Copyright © XXXXXXXXXXVIT, All Rights Reserved. 1 MITS 5004 IT SECURITY Copyright © XXXXXXXXXX, Victorian Institute of Technology. The contents contained in this document may not be reproduced in any...

1 answer below »
I send a file please check it once


Copyright © 2015-2018 VIT, All Rights Reserved. 1 MITS 5004 IT SECURITY Copyright © 2015-2018, Victorian Institute of Technology. The contents contained in this document may not be reproduced in any form or by any means, without the written permission of VIT, other than for the purpose for which it has been supplied. VIT and its logo are trademarks of Victorian Institute of Technology. MITS5004 Assignment 2 Copyright © 2015-2018 VIT, All Rights Reserved. 2 Assessment item 2 Assignment - 2 Value: 10% Due date: Submission method options Alternative submission method Task Part A: 30 Marks Answer the following questions: 1. Search the web for news on computer security breaches that occurred during April-August 2015-2018. Research one such reported incident. Prepare a report focusing on what the problem was, how and why it occurred and what are the possible solutions. - 15 Marks Length: Around 800 words 2. Explain why asynchronous I/O activity is a problem with many memory protection schemes, including base/bounds and paging. Suggest a solution to the problem. - 15 Marks Length: Around 600 words Part B: 20 Marks 1. Research the 2011 Sony PlayStation Network outage case on the web and prepare a report focusing on the following questions: • What was the problem? • Who were affected and how? • How was the attack carried out? • What could have been done to prevent the attack? Length: Around 900 words Rationale This assessment task is based on the following topics discussed in the subject: the overview of Information security fundamentals, security threats, cryptography, malicious software and its countermeasures, operating system security and software security . The assessment task is aligned with the following learning outcomes of the subject: On successful completion of this subject, students will • be able to justify security goals and the importance of maintaining the secure computing environment against digital threats; • be able to explain the fundamental concepts of cryptographic algorithms; • be able to examine malicious activities that may affect the security of a computer program and justify the choice of various controls to mitigate threats. • be able to compare and contrast the security mechanisms of a trusted operating system with those used in a general purpose operating system; MITS5004 Assignment 2 Copyright © 2015-2018 VIT, All Rights Reserved. 3 Marking criteria Assessment criteria PART A : 30 marks Assessable Components HD 100% - 85% DI 84% - 75% CR 74% - 65% PS 64% - 50% FL 49% - 0 Q.1 (15 marks) Search the web for news on computer security breaches that occurred during April-August 2015-2018. Research one such reported incident. Prepare a report focusing on what the problem was, how and why it occurred and what are the possible solutions. 1. Comprehensive report addressing all criteria. Evidence of in- depth research. (Value: 95%) 2. Referenced a wide range of appropriate sources. Referencing style correctly used. (Value: 5%) 1. Comprehensive report addressing all criteria. Evidence of in-depth research. Minor omissions only. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Minor errors only. (Value: 5%) 1. Mostly well- researched and well- presented report addressing all criteria. Some omissions. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Some errors and omissions. (Value: 5%) 1. Partially complete report addressing most of the criteria. Evidence of research. Some omissions. (Value: 95%) 2. Referenced some appropriate sources. Referencing style mostly correctly used. Some errors and omissions. (Value: 5%) 1. Major omissions or incorrect answers. (Value: 95%) 2. Either no evidence of literature being consulted or cited references irrelevant to the assignment set. Major errors in referencing style. (Value: 5%) Possible marks 15.0 – 12.75 12.6 – 11.25 11.10 – 9.75 9.60 – 7.5 7.35 – 0 Q.2 (15 marks) Explain why asynchronous I/O activity is a problem with many memory protection schemes, including base/bounds and paging. Suggest a solution to the problem. 1. Correct and in depth explanation of the problem. Viable solution provided with complete details. (Value: 95%) 2. Supporting reference/(s); fluent writing style appropriate to assignment with proper in text citation. (Value: 5%) 1. Comprehensive and correct explanation of the problem. Viable solution provided with complete details. Very minor omissions only. (Value: 95%) 2. Supporting reference/(s); fluent writing style appropriate to assignment with proper in text citation. (Value: 5%) 1. Correct explanation of the problem with some details. Viable solution provided. Some omissions. (Value: 95%) 2. Supporting reference/(s); fluent writing style appropriate to assignment with proper in text citation. Minor omissions. (Value: 5%) 1. Mostly correct explanation and solution. Minor errors. (Value: 95%) 2. Supporting reference/(s); writing style appropriate to assignment with proper in text citation. Some omissions. (Value: 5%) 1. Major omissions or incorrect answers. (Value: 95%) 2. Either no evidence of literature being consulted or cited references irrelevant to the assessment set. Major errors in referencing style. (Value: 5%) Possible marks 15.0 – 12.75 12.6 – 11.25 11.10 – 9.75 9.60 – 7.5 7.35 – 0 PART B: 20 marks Q.1 (20 marks) 1. Comprehensive 1. Comprehensive 1. Mostly well- 1. Partially 1. Major MITS5004 Assignment 2 Copyright © 2015-2018 VIT, All Rights Reserved. 4 Research the 2011 Sony PlayStation Network outage case on the web and prepare a report focusing on the following questions: • What was the problem? • Who were affected and how? • How was the attack carried out? • What could have been done to prevent the attack? report addressing all criteria. Evidence of in-depth research. (Value: 95%) 2. Referenced a wide range of appropriate sources. Referencing style correctly used. (Value: 5%) report addressing all criteria. Evidence of in-depth research. Minor omissions only. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Minor errors only. (Value: 5%) researched and well- presented report addressing all criteria. Some omissions. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Some errors and omissions. (Value: 5%) complete report addressing most of the criteria. Evidence of research. Some omissions. (Value: 95%) 2. Referenced some appropriate sources. Referencing style mostly correctly used. Some errors and omissions. (Value: 5%) omissions or incorrect answers. (Value: 95%) 2. Either no evidence of literature being consulted or cited references irrelevant to the assignment set. Major errors in referencing style. (Value: 5%) Possible marks 20.0 – 17 16.9 – 15 14.9 – 13 12.9 – 10 9.4 – 0 Presentation • You are recommended to write the answers in a word document and submit. You can also submit your document in pdf format as well. • Your answers to the questions should be precise but complete and informative. • Each question should be answered individually with the corresponding label to indicate the tasks completed e.g. Task 1 a. • A cover page must be included and should contain relevant identifying information.
Answered Same DayApr 20, 2021MITS5004

Answer To: Copyright © XXXXXXXXXXVIT, All Rights Reserved. 1 MITS 5004 IT SECURITY Copyright © XXXXXXXXXX,...

Ankit answered on Apr 26 2021
144 Votes
Student Name : Ashok Mallela
Student ID : 41345
Assignment 2
Part A-1
Problem: Gmail users targeted by phishing scam on May 3,2017
On May 3,2017 the users of Gmail were impacted by phishing scam in which hackers were to take access of users accounts via a third party software. Another successful phishing method focusing on Gmail and different services has been picking up ubiquity amid the previous year among hackers. In the course of
recent weeks there have been reports of experienced specialized clients being hit by this. The email was construct to look as though they were from a client's confided in contact and advised the person that they required to impart a Google Doc to them. When user opened, the connection prompted Google's genuine security page where the individual was prompted to allow a phony Google Docs application to assign with his or her email account. Google place a stop to the scheme in around one hour and the organization says they gauge 1 million clients may have been influenced. (Daitch 2017)
How and why It was occurred
The gmail highly effective phishing scam has fooled lot of gmail customers by disclosing their login details. Hackers used smart trick that was complex to detect. The trick works by mailing clients a simple type of Google Doc link, that seems to have originated from somebody user may know. Yet, on the off chance that it's clicked, at that point it will give over access to user Gmail account and transform it into a device for growing the scam more. The scam doesn't just seem, by all accounts, to be influencing Gmail accounts however a scope of corporate and business ones that utilization Google's email administration as well. (Griffin 2017)
user click on the photo, presuming that Gmail give them a preview of their attachment. But another window opens up and users are provoked by Gmail to login once more. When user view at the location bar and they see accounts.google.com in there like figure below:
The hacker’s login into user record quickly once as they receive the login info, and they utilize one of their real connections, alongside one of their real titles, and mail it to individuals in their contact list. The hacker’s login into their Gmail happens all around rapidly. This might be robotized or hackers might have a group remaining by to work on user Gmail. Once they approach user Gmail, the hackers likewise have full access to every one of their messages including sent and got now and may download the entire parcel. Since hackers supervise user email address, they would likewise bargain a wide assortment of different administrations that user use by utilizing the secret key reset system. Hackers used smart trick that was complex to detect. The trick works by mailing clients a simple type of Google Doc link, that seems to have originated from somebody user may know. Google place a stop to the scheme in around one hour and the organization says they gauge 1 million clients may have been influenced.
Possible Solutions
Phishing attacks are very harmful as user sensitive data is stolen by hackers. There are various ways to protect themselves from this Phishing scam. One such way is user always said to check their location bar in their browser as it gives idea to user that they are on right webpage before login. It is duty of user to check the protocol and also check hostname before login. This way will help the user to protect their account from theft.
Hackers use technique such as data URI to insert whole document in location bar of web browser. When user view at browser location bar and they notice ‘data: text/html’ which is so much lengthy string of text. (Wordfence 2017)
Here is possible solution list for user to protect their account:
· Before login into Gmail accounts, user can check the hostname as ‘accounts.google.com’, ‘https://’ and local icon.
· User active two factor authentication for their Gmail account as hackers cannot login into user Gmail account easily. With two factor authentication technique, the verification code is sent to user phone number or email.
· User can also check their login activities in order to search out if anyone else is login into their account. This feature is available at below of Gmail inbox with the name “details”. This option contains user all the present sessions and recent login history details.
· If the login is active from unknown resources or location,...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here