Security Task
Assignment : Cryptography
Question
1:
Security professionals need to ensure
that they keep up to date with the latest threats and security issues. This
allows them to update their risk profiles, such as identifying if their systems
are vulnerable. In order to determine what the risk to an organisation is, you
need to know what the problems could be.
In this assignment, your task is to
identify a recently announced security vulnerability and write a profile of the
threat. The profile should contain:
1. Name
of the threat,
2. Systems
it attacks,
3. How
it performs its attack,
4. Mitigation
strategies
5. Discuss
on the scope of the threat in terms of who could be exploiting this
vulnerability (Cyber criminals or state nations)
6. Concluding
reflection (100 words) on the adequacy of the mitigation strategies.
Your report should be maximum 2 pages
and should contain relevant tables, calculations, a ranked list of threats (in
terms of impact) and conclusions.
See the scoring sheet for this
assignment, and ensure that your report fulfils the criteria listed.
Scoring
Q1:
Type
|
Score
|
Description
|
Content
|
||
Systems
it attacks
|
7
|
Appropriately
highlight which systems it attacks and does the attack targets operating
systems or applications or its’ multilevel. Reports that go outside the
bounds will lose marks from this category.
|
How
it performs its attack
|
7
|
Complete
strategy of the attack to exploit the vulnerability should be given.
|
Mitigation
strategies
|
7
|
Reports
should cover the mitigation strategies (technical, policy, training etc.) of
the profile
|
Scope
of the threat
|
7
|
Discuss
on the scope of the threat in terms of who could be exploiting this
vulnerability (Cyber criminals or state nations)
|
Concluding
reflection
|
7
|
Reflection
should be your views and should be clearly articulated
|
Subtotal:
|
35
|
Subtotal
for content
|
Presentation
|
||
Spelling
and Grammar
|
5
|
The
presentation’s content is appropriately written in English, with no spelling
errors and grammar issues.
|
Presentation
and Style
|
5
|
The
report is well presented, with diagrams, headings, tables and other visual
aids.
|
References
|
5
|
The
report contains appropriate references and referencing style.
|
Subtotal:
|
15
|
Subtotal
for presentation
|
Total:
|
50
|
|
Question
2:
You are required to learn the GPG/PGP package using Linux Kali environment (learning the applications
of private and public key cryptography to secure email messages and documents)
to be able to answer the following questions. You should pair up with one of your
class fellow to do this lab and record results and give commentary on the
results.
If you do not have a class fellow then
create two user accounts and you can encrypt using one account and descript
using other account. You should use screen
shots from your experiments to support your responses.
a) Generate
keys of 2 different sizes for RSA encryption scheme and include these keys in
the report. Discuss why generation of different size of keys takes different
amount of time.
b) Encrypt
a file (text or binary) using one
key and include your results and note the observation.
c) Create
a file of close to 1 GB and encrypt and decrypt it using one key and note the time taken. Comment on the reason why this
much time has taken. Calculate how long it would take to do the
encryption/decryption of a 10 GBs of data.
d) Export
your public key and discuss the reason why your exported key should be in ASCII
format.
e) Encrypt
a file and output the cipher text in ASCII format.
f) You
should work with your class fellow/or create two accounts to do this experiment
and record your observation in the form of commands being used or procedure
being followed and includeyour results.
I. Exchange your public
key and your friend’s public key using email.
II. Import your friend’s
public key into your key ring.
III. Encrypt a file using
your friend’s public key and send the encrypted file to your friend.
IV. Ask your friend to
decrypt the encrypted file.
V. You can ask your friend
to do the same thing.
g) Write
a reflection report in 100 words about the role cryptography is playing in
messaging apps to ensure privacy of individuals. Use an example of an app in
your reflection.
(Refer to http://www.pa.msu.edu/reference/pgpdoc1.html
and
http://www.pa.msu.edu/reference/pgpdoc2.html,
or any document about PGP/GPG)
Scoring
Type
|
Score
|
Description
|
Content
|
||
2
keys being generated
|
5
|
Keys
of different sizes should be generated, contents of keys included and size
estimated. Discuss why generation of different size of keys take different
time.
|
File
encryption
|
5
|
File
encryption with one key and results included with observation
|
Large
file encryption
|
5
|
Analysis
and observation of encryption time for large files
|
ASCII
format
|
5
|
Need
for keys and encrypted files to be in ASCII format
|
Key
exchange for cryptography
|
5
|
Observation
of key exchange and encryption and decryption of the file shown with screen
shots
|
Reflection
on use of cryptography
|
10
|
Role
of cryptography in mobile apps to ensuring right to privacy
|
Subtotal:
|
35
|
Subtotal
for content
|
Presentation
|
||
Spelling
and Grammar
|
5
|
The
presentation’s content is appropriately written in English, with no spelling
errors and grammar issues.
|
Presentation
and Style
|
5
|
The
report is well presented, with diagrams, headings, tables and other visual
aids.
|
References
|
5
|
The
report contains appropriate references and referencing style.
|
Subtotal:
|
15
|
Subtotal
for presentation
|
Total:
|
50
|
|
To get solution visit our website www.sourceessay.com
Comments
Post a Comment