Ensure you write your exam number on any sheets which are to be handed in. This paper consists of THREE pages and FOUR questions.
|
|
- Liliana Dalton
- 5 years ago
- Views:
Transcription
1 UNIVERSITY OF HERTFORDSHIRE Academic Year: 2012/13 Semester: B SCHOOL OF COMPUTER SCIENCE [Click here and type Department Title] 7COM1010 SECURE SYSTEMS PROGRAMMING DURATION OF EXAM: 2 Hours THE FOLLOWING IS PROVIDED FOR THIS EXAMINATION: One answer book. Extra paper as required. INSTRUCTIONS TO CANDIDATES: This paper consists of FOUR questions. Answer THREE of the following FOUR questions Ensure you write your exam number on any sheets which are to be handed in. This paper consists of THREE pages and FOUR questions Question 1 (25 Marks) Page 1 of 5
2 From a theoretical perspective it has been argued that the first line of defence for a secure system is cryptography and that the second is that of detection. From a developers perspective one could argue that this view is completely inappropriate. a) State the dining cryptographers problem and its solution. a) Problem definition (3 marks). Solution (5 marks). (6 Marks) b) To what extent do you agree with the theoretical and developers viewpoints stated at the beginning of the question? Using the dining cryptographers problem (or another of your own choosing) construct an argument for and against each of the viewpoints presented. Include at least three points. What role, if any, do you feel that risk plays in the development of a secure system? (7 marks) b) Various arguments possible. Give 2 Marks for each point made (up to a maximum of 5 Marks) At least 2 marks are to be reserved for the discussion involving risk. Mark to a maximum of 7 marks. c) Using examples of your own explain how a security team could employ tools such as data flow diagrams, threat trees, STRIDE and DREAD in the development of a secure system. Include an explanation for each of the acronyms STRIDE and DREAD in your discussion. (7 marks) c) DFD s to identify flow of data and points for attack (1mark), threat trees for strategies that could be employed to achieve particular attacks(1mark), STRIDE to categorise the types of attack (1mark) and DREAD to rank the attacks using risk analysis. (1mark). Acronyms (4 Marks) Examples (1marks each). Mark to a maximum of 7 Marks) d) Describe modifications that you feel should be made to Royce s life cycle model in order for it to fit for use as a life cycle model for the development of a secure system. d) Arguments along the lines of adding risk assessments to each stage of the life cycle model along the lines of Boehm s life cycle model or the McGraw van Wyk life cycle model. 1 mark for each point made to a maximum of 5 Marks. Page 2 of 5
3 Question 2 (25 Marks) a) Explain what is meant by the Base Rate Fallacy. Include examples to support your any claims made. Include a description for the relationship between conditional probability, Bayes Theorem and the base rate fallacy. (8 Marks) False negatives, false positives, (1 mark each). Examples (2 Marks each). Relationship (4 Marks). Mark to a maximum of 8 Marks) b) State and prove Bayes Theorem. (7 Marks) b) PB ( A) PA ( B) PA ( B). PB ( ) / P ( A B)... PAB ( ). PB ( ) ( ). PB ( ) n i i i i i i = = j = = n PA ( ) PB ( i ) j= 1 PA Bj j= 1 1 mark for each step to a maximum of 7 Marks. c) A network intrusion detection scheme gives a positive result, suggesting that there is an intruder on the system. The accuracy of the scheme is stated as 90% and the incidence of intrusion for networks of this type is given as 2%. How likely is it that the network does not have an intruder? (5 marks) c) P(not an intruder test positive) = (1 0.9) (1 0.02) = to 3 d.p. (1 0.9) (1 0.02) mark for each step to a maximum of 5 Marks. d) To what extent do you feel that the base rate fallacy proves that one cannot have a completely accurate intrusion detection scheme. Justify any claims made. d) Accept the closer the base intrusion rate is to 1, the closer the numerator is to 0 (2 marks), with a non zero denominator (2 marks); suggesting probability of error tending to zero. (1 mark). Mark to a maximum of 5 marks. j Page 3 of 5
4 Question 3 (25 marks) a) Give examples of a malicious type of program that exists independent of host programs. Which of the examples that you have given will replicate? Explain how malicious type of program that REPLICATE and exist INDEPENDENT of host programs operate. (8 marks) a) Independent: worms, zombies 1 mark for each. Both replicate. 1 mark for each. Explanations 2 Marks each. Mrk to a maximum of 8 marks. b) The lifetime of a virus may be described using either a 3 or 4 phase model. Describe each part of a 4 phase model. In order to illustrate points made in your discussion, include a pseudo code description for the general structure of a virus. (12 marks) b) 4 phases: dormant, infection, trigger and delivery (2 marks each). Pseudo code for general structure of a virus (4 marks) 1 Mark extra for each direct link to Pseudo code given. Mark to a maximum of 12 marks. c) Give two measures that could be employed by antivirus software to detect a virus. Describe a countermeasure that could be employed by subsequent viruses to circumvent your measures. Explain why you believe the measures and their related countermeasures would work. (5 marks) c) Examples include signature, length of program, code fragment recognition heuristic), integrity check, hash, activity traps, 2 marks for each measure. 2 marks for each countermeasure and 2 marks for explanation. Mark to a maximum of 5 Marks. Page 4 of 5
5 Question 4 (25 marks) a) Describe the difference between a Clandestine user and a Masquerader. Give one example of each and describe another form of intruder that one could meet. (8 Marks) a) Definitions (2 Marks each). Examples (2 Marks each). Other form: Misfeasor (2 Marks). Mark to a maximum of 8 Marks. b) Compare and contrast the concept of a profile based intrusion detection scheme with another of your own choosing. Include in your discussion at least two components that may be employed for each approach and explain how each of these lead to metrics that may be employed in evaluating the presence or absence of an intruder. (12 Marks) b) Statistical based using profiles for users. Employs use of audit records (2 marks) for profiles of old (1 mark) and current users (1 mark) to measure for significant differences (2 Marks). Diagrams for profiles (2 Marks each) Similarities (2 Marks each) and differences (2 Marks each) subject to other method selected. Mark to a maximum of 12 Marks c) Describe those issues that you feel are significant in order that an intrusion detection scheme is effective in a distributed environment. Justify your claims. c) 1 mark for each issue. 2 marks for justification. Mark to a maximum of 5 Marks. Page 5 of 5
Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:
Intruders significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: masquerader misfeasor clandestine user varying levels of competence
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Intrusion Detection Systems Intrusion Actions aimed at compromising the security of the target (confidentiality, integrity, availability of computing/networking
More informationCSci 530 Final Exam. Fall 2007
CSci 530 Final Exam Fall 2007 Instructions: Show all work. No electronic devices are allowed. This exam is open book, open notes. You have 120 minutes to complete the exam. Please prepare your answers
More informationCS System Security 2nd-Half Semester Review
CS 356 - System Security 2nd-Half Semester Review Fall 2013 Final Exam Wednesday, 2 PM to 4 PM you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationTITLE FIELD OF THE INVENTION BACKGROUND OF THE INVENTION
TITLE INFORMATIONAL SECURITY NETWORK FOR EXCHANGE OF RECORDED COMPUTER THREATS AND CONSECUTIVE INTERCEPTION OF VIRUSES AND OTHER COMPUTER ATTACKS ON THE USERS CONNECTED TO THIS NETWORK FIELD OF THE INVENTION
More informationACS / Computer Security And Privacy. Fall 2018 Mid-Term Review
ACS-3921-001/4921-001 Computer Security And Privacy Fall 2018 Mid-Term Review ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted and/or modified
More informationCS System Security Mid-Semester Review
CS 356 - System Security Mid-Semester Review Fall 2013 Mid-Term Exam Thursday, 9:30-10:45 you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This is to
More informationCertified Ethical Hacker
Certified Ethical Hacker Certified Ethical Hacker Course Objective Describe how perimeter defenses function by ethically scanning and attacking networks Conduct information systems security audits by understanding
More informationLanguage-Based Protection
Language-Based Protection Specification of protection in a programming language allows the high-level description of policies for the allocation and use of resources. Language implementation can provide
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationFAQ For M_o_R Training
FAQ For M_o_R Training Do you have unanswered questions about the M_o_R course? Well, our trainer Tom has taken the time to answer your questions; 1. What is M_o_R? M_o_R considers risk from different
More informationIDS: Signature Detection
IDS: Signature Detection Idea: What is bad, is known What is not bad, is good Determines whether a sequence of instructions being executed is known to violate the site security policy Signatures: Descriptions
More informationIS-2150/TEL-2810 Introduction to Computer Security Quiz 2 Thursday, Dec 14, 2006
IS-2150/TEL-2810 Introduction to Computer Security Quiz 2 Thursday, Dec 14, 2006 Name: Email: Total Time : 1:00 Hour Total Score : 100 There are three parts. Part I is worth 20 points. Part II is worth
More informationThe University of Jordan. Accreditation & Quality Assurance Center. COURSE Syllabus
The University of Jordan Accreditation & Quality Assurance Center COURSE Syllabus 1 Course title Computer Security 2 Course number 1901463 Credit hours (theory, practical) 3 3 Contact hours (theory, practical)
More informationNetwork Security. Course notes. Version
Network Security Course notes Version 2013.1 2 Contents 1 Firewalls 1 1.1 Location of a firewall................................... 2 2 Intrusion Detection 3 2.1 Concepts of Intrusion detection.............................
More informationExamination Questions Time allowed: 1 hour 15 minutes
Swedish Software Testing Board (SSTB) International Software Testing Qualifications Board (ISTQB) Foundation Certificate in Software Testing Practice Exam Examination Questions 2011-10-10 Time allowed:
More informationFOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY
FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide
More informationThreat Modeling for System Builders and System Breakers!! Dan Copyright 2014 Denim Group - All Rights Reserved
Threat Modeling for System Builders and System Breakers!! Dan Cornell! @danielcornell Dan Cornell Dan Cornell, founder and CTO of Denim Group Software developer by background (Java,.NET, etc) OWASP San
More informationUnit 5. System Security
Unit 5 System Security Intrusion Techniques The password file can be protected in one of two ways: One-way function: The system stores only the value of a function based on the user's password. When the
More informationDepartment of Computer Science and Engineering. CSE 3482 Introduction to Computer Security. Instructor: N. Vlajic Date: Mar 1, 2017
Department of Computer Science and Engineering CSE 3482 Introduction to Computer Security Instructor: N. Vlajic Date: Mar 1, 2017 Midterm Examination Instructions: Examination time: 75 min. Print your
More information19.1. Security must consider external environment of the system, and protect it from:
Module 19: Security The Security Problem Authentication Program Threats System Threats Securing Systems Intrusion Detection Encryption Windows NT 19.1 The Security Problem Security must consider external
More information10EC832: NETWORK SECURITY
10EC832: NETWORK SECURITY Objective: In this electronic age, security and privacy are two of the issues whose importance cannot be stressed enough. How do we ensure the systems we use are resistant to
More informationYou will discuss topics related to ethical hacking, information risks, and security techniques which hackers will seek to circumvent.
IDPS Effectiveness and Primary Takeaways You will discuss topics related to ethical hacking, information risks, and security techniques which hackers will seek to circumvent. IDPS Effectiveness and Primary
More informationUnit code: D/601/1956 QCF Level 5: BTEC Higher National Credit value: 15
Unit 46: Network Security Unit code: D/601/1956 QCF Level 5: BTEC Higher National Credit value: 15 Aim To provide learners with opportunities to manage, support and implement a secure network infrastructure
More informationSecurity in Computing
1111 --" iiimiitlll Security in Computing Second Edition Charles P. Pfleeger Trusted Information Systems, Inc. Prentice-Hall International, Inc. * Contents PREFACE 1 ISTHERE A SECURITY PROBLEM IN COMPUTING?
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified ISO/IEC 27002 Manager The objective of the PECB Certified ISO/IEC 27002 Manager examination is to ensure that the candidate has the knowledge for implementing information
More informationNetwork Security and Cryptography. December Sample Exam Marking Scheme
Network Security and Cryptography December 2015 Sample Exam Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers
More informationCourse Curriculum for Master Degree in Network Engineering and Security
Course Curriculum for Master Degree in Network Engineering and Security The Master Degree in Network Engineering and Security is awarded by the Faculty of Graduate Studies at Jordan University of Science
More informationManagement Information Systems (MMBA 6110-SP) Research Paper: Internet Security. Michael S. Pallos April 3, 2002
Management Information Systems (MMBA 6110-SP) Research Paper: Internet Security Michael S. Pallos April 3, 2002 Walden University Dr. Pamela Luckett-Wilson ii TABLE OF CONTENTS Internet Security... 1 Executive
More informationPCI PA-DSS Implementation Guide
PCI PA-DSS Implementation Guide For Atos Worldline Banksys XENTA, XENTEO, XENTEO ECO, XENOA ECO YOMANI and YOMANI XR terminals using the Point BKX Payment Core Software Versions A05.01 and A05.02 Version
More informationPoint ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core
PCI PA - DSS Point ipos Implementation Guide Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core Version 1.02 POINT TRANSACTION SYSTEMS AB Box 92031,
More informationISM 324: Information Systems Security Spring 2014
ISM 324: Information Systems Security Spring 2014 Instructor: Co-Instructor: Office: E-Mail: Phone: Office Hours: Jeffrey Wall Hamid Nemati 392 Bryan Building jdwall2@uncg.edu (email is the preferred method
More informationThe Need for Confluence
The Need for Confluence The Essential Role of Incident Response in Secure Software Development Why do security incidents occur? What is the root cause? Faulty software (more often than not) What is the
More informationCourse Outline. CISSP - Certified Information Systems Security Professional 2015 (Course & Labs)
Course Outline CISSP - Certified Information Systems Security Professional 2015 (Course & Labs) 09 Nov 2018 Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number
More informationA strategy for Inexpensive Automated Containment of Infected or Vulnerable Systems
A strategy for Inexpensive Automated Containment of Infected or Vulnerable Systems Steven Sim Kok Leong Assistant Manager Infocomm Security Group, NUSCERT Computer Centre National University of Singapore
More informationitexamdump 최고이자최신인 IT 인증시험덤프 일년무료업데이트서비스제공
itexamdump 최고이자최신인 IT 인증시험덤프 http://www.itexamdump.com 일년무료업데이트서비스제공 Exam : CISA Title : Certified Information Systems Auditor Vendor : ISACA Version : DEMO Get Latest & Valid CISA Exam's Question and
More informationGuide to the implementation and auditing of ISMS controls based on ISO/IEC 27001
Guide to the implementation and auditing of ISMS controls based on ISO/IEC 27001 Information Security Management Systems Guidance series The Information Security Management Systems (ISMS) series of books
More informationCSci530 Final Exam. Fall 2014
CSci530 Final Exam Fall 2014 Instructions: Show all work. No electronic devices are allowed. This exam is open book, open notes. You have 120 minutes to complete the exam. Please prepare your answers on
More informationLecture 12 Malware Defenses. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Bailey s ECE 422
Lecture 12 Malware Defenses Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Bailey s ECE 422 Malware review How does the malware start running? Logic bomb? Trojan horse?
More informationChapter 19 Security. Chapter 19 Security
Chapter 19 Security Outline 19.1 Introduction 19.2 Cryptography 19.2.1 Secret-Key Cryptography 19.2.2 Public-Key Cryptography 19.3 Authentication 19.3.1 Basic Authentication 19.3.2 Biometrics and Smart
More informationSymantec Security.cloud
Data Sheet: Messaging Security filters unwanted messages and protects mailboxes from targeted attacks. The service has selflearning capabilities and Symantec intelligence to deliver highly effective and
More informationEXAMINATION [The sum of points equals to 100]
Student name and surname: Student ID: EXAMINATION [The sum of points equals to 100] PART I: Meeting Scheduling example Description: Electronic meeting Scheduling system helps meeting initiator to schedule
More informationChapter 15: Security. Operating System Concepts 8 th Edition,
Chapter 15: Security, Silberschatz, Galvin and Gagne 2009 Chapter 15: Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing
More informationCisco Incident Control System
Cisco Incident Control System The Cisco Incident Control System (ICS) prevents new worm and virus outbreaks from affecting businesses by enabling the network to rapidly adapt and provide a distributed
More informationCOUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017
COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE Presented by Paul R. Hales, J.D. May 8, 2017 1 HIPAA Rules Combat Cyber Crime HIPAA Rules A Blueprint to Combat Cyber Crime 2 HIPAA Rules Combat Cyber Crime
More informationKaspersky PURE 2.0. Mail Anti-Virus: security levels
Mail Anti-Virus: security levels Content Mail Anti-Virus. Security levels... 2 Operation algorithm of Mail Anti-Virus... 2 Security levels of Mail Anti-Virus... 2 Customizing security level... 4 Creating
More informationSyllabus for CIT 442 Information System Security 3 Credit Hours Spring 2015
Syllabus for CIT 442 Information System Security 3 Credit Hours Spring 2015 I. COURSE DESCRIPTION An overview of information system security to include managing security, protecting information technology
More informationHP0-Y16. ProCurve Network Immunity Solutions. Download Full Version :
HP HP0-Y16 ProCurve Network Immunity Solutions Download Full Version : http://killexams.com/pass4sure/exam-detail/hp0-y16 Which challenges does a unified NIM + IDS deployment meet? (Select two.) A. Reducing
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationBCS Level 4 Certificate in Network Security QAN 603/0546/0
S Level 4 ertificate in Network Security QN 603/0546/0 Specimen Paper Record your surname / last / family name and initials on the answer sheet. Sample paper only 20 multiple-choice questions 1 mark awarded
More informationNo Time for Zero-Day Solutions John Muir, Managing Partner
No Time for Zero-Day Solutions John Muir, Managing Partner Executive Summary Innovations in virus construction and propagation have created a zero-day threat from email attachments that can wreak significant
More informationOverview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks
Overview Handling Security Incidents Chapter 7 Lecturer: Pei-yih Ting Attacks Security Incidents Handling Security Incidents Incident management Methods and Tools Maintaining Incident Preparedness Standard
More informationDefine information security Define security as process, not point product.
CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product. Define information security Information is
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO/IEC 27002 Manager www.pecb.com The objective of the PECB Certified ISO/IEC 27002 Manager examination is to ensure that the candidate has
More informationCourse Outline. CISSP - Certified Information Systems Security Professional
Course Outline CISSP - Certified Information Systems Security 10 Jan 2019 Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number of Questions 4. Expert Instructor-Led
More informationRYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education
RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education COURSE OF STUDY 2017-2018 (C)ITM 820 Information Systems Security and Privacy
More informationRequired Textbook and Materials. Course Objectives. Course Outline
Information Technology Security (ITSY 1342) Credit: 3 semester credit hours (2 hours lecture, 4 hours lab) Prerequisite/Co-requisite: None Course Description Instruction in security for network hardware,
More informationUniversity of Virginia Department of Computer Science. CS 4501: Information Retrieval Fall 2015
University of Virginia Department of Computer Science CS 4501: Information Retrieval Fall 2015 2:00pm-3:30pm, Tuesday, December 15th Name: ComputingID: This is a closed book and closed notes exam. No electronic
More informationSymantec Endpoint Protection Integration Component User's Guide. Version 7.0
Symantec Endpoint Protection Integration Component User's Guide Version 7.0 The software described in this book is furnished under a license agreement and may be used only in accordance with the terms
More informationINFORMATION SECURITY-SECURITY INCIDENT RESPONSE
Information Technology Services Administrative Regulation ITS-AR-1506 INFORMATION SECURITY-SECURITY INCIDENT RESPONSE 1.0 Purpose and Scope The purpose of the Security Response Administrative Regulation
More informationSecurity for NG9-1-1 SYSTEMS
The Next Generation of Security for NG9-1-1 SYSTEMS The Challenge of Securing Public Safety Agencies A white paper from FE/Kimball JANUARY 2010 Page 1 Authored by Jeremy Smith Jeremy is an industry-recognized
More informationIntrusion Detection. Daniel Bosk. Department of Information and Communication Systems, Mid Sweden University, Sundsvall.
Intrusion Detection Daniel Bosk Department of Information and Communication Systems, Mid Sweden University, Sundsvall. intrusion.tex 2093 2014-11-26 12:20:57Z danbos Overview 1 Intruders Intruders Behaviour
More informationSmall Office Security 2. Mail Anti-Virus
Small Office Security 2 Mail Anti-Virus Table of content Table of content... 1 Mail Anti-Virus... 2 What is Mail Anti-Virus... 2 Enabling/Disabling Mail Anti-Virus... 2 Operation algorithm of Mail Anti-Virus...
More informationCIH
mitigating at host level, 23 25 at network level, 25 26 Morris worm, characteristics of, 18 Nimda worm, characteristics of, 20 22 replacement login, example of, 17 signatures. See signatures SQL Slammer
More informationINSTITUTE OF AERONAUTICAL ENGINEERING (Autonomous) Dundigal, Hyderabad
INSTITUTE OF AERONAUTICAL ENGINEERING (Autonomous) Dundigal, yderabad - 500 043 COMPUTER SCIENCE AND ENGINEERING COURSE DESCRIPTION FORM Course Title Course Code Regulation Course Structure Course Coordinator
More informationA. Carcano, I. Nai Fovino, M. Masera, A. Trombetta European Commission Joint Research Centre Critis 2008, Rome, October 15, 2008
Scada Malware, A Proof of Concept A. Carcano, I. Nai Fovino, M. Masera, A. Trombetta European Commission Joint Research Centre Critis 2008, Rome, October 15, 2008 Outline Motivations Testing Environment
More informationCSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague
Brmlab, hackerspace Prague Lightning talks, November 2016 in general in general WTF is an? in general WTF is an? Computer Security in general WTF is an? Computer Security Incident Response in general WTF
More informationCyber Security. Our part of the journey
Cyber Security Our part of the journey The Journey Evolved Built on the past Will be continued Not always perfect Small Steps moving forward The Privileged How to make enemies quickly Ask before acting
More informationCertified Ethical Hacker (CEH)
Certified Ethical Hacker (CEH) COURSE OVERVIEW: The most effective cybersecurity professionals are able to predict attacks before they happen. Training in Ethical Hacking provides professionals with the
More informationHow to Predict Viruses Under Uncertainty
How to Predict Email Viruses Under Uncertainty InSeon Yoo and Ulrich Ultes-Nitsche Department of Informatics, University of Fribourg, Chemin du Musee 3, Fribourg, CH-1700, Switzerland. phone: +41 (0)26
More informationDataprise Managed Anti-Spam Console
Dataprise Managed Anti-Spam Console The easy-to-use solution for managing junk and virus-infected email. Use this guide to get started using your personal dashboard. # WinningWithIT What is the Personal
More informationSecure Development Processes
Secure Development Processes SecAppDev2009 What s the problem? Writing secure software is tough Newcomers often are overwhelmed Fear of making mistakes can hinder Tend to delve into security superficially
More informationPCI PA - DSS. Point Vx Implementation Guide. Version For VeriFone Vx520, Vx680, Vx820 terminals using the Point Vx Payment Core (Point VxPC)
PCI PA - DSS Point Vx Implementation Guide For VeriFone Vx520, Vx680, Vx820 terminals using the Point Vx Payment Core (Point VxPC) Version 2.02 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm,
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO 22301 Lead Implementer www.pecb.com The objective of the Certified ISO 22301 Lead Implementer examination is to ensure that the candidate
More informationZillya Internet Security User Guide
Zillya Internet Security User Guide Content Download Zillya Internet Security... 4 Installation Zillya Internet Security... 4 System Status... 7 System Scanning... 9 When Zillya Internet Security finds
More informationEndpoint Protection : Last line of defense?
Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development
More informationA Risk Management Platform
A Risk Management Platform Michael Lai CISSP, CISA, MBA, MSc, BEng(hons) Territory Manager & Senior Security Sales Engineer Shift to Risk-Based Security OLD MODEL: Prevention-Based Security Prevention
More informationDETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM
DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM Rajalakshmi 1, Umamaheswari 2 and A.Vijayaraj 3 1 Department
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Signature Repository A Signature Repository provides a group of signatures for use by network security tools such
More informationEC-Council C EH. Certified Ethical Hacker. Program Brochure
EC-Council TM C EH Program Brochure Target Audience This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the
More informationEXECUTIVE REPORT 20 / 12 / 2006
EXECUTIVE REPORT 20 / 12 / 2006 1 Executive summary Audit start date Audit end date 07 / 09 / 2006 19:12 08/ 09 / 2006 09:34 Licenses contracted: 300 Computers audited: 161 items scanned: 703499 Computers
More informationIntruders, Human Identification and Authentication, Web Authentication
Intruders, Human Identification and Authentication, Web Authentication David Sanchez Universitat Pompeu Fabra 06-06-2006 Lecture Overview Intruders and Intrusion Detection Systems Human Identification
More informationPresentation by Brett Meyer
Presentation by Brett Meyer Traditional AV Software Problem 1: Signature generation Signature based detection model Sheer volume of new threats limits number of signatures created by one vendor Not good
More informationModule 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20.
Module 20: Security The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption 20.1 The Security Problem Security must consider external environment of the system,
More informationModelling Cyber Security Risk Across the Organization Hierarchy
Modelling Cyber Security Risk Across the Organization Hierarchy Security issues have different causes and effects at different layers within the organization one size most definitely does not fit all.
More informationInternet Security Mail Anti-Virus
Internet Security 2012 Mail Anti-Virus Table of Contents Mail Anti-Virus... 2 What is Mail Anti-Virus... 2 Enabling/disabling Mail Anti-Virus... 2 Operation algorithm of Mail Anti-Virus... 2 Changing Mail
More informationAN EFFICIENT AND SYSTEMATIC VIRUS DETECTION PROCESSOR FOR EMBEDDED NETWORK SECURITY
AN EFFICIENT AND SYSTEMATIC VIRUS DETECTION PROCESSOR FOR EMBEDDED NETWORK SECURITY P.MUTHU KUMARAN 1, R.V.ASHOK PRATHAP 2 & D.MATHAVAN 3 1,2&3 Sasurie Academy of Engineering Email:muthukumaran23@gmail.com
More informationMIS5206-Section Protecting Information Assets-Exam 1
Your Name Date 1. Which of the following contains general approaches that also provide the necessary flexibility in the event of unforeseen circumstances? a. Policies b. Standards c. Procedures d. Guidelines
More informationSPECIAL ISSUE, PAPER ID: IJDCST-09 ISSN
Digital Forensics CH. RAMESH BABU, Asst.Proffessor, Dept. Of MCA, K.B.N.College, Vijayawada Abstract: The need for computer intrusion forensics arises from the alarming increase in the number of computer
More informationAdvanced Pattern Based Virus Detection Algorithm for Network Security
Advanced Pattern Based Virus Detection Algorithm for Network Security Binroy T.B. M.E. Communication Systems Department of Electronics and Communication Engineering RVS College of Engineering & Technology,
More informationescan Security Network From MicroWorld Technologies Anti-Virus & Content Security
& Content Security Created on: 5th November, 2012 Document Version Number: ESN(14.0.0.1) From MicroWorld Technologies With the growing amount of malware in-the-wild, we realized it would be practically
More informationWHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief
WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION A Novetta Cyber Analytics Brief Why SIEMs with advanced network-traffic analytics is a powerful combination. INTRODUCTION Novetta
More informationn Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test
Chapter Objectives n Explain penetration testing concepts n Explain vulnerability scanning concepts Chapter #4: Threats, Attacks, and Vulnerabilities Vulnerability Scanning and Penetration Testing 2 Penetration
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified ISO/IEC 27005 Risk Manager The objective of the Certified ISO/IEC 27005 Risk Manager examination is to ensure that the candidate has the knowledge and the skills to
More informationAdvanced Pattern Based Virus Detection Algorithm for Network Security
National Conference on Emerging Trends in VLSI, Embedded and Communication Systems-2013 37 Advanced Pattern Based Virus Detection Algorithm for Network Security T.B. Binroy and B. Lakshmanan Abstract---
More informationRSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst
ESG Lab Review RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst Abstract: This ESG Lab review documents
More informationSecurity: Worms. Presenter: AJ Fink Nov. 4, 2004
Security: Worms Presenter: AJ Fink Nov. 4, 2004 1 It s a War Out There 2 Analogy between Biological and Computational Mechanisms The spread of self-replicating program within computer systems is just like
More informationCisco IOS Inline Intrusion Prevention System (IPS)
Cisco IOS Inline Intrusion Prevention System (IPS) This data sheet provides an overview of the Cisco IOS Intrusion Prevention System (IPS) solution. Product Overview In today s business environment, network
More information