Professional Documents
Culture Documents
Assigment No 2 InfoSec
Assigment No 2 InfoSec
Assigment No 2 InfoSec
The security precautions related to computer information and access address four major
threats:
Theft of data, such as that of military secrets from government computers.
Vandalism, including the destruction of data by a computer virus.
Fraud, such as employees at a bank channeling funds into their own accounts.
Invasion of privacy, such as the illegal accessing of protected personal financial or
medical data from a large database.
2. What is the OSI security architecture? Explain each point with help of valid
diagram.
Answer: ITU-T Recommendation X.800, Security
Architecture for OSI defines systematic way to
• Defining the requirements for security
• Characterizing the approaches to satisfying those
requirements
ITU-T – international Telecommunication Union
Telecommunication Standardization Sector
OSI – Open Systems Interconnections
The following concepts are used:
• Security attack: Any actions that compromises the
security of information owned by an organization (or a
person)
• Security mechanism: a mechanism that is designed to
detect, prevent, or recover from a security attack
• Security service: a service that enhances the security of
the data processing systems and the information transfers
of an organization. The services make use of one or more
security mechanisms to provide the service.
3. For our purposes, the OSI security architecture provides a useful, if abstract, overview of
many of the concepts that this book deals with. The OSI security architecture focuses on
security attacks, mechanisms, and services.
4. What is the difference between passive and active security threats? Give
any two example of each with the help of diagrams.
Answer: Active attacks: An Active attack attempts to alter system resources or effect their
operations. Active attack involve some modification of the data stream or creation of false
statement. Types of active attacks are as following:
1. Masquerade:
Masquerade attack takes place when one entity pretends to be different entity. A
Masquerade attack involves one of the other form of active attacks.
2. Modification of messages :
It means that some portion of a message is altered or that message is delayed or
reordered to produce an unauthorised effect. For example, a message meaning “Allow
JOHN to read confidential file X” is modified as “Allow Smith to read confidential file X”.
Passive attacks: A Passive attack attempts to learn or make use of information from the
system but does not affect system resources. Passive Attacks are in the nature of
eavesdropping on or monitoring of transmission. The goal of the opponent is to obtain
information is being transmitted. Types of Passive attacks are as following:
2. Traffic analysis :
Suppose that we had a way of masking (encryption) of information, so that the attacker
even if captured the message could not extract any information from the message.
The opponent could determine the location and identity of communicating host and
could observe the frequency and length of messages being exchanged. This information
might be useful in guessing the nature of the communication that was taking place.
5. List and briefly define categories of passive and active network security
attacks.
Answer: The two types of passive attacks are: Release of message, this is where the
attacker listens to the data stream and then share the confidential information. Traffic
analysis, this involves analysis of the traffic and observe the time taken and the size of the
message being sent and received. The types of active security attacks are as follows:
Masquerade, this involves the attacker to impersonate the sender of the message. Replay,
this is where the data are captured and then retransmit in view of creating an unauthorised
effect. Modification of messages – in this case the message is are modified or delayed or the
sequence of the message is reordered in view of creating an unauthorised effect. Denial of
service, this is where the attacker prevents the authorised person to use the infrastructure
in an authorised manner by disabling the network.
Availability:The frequency of ATM should enhance depending upon the demand of the
customers and further should be frequently updated with cash to provide accurate services.
While ATM which is out of service could lead to customer dissatisfaction, that of ATM with
accuracy in services could attract more and more customers.
Answer: By following these three key pillars to achieve the confidentiality, integrity,
and availability of data in your network, you will be protecting your data, your
customers, and your business.
Pillar 1: Confidentiality
The central driving vision for any data security approach is to ensure customer data
remains confidential at all times. This requires an end-to-end security solution protecting
network traffic from the end point to the data centre.
Data confidentiality in the network begins at the physical layer, where fibre tapping
devices can be used to steal sensitive data. To combat this, all your in-flight data should
be bulk encrypted from end-to-end, making it undecipherable and, ultimately, useless to
hackers.
Another key strategy for enhancing data confidentiality –that also reduces legacy
infrastructure costs – is to selectively add service layer encryption at the edge by
deploying next-generation, virtualized security solutions in your network. This requires a
flexible, open infrastructure that allows you to deliver and provision virtual network
functions (VNFs) in real time. Deploying virtual security appliances, including firewalls,
intrusion detection systems, and identity/access management systems, while enabling
routing of traffic to virtual-honeypots to deceive and detect adversaries, are all part of a
multi-layered security solution. In the virtualized security environment, advanced
analytics and orchestration tools ensure all VNFs work together effectively.
Pillar 2: Integrity
Data integrity combats cyberattacks by ensuring that information and flows are not
altered through unauthorized methods. To achieve true data integrity in the network,
you need to trust that the core network elements operate in a trusted state. Network
providers and partners should have secure, well-documented life cycle management
processes and procedures covering component sourcing and manufacturing, network
design, deployment, and operations. Your network partners should also have security
accreditations from independent third parties, as well as comply with all the latest
security and quality standards. These steps ensure the devices and network elements
that pass your critical data have been designed, manufactured, and delivered in a trusted
state.
Pillar 3: Availability
Today, data protection legislation requires companies to take technical and
organizational measures to ensure the security of data processing. This includes ongoing
availability and resilience of processing systems and services, even in the event of a
cyberattack or natural disaster. This means your network should incorporate fully
redundant infrastructure components including power supplies, processors, and
switching fabrics ensuring that traffic is rerouted to an alternative infrastructure if
required, and that primary paths are automatically restored as soon as possible.
Availability can be maximized using advanced network analytics. Analytics and reporting
identify anomalous network behaviour and empower your operations teams to respond
to cyberattacks faster. This approach helps minimize the impact of cyberattacks and gives
organizations actionable insights that maximize uptime and improve capacity planning
and preventive maintenance.