Your Perfect Assignment is Just a Click Away
We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

glass
pen
clip
papers
heaphones

CSIS 4010 Computer Security: Assignment 2

CSIS 4010 Computer Security: Assignment 2

Assignment 2
CSIS 4010 Computer Security

Fall 2021

Due date: 10/02/2021 11:59PM ET

1. Text reading

Chapters 6 – 11

2. Textbook questions (75 points)

Chapter 6
Review questions:

6.1 What are three broad mechanisms that malware can use to propagate?

6.5 What mechanisms can a virus use to conceal itself?

6.11 What is the difference between a backdoor, a bot, a keylogger, spyware, and a rootkit? Can they all be present in the same malware?

Problems:

6.2 The question arises as to whether it is possible to develop a program that can analyze a piece of software to determine if it is a virus. Consider that we have a program D that is supposed to be able to do that. That is, for any program P, if we run D(P), the result returned is TRUE (P is a virus) or FALSE (P is not a virus). Now consider the following program:

In the preceding program, infect-executable is a module that scans memory for executable programs and replicates itself in those programs. Determine if D can correctly decide whether CV is a virus.

Chapter 7
Review questions:

7.2 What type of resources are targeted by DoS attacks?

7.7 Define a distributed denial-of-service (DDoS) attack.

7.13 What defenses are possible against TCP SYN spoofing attacks?

Chapter 8
Review questions:

8.1 List and briefly define four classes of intruders.

8.4 Describe the three logical components of an IDS.

8.10 What is the difference between anomaly detection and signature or heuristic intrusion detection?

Problems:

8.4 One of the non-payload options in Snort is flow. This option distinguishes between clients and servers. This option can be used to specify a match only for packets flowing in one direction (client to server or vice-versa) and can specify a match only on established TCP connections. Consider the following Snort rule:

alert tcp $EXTERNAL_NET any -> $SQL_SERVERS $ORACLE_PORTS (msg: “ORACLE drop table attempt:; flow: to_server, established; content: “drop table_name”; nocase; classtype: protocol-command-decode;)

a. What does this rule do?

b. Comment on the significance of this rule if the Snort devices is placed inside or outside of the external firewall.

Chapter 9
Review questions:

9.5 What is the difference between a packet filtering firewall and a stateful inspection firewall? 9.11 What is a DMZ network and what types of systems would you expect to find on such networks?

Problems:

9.4 Table 9.5 shows a sample of a packet filter firewall ruleset for an imaginary network of IP addresses that range from 192.168.1.0 to 192.168.1.254. Describe the effect of each rule.

Chapter 10
Review questions:

10.3 What are the possible consequences of a buffer overflow occurring?

10.5 What types of programming languages are vulnerable to buffer overflows?

10.11 What are the two broad categories of defenses against buffer overflows?

Chapter 11
Review questions:

11.5 State the similarities and differences between command injection and SQL injection attacks.

11.10 List several software security concerns associated with writing safe program code.

Problems:

11.9 Examine the current values of all environment variables on a system you use. If possible, determine the use for some of these values. Determine how to change the values both temporarily for a single process and its children, and permanently for all subsequent logins on the system.

3. Practical Assignment: (25 points)

This practical assignment is intended for you to get familiar with some of the current security tools. These tools are powerful and are widely used in the security community. You may find some of the tools useful in protecting your own computer as well as computing resources within your organization. Special attention should be paid in choosing some of the tools and instructions should be followed.

1) Visit the website “Top 125 Network Security Tools” ( http://sectools.org/ ). Choose a tool from the “vulnerability scanner” category ( https://sectools.org/tag/vuln – scanners/ ). The use of an open-source tool is highly encouraged.

2) It is required that you install and run the tool in an enclosed network environment or use it on your personal computer ONLY. An enclosed network environment means a non-operational networked system without any physical connection to other working computing environments (e.g., the Internet). Special attention should be paid when you use network scanners, sniffers, hacking tools or password crackers because their usage may violate an organization’s security policies or compromise other computing resources. It is therefore your own responsibility to guarantee that the running of security tool(s) does not violate your organization’s regulations, procedures, policies, and/or local, state and federal laws.

3) Follow the instructions to configure and run the tool you chose.

4) Write a brief report (2-3 pages, single-spaced, not counting figures/tables or quotations used). In your report, answer the following questions in your own words (please do not copy/paste from a tutorial or other online materials).

a) What is the functionality of the tool?

b) What is the actual running environment (software and hardware) of the tool?

c) How will you evaluate the tool based on your own experience?

d) In what aspects could the tool be improved?

5) Take a screenshot (usually by pressing Shift + PrintScreen) during the running of the tool and paste it in your lab report. In your lab report you can provide as many screenshots as you want and/or other output to show you have actually run the tool.

Your report will be evaluated based on its technical depth, critical thinking, and

comprehensiveness/soundness of the discussion. You are encouraged to reference publications from the academia or the industry to expand the discussion. Please follow the APA format for all citations and references.

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Homework Free only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Homework Free are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Homework Free is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Homework Free, we have put in place a team of experts who answer to all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Homework Free Org

Your one stop solution for all your online studies solutions. Hire some of the world's highly rated writers to handle your writing assignments. And guess what, you don't have to break the bank.

© 2020 Homework Free Org