1

.pdf

School

Chittagong University of Engineering & Technology *

*We aren’t endorsed by this school

Course

345

Subject

Information Systems

Date

May 19, 2024

Type

pdf

Pages

3

Uploaded by fahim02 on coursehero.com

(Topic: Threats, vulnerabilities, and exploits) Explain the difference between a threat and a vulnerability. Give examples of threats that are not vulnerabilities and vulnerabilities that are not threats. a) A threatis something to protect. A vulnerability is a bug or mistake that could allow the treat to be acted on. b) Stealing my car is a threat, not a vulnerability. c) Leaving my car unlocked and running is a vulnerability, not a threat. (Topic: Threats, vulnerabilities, and exploits) Explain when a security professional might be concerned about a vulnerability and not concerned about the exploit for the vulnerability. Explain when a security professional is concerned about an exploit and not as concerned about the vulnerability associated with the exploit. In answering this question, provide a definition of a vulnerability and exploited, and the difference between the two. a) We try to protect against all vulnerabilities. For example, if we detect that a buffer overflow is possible in a program, we will fix that vulnerability even when there is no exploit that can take advantage of the vulnerability. b) But there are many scenarios where we are unsure whether we need to invest the effort. One such scenario is when we are unsure if an exploit of the vulnerability is possible. In such a case, we focus on whether an exploit is feasible, and how difficult it is to execute such an exploit. That is, we are less concerned about the vulnerability and more concerned on whether the exploit is realistically feasible. (Topic: Threats, vulnerabilities, and exploits) For two of the following, list and describe three threats (e.g., from STRIDE) a) Uber eats (food delivery: customer orders on uber eats web page, the restaurant makes the food, uber eats driver picks up the food and delivers food to the customer, customer gets changed and restaurant gets paid) Repudiation: an attacker could make an order where the order appears to have been placed by someone else Repudiation: the food deliverer could claim that the food was delivered when it was not Repudiation: the person that received the food could claim that they did not receive the food. Tampering: the food deliverer could take some of the food b) Photo sharing Information disclosure: private photos could be shared. Elevation of privilege: a user could elevate their privilege in the back-end servers and gain access to other people’s photos or delete photos. Tampering: Photos would be deleted or even edited Denial of Service: an attacker could make the photo system unreachable. c) Home automation system that allows you to control things in your home via your mobile phone Tampering: data could be changed to turn the heat on in the summer Denial of Service: an attacker could make the system inaccessible, and so the user could not open their front door. Information disclosure: Information about the user’s life, such as when they are home, could be disclosed to buglers or door-to-door sales-people.
6. (Topic: Threats & DoS) NTP (network time protocol) was developed at UD. It is used to request the current time and uses UDP. If a NTP server is under a DoS attack, can a firewall be used to block the attacker? Explain. a) Since NTP uses UDP, the source IP address can be spoofed. Therefore, firewall rules that block IP addresses could not be used to block the attack. b) Optional: If NTP is not needed, then a firewall rules that block the port could be used to block all NTP traffic. However, the question states that the server is an NTP server, so NTP is used. (Topic: Threats & DoS) Suppose that a web server has a link speed of 10Gbps. And suppose that each machine in a botnet has a link speed of 1Mbps a) How many botnet machines are needed to send data to the web server in order to fill the web server’s link capacity? = Y * 1Mbps = 10Gbps =>Y=10,000 b) If DNS amplification is used with an amplification factor of 70x, then how many botnet machines are needed to fill the web server’s link = Y*A*1Mbps = 10Gbps => e.g., if A=70, then Y = 143
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help