User Account

All Pages

Briefly how above outlined security mechanisms would fail

Assignment Help Computer Network Security
Reference no: EM132134531

Part I

An attacker seeks to view the contents of a specific Microsoft Word document file to which they do not have any kind of access.

You may assume that:
- no exploitable vulnerabilities of any kind exist;
- the attacker has a non-privileged account on the system;
- basic system access controls do not currently permit the attacker to access the file and the attacker cannot directly change these controls; and
- the attacker cannot physically tamper with the system in any way.

Based on your study in this unit, outline and describe the core security mechanisms that Windows implements to prevent the attacker achieving that goal. Include a brief discussion of the low-level mechanisms that protect the operating system from an attack that targets the layer below. The marks breakdown table below may assist you in identifying the general issues that need to be covered.

In completing this task, you must use an approach based on the architectural divisions discussed during lectures to organise your answer. You may find that the information discussed in lectures and contained in the textbook substantially assist you to frame your answer. However, you may wish to do some additional research.

You should include a complete reference list of any additional sources that you have used.

Part II
Now assume that the attacker has been able to gain control over the system such that they have gained administrator access.

Discuss briefly how the above outlined security mechanisms would fail, and the reasons for this failure. Outline an alternative security architecture that could continue to achieve the specified security goal despite this new scenario. You must include in your discussion of the security limitations of your approach.

Note that this is intended to be an open-ended problem and your alternative security architecture may or may not exist as a specific product or system, so you are expected to think creatively about this solution. It is likely that you will need to undertake some research to assist in answering this part of the problem.

Reference no: EM132134531

Questions Cloud

How many days long should your warranty be : How many days long should your warranty be?
Customer make a purchase : Assumes the following probability" P(customer make a purchase) = 0.300 P(Customer does not make a purchase) = 1-0.300
What policies should you establish and enforce : Discuss the pros and cons of providing credit to customer’s, what policies should you establish and enforce?
Describe and discuss at least two backup strategies : Describe and discuss at least two backup strategies. Discuss the use of cloud backup strategies, as well?
Briefly how above outlined security mechanisms would fail : An attacker seeks to view the contents of a specific Microsoft Word document file to which they do not have any kind of access
What is the schedule that shows the computation of budgeted : What is the schedule that shows the computation of budgeted ending inventories (in units) for April, May, June, and July
Avoid unethical behavior in the future : Is there anything else that mr smith can do to improve ethical decision making and avoid unethical behavior in the future?
Discuss what policies were missing in the particular case : Write a 2 page paper that discusses what policies were missing in the particular case. Do additional research than what was provided in the text.
Positive or negative effects to company with his strategy : From ethical point of view are there any positive or negative effects to the company with his strategy?

Reviews

len2134531

10/8/2018 3:12:25 AM

• The maximum word limit is intended to make you stop and think about every word that you put in and how it can earn you marks: use each word wisely. Assignments that simply fill the word limit with vague or irrelevant statements or unnecessary tables of contents etc. will almost certainly fail. • Employers of IT graduates consistently rate communication skills as the most important attribute they look for when hiring. Your ability to explain technical concepts clearly and concisely is central to your employability and career prospects.

len2134531

10/8/2018 3:12:20 AM

Expectations • Students are expected to demonstrate a significant level of engagement with the topic as appropriate for someone in the final year of a degree. Superficial answers or irrelevant material will not be awarded any marks. • This assignment is deliberately designed to require you to think about what information to include and how best to present it.

len2134531

10/8/2018 3:12:14 AM

Description of security architecture • Should be described at a sufficient level of detail to be understood and subject to a basic analysis. 20% Analysis of limitations • Unless your architecture is perfect, explain what its weaknesses are. 15% Clarity and quality of writing, including organisation and evidence of research where necessary. 5%

len2134531

10/8/2018 3:12:09 AM

Component Percentage Discussion of failure of existing architectures • How does the architecture discussed fail in this new context? • What is the underlying nature of the problem here? 10% • Do not discuss the ways in which the attacker may have gained administrator access. This is given to you as an assumption. For the purposes of the question you may assume that their access is legitimate.

len2134531

10/8/2018 3:12:03 AM

Operation of relevant access control mechanisms. Describe these in the context of the information given to you in the question. 15% Low level security mechanisms that underpin access control. For example, how does the operating system prevent processes from manipulating the kernel when invoking system calls and accessing privileged memory etc. 15% Clarity and quality of writing, including organisation and evidence of research where necessary. 5%

len2134531

10/8/2018 3:11:59 AM

Component Percentage Discussion of how subject credentials are managed and assigned to processes. You may wish to consider the following points. • The different ways that user credentials are handled between, for example, a single autonomous system and one part of an enterprise network. • The low-level system components involved in verifying the user’s identity and then ensuring that the user’s processes have the correct identity if the user is granted access to the system. 15%

Write a Review

Computer Network Security Questions & Answers

  Survey of economic impact of operating system security

Survey of economic impact of operating system security violations

  Implementing information systems security policies

Describe the roles and responsibilities of those implementing information systems security policies.

  Academic method to project management

Sunnyville Corporation is in the business of selling home appliances. Sunnyville Corporation  has over 50 sales agents across the country. The management at Sunnyville Corporation has decided to implement an online sales program.

  Choose descriptive variable names in all programs

Write a program named program31.py that prompts the user to enter an integer, then responds by identifying the input as either odd or even as appropriate.

  Compare two-tier client-server system configuration

Compare 2-tier and 3-tier client/server system configurations and analyze how they are different. Based on your comparison, suggest the real life scenarios which are suitable for each of them and justify your reasoning.

  What is the man-in-the-middle attack

What is the certificate? Please explain the meaning of CRL (certificate revocation list).

  How can mls be implemented in an rbac system

In general terms, how can MLS be implemented in an RBAC system? Describe each of the possible degrees of granularity possible with an MLS database system.

  Develop a security awareness training communication plan

Organizational end users are generally in the background when it comes to protecting the IT infrastructure. As the chief security officer (CSO), develop a security awareness training communication plan for these users

  Implement the cipher as a class

Implement the cipher as a class which implements the provided interface.

  To ensure the security of the files used by the new web site

To ensure the security of the files used by the new Web site, files need to access controls that limit which users can view and execute them. To further your understanding of file permissions, describe in detail these 5 file listings, explain a..

  How many bits is the encrypted message

How many bits is the encrypted message - find the corresponding code for the first letter of your first name, add 1 to the left position of the most significant bit

  What is the length of the data field (in hexadecimal)

What is the Destination Address (in hexadecimal)?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd