CS205 Information Security Assignment No 02 Fall 2019 Solution & Discussion
CS205 Assignment#02 Solution Fall 2019
Thanks alot dear bro
Report 1:Report 1:Upon testing the login interface, the security experts found a loophole in the system that an unauthorized person can login to the system by trying different combinations of passwords.
Answer: Brute Force Attack: A hacker attempts to access a group of user accounts or just some specific person’s, brute-force attacks are the go-to strategy for cracking passwords. These attacks work by systematically checking all possible passphrases until the correct one is found. If the hacker already has an idea of the guidelines used to create the password, this process becomes easier to execute.A Brute Force Attack is the simplest method to gain access to a site or server (or anything that is password protected). It tries various combinations of usernames and passwords again and again until it gets in. This repetitive action is like an army attacking a fort.How to protect against brute force attack:Use two Factor Authentication is an extra line of defense which can defend your account from Brute Force Attack.
It is observed that bundle of unnecessary requests possibly generated by some computers or bots can overload the application and resultantly system may crash or fail to perform ordinary functions. Answer:
DDoS Attack A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.
How to protect against DDoS Attack:
1.Cloudflare : Cloudfare's layer 3 and 4 protection absorbs an attack before it reaches a server, which load balancers, firewalls, and routers do not. Its layer 7 protection differentiates between beneficial and harmful traffic.
1. Suppose a user receives an email containing an image file as the attachment. As the user opens the file,different files on his systems get deleted or modified.Answer:
2. A student copied some files from his USB flash drive to a computer in university lab. After doing this, he observed that the number of files on the system got duplicated and overall performance of the system got deteriorated. He faced too much delay in performing tasks by the computer.
Worms: Worms are malicious programs that make copies of themselves again and again on the local drive, network shares, etc. The only purpose of the worm is to reproduce itself again and again. It doesn’t harm any data/file on the computer. Unlike a virus, it does not need to attach itself to an existing program. Worms spread by exploiting vulnerabilities in operating systemsExamples of worm are:W32.SillyFDC.BBYPacked.Generic.236W32.TroresbaDue to its replication nature it takes a lot of space in the hard drive and consumes more cpu uses which in turn makes the pc too slow.
3. A user noticed that someone is using his Facebook account after stealing his credentials. After investigation, he observed that it happened after installing a software downloaded from an un-authentic website.Answer:
Pishing Attack: Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.
CS205 Assignment No 02 Solution fall 2019