User Account

All Pages

How does someone apply for a digital certificate

Assignment Help Computer Network Security
Reference no: EM132182515

QUESTIONS

1. This question is about the public key used in web site encryption. The key is called a "digital certificate". Web sites with encryption start with https not http.

a. Go to your favorite encrypted web site, such as a bank, or any web site which asks for a password.

Click on the padlock symbol, and it will tell you the name of the company that issued the digital certificate for the web site.

Alternatively, you could just pick a company from the list of recognized digital certificates for the Mozilla web browser

Either way, find the name of a company that issues digital certificates for web sites.

b. Go to the web site of that company that issues digital certificates. Look up their contact details, and write down the company's street address and phone number.

c. Browse the web site of the company that sells digital certificate. Find how much does it cost for a digital certificate for a year? (Use the cheapest choice, e.g., single-name certificate).

d. How does someone apply for a digital certificate from this company? Do they ask for a driver's licence? An incorporation certificate? Or do they only ask that you generate a CSR (certificate signing request), which a web server program can make using its domain name.

e. In your opinion, could a criminal obtain a digital certificate from this company? Could they use it for a phishing web site? Why or why not?

2. A few short questions about computer security.

a. Anti-virus software is popular for Microsoft Windows. Find the typical detection rate for popular anti-virus software. Please give recent references for what you find (i.e., since 2018 began, or as new as possible)

b. Using the web, find out one recently severe distributed denial of service (DDoS) attack. Who and how did they launch the attack? What were the damages?

c. How big is the biggest botnet currently in use? What country is it likely to have come from? Please give references for what you find.

Note that the BredoLab Botnet (also known as Oficla) used to run on about thirty million computers, but it was mostly dismantled back in 2010.

3. For identity theft events,

Click on "Data Breaches", and then scroll down a little, and for the types of breaches and organizations, pick "Select All", but only for the year 2018.

a. For identity thefts in 2018, scroll down and find one that's fairly large (at least 10,000 people).

Briefly describe the date, the organization, how many people were affected, and what happened. (2 marks)

b. Click on the back button to return to the search page, and this time pick "Select All" for all 3 choices,

Instead of scrolling down the list, look for the button to download all the breaches as a single spreadsheet.

Just above that button is the "Records total:" that says how many people have had their personal data stolen. Is that bigger than the population of the world?

c. Download the large spreadsheet, and highlight all columns, so you can sort the lines by column F, "Total Records". What is the biggest security breach, and how many people had their personal information stolen? Briefly describe the date, the organization, how many people were affected, and what happened.

4. Some fun questions about criminal web sites.

a. Go to the web site and write down how many web sites there are in the world today.

b. Scroll down a little, and look for how many web sites have been hacked today. How many have been hacked so far today?

c. Practically every 4-letter domain name in ".com" has already been registered. Make up five different random 4-letter domain names, such as (as a random example) tiyu.com ptjh.com cjqx.com and so forth.

Use thewhois search to look up those random 4-letter domain names, and find out how many of them are registered.

Of your 5 random 4-letter domain names:
• How many are registered?
• From Whois, what is the name of the contact person? It should be listed as "Registrant Name"?
• Is there a phone number, email address, or physical address?
d. For one of the registered domain names (or if they're all unregistered, try zzz4.com as that's a real web site). For the web site, run a traceroute program on your computer, or go to a web site with a traceroute interface (look for one on Google).

Using traceroute, can you find in which country (and, if you can figure it out, which city) is the web site physically hosted?

5. Remember how your phone's MAC address lets people track where you go?

a. For your favorite type of phone or laptop (Android / iPhone / Windows / Apple / etc.), search for a free app that lets you change your MAC address to a different MAC address. What is the name of one such app?

b. Search for a review of that program. Does the review seem positive or negative? If you were a criminal (or just interested in privacy) would this program be good enough for you to use for changing your MAC address? Why or why not?

c. Go to the Google news web site, and search for change mac address

Are there any news articles about computer network security? Pick one news story, and briefly describe what it's about.

6. There are several organizations that sell spy software, which turns your mobile phone into a spying machine. These organizations include:

Pick just one of the above, and do some reading about their spy software (for example, each kind of spy software has its own Wikipedia article).

a. Can anyone buy this software? Or do they only sell it to governments? (Usually corrupt dictatorships with poor human rights records)?

b. Has the software been sold to corrupt dictatorships, and other governments with poor records on human rights?

c. What kind of data do they steal? Is it only the Apple iPhone? Or every kind of mobile phone? Conversations in Skype? Keylogging? Stealing Bitcoin from your cryptocurrency wallet? Or what?

d. Find a recent (within the last year or so) news story, which mentions this software. Give a short summary of the news story.

7. Cost-benefit analysis!Your company's web site is sometimes broken into by hackers, with the following estimates of probabilities and costs:

• Each day there is a 0.4% chancethat a script kiddie will only deface the web site, but cause no other damage. This would cost only $10,000 in lost sales.

• Each day there is a 0.2% chance (once everythree hundred days) that an expert hacker will delete data and steal customers' credit card numbers, costing $250,000.

• Remember how hackers stole all the data from Ashley Madison and killed the company? We estimate that each day there is a 0.02% chance (once in ten thousand days) that an expert hacker will steal all the company's data, costing $1,000,000.

The big boss wants you to advise on which of these three solutions to buy:

I. We could do nothing and accept the problem.

II. A nice IBM firewall costs a huge $50,000 per year. It claims to prevent all script kiddie hackers and 95% of expert hackers.

III. A cheap Microsoft firewall costs only $8,000 per year. It claims to prevent 90% of script kiddie hackers and 50% of expert hackers.

The big boss wants you to advise which to choose. Feel free to use a spreadsheet or calculator or whatever you find the most convenient to answer these questions:
• Calculate the annualized loss expectancy (ALE) for the three kinds of hacker attacks. What is the total annual loss expectancy?
• For the three possible solutions, calculate the total annualized loss expectancy (ALE) if that solution was used?
• Calculate the cost-benefit of the three different solutions
• If the boss asks, is there a large difference between the solutions (are two solutions about the same), or is there a clear winner?
• A magazine article claims that the IBM firewall doesn't stop 95% of expert hackers, it only stops 90% of expert hackers. Would this small difference cause you to change your advice?
• The Microsoft salesperson offers to reduce the price from $8,000 per year, to completely free. Would free software change your advice?

Attachment:- Assignment.rar

Reference no: EM132182515

Questions Cloud

Concepts of natural law define the formulation of a social : What does natural law mean to these theorists and. How do their concepts of natural law define the formulation of a social contract?
How does aristotle contradict this in politics : In Plato's Republic, does Socrates' succeed in creating a unified government and if so, how does Aristotle contradict this in Politics?
Identify the global societal problem : Describe background information on how that problem developed or came into existence.
Discuss how crime can be controlled and prevented : Crime control and prevention is one of the most discussed topics in criminal justice. In examining these topics, how crime can be controlled and prevented
How does someone apply for a digital certificate : CP5603 – ADVANCED E-SECURITY - How does someone apply for a digital certificate from this company? Do they ask for a driver's licence
Independence a remarkable political statement for its time : Why was the Declaration of Independence a remarkable political statement for its time?
What are the most important ways regimes : What are the most important ways regimes are preserved and destroyed, according to Aristotles politics.
What voter groups do you need to target : How do you get out the vote? Given your issue stands, what voter groups do you need to target? What is the general party identification distribution.
Explain the ethical approach concerning means : Reflective Journal - Ethics of Means and Ends - Explain the ethical approach concerning means and ends that you would apply

Reviews

len2182515

12/1/2018 1:29:54 AM

Please answer the following questions You can read any documents, or talk to any people, or ask the lecturer. Feel free to discuss the issues with your classmates, or with anyone else. Make sure you write your own answers.

Write a Review

Computer Network Security Questions & Answers

  Evaluate a current system network security

Assessment Criteria (Awarding body Specification)- Evaluate a current system's network security. Discuss the potential impact of a proposed network design. Discuss current and common threats and their impact. Design a network security solution to mee..

  In what aspects could the tool be improved

What is the functionality of the tool and what is the actual running environment (software and hardware) of the tool?

  Case study-the ethical hacker

Imagine for a moment that you are a hacker; an ethical one. You are called upon by law enforcement based on your expertise to hack into a network of a business known to be launching crimes against humanity as its primary mission for operation and ..

  Describe your cryptanalysis process

Describe your cryptanalysis process. Show all the steps you went through to decrypt message. The steps should be in sufficient details so that a reader would be able to decrypt the encrypted text without needing any help from you.

  Identify the digital signature schemes and mac schemes

Identify the digital signature schemes and MAC schemes that are supported by Cryptool. For each scheme, determine the key sizes supported by Cryptool and which key sizes are recommended by NIST.

  Explain role of access controls in implementing a security

Explain the role of access controls in implementing a security policy.

  Specification of a software design

List the four design models required for a complete specification of a software design and the role of each.

  Perform an attack against the cipher

Perform an attack against the cipher based on a letter frequency count: How many letters do you have to identify through a frequency count to recover the key? What is the cleartext?

  Report about performance optimization of voip network

Prepare report about performance optimization of VoIP network using riverbed Modeler - You need to prepare this report to this steps

  Create an enterprise key management system

Identify Components of Key Management - Advanced Cryptography Functions and Identify Key Management Gaps, Risks, Solutions, and Challenges

  Do any coders need to be placed on probation

Do any coders need to be placed on probation? Do any coders need to be considered for termination? Are any coders in their probationary period in jeopardy of not meeting the probationary expectations?

  How many different caesar cyphers can be used with alphabet

How many different Caesar cyphers can be used with this alphabet? How many different possible substitution keys exist for this alphabet?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd