Navigation

    Cyberian
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Pro Blog
    • Users
    • Groups
    • Unsolved
    • Solved
    Quiz 100% Result
    • CS205 Assignment 1 Solution and Discussion

      zareen

      Assignment No. 01
      Semester: Fall 2019
      CS205: Information Security Total Marks: 15

      Due Date: 14/11/2019

      Instructions:
      Please read the following instructions carefully before submitting assignment:
      You need to use MS word document to prepare and submit the assignment on VU-LMS.
      It should be clear that your assignment will not get any credit if:

      The assignment is submitted after due date. The assignment is not in the required format (doc or docx) The submitted assignment does not open or file is corrupt. Assignment is copied (partial or full) from any source (websites, forums, students, etc)

      Objectives:

      To enhance the learning capabilities of the students about:

      • Security model
      • OSI security architecture

      Assignment

      Question No.1:

      Carefully study the scenarios given below with respect to C.I.A triangle and identify the C.I.A. security component associated with each scenario. You are required to provide your answer in table given below:

      Student’s grade information is considered very important and it should be available only for that specific student rather than other students. Information of heart patient is stored in hospital’s database. The doctor trusts on that stored information and then suggests medicine according to this information. Another employee who has also legal rights to access this database, unintentionally changes this information that can misguide the patient treatment. VU-LMS is not accessible due to which students are not able to submit their assignments on time. An ATM machine is not responding due to general processing error. Employee’s salary slip in an organization should not be visible to any other employee. Product price and specification available on online shopping store is changed by unauthorized person. You are replying to an email of your friend then it should be received in original form as it is sent by you. Your academic marks are posted on social media website by some unauthorized person. A student is checking his/her result online but website is not responding. A multinational company makes a plan for launching a new product for capturing customers in a market but this plan leaked to its competitor.

      Solution:

      e9d683d8-896d-4c6e-9a89-67c4c3fd571e-image.png

      Question No.2:

      OSI architecture was developed as an international standard to define the requirements for security and characterizing the way to satisfy that requirements. You are required to carefully study the OSI security architecture then identify and relate the following scenarios with security services provided by OSI. You are required to provide your answer in table given below:

      A person, transferring money to his friend using online banking service. Both the bank and the user should be guaranteed in identities of each other.

      In online banking application a user may be allowed to see his profile, but not allowed to make any changes in his profile information.

      A user withdraw money from his bank account, but later denied that. How the bank can handle such situation?

      A user wants to pay his electricity bill using online banking service but website of that bank is down in that time.

      A user sends a query to bank head office to know about his closing balance and he should receive same balance amount as sent by bank authorities.

      Solution:

      8103836e-0d0f-4a9a-8b51-98888672001b-image.png

      Best of luck

      CS205 - Information Security
    • CS205 Grand Quiz Solution and Discussion

      zaasmi

      Please share you Grand Quiz

      CS205 - Information Security
    • CS205 Assignment 2 Solution and Discussion

      zaasmi

      Re: CS205 Assignment 2 Solution and Discussion

      Assignment No. 02 Semester: Spring 2020

      CS205: Information Security Total Marks: 25

      Due Date: 15/06/2020

      Instructions:
      Please read the following instructions carefully before submitting assignment:
      You need to use MS word document to prepare and submit the assignment on VU-LMS.
      It should be clear that your assignment will not get any credit if:

       The assignment is submitted after due date.
       The assignment is not in the required format (doc or docx)
       The submitted assignment does not open or file is corrupt.
       Assignment is copied (partial or full) from any source (websites, forums, students, etc)

      Objectives:

      To enhance the learning capabilities of the students about Vulnerability management and its Tools.

      Assignment

      Question No-1:
      You are required to download the QUALYS and NESSUS trial versions and install these tools on your PC/Laptop. Then read the online guides and watch the related YouTube videos where necessary for instructions on how to use these tools and to familiarize with the menus.
      Now run the scanner to scan a minimum of:

      2 IT assets such as server, workstation, or network device (As per your convenience) 2 web assets such as website or portal

      Compare and contrast the both (QUALYS and NESSUS) reports and comment how the reports are different. Your answer should be concise and to the point.

      Note:
      After scanning the above IT assets take the screenshot of the reports of these scanners (QUALYS and NESSUS) and paste those screenshot in word file then submit that word file as assignment.

      Best of luck

      CS205 - Information Security
    • CS205 Assignment 1 Solution and Discussion

      M

      Re: CS205 Assignment 1 Solution and Discussion

      Assignment No. 01 Semester: Spring 2020

      CS205: Information Security Total Marks: 30

      Due Date: 29 /05/2020

      Instructions:
      Please read the following instructions carefully before submitting assignment:
      You need to use MS word document to prepare and submit the assignment on VU-LMS.
      It should be clear that your assignment will not get any credit if:

       The assignment is submitted after due date.
       The assignment is not in the required format (doc or docx)
       The submitted assignment does not open or file is corrupt.
       Assignment is copied (partial or full) from any source (websites, forums, students, etc)

      Objectives:

      To enhance the learning capabilities of the students about:

      • CIA triangle.
      • OSI security architecture.

      Assignment

      Question No-1:
      In today’s IT world, different stores are running their businesses through Internet which enables their customers to make sales and purchase transactions online 24/7 from anywhere. Time saving is one of the prime benefits of online business/shopping as the customers don’t have to physically visit the business/shopping centers in this regard. In addition, online businesses also provide the facility of online support and tracking of their orders/transactions to their customers. The customers can get their queries clarified and can track their delivery status i.e. when the goods /products are going to be dispatched to them.
      However, in spite of all the benefits of online business/ shopping, still a large number of people hesitate to make online account on the website of online store to perform online transaction due to fear of losing their personal / account information. To ensure the customer gain, the online businesses must need to apply some OSI preventive security measures/services to tackle with the risk associated with their businesses.
      In view of above, you are required to carefully analyze each scenario given below and identify the most suitable OSI security service to tackle the risk associated with each scenario:

      Customer’s personal or order information is considered very important and it should be available only for that specific customer. Customer’s delivery address is stored in the database of an online store for delivery of required items. An employee of this store having legal rights to access this database, unintentionally changes this address information which resultantly can misguide the delivery of products on wrong address. Online shopping website is not accessible due to which its customers are unable to place orders or do any other transaction. Delivery receipt should be received in same form as it is sent to a customer. Online shopping store is going to launch new promotions, but this plan is leaked prior to its launching. While online shopping, customer is transferring online payment via credit card. Both the parties i.e. customer and related bank should be guaranteed for identification of each other. A customer is only allowed to see his/her order status, but not allowed to make any changes in his/her order information after successful submission of order request. A customer performs online order and then later denies for his/her order. How online business will tackle/handle this situation? A customer sends email to an online store to know about his/her order status and the online store replies to the customer with related information of order status. This information should be received as it is sent by online store.

      Solution:

      Scenario No OSI security service 1 2 3 4 5 6 7 8 9

      Question No-2:
      Consider an online performance evaluation system of a company where its employees enter the daily status of the tasks assigned to them in online sheets available in the system. The sheets are analyzed by the competent authorities of the company on daily basis to evaluate the performance of the employees.
      You are required to briefly explain the confidentiality, integrity and availability with the help of example associated with this system.
      In your point of view which component of C.I.A. Triangle model will get the highest importance and which component will get the least importance according to above mentioned scenario?
      Solution:

      Best of luck

      CS205 - Information Security
    • CS205 Assignment 3 Solution and Discussion

      A

      Assignment No. 03
      Semester: Fall 2019
      CS205: Information Security Total Marks: 25

      Due Date: 22/01/2020

      Instructions:
      Please read the following instructions carefully before submitting assignment:
      You need to use MS word document to prepare and submit the assignment on VU-LMS.
      It should be clear that your assignment will not get any credit if:

       The assignment is submitted after due date.
       The assignment is not in the required format (doc or docx)
       The submitted assignment does not open or file is corrupt.
       Assignment is copied (partial or full) from any source (websites, forums, students, etc)

      Objectives:

      To enhance the learning capabilities of the students about cryptography and crypto algorithms.

      Assignment

      Question 1:
      You are required to encrypt the string “Security Professional” and decrypt the string “MdgfjVhjfbteut” using following tables with “Substitution Cipher Method”.

      a887a749-dd3f-423b-8b9f-384881b80123-image.png
      Question 2:
      You are required to encrypt the plain text “ACCOUNTABILITY” using Vigenere Square Cipher method? Suppose that keyword is “SILENT”.

      Question 3:
      You are required to encrypt the plain text “wearesecurityprofessionalsinuk” into cipher text using columnar transposition method with a Key: “231645”.

      Best of luck

      Any Frnd have CS205 Solved 3rd Assignment. Kindly Share it urgent

      CS205 - Information Security
    • CS205 Assignment 2 Solution and Discussion

      zareen

      Assignment No. 02
      Semester: Fall 2019
      CS205: Information Security Total Marks: 15

      Due Date: 28/11/2019

      Instructions:
      Please read the following instructions carefully before submitting assignment:
      You need to use MS word document to prepare and submit the assignment on VU-LMS.
      It should be clear that your assignment will not get any credit if:

       The assignment is submitted after due date.
       The assignment is not in the required format (doc or docx)
       The submitted assignment does not open or file is corrupt.
       Assignment is copied (partial or full) from any source (websites, forums, students, etc)

      Objectives:

      To enhance the learning capabilities of the students about:

      Software Attacks Need for Security against attacks

      Assignment
      Question No-1:

      “Friend Circle” is a social media platform yet to be launched. Currently, it is in testing phase in which various security policies in the perspective of an online platform are being tested. Following are the reports / observations of such tests:
      Report 1:
      Upon testing the login interface, the security experts found a loophole in the system that an unauthorized person can login to the system by trying different combinations of passwords.
      Report 2:
      It is observed that bundle of unnecessary requests possibly generated by some computers or bots can overload the application and resultantly system may crash or fail to perform ordinary functions.

      After carefully analyzing above mentioned reports, you are required to identify the type of attack associated with each report. Also mention one suitable solution to tackle the identified attack.
      Question No-2:

      Carefully study the Topics “threat” and “software attacks” and identify the deliberate software attacks for following situations with proper justification.

      Suppose a user receives an email containing an image file as the attachment. As the user opens the file, different files on his systems get deleted or modified. A student copied some files from his USB flash drive to a computer in university lab. After doing this, he observed that the number of files on the system got duplicated and overall performance of the system got deteriorated. He faced too much delay in performing tasks by the computer. A user noticed that someone is using his Facebook account after stealing his credentials. After investigation, he observed that it happened after installing a software downloaded from an un-authentic website.
      CS205 - Information Security
    • CS205 - Information Security

      zaasmi

      Total Marks 5
      Starting Date Thursday, August 01, 2019
      Closing Date Friday, August 02, 2019
      Status Open
      Question Title Graded Discussion Board
      Question Description
      Scenario:

      Suppose “WeConnect” is an IT based company which is specialized in providing Voice over IP (VoIP) based services to its clients. Currently “WeConnect” is working on an application that will provide the functionality of “Virtual Labs” to Online Universities situated across the globe. Using this application the teachers could be able to give online lectures with the help of simulations and students could be able to raise text, audio or video based queries.

      A module of this application requires the usage of CAPTCHA codes that takes less than a minute to process, but the client is insisting to remove this delay for a better user experience.

      After reading the above given scenario, give your opinion with solid reasons, should the company reduce the CAPTCHA code processing time or completely remove the CAPTCHA code feature from this application?

      Please read the scenario carefully before writing your comments.

      A concise, coherent and to the point comment is preferred over lengthy comment having irrelevant details. Your comment must not be more than 4-5 lines. Comments, posted on regular Lessons MDB or sent through email will NOT be considered in any case. Any request about such an acceptance will not be catered. Furthermore, your solution should not be copied from any student or from any other source.

      Best of Luck!

      CS205 - Information Security

    SOLVED CS205 Assignment 2 Solution and Discussion

    CS205 - Information Security
    assignment 2 cs205 discussion fall 2019 solution
    1
    5
    11
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • zareen
      zareen Cyberian's Gold last edited by

      Assignment No. 02
      Semester: Fall 2019
      CS205: Information Security Total Marks: 15

      Due Date: 28/11/2019

      Instructions:
      Please read the following instructions carefully before submitting assignment:
      You need to use MS word document to prepare and submit the assignment on VU-LMS.
      It should be clear that your assignment will not get any credit if:

       The assignment is submitted after due date.
       The assignment is not in the required format (doc or docx)
       The submitted assignment does not open or file is corrupt.
       Assignment is copied (partial or full) from any source (websites, forums, students, etc)

      Objectives:

      To enhance the learning capabilities of the students about:

      1. Software Attacks
      2. Need for Security against attacks

      Assignment
      Question No-1:

      “Friend Circle” is a social media platform yet to be launched. Currently, it is in testing phase in which various security policies in the perspective of an online platform are being tested. Following are the reports / observations of such tests:
      Report 1:
      Upon testing the login interface, the security experts found a loophole in the system that an unauthorized person can login to the system by trying different combinations of passwords.
      Report 2:
      It is observed that bundle of unnecessary requests possibly generated by some computers or bots can overload the application and resultantly system may crash or fail to perform ordinary functions.

      After carefully analyzing above mentioned reports, you are required to identify the type of attack associated with each report. Also mention one suitable solution to tackle the identified attack.
      Question No-2:

      Carefully study the Topics “threat” and “software attacks” and identify the deliberate software attacks for following situations with proper justification.

      1. Suppose a user receives an email containing an image file as the attachment. As the user opens the file, different files on his systems get deleted or modified.
      2. A student copied some files from his USB flash drive to a computer in university lab. After doing this, he observed that the number of files on the system got duplicated and overall performance of the system got deteriorated. He faced too much delay in performing tasks by the computer.
      3. A user noticed that someone is using his Facebook account after stealing his credentials. After investigation, he observed that it happened after installing a software downloaded from an un-authentic website.
      zareen 3 Replies Last reply Reply Quote 0
      • zareen
        zareen Cyberian's Gold last edited by zareen

        Q. 1 Solution:
        Report 1:
        Brute Force:
        The application of computing and network resources to try every possible password combination is called a brute force attack.
        Solution:
        Against brute force attack limit the number of unsuccessful access attempts allowed per unit of elapsed time are very effective. For example, if your website receives three failed login attempts; it should block that IP for a certain period of time to stop further attempts being made. We can take following defensive measures:

        • Limit Login Attempts (limit the login attempts)
        • Password Length (longer password length)
        • Password Complexity (UPPERCASE and lowercase alphabets and should also have numbers and special characters)
        • Using Captcha (prevent bots from executing automated scripts mainly used in Brute Force attack)

        Report 2:
        DoS/ DDoS (Denial of Service/ Distributed Denial of Service):
        These attacks overwhelm network resources such as web and email gateways, routers, switches, etc. and prevent user and application access, ultimately taking a service offline or severely degrading the quality of a service. A denial-of-service (DoS) attack occurs when an attacker sends a large number of connection or information requests to a target.
        Solution:

        • CAPTCHA Code is based on assumption that humans are better at character recognition than machines and it is effectively used to provide various services in security. So, it provides good defense against SPAM robots and other automated programs as it almost ensures that people using a website are real people. Generally, computers or bots are not capable of solving a captcha.
        • Increase the resources (i.e. bandwidth) of the system.
        • Distribute the servers worldwide and use load balancing.

        Q. 2 Solution:

        1. Virus
        When the computer program runs attached with virus it performs some action such as deleting/modified a file from the computer system. A virus is a code that can attach itself to a program and take control of the program to spread itself further. It can harm in different ways, such as showing random popup messages or unwanted advertisements on the screen. Changing, deleting, or hiding user data and system files.
        2. Worms
        Worms replicate itself to cause slow down the computer system. The main objective of worms to eat the system resources. A worm is a malicious program that replicates itself constantly, without requiring another program environment. Worms can continue replicating themselves until they completely fill available resources, such as memory, hard drive space, and network bandwidth.
        3. Trojan Horse
        Trojan Horse capture some important information about a computer system. The main objective of Trojan horse to steal the information. Trojan horses are software programs that hide their true nature and reveal their designed behavior only when activated. Trojan horses are frequently disguised as helpful, interesting, or necessary pieces of software, such as readme.exe files often included with shareware or freeware packages. Unfortunately, like their namesake in Greek legend, once Trojan horses are brought into a system, they become activated and can cause destruction on the unsuspecting user.

        1 Reply Last reply Reply Quote 0
        • zareen
          zareen Cyberian's Gold @zareen last edited by

          @zareen said in CS205 Assignment 2 Solution and Discussion:

          A user noticed that someone is using his Facebook account after stealing his credentials. After investigation, he observed that it happened after installing a software downloaded from an un-authentic website.

          Aug 25, 2019 - Hacked Facebook accounts are being sold on the dark web, showing the … Problem is that since so many web sites make you use your email for log in name, I’m not … 90 EACH days after the ‘worst ever’ hack of 50 million users (and here’s … a hacker has claimed he sold the plaintext passwords and email …
          link text

          1 Reply Last reply Reply Quote 0
          • zareen
            zareen Cyberian's Gold @zareen last edited by

            @zareen said in CS205 Assignment 2 Solution and Discussion:

            A student copied some files from his USB flash drive to a computer in university lab. After doing this, he observed that the number of files on the system got duplicated and overall performance of the system got deteriorated. He faced too much delay in performing tasks by the computer.

            gathering their data, if this is the case then theoretically all you need to do is flip to the … button to the right of this to tell SPSS where to put the file if you want to store it … Keep one on a floppy disk or USB stick etc. and the other on your student … want to save it and probably copy some into MS Word (see the note on …
            link text

            1 Reply Last reply Reply Quote 0
            • zareen
              zareen Cyberian's Gold @zareen last edited by zareen

              @zareen said in CS205 Assignment 2 Solution and Discussion:

              Suppose a user receives an email containing an image file as the attachment. As the user opens the file, different files on his systems get deleted or modified.

              These are files of any kind that accompany an email message. … Instead, that file contains instructions on where to locate the image file, and then … Other kinds of HTML emails don’t use an internet location for an image; instead, the … and if the image it contains is fetched from their server, they know you opened their email.
              link text

              @zareen said in CS205 Assignment 2 Solution and Discussion:

              It is observed that bundle of unnecessary requests possibly generated by some computers or bots can overload the application and resultantly system may crash or fail to perform ordinary functions.

              the “Peer to Peer” collect request which can be scheduled and paid as per … sensitive information on computers opens business up to cyber-attacks, with … way of selling its Security Products”), possibly 2012 LinkedIn breach lead to the … flooded the company’s site with internet traffic in an effort to overload digital systems.
              link text

              1 Reply Last reply Reply Quote 0
              • zareen
                zareen Cyberian's Gold last edited by zareen

                Q. 1 Solution:
                Report 1:
                Brute Force:
                The application of computing and network resources to try every possible password combination is called a brute force attack.
                Solution:
                Against brute force attack limit the number of unsuccessful access attempts allowed per unit of elapsed time are very effective. For example, if your website receives three failed login attempts; it should block that IP for a certain period of time to stop further attempts being made. We can take following defensive measures:

                • Limit Login Attempts (limit the login attempts)
                • Password Length (longer password length)
                • Password Complexity (UPPERCASE and lowercase alphabets and should also have numbers and special characters)
                • Using Captcha (prevent bots from executing automated scripts mainly used in Brute Force attack)

                Report 2:
                DoS/ DDoS (Denial of Service/ Distributed Denial of Service):
                These attacks overwhelm network resources such as web and email gateways, routers, switches, etc. and prevent user and application access, ultimately taking a service offline or severely degrading the quality of a service. A denial-of-service (DoS) attack occurs when an attacker sends a large number of connection or information requests to a target.
                Solution:

                • CAPTCHA Code is based on assumption that humans are better at character recognition than machines and it is effectively used to provide various services in security. So, it provides good defense against SPAM robots and other automated programs as it almost ensures that people using a website are real people. Generally, computers or bots are not capable of solving a captcha.
                • Increase the resources (i.e. bandwidth) of the system.
                • Distribute the servers worldwide and use load balancing.

                Q. 2 Solution:

                1. Virus
                When the computer program runs attached with virus it performs some action such as deleting/modified a file from the computer system. A virus is a code that can attach itself to a program and take control of the program to spread itself further. It can harm in different ways, such as showing random popup messages or unwanted advertisements on the screen. Changing, deleting, or hiding user data and system files.
                2. Worms
                Worms replicate itself to cause slow down the computer system. The main objective of worms to eat the system resources. A worm is a malicious program that replicates itself constantly, without requiring another program environment. Worms can continue replicating themselves until they completely fill available resources, such as memory, hard drive space, and network bandwidth.
                3. Trojan Horse
                Trojan Horse capture some important information about a computer system. The main objective of Trojan horse to steal the information. Trojan horses are software programs that hide their true nature and reveal their designed behavior only when activated. Trojan horses are frequently disguised as helpful, interesting, or necessary pieces of software, such as readme.exe files often included with shareware or freeware packages. Unfortunately, like their namesake in Greek legend, once Trojan horses are brought into a system, they become activated and can cause destruction on the unsuspecting user.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                50% Off on Your FEE Join US!

                Quiz 100% Result If you want to know how you can join us and get 50% Discout on your FEE ask Cyberian in Chat Room! Quiz 100% Result Quiz 100% Result
                solution1241 discussion1193 fall 2019813 assignment 1425 assignment 2295 spring 2020265 gdb 1246 assignment 382 crw10174 spring 201955
                | |
                Copyright © 2021 Cyberian Inc. Pakistan | Contributors
                Live Chat