Professional Documents
Culture Documents
ASSIGNMENT05
ASSIGNMENT05
ASSIGNMENT05
Question 02:
For each of the following statements, give an example of a situation in which
the statement is true.
a) Prevention is more important than detection and recovery.
b) Detection is more important than prevention and recovery.
c) Recovery is more important than detection and prevention Solution:
A) Prevention is more important than detection and recovery Example:
Network Firewall Protection
• In a corporate network, a firewall is configured to block unauthorized
access to certain services or servers. The prevention here involves setting
up rules that restrict access based on IP addresses, protocols, and ports. In
this scenario, preventing unauthorized access through the firewall is
crucial because it reduces the likelihood of a successful attack,
minimizing the need for extensive detection and recovery efforts. B)
Detection is more important than prevention and recovery:
• Example: Intrusion Detection System (IDS) for Advanced Persistent
Threats (APTs)
• Consider a scenario where an organization is targeted by sophisticated
attackers using advanced techniques to bypass traditional preventive
measures. In this case, relying solely on prevention may not be sufficient.
An Intrusion Detection System that can identify and alert on unusual or
suspicious activities, such as patterns indicative of an APT, becomes
crucial. Detection becomes a priority to identify the breach as early as
possible, allowing for timely response and mitigation.
c) Recovery is more important than detection and prevention:
Example: Data Backup and Disaster Recovery
In the aftermath of a natural disaster, such as a flood or earthquake,
the primary concern may shift from prevention and detection to recovery. While
preventive measures are essential, they may not be sufficient to withstand all
types of disasters. Once the event has occurred, the focus is on quickly restoring
systems, data, and services. A well-prepared disaster recovery plan that includes
regular backups, offsite storage, and efficient restoration processes becomes
critical in such situations.
Question 03:
. Identifymechanisms for implementing the following, State what policy or
policies they might be enforcing.
a) A password changing program will reject passwords that are less than 5
characters long or that or found in the dictionary.
b) Only students in a computer science class will be given accounts on the
department’s computer system
Solution:
a) Mechanism for Password Changing Program:
• Policy Enforcement Mechanism:
• Password Policy Enforcement: The password changing program
implements a mechanism to reject passwords that are less than 5
characters long or are found in the dictionary.
• Policies Enforced:
• Minimum Password Length Policy: This policy specifies the
minimum length a password must have.
• Dictionary Check Policy: This policy prevents the use of easily
guessable passwords by checking against a dictionary of common
words.
B) Mechanism for Student Accounts on Department's Computer System: