Topic 1: Introduction to Information Security
Question 1
While most organisations tend to focus on protecting their organisations from external cyber attacks, "...an insider attack has the potential to cause significant, even catastrophic damage to the targeted IT-infrastructure" (Dimitrakos, Martinelly, Ryan, and Schneider, 2007).
Research the issue of insider attacksin the context of cyber security and report your findings, including what the problem is, common types of insider attacks, existing and potential protection mechanism and future trends.
Topic 2: Cryptography
Question 2
The Boyle & Panko textbook described how public key authentication is used for message-by-message authentication in digital signatures. However, public key authentication is widely used for initial authentication. Describe the processes that the supplicant and verifier would use if public key encryption were used in initial challenge-response authentication. Draw heavily on your understanding of digital signatures, but put this information in challenge-response context.
Topic 3: Network Security fundamentals 1
Question 3
(a) What type of man-in-the-middle attack is a danger for 802.11 WLANs?
(b) What exactly is an evil twin access point?
(c) What do you think will happen when the legitimate supplicant sends credentials to the legitimate access point?
Topic 5: Firewalls
Question 4: Depending on the filtering mechanisms used for examining packets, there are different types of firewalls. Explain the functioning, advantages and disadvantages of four popular firewalls.