User Account

All Pages

What is the functionality of the tool

Assignment Help Database Management System
Reference no: EM13318290

Assignment 1

Secure Computer Systems

Questions: 1

Review Questions

1 What mechanisms can a virus use to conceal itself?

2 What is the difference between a backdoor, a bot, a keylogger, spyware, and a rootkit? Can they all be present in the same malware?

Problems

3. The question arises as to whether it is possible to develop a program that can analyze a piece of software to determine if it is a virus. Consider that we have a program D that is supposed to be able to do that. That is, for any program P, if we run D(P), the result returned is TRUE (P is a virus) or FALSE (P is not a virus). Now consider the following program:

Program CV :=

{. ..

main-program :=
{

if D(CV) then goto next:

else infect-executable;

}

next:

}

In the preceding program, infect-executable is a module that scans memory for executable programs and replicates itself in those programs. Determine if D can correctly decide whether CV is a virus.

Questions 2:

1. Define a distributed denial-of-service (DDoS) attack.

2. What defenses are possible against TCP SYN spoofing attacks?

3. Using a TCP SYN spoofing attack, the attacker aims to flood the table of TCP connection requests on a system so that it is unable to respond to legitimate connection requests. Consider a server system with a table for 256 connection requests. This system will retry sending the SYN-ACK packet five times when it fails to receive an ACK packet in response, at 30 second intervals, before purging the request from its table.

Assume that no additional countermeasures are used against this attack and that the attacker has filled this table with an initial flood of connection requests. At what rate must the attacker continue to send TCP connection requests to this system in order to ensure that the table remains full? Assuming that the TCP SYN packet is 40 bytes in size (ignoring framing overhead), how much bandwidth does the attacker consume to continue this attack?

Questions: 3

1 List and briefly define three classes of intruders.

2 What is the difference between anomaly detection and signature intrusion detection?

Problems

1. An example of a host-based intrusion detection tool is the tripwire program. This is a file integrity checking tool that scans files and directories on the system on a regular basis and notifies the administrator of any changes. It uses a protected database of cryptographic checksums for each file checked and compares this value with that recomputed on each file as it is scanned. It must be configured with a list of files and directories to check and what changes, if any, are permissible to each. It can allow, for example, log files to have new entries appended, but not for existing entries to be changed. What are the advantages and disadvantages of using such a tool?

Consider the problem of determining which files should only change rarely, which files may change more often and how, and which change frequently and hence cannot be checked. Hence consider the amount of work in both the configuration of the program and on the system administrator monitoring the responses generated.

Questions:

1. What information is used by a typical packet filtering firewall?

2. What is a DMZ network and what types of systems would you expect to find on such networks?

3. Table 9.5 shows a sample of a packet filter firewall ruleset for an imaginary network of IP address that range from 192.168.1.0 to 192.168.1.254. Describe the effect of each rule.

Questions

1. What types of programming languages are vulnerable to buffer overflows?

2. What are the two broad categories of defenses against buffer overflows?

Problems

1. Rewrite the function shown in Figure 10.7a so that it is no longer vulnerable to a stack buffer overflow.

Questions

1. State the similarities and differences between command injection and SQL injection attacks.

2. List several software security concerns associated writing safe program code.

Problems

3.  Examine the current values of all environment variables on a system you use. If possible,determine the use for some of these values. Determine how to change the values both temporarily for a single process and its children and permanently for all subsequent logins on the system.

Questions

1. What is the point of removing unnecessary services, applications, and protocols?
2. What type of access control model do Unix and Linux systems implement?

Problems

Consider an automated audit log analysis tool (e.g., swatch). Can you propose some rules which could be used to distinguish "suspicious activities" from normal user behavior on a system for some organization?

Questions

1 What is the principal difference between the BLP model and the Biba model?

2 What properties are required of a reference monitor?

3. The *-property requirement for append access fc(Si) ... fo(Oj) is looser than for write access fc(Si) = fo(Oj) . Explain the reason for this.
3. Practical Assignment:

This practical assignment is intended for you to get familiar with some of the current security tools. These tools are powerful and are widely used in the security community. You may find some of the tools useful in protecting your own computer as well as computing resources within your organization. Special attention should be paid in choosing some of the tools and instructions should be followed.

1) Select a tool from "Top 125 Network Security Tools" (https://sectools.org/). The use of an open-source tool is highly encouraged.

2) It is required that you install and run the tool in an enclosed network environment or use it on your personal computer ONLY. An enclosed network environment means a non-operational networked system without any physical connection to other working computing environments (e.g., the Internet). Special attention should be paid when you use network scanners, sniffers, hacking tools or password crackers because their usage may violate an organization's security policies or compromise other computing resources. It is therefore your own responsibility to guarantee that the running of security tool(s) does not violate your organization's regulations, procedures, policies, and/or local, state and federal laws.

3) Follow the instructions to configure and run the tool you chose.

4) Write a brief report (2-3 pages, single-spaced, not counting figures/tables or quotations used). In your report, answer the following questions in your own words (please do not copy/paste from a tutorial or other online materials). In APA style with at least 3 references.

a) What is the functionality of the tool?

b) What is the actual running environment (software and hardware) of the tool?

c) How will you evaluate the tool based on your own experience?

d) In what aspects could the tool be improved?

5) Take a screenshot (usually by pressing Shift + PrintScreen) during the running of the tool and paste it in your lab report. In your lab report you can provide as many screenshots as you want and/or other output to show you have actually run the tool.

Your report will be evaluated based on its technical depth, critical thinking, and comprehensiveness/soundness of the discussion. You may reference publications from the academia or the industry to expand the discussion.

Secunia PSI (Personal Software Inspector) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins that expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus programs. Secunia PSI checks only the machine it is running on, while its commercial sibling Secunia CSI (Corporate Software Inspector) scans multiple machines on a network. For downloads and more information, visit the Secunia PSI homepage.

Verified Expert

Reference no: EM13318290

Questions Cloud

Compute the heat input kw required to heat : Chlorine gas is to be heated from 100oC and 1 atm to 200oC a. Calculate the heat input (kW) required to heat a stream of the gas flowing at 5 kmol/s at constant pressure
How much gauge air pressure in the tank : Water is forced out of a fire extinguisher by air pressure, as shown in Figure P9.64 where h = 0.495 m. How much gauge air pressure in the tank
Definitions as accurate or in accurate : Don't know any thing much about humanities. The question is about Erving Goffman and Mary Pipher, Do I see these definitions as accurate or in accurate? Why or why not? How are these questions perpetuated?
At what u.s standard altitud will hydrogen be neutral : a ballon weighing 3.5 lb is 6 ft in diameter. if filled with hydrogen at 18 psia and 60 degrees F and released, at what U.S standard altitud will it be neutral
What is the functionality of the tool : What is the functionality of the tool and what is the actual running environment (software and hardware) of the tool - how will you evaluate the tool based on your own experience?
Evaluate the electric field strength : A hollow metal sphere has inner radius a, outer radius b, and conductivity sigma. Evaluate the electric field strength at the inner surface of a copper sphere if 0.70cm and 28A
Define the minimum concentration of mg2+ required : What is the minimum concentration of Mg2+ required to begin precipitating Mg(OH)2(s) in a solution of pH 10.82? For Mg(OH)2
Determine the magnitude of the external magnetic field : A horizontal wire of 0.52 m carrying a current of 8.2 A is placed in a uniform external magnetic field. Determine the magnitude of the external magnetic field
What is the charge on the capacitor : An air-filled parallel-plate capacitor has plates of area 2.20 cm2 separated by 2.00 mm. What is the charge on the capacitor

Reviews

Write a Review

Database Management System Questions & Answers

  Find out which data from database to archive

Find out which data from database to archive; that is, for each table, Write down whether data requires to be archived.

  Write procedures using counter and sychronisation techniques

Write the following procedures: woman_wants_to_enter, man_wants_to_enter, woman_leaves, man_leaves, using counters and sychronisation techniques to ensure that the correct behaviour will occur.

  Create an rdm for each table in the erd

Create a set of Dependency Diagrams for the ABS database and normalise the ABS tables to BCNF - design of the ABS database.

  Design tables in 3nf various codes for at least three fields

Create tables in 3NF. As you create the database, include different codes for at least three of the fields. Use sample data to populate fields for at least three records in each table.

  Create an er diagram using the set of requirements

Create an ER diagram using the set of requirements provided for Oxford City Council's bicycle sharing scheme and identify the minimal set of functional dependencies and all candidate keys for the relation R

  Compose conceptual data modeling techniques

Explain the fundamentals of how data is physically stored and accessed and compose conceptual data modeling techniques that capture information requirements - design a relational database so that it is at least in 3NF.

  Design a dss to help decision-makers

Design a DSS to help decision-makers run the 2012 London Olympics-Write down the step-by-step solution to train the classifier by the basic perceptron learning rule.

  Create data warehouse sections including computers-dvds

Create a data warehouse for electronics store chain. The chain has 20 stores in 5 cities. Each store has different sections including computers, DVDs, TVs, audio, home appliances etc.

  Express the relationships graphically with an e-r diagram.

A vendor builds multiple types of tablet computers. Each hs a type identification number and a name. The key specifications for each type include amount of storage and display type.

  A county wishes to create a database

A county wishes to create a database to control its local libraries. Each library has a number of employees, one of whom is designated as the manager of the library and is responsible for supervising employees and the general day-to-day management..

  Design a database schema

Design a Database schema

  List the details of parts supplied by quality

Attribute dob is the customer's date of birth, stops is the number of stops (0-??) a flight requires, and onTime is a percentage (0-100) indicating how often a flight is on time. Keys are underlined.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd