Skip to content
  • 0 Votes
    29 Posts
    3k Views
    zaasmiZ

    The verizon and symantec reports show that_______________.
    Web is the most vulnerable vector
    Email is the most attacked vector
    IOT is more secure than other technologies
    Malicious internal users or disgruntled employees cause most damage

    e70ae74c-ca3e-4082-9e55-de065a8e5ab4-image.png

  • 0 Votes
    5 Posts
    319 Views
    cyberianC

    @Saif-Ali-Qureshi said in CS205 Assignment 2 Solution and Discussion:

    please share assignment file. CS205 today is last due date.

    Plz follow the steps and get results on your pc.

  • 0 Votes
    3 Posts
    256 Views
    zaasmiZ

    @moaaz said in CS205 Assignment 1 Solution and Discussion:

    Question No-2:
    Consider an online performance evaluation system of a company where its employees enter the daily status of the tasks assigned to them in online sheets available in the system. The sheets are analyzed by the competent authorities of the company on daily basis to evaluate the performance of the employees.
    You are required to briefly explain the confidentiality, integrity and availability with the help of example associated with this system.
    In your point of view which component of C.I.A. Triangle model will get the highest importance and which component will get the least importance according to above mentioned scenario?

    Solution:
    Integrity:
    An employee always relies on the accuracy of entered data /information. Therefore, use of advanced, efficient technology and proper optimization is necessary to ensure that integrity is maintained and employee’s information is secure. Whenever any employee enters his work progress then that information must remain in its original form otherwise any wrong change in report can create a lot of problems for employees. So, the integrity of data should be safe.

    Confidentiality:
    The employee must expect the privacy. Confidentiality with the use of evaluation system should be high and there should be surety of maintaining privacy between higher management and employee. To access the performance evaluation system, an employee must enter a security password which is available only to authorized employee of the company. Company also needs to ensure privacy of any employee’s performance report. Proper encryption of data ensures that high level of confidentiality is maintained whereas lack of attention towards the same could lead to breach of data/ information. Moreover, the policy related to changing password after regular intervals will help to keep data and information secure.

    Availability:
    All employees use evaluation system at the end of day to enter their progress status of the tasks/work, assigned to them. So, if the related interface is not available at the time of entering data, then employees would not be able to enter the information in the system. Consequently, the higher management may perceive that the employee(s) has /have intentionally not entered the required information and may take action in this regard. Furthermore, if the system will not be available specially at the time when most of the employees will be updating their status, then it will make the employees frustrated just because no one want to spend extra hours after the working hours. So the availability of the system is also important.
    Part-2:
    Integrity and Confidentiality holds the highest importance in this scenario.
    The availability of system has less importance from information security point of view.

  • 0 Votes
    2 Posts
    357 Views
    HD CoverageH

    @aleem1990 Asignment NO 3 Hai ap k pass cs205

  • 0 Votes
    5 Posts
    534 Views
    zareenZ

    @zareen said in CS205 Assignment 2 Solution and Discussion:

    A user noticed that someone is using his Facebook account after stealing his credentials. After investigation, he observed that it happened after installing a software downloaded from an un-authentic website.

    Aug 25, 2019 - Hacked Facebook accounts are being sold on the dark web, showing the … Problem is that since so many web sites make you use your email for log in name, I’m not … 90 EACH days after the ‘worst ever’ hack of 50 million users (and here’s … a hacker has claimed he sold the plaintext passwords and email …
    link text

  • 0 Votes
    4 Posts
    1k Views
    Muhammad Habib Ur RehmanM

    • CIA triad
    Question No. 1 [Marks: 10]

    Suppose you are attempting the exam for the post of Information Security Engineer in the ABC organization. During the exam, you are given the following real life scenarios associated with the three main pillars of informing security (C.I.A) :

    Suppose fifty cancer patient’s treatment is being carried out by Dr. Ali in the well-reputed cancer hospital in Lahore. All the medical information of those patients is stored in the table of the hospital’s database system. Dr. Ali suggests medicine to the patients on the basis of patient’s relevant information stored in the database. If another doctor who has also legal rights to access this table of the database, unintentionally changes the information that can mislead the patient treatment. CSS Exam’s applicants are checking their results online through the FPSC website but the FPSC website takes too much time to load. The AZB limited Bank makes a plan for launching a new offer for capturing customers in a market but this plan leaked to its competitors. A bank’s ATM is not responding due to general backend server error. If a renowned shoe brand’s prices and specifications available on online shopping stores are changed by an unauthorized person. If you are replying to the messages of your friend, then it should be received in the original form as it is sent by you. Upon the last date of applying for the online job application, the related website is not responding due to some technical problems which makes the candidates unable to submit their job application on time. Student’s board results information (Marks, CGPA) is considered very important and it should be available only for that specific student and their parents rather than other class students. A developer’s salary slip in the software house should not be visible to any other developer. Student’s semester grades are posted on the class Facebook group by some unauthorized student.

    After carefully reading and analyzing the above-mentioned scenarios and fill the following table:

    Scenario. No Associated C.I.A security component
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10

    kindly i want solution of this question plzzz