Latest Activity In Study Groups

Join Your Study Groups

VU Past Papers, MCQs and More

We non-commercial site working hard since 2009 to facilitate learning Read More. We can't keep up without your support. Donate.


CS205 Information Security Assignment 01 Fall 2020 Solution / Discussion Due Date: 26-11-2020

CS205 Information Security Assignment 01 Fall 2020 Solution / Discussion Due Date: 26-11-2020

Question No. 1                                                                     [Marks: 10]Question No. 1                                                                     [Marks: 10]
Suppose you are attempting the exam for the post of Information Security Engineer in the ABC organization. During the exam, you are given the following real life scenarios associated with  the three main pillars of informing security (C.I.A) : Suppose fifty cancer patient's treatment is being carried out by Dr. Ali in the well-reputed cancer hospital in Lahore. All the medical information of those patients is stored in the table of the hospital’s database system. Dr. Ali suggests medicine to the patients on the basis of patient’s relevant information stored in the database. If another doctor who has also legal rights to access this table of the database, unintentionally changes the information that can mislead the patient treatment.CSS Exam’s applicants are checking their results online through the FPSC website but the FPSC website takes too much time to load.The AZB limited Bank makes a plan for launching a new offer for capturing customers in a market but this plan leaked to its competitors.A bank’s ATM is not responding due to general backend server error.If a renowned shoe brand’s prices and specifications available on online shopping stores are changed by an unauthorized person.If you are replying to the messages of your friend, then it should be received in the original form as it is sent by you.Upon the last date of applying for the online job application, the related website is not responding due to some technical problems which makes the candidates unable to submit their job application on time.Student’s board results information (Marks, CGPA) is considered very important and it should be available only for that specific student and their parents rather than other class students.A developer’s salary slip in the software house should not be visible to any other developer.Student’s semester grades are posted on the class Facebook group by some unauthorized student.After carefully reading and analyzing the above-mentioned scenarios and fill the following table: Scenario. No Associated C.I.A security component Scenario. No Associated C.I.A security component    1 Confidentiality 6 Integrity    2 Integrity 7 Integrity    3 Availability 8 Confidentiality    4 Availability 9 Availability    5 Confidentiality 10 Confidentiality  
Solution: 
Question No. 2                                                                                                                                          [Marks: 10]
You are required to carefully study the OSI security architecture and then identify and relate the following daily life scenarios with security services provided by OSI: 
A Hotel front desk information officer is given the right to add visitor data on daily basis into the hotel database. He may be allowed to edit the information later on when required but not allowed to delete the record of any visitor.A bank’s regular customer sends an online query to the bank’s head office to know about his closing balance after ten weekly transactions and he should receive the same balance amount as sent by bank authorities.Mr. Hamza transfer $15000 to Car Company’s bank account through an online banking service for purchasing the new car. Both the bank and the user should be guaranteed in the identities of each other.A bank’s cash officer may be allowed to see just customer profile, but not allowed to make any changes in the customer profile information.A bank’s client withdraws Rs. 25000 from his bank account, but after some days he denied that he made the transaction. How the bank can handle such a situation?Note: You are required to provide your answer in the table given below:

Question No. 2 [Marks: 10]

You are required to carefully study the OSI security architecture and then identify and relate the following daily life scenarios with security services provided by OSI:

A Hotel front desk information officer is given the right to add visitor data on daily basis into the hotel database. He may be allowed to edit the information later on when required but not allowed to delete the record of any visitor.
A bank’s regular customer sends an online query to the bank’s head office to know about his closing balance after ten weekly transactions and he should receive the same balance amount as sent by bank authorities.
Mr. Hamza transfer $15000 to Car Company’s bank account through an online banking service for purchasing the new car. Both the bank and the user should be guaranteed in the identities of each other.
A bank’s cash officer may be allowed to see just customer profile, but not allowed to make any changes in the customer profile information.
A bank’s client withdraws Rs. 25000 from his bank account, but after some days he denied that he made the transaction. How the bank can handle such a situation?
Note: You are required to provide your answer in the table given below:

Views: 242

Replies to This Discussion

CS205_Assignment_No_01_Solution_Fall_2020

Click on the below link to download the file

CS205_Assignment_No_01_Solution_Fall_2020

CS205 Information Security Assignment 1 solution & discussion Fall 2020


Solution idea:

 

 

Student ID : BC180400273

CS205 –Information Security

Total Marks: 20

Due Date: 26th November, 2020    

Question No. 1              [Marks: 10]

Suppose you are attempting the exam for the post of Information Security Engineer in the ABC organization. During the exam, you are given the following real life scenarios as

1.      Suppose fifty cancer patient's treatment is being carried out by Dr. Ali in the well-reputed cancer hospital in Lahore. All the medical information of those patients is stored in the table of the hospital’s database system. Dr. Ali suggests medicine to the patients on the basis of patient’s relevant information stored in the database. If another doctor who has also legal rights to access this table of the database, unintentionally changes the information that can mislead the patient treatment.

  1. CSS Exam’s applicants are checking their results online through the FPSC website but the FPSC website takes too much time to load.

3.      The AZB limited Bank makes a plan for launching a new offer for capturing customers in a market but this plan leaked to its competitors.

  1. A bank’s ATM is not responding due to general backend server error.

5.      If a renowned shoe brand’s prices and specifications available on online shopping stores are changed by an unauthorized person.

6.      If you are replying to the messages of your friend, then it should be received in the original form as it is sent by you.

7.      Upon the last date of applying for the online job application, the related website is not responding due to some technical problems which makes the candidates unable to submit their job application on time.

8.      Student’s board results information (Marks, CGPA) is considered very important and it should be available only for that specific student and their parents rather than other class students.

9.      A developer’s salary slip in the software house should not be visible to any other developer.

  1. Student’s semester grades are posted on the class Facebook group by some unauthorized student.

After carefully reading and analyzing the above-mentioned scenarios and fill the following table:

Scenario. No

Associated C.I.A security component

 

Scenario. No

Associated C.I.A security component

 

1

Confidentiality

6

Integrity

2

Integrity

7

Integrity

3

Availability

8

Confidentiality

4

Availability

9

Availability

5

Confidentiality

10

Confidentiality

 

Solution:

 

Question No. 2                                                             [Marks: 10]

You are required to carefully study the OSI security architecture and then identify and relate the following daily life scenarios with security services provided by OSI:

  1. A Hotel front desk information officer is given the right to add visitor data on daily basis into the hotel database. He may be allowed to edit the information later on when required but not allowed to delete the record of any visitor.
  2. A bank’s regular customer sends an online query to the bank’s head office to know about his closing balance after ten weekly transactions and he should receive the same balance amount as sent by bank authorities.
  3. Mr. Hamza transfer $15000 to Car Company’s bank account through an online banking service for purchasing the new car. Both the bank and the user should be guaranteed in the identities of each other.
  4. A bank’s cash officer may be allowed to see just customer profile, but not allowed to make any changes in the customer profile information.
  5. A bank’s client withdraws Rs. 25000 from his bank account, but after some days he denied that he made the transaction. How the bank can handle such a situation?

Note: You are required to provide your answer in the table given below:

 

Scenario. No

Security Service by OSI

 

1

Authentication

2

Access control

3

Non Repudiation

4

Data confidentiality

5

Data integrity

RSS

Looking For Something? Search Below

VIP Member Badge & Others

How to Get This Badge at Your Profile DP

------------------------------------

Management: Admins ::: Moderators

Other Awards Badges List Moderators Group

Latest Activity

© 2021   Created by + M.Tariq Malik.   Powered by

Promote Us  |  Report an Issue  |  Privacy Policy  |  Terms of Service