Information Security – Take Home Individual Assignment.

Submission Due: 7th November 5pm

No late submissions will be allowed

1. What is the difference between a worm and a virus?

ii) Describe a typical Zombie attack in relation to Information Security
iii) Detail at least 5 measures for preventing malware attacks on a client/server computer system

2. Define a Vulnerability, threat and control

ii) State one vulnerability, one threat and one possible control for each of the scenarios described
below:
a) A USB drive with the details of more than 700 patients at Kamuli hospital was left in a vehicle.
A car wash attendant was able to access the unencrypted material

b) A code update disabled the authentication mechanism of the online data-sharing service at
Dropbox for over 3 hours. During this period when the Dropbox authentication mechanism was
disabled, users could log into the account with the incorrect password

c) A hacking attack led to Amazon’s online shopping portal being taken down. According to
Amazon, “Unknown attackers managed to verify customer’s IDs and passwords, although
credit card details were not at risk.”

3. List the four types of user characteristics that an authentication system can use to establish the
identity of a user, Illustrate each with an example

4. Describe the three main principles of Information Security and for each of the principles, discuss if
it is possible to use security controls based on cryptography to achieve the principle

5. Explain the four major purposes of Information Security.