MN502 Overview Of Network Security
Questions:
Assignment Description
Assignment 1 is divided into two parts. Part A focuses on the recent attacks and security principles. Part B is about cryptoperiods and cryptographic transport protocol.
Part A: Recent Attacks and Security Principles
One area that has been especially frequent target of attacks is the information technology (IT). A seemingly endless array of attacks is directed at individuals, schools, businesses, and governments through desktop computers, laptops, and smartphones [1]. In this part of the assignment, select any two of the recent attacks.
Carry out an in-depth literature review about these two attacks. Your discussion must address the following points with proper in-text citations.
1. Identify and discuss the main reasons for these attacks being successful.
2. Report the importance of key terms in the information security: asset, threat, threat actor, vulnerability, attack vector, attack surface in the context of these two attacks.
3. Analyse how could these attacks have been prevented if the five fundamental security principles- layering, limiting, diversity, obscurity, and simplicity- had been applied?
Part B: Cryptoperiods and Cryptographic Transport Protocol
In this part of the assignment the student will reflect on the feedback for Part A and discuss how did it help him/her to accomplish the tasks for the assignment Part B. In this part student will write report discussing following two sections:
a) Cryptoperiods
A cryptographic key is a value (essentially a random string of bits) that serves as input to an algorithm, which then transforms plain text into ciphertext (and vice versa for decryption). One of the important characteristics that determines key strength is its cryptoperiod [1]. Or the length of time for which the key is authorised for use.
1. From current literature survey, critically analyse and discuss cryptoperiods for hash, symmetric, and asymmetric algorithms. Find at least three sources for each of the algorithms (select two algorithms from each category).
2. Draw a table to list the algorithms and the recommend time, and then calculate the average of each.
3. Provide recommendation on the cryptoperiods for each selected algorithm.
b) Cryptographic Transport Protocol
Hypertext Transport Protocol Secure (HTTPS) is becoming increasingly more popular as a security protocol for web traffic. Some sites automatically use HTTPS for all transactions (like Google), while others require that users must configure it in their settings [1]. Use Library/Internet resources to research HTTPS. Based on your research address following:
1. Explain the advantages and disadvantages of HTTPS. How is it different from HTTP?
2. Discuss the server configuration for HTTPS transactions.
3. How does this algorithm protect a guest user communicating over a public Wi-Fi
connection? Should all Web traffic be required to use HTTPS? Why or why not? Justify your recommendation.
