CS315 Assignment 3 Solution and Discussion

zareen

Assignment No. 03

Semester: Fall 2019
Network Security-CS315 Total Marks: 20

Due Date: 23-Jan-2020

Instructions:
Please read the following instructions carefully before submitting assignment:

You need to use MS word document to prepare and submit the assignment on VU-LMS.
It should be clear that your assignment will not get any credit if:

 The assignment is submitted after due date.
 The assignment is not in the required format (doc or docx).
 The submitted assignment does not open or file is corrupt.
 Assignment is copied (partial or full) from any source (websites, forums, students, etc.).
 Assignment solution submitted in image format or image(s) pasted in the solution file.

Objective:

To enhance the knowledge about Cloud Security and Virus Attacks involved in Network Security.

Assignment

Question No.1: 10 Marks

Different organizations are providing cloud services to their clients/users/customers and suffering from the various issues. Which countermeasures these organizations can use to avoid following issues:

1. ABC Organization is providing free email services to end users but some unknown person is using it for spamming.
2. An organization requires Signup access to its free cloud storage services. The administrators of the organization can view and manage user data. After some days, one of the administrators leaked users’ data. Now users are receiving spam emails and SMS.
3. A Bank is providing credit card services to its customers. A person lost his credit card and he received an Email/SMS of credit card transaction from bank.
4. A Multinational organization is providing credentials to their employees to access their online portal and manage their services. One of the employees stuck in some problem and provide credentials to third person outside the organization for help. After somedays organization detected that their critical services are controlled and manipulated by some anonymous person.
5. XYZ University is providing access to its students to their result and other online portals but one of its students is executing scripts to access the server again and again until the server gets down.

Question No.2: 10 Marks

Suppose a system is infected with a virus and functioning abnormally. Before virus is diagnosed, some malicious activates are being faced by the user. Now during the virus lifetime in the system, it will go through different phases. You need to identify its phases for the following mentioned scenarios:

Scenario	Phase
User run IDM (Internet Download Manager) application in the system then instead of execution, it creates multiple files in different portions of hard disk.
User tries to open any file but system shutdown immediately and damage operating system files.
User opened a file but instead of executing that file it executed another file in infinite loop.
User open PDF reader application and virus got activated.
On opening an excel file, a virus just created two different copies of it.

Best of Luck!

zareen

@zareen said in CS315 Assignment 3 Solution and Discussion:

User run IDM (Internet Download Manager) application in the system then instead of execution, it creates multiple files in different portions of hard disk.

Unlike the biological viruses that cause the common cold, people create … Despite the many variations of viruses, most have two phases to their execution: infection and delivery. … the Calculator, Notepad, Help, and other programs on the hard disk. The virus then scans the computer to locate .exe files on other drives and …
Reff

Mahnoor

@zareen ans 5th point of first question please as soon as posible

zareen

@zareen said in CS315 Assignment 3 Solution and Discussion:

A Bank is providing credit card services to its customers. A person lost his credit card and he received an Email/SMS of credit card transaction from bank.

In case of card identity theft/loss or a fraudulent offline or online transaction, report the loss immediately to the bank or card provider and have the card blocked. For this, make sure that you have the customer care number of your bank handy. Follow it up with a letter or e-mail. It is also advisable to lodge an FIR at the earliest.

If the bank does not respond within a week, approach the nodal officer. If there is no response from the bank within 30 days, contact the banking ombudsman appointed by the SBP. If this measure too fails, approach the court of law for redressal.

Q.2

Scenario	Phase
User run IDM (Internet Download Manager) application in the system then instead of execution, it creates multiple files in different portions of hard disk.	infection
User tries to open any file but system shutdown immediately and damage operating system files.	infection
User opened a file but instead of executing that file it executed another file in infinite loop.
User open PDF reader application and virus got activated.
On opening an excel file, a virus just created two different copies of it.

zareen

@zareen said in CS315 Assignment 3 Solution and Discussion:

ABC Organization is providing free email services to end users but some unknown person is using it for spamming.

1. Train your spam filter
   When you get a spam email from an unknown sender, don’t just delete it. Select it, and mark it as a spam message. Sometimes, your email client may mark an important email from a known sender as spam. In such scenarios, you need to mark that email as safe to train the email client about your false positives.

2. Never respond to spam
   In case you received a spam email and recognized it before you open it, don’t open it. If you realize an email as spam only after opening it, mark it as spam and close it. Do not click the links or buttons, or download files from the spam messages.

3. Use alternative email addresses
   A lot of unwanted emails can make their way into your inbox if you order a product or subscribe to a mailing list. By ordering a product or subscribing to a mailing list of a company, you are automatically signed up to receive unwanted marketing updates from that company, or it may share your contact information with a third-party advertiser.
   One simple solution to stop such spam emails is to create a secondary email address that you can use for such activities. By doing so, those unwanted marketing emails will not appear in your primary email inbox.

4. Hide your email address
   The more people who expose your email address, the more spam emails you are going to get. So keep your email address hidden from public view. Avoid publishing your primary email address on the web unless it is required. Use alternative email addresses for such scenarios.

5. Use a third-party Anti-spam filter
   Most of the Anti-spam solutions that are available today can be customized as per your needs, allowing only the approved emails into your inbox. There are free anti-spam software as well as paid anti-spam software.

Source

Mahnoor

@zareen i need help today is extend date please provide sol