Problem
A. Distinguish between vulnerability, threat, and control.
B. Theft usually results in some kind of harm. For example, if someone steals your car, you may suffer financial loss, inconvenience (by losing your mode of transportation), and emotional upset (because of the invasion of your personal property and space). List three kinds of harm a company might experience from theft of computer equipment.
C. List at least three kinds of harm a company could experience from electronic espionage or unauthorized viewing of confidential company materials.
D. List at least three kinds of damage a company could suffer when the integrity of a program or company data is compromised.
E. What are the risks of having the United States government select a cryptosystem for wide- spread commercial use (both inside and outside the United States). How could users from outside the United States overcome some or all these risks?
F. Consider an application where an organization allows its employees to access confidential
G. customers' data via a web application. The current implementation allows the employees to log in to the web-based application using their last name and a password. Using the MOM approach describes a threat against the application. Explain the followings: - The motivation of the attacker - The opportunity that makes the attack possible - Methods/skills needed to carry out the attack