1. Develop an attack tree for gaining database of a bank. access to customer account details from the
Q: Consider a possible bank robbery. How does the bank prevent future intrusions, recognise those that…
A: Introduction: A network intrusion detection system (NIDS) is vital for network security since it…
Q: An authentication challenge-response mechanism should be shown. With password protection, how much…
A: Start: A question and a response are required to validate a dubious response.The challenge or…
Q: Create a fictitious login management situation. Determine multiple methods of authentication.…
A: Password authentication is a method that involves the user entering a unique ID and key that is then…
Q: The operation of an authentication challenge–response system should be described. Although it seems…
A: What are the chances that the challenge answer is correct: In its most basic form, verification of a…
Q: 6.3 Consider the following threats to Web security and describe how each is countered by a…
A: As per policy, first three parts are answered.
Q: Is the outcome of an attack.
A: Answer to the given question: Attacks can cause electrical power outages, disappointment of military…
Q: Is it possible to negate access control by taking particular steps?
A: Answer: I have given answered in the brief explanation
Q: The notion of challenge–response authentication must be understood. In what way is it more secure…
A: Challenges in Security Authentication: 4 Problems with User Authentication That Developers and…
Q: Consider the scenario where the hacker makes a phone call to the customer and trying to pretend that…
A: This scenario depicts a scene of social engineering attack which involves fooling people and getting…
Q: Specify a scenario in which one of the four possible access control techniques may be put into…
A: The four access control methods might be used:
Q: In a general sense, "security" is a. protection from only direct actions b. using reverse attack…
A: To be determine: Choose right option
Q: Differentiate hash from MAC. Demonstrate how they may be used to verify communications. What…
A: Make a distinction between hash and MAC. Describe how they may be utilized for message…
Q: Give an example of a ubiquitous security infrastructure risk in at least a paragraph.
A: Definition A system from which the computer has vanished and has been supplanted by a multitude of…
Q: gaining
A: Attack Trees provide a formal, methodical way of describing the security of systems, based on…
Q: Allow me to describe distributed denial-of-service attacks in the event that you are not acquainted…
A: Security threat is any negative event that can lead to unwanted impact to a computer system possibly…
Q: Provide a fictional example of login management. Consider a range of user authentication methods. Is…
A: Scenario management is a very effective technique for managing numerous futures and creating…
Q: Give specific instances of session hijacking techniques. Such attacks require a robust defence
A: Let's understand in deep about session hijacking and it's methods.
Q: In brute force attack, on average half of all possible keys must be tried to achieve success. i)…
A: Question. In brute force attack, on average half of all possible keys must be tried to achieve…
Q: Separate authentication and accountability.
A: The above question is solved in step 2 :-
Q: What exactly is a tracker attack? Make use of an acceptable example to demonstrate tracker attacks.
A: A tracker attack is when an attacker uses many aggregate searches to isolate an individual.
Q: What is a recursive cross-site scripting attack?
A: Introduction: When an attacker injects executable browser code within a single HTTP response, this…
Q: An attacker sits between customer and Banker, and captures the information from the customer and…
A: Answer: This attack is called Explanation: The attack may well be winning just by resending the…
Q: Both explain what a brute force assault is and why admin/root accounts are vulnerable.
A: Introduction: Both explain what a brute force assault is and why admin/root accounts are vulnerable.
Q: Assume the designer of an online banking system created a secret function that gives him account…
A: Intro Due to the fact that the application was disguised and triggered only when the account balance…
Q: Why is polymorphism seen as more dangerous than regular malware? What effect does it have on…
A: Introduction: Let we begin by discussing polymorphism: Polymorphism: The offering of a single…
Q: Assume that the developer of an online banking software system added a secret mechanism that gives…
A: We are given a situation where developer of an online banking software system added a secret…
Q: Threats - Explore the classic ARP poisoning attack. What the mitigating strategies to defend…
A: Given: What are the mitigating strategies to defend against it? The solution is given below for…
Q: Describe a fictitious situation involving login management. List as many unique authentication…
A: Credentials Over Unencrypted ChannelIf the application accepts the credentials and logs in a user…
Q: Describe two distinct types of attack against password systems and the countermeasures against each…
A: Actually, given information regarding types of attack.
Q: Is it feasible to circumvent access control by taking certain steps?
A: Introduction Is it feasible to circumvent access control by taking certain steps?
Q: In both cases, what is a brute force assault and why are admin/root accounts vulnerable to brute…
A: A brute force attack is a method of infiltrating an authentication system and successfully logging…
Q: 1. What are the differences between passive attack and active attack?
A: 1. What are the differences between passive attack and active attack? NOTE: *Multiple questions*…
Q: vi. write some difference between Authorization and Authentication in Web testing.
A: difference between Authorization and Authentication in Web testing: Authorisation: Authorization is…
Q: Provide an example of a fictitious login management situation. Identify a number of different…
A: Provide an example of a fictitious login management situation. Identify a number of different…
Q: Describe a fictitious situation involving login management. List as many distinct authentication…
A: INTRODUCTION: Inspection: Scenario management is a very successful strategy for managing several…
Q: What is the difference between active attacks and passive attacks?
A: Security assaults are classified as active and passive. In an active attack, the attacker attempts…
Q: mpares it to
A: Bob hashes the password Alice submits and thinks about it to a database of hashed passwords. A solid…
Q: DDoS attacks have been used as a distraction for other activities, using the web, can you explain a…
A: Answer: I have given answered in the brief explanation
Q: Investigate access control via authentication and authorisation settings on an exemplar
A: The process of authenticating someone's identity is known as authentication. Biometrics, such as…
Q: What is the definition of salt? How does salt defend against brute force assaults?
A: Intro Hydraulic mining (or solution mining) of salt involves pumping water under the earth's surface…
Q: Assume the creator of an online banking system has developed a hidden function that sends him…
A: Due to the fact that the application was disguised and triggered only when the account balance…
Q: Distinguish between authentication and accountability.
A: - We need to highlight the differences between authentication and accountability.
Q: Provide a solution to the problem described below by identifying the security flaws in each…
A: Intro Bob hashes the password Alice submits and thinks about it to a database of hashed passwords.…
Q: Describe a made-up scenario involving the administration of logins. Determine a variety of various…
A: Introduction: Phishing assaults are a sort of cyber-attack that takes a user's credentials and uses…
Q: Allow me to describe distributed denial-of-service attacks in the event that your are not acquainted…
A: Given: DDoS assaults are a Do's attack. A DDoS attack uses a botnet to overload a target website…
Q: 1. Describe the steps of the Existential Forgery Attack against RSA Digital Signature as discussed…
A: In a system, digital signature forgery is the ability to create a pair consisting of a message,…
Q: Investigate the relationship between malware of all varieties and computer and network security. Is…
A: Introduction A user must protect the computer system against threats like viruses and unauthorised…
Q: Consider a probable scenario involving the management of logins. Take note of the many techniques…
A: Scenario management: Scenario management helps handle several futures and generate…
Q: An operating system can implement a controlled security environment by controlling sharing through…
A: The operating system is responsible for implementing the security which is making sure of the…
Trending now
This is a popular solution!
Step by step
Solved in 2 steps with 1 images
- 1. Develop an attack tree for gaining access to customer account details from the database of a bank. 2. You are a junior IT executive at your department dealing with the DES encryption key. From the random key generator, you are given the (EOE0E0E0F1F1F1F1)hex to encrypt a message. secret key i. What is the output of the key after it is applied with the parity bit drop process box in Figure 1? At this point, is it a strong or weak key? Please state your reason. Using the key-permutation compression 2 from Figure 2, decide whether this is a strong or weak key. Justify your answer. ii. 57 49 33 25 17 09 58 50 42 34 26 18 10 02 59 51 43 35 27 19 03 60 52 44 36 63 55 47 39 31 23 15 07 62 54 46 38 30 22 14 06 61 53 45 37 29 21 13 05 28 20 12 04 Figure 1: Parity bit drop 14 17 24 01 05 03 28 15 06 21 10 23 19 12 04 26 08 16 07 27 20 13 02 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 Figure 2: Key-Permutation Compression 2Encrypt the 12-bit plaintext 101010100111 using Simplified B-DES and the 9-bit key K = 010001111. This is a non-computer problem and you need to show all the steps of the encryption processUsing C programming language: A Transposition Cipher A very simple transposition cipher encrypt(S, N) can be described by the following rules: If the length of S is 1 or 2, then encrypt(S, N) is S. If S is a string of N characters s1 s2 s3... sN and k = N/2, then encrypt(S)= encrypt(sk sk−1... s2 s1 ,K)+ encrypt(sN sN−1... sk+1 ,N - K) where + indicates string concatenation. For example, encrypt("Ok", 2) = "Ok" and encrypt("12345678", 8) = "34127856". Write a program to implement this cipher. The input is a file that is guaranteed to have less then 2048 characters. Code structure might look like this: #define MAX_SIZE 2048char text_buffer[MAX_SIZE];int main(){ // read file into text_buffer encrypt(text_buffer, n); // print out text_buffer return 0;}
- Affine Cipher is an example of a Monoalphabetic substitution cipher. The encryption process is substantially mathematical done by using the following formula: C = (P ∗ ?1 + ?2) mod 26. Where k1, k2 are two integers representing the key (selected randomly), C is the ciphertext value, and P is the plaintext value. Where C and P integers with values between 0 and 25. Write an Octave programme to implement this system, run your programme using the Plaintext: “the quick brown fox jumped over the lazy dog”. Show the obtained ciphertext with the selected values of the keys k1 & k2. Given that the plaintext “s” mapped to ciphertext “W”, plaintext “x” mapped to ciphertext “Z” when encrypted with Affine Cipher. Determine, mathematically, the values for the two keys K1 and K2.There are other modes of block cipher besides the ones (OFB,CFB,CTR). One of these modes is named Plaintext Block Chaining (PBC) Mode. On the encryption side, the following is executed to obtain the nth ciphertext: Cn := Ek(Mn)XOR Mn-1. Suppose that we need to encrypt M1; : : : ;M5 using the PBC mode. Show the explicit formulas to obtain C1; : : : ;C5. What do you need to use for M0? Also, show the steps on the decryption side to obtain M1; : : : ;M5.You are to encrypt a ciphertext using the permutation p : {0,1}4 → {0,1}4 defined as p(x) = ~x, ie, toggle each bit (0 to 1 and 1 to 0). If you need an IV use 1010. If you need a nonce use 01. If the mode uses padding to handle arbitrary plaintext lengths, add 10* padding. If you need a counter, begin at 1. Encrypt the ciphertext 1110 1110 111 using ECB mode. Write four bits per box, with the final box possibly having fewer bits. Encrypt the ciphertext 1110 1110 111 using CBC mode. Write four bits per box, with the final box possibly having fewer bits. Encrypt the ciphertext 1110 1110 111 using CTR mode. Write four bits per box, with the final box possibly having fewer bits. Encrypt the ciphertext 1110 1110 111 using OFB mode. Write four bits per box, with the final box possibly having fewer bits.
- Affine Cipher is an example of a Monoalphabetic substitution cipher. The encryption process is substantially mathematical done by using the following formula: C = (P ∗ ?1 + ?2) mod 26. Where k1, k2 are two integers representing the key (selected randomly), C is the ciphertext value, and P is the plaintext value. Where C and P integers with values between 0 and 25. 1) Write an Octave programme to implement this system, run your programme using the Plaintext: “the quick brown fox jumped over the lazy dog”. Show the obtained ciphertext with the selected values of the keys k1 & k2. 2) Given that the plaintext “s” mapped to ciphertext “W”, plaintext “x” mapped to ciphertext “Z” when encrypted with Affine Cipher. Determine, mathematically, the values for the two keys K1 and K2. I need an octave code for the first part of this question, that i can just copy and paste. In addition, to an explanation of the steps done to…suppose the RSA cryptosystem is used for sending secret messages with the private key (15,3) and the cipher text "4" is received. what is the plaintext?Suppose you have a block cipher with block length of 32 bytes (256-bits). Suppose you want to encrypt a message that is 747 bytes long. Using CBC mode and ciphertext stealing, how long will the ciphertext be? That is, how many bytes will be in the ciphertext?
- Suppose a plaintext message x is encrypted using the Caesar cipher b = a +26 10 where each letter of the alphabet is assigned a numerical value (A = 0, B = 1, C = 2, ..., Z = 25), the variable a represents the numerical value of a letter in x, and b represents the numerical value of the corresponding letter in the ciphertext message y. If y = WKDR SC MYYV, then decrypt y to obtain the plaintext message x. Enter the decryption of each letter of y in the boxes below. NOTE: All answers should be capitalized and do not insert extra blank spaces. W → K →→ D→ R→ S→ C → M→ Y → Y → RemakingMIN... V →In a special case of a permutation cipher, we take a message, M, and write its letters in an s× t table, in a row-major fashion, and then let the ciphertext be a column-major listing of the entries in the table. For example, to encrypt the message ATTACKATDAWN, using a 3 × 4 table, we would write the message as ATTA CKAT DAWN and then write down the ciphertext as ACDTKATAWATN. The secret key in this cryptosystem is the pair (s, t). How is decryption done in this cryptosystem? Also, how hard would it be to attack this cryptosystem using a ciphertext-only attack?Encrypt a specific message (see below) using RSA with your encryption key: Let M be the numerical portion of your B-number, minus leading zeroes (for example, B00123456 has numerical portion 123456), plus the constant 3100. 3100 is 515377520732011331036461129765621272702107522001. 1. Compute C=Me (mod n); 2. Compute the “signature” S = Md (mod n) Provide the values C and S. B-number is B00123456