QUESTION 1
(a)(i) Why has "Stuxnet" virus been named as a cyber-weapon?
(ii) What has been the first identified target of the Stuxnet virus?
(iii) How the virus infection began? Why was infection (virus) brought in this way?
(iv) Offer two reasons why it is particularly difficult to detect the Stuxnet virus.
(v) How does the virus know that it has already infected a computer?
(vi) Name or give two modified variants of the Stuxnet virus.
(b)Present two examples of anonymous networks that may be used by attackers to hide their activities.
(c)In the year 2012, there has been many incidents related to the theft of personal data. For instance, clients personal data had been stolen from Zappos Online Shoe and Clothing website. What is the aim for attackers to steal such personal user data?
QUESTION 2
(a)(i) Illustrate Phishing attacks.
(ii) Make a distinction between Phishing and Spear Phishing attacks.
(b)Explain two instances where an attacker sniffing on a network may get an opportunity to carry out a DNS poisoning and how the DNS poisoning can be done.
(c)Briefly describe how the following networks can be protected against cache ARP poisoning (i) small networks, (ii) large networks and (iii) all networks.
QUESTION 3
(a)Think about the following access control information in the form of the 9 mode bits for a Unix file: 111 101 001. The owner of the file is John. John and Sam belong to the same group. Peter is an additional user on the system.
(i) What are the encoded access rights of John?
(ii) What are the encoded access rights of Sam?
(iii) What are the encoded access rights of Peter?
(b)Consider a system using the Bell-LaPadula model for access control. The subsequent are the clearance for several of the system users:
Jane: SECRET[PAYROLL]
John: TOPSECRET[SALES, PAYROLL, ADMIN]
Billy: SECRET[PAYROLL, ADMIN]
Tom: CONFIDENTIAL[SALES]
A file in the system named LOGISTICS has the following classification: SECRET[PAYROLL, ADMIN].
Assuming that the pecking order of the classification labels is TOPSECRET>SECRET>CONFIDENTIAL. State the read and write access for the LOGISTICS file by the following users. Give good reason for your answer.
(i) Jane,
(ii) John,
(iii) Billy, and
(iv) Tom
(c)RADIUS server is frequently used in networks for access control.
(i) What does the short form of RADIUS stands for?
(ii) Does it present centralised or decentralised access control?
(d)What is the importance of implementing parting of duties for access control?
QUESTION 4
(a)Can SSL be used to encrypt email data? Give good reason for your answer.
(b)What are the three fundamental security provided by SSL?
(c)Converse the limitations of SSL.
(d)State the port number used by application (submission) using SSL for HTTP traffic?
(e)With the help of an illustration, describe the processing performed by the SSL Record protocol of the SSL protocol stack.