe these in the context of the information given to you in the question. 15% Low level security mechanisms that underpin access control. For example, how does the operating system prevent processes from manipulating the kernel when invoking system calls and accessing privileged memory etc. 15% Clarity and quality of writing, including organisation and evidence of research where necessary. 5%

len2134531

10/8/2018 3:11:59 AM

Component Percentage Discussion of how subject credentials are managed and assigned to processes. You may wish to consider the following points. • The different ways that user credentials are handled between, for example, a single autonomous system and one part of an enterprise network. • The low-level system components involved in verifying the user’s identity and then ensuring that the user’s processes have the correct identity if the user is granted access to the system. 15%

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd