University : University of Leicester UniLearnO is not sponsored or endorsed by this college or university.
Subject Code : CO3099
Country : United Kingdom
Assignment Task


Task 

Foundations of Cybersecurity

Answer to question 1
(a) (Bookwork/Application) Chosen-plaintext attack. It is easier (or more precisely, not more difficult) to perform than the other two attacks since the attackers have more information.
(b) (Application)
i. UMSM
ii. There are only 26 different values of x (considering wraparound) so brute force attack is easy.

Chosen-plaintext attack.

 

Answer to question 2
(a) (Comprehension)
i. False: the correct key to use is Alice’s public key.
ii. False: to authenticate sender, the recipient needs the sender’s public key (the sender uses their own private key to sign).

Question 2 Comprehension


(d) (Application)
i. Decrypt the cryptogram he received in Step 2 with the given K, check the decrypted R is his original one.
ii. Bob cannot know the value of x at the end of Step 2 because he only has the cryptogram but not the key. Hence when he chooses a value of y he cannot do better than choosing it randomly.

(e) (Application) Assume the tokens are long enough so that valid values are sparse, i.e. a random sequence of digits is unlikely to be a valid token. Suppose we assume the server keeps track of the list of valid tokens. Upon receiving a evaluation, it could try to compute a hash using each valid token to see if it matches the hash. This is assuming it is computationally feasible to do so (i.e. not too many students).

An attacker is extremely unlikely to be able to modify the result and/or the hash to still produce a match without knowing the token, and it is unlikely for them to be able to guess a valid token. So (1) is supported. But this allows the server to check which token gave which evaluation (effectively, it is brute-force reversing the hash), so if it keeps the mapping between students and tokens then (2) is not supported. Otherwise (2) is supported.


Answer to question 3
(a)
(Comprehension)
i. False
ii. True
iii. False
iv. True
v. False

(b) (Application) The solution is to implement a stateful multi-layer packet inspection firewall.
This type of firewall is a sophisticated implementation of firewall that can deploy packet filtering at various layer of the OSI model and provides an integrated solution by combining application layer inspection, stateful inspection, and packet filtering. Such a type of firewall scans and inspects the entire pack contents such as the source and destination IP addresses, application type, port numbers, session information etc., whilst making decisions of allowing or denying packets.

(c) (Application) IDS cannot be evaded with a Denial-of-Service attack. Although DoS is a type of a network attack that is used to make the intended services unavailable to the respective users, DoS are generally not performed directly to evade IDS.

(d) (Bookwork) The PGP protocol encompasses a compression mechanism in its operation. 
This compression mechanism is used to compress the email message after appended with the signature, but the compression is carried out before the encryption process. The compression is achieved using the ZIP algorithm. Compression of the message helps reducing the transmission time and disk space. Importantly, compression enhances the resistance to cryptanalysis. When the receiver receives the cryptogram, decompression is carried out to obtain the message and the signature.

(e) (Application) Given this situation, it can be understood that the digitally signed message that Alice initially received came from Trudy not Bob. Trudy have created a new key pair in the name of Bob using his personal information and stored it in the public key server. Trudy signed the message with the corresponding private key and send it to Alice. Here, Trudy impersonated as Bob and convinced Alice. Believing that the message came from Bob, Alice followed the instructions in the message she received. Such issues can be avoided using digital certificates received from trusted Certificate Authorities (CA), so that the public key of the owners can be validated.


Answer to question 4
(a) (Bookwork/Application) For the staff to connect with the server located in their Local Area Network, Transport mode should be used. The transport mode ensures authentication and integrity with the Authentication Header (AH) and the encryption of the payload is ensured with the Encapsulation Pay Load (ESP). The transport mode introduces less overhead as the original IP header is not encapsulated, so that the IP header can be routed as normal.
For staff to connect with the server in the Australia, the Tunnel mode serves the best level of security. Tunnel model should be a used as the routing is performed through the public internet. For site-to-site VPNs, the tunnel model uses AH and ESP to encapsulate the IP packet, and further the entire IP header is encapsulated and added with a trailer for additional security. Although this encapsulation brings additional overheads, the tunnel model should still be used for site-to-site VPN connections for the achieved additional level of security.

(b) (Bookwork) The SSL protocol stack is comprised of SSL Handshake Protocol, SSL Change Cipher Spec Protocol, SSL Alter Protocol and SSL Record Protocol. The SSL record protocol divides the data into smaller fragments of 214 byte chunks, and further compresses the fragments, the compressed fragments are appended with MAC and encrypted, and finally the record header is appended. The SSL handshake protocol is completed prior to any data transmission, this is generally to establish a session state between the sender and the server. 

During the establishment of the session, the handshake protocol involves authentication of the sender and server, negotiation of encryption and MAC algorithms and the negotiation of session keys. The change cipher spec protocol is a part of the handshake protocol; during the negotiation of the cipher suites, mutually available protocols along with the cipher type and the size of the initialisation vector are agreed between the server and the client. The SSL alter protocol send a message of two bytes to convey any alters during the process; one byte to notify the level severity and other is used for presenting the alter code. An alert is sent when the record protocol encounters an unexpected message, bad record MAC, illegal parameters during the handshake, expired and
unknown certificates etc.

(c) (Bookwork) De-Militarised Zone (DMZ) is a zone with an intermediate trust level, situated between the Internet and a trusted internal network. A three-tier design of DMZ is comprised of trusted networks, which is usually the internal network comprising confidential and sensitive assets requiring higher level of security; semi-trusted networks, located between the trusted internal network and the public untrusted network, which provides access to some important resources to the internal users; and un-trusted networks which is external to the firewall, located outside of the trusted zone. A VLAN helps the devices connected to the same physical network to create their own broadcast domain, so that logical separation can be achieved. DMZ usually comprises multiple servers, and when one server is attacked all the other servers can be easily compromised when these servers uses the same broadcast domain. Using VLAN to logical separate all the servers in their own broadcast domain by designating each switch port of the DMZ as private VLANs can avoid all the servers being compromised at one given time.

(d) (Bookwork/Application) This is a standard ACL configuration, which allows traffic by matching the IP address of the source against the IP address in the ACL. This ACL configuration is configured to permit www traffic which generally operates on port 80, which is a tcp protocol.

(e) (Bookwork) Confidentiality is used to ensure that the sensitive information of clients such as their credit/debit card details are not accessible and available to the merchants. Integrity is used to ensure that no changes can be maliciously imposed on to the client’s order information. Authentication is used to assure the trustworthiness of the merchants and clients with the used of certificates.

 

This CO3099-IT Computer Science Assignment has been solved by our IT Computer Science Expert at UniLearnO. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing Style. Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. 

You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turn tin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.

  • Uploaded By : Jordan
  • Posted on : June 06th, 2021
  • Downloads : 308

Whatsapp Tap to ChatGet instant assistance