MITS5004

IT Security
Final Assessment

June 2021

Final Assessment – 35 (Total Time: 1.5 hour)

MITS5004- IT Security
The final assessment questions ensures that all the learning outcomes of the unit are met.

Instructions

Submit your answers in the word file, with your student ID and name. Ensure you upload your
file in the given time, once the time is over LMS will not accept any submissions.

ENTER YOUR NAME AND ID BELOW

Student ID. Name

Attempt all questions (35 marks)

Copyright © 2018-2021 VIT, All Rights Reserved. 2

MITS5004- IT Security

Question 1 7 Marks

a) Compute the Public and Private Key using the RSA Algorithm, assuming the selected prime
numbers p and q are 3 and 11 respectively. (4 Marks)

Here,

P=3, and q=11

Therefore,

N=p*q= 3*11=33

(p-1)*(q-1)=(3-1)*(11-1)=20

Assuming, e =3

And, d =7

Therefore, Public key =(n,e)= (33,3)

Private key = (33, 7)

b) Critically analyse the three techniques, which could be employed to authenticate

a message, using a hash function. (3 Marks)

Hash is an important function to authenticate a message. By using this function, it is possible to

maintain the authenticity and confidentiality of a message. Different types of techniques are
available for message authentication via hash function. Three common techniques of message
authentication via hash function are described below:

Copyright © 2018-2021 VIT, All Rights Reserved. 3

MITS5004- IT Security
 The first technique is utilizing digital signature for message authentication via hash function.
It is an advanced hash function that can very effectively validate authenticity and integrity of
a message. Therefore, by using digital signature, it is possible to maintain the authenticity of
a message.
 By using hash-based message authenticate code (HMAC), it is also possible to authenticate a
message. This technique Use a hash function to authenticate a message using a
cryptographic key. A private key for encrypting and decrypting the message is provided in
the HMAC. Therefore, by using HMAC, it is possible to authenticate a message.
 The third technique is cryptographic hash function. It is one of the advanced hash functions
that normally makes very minimal changes in the message for authenticate the message.
This cryptographic hash function does not provide any key for to their client. Therefore, in
this technique no key is utilized for message authentication.

Moreover, by utilizing these three techniques, it is possible to authenticate messages as well as

ensure the confidentiality and integrity of the message.

Question 2 7 Marks

Consider the home network shown in Figure 1. As a Master of IT student, you are required to propose at
least 3 security techniques, which could be employed to secure the home network, justify your answer.

Copyright © 2018-2021 VIT, All Rights Reserved. 4

MITS5004- IT Security

Figure 1. Home Network

By considering the above home network, some of the security steps that can be implemented are
discussed below:

Installing a firewall: The network should install a hardware firewall for restricting the users and
malicious contents. The network traffic can also be monitored that will block the unauthorized network
traffic and allow the authorized traffic to secure the network.

Strong SSID and password: The SSID of the router should be unique that could not be guessed.
Moreover, the SSID should be hidden that will prevent the access by any intruder. On the other hand,
WPA 2 should be selected to set the password. A strong password should be selected that will contain
uppercase and lowercase letters along with numeric characters and a special symbol. The password
should be at least 10 characters long.

Installing anti-virus software: The computers and mobile phones should be installed with an anti-virus
application that will prevent any type of malicious activities on the network.

Encrypting the network: The network needs to be encrypted to secure the data communication within
the network. The router should be configured with WPA 2 encryption technology, which is the most
secure option available for wireless connectivity.

Copyright © 2018-2021 VIT, All Rights Reserved. 5

MITS5004- IT Security
Using VPN: Another excellent way to safeguard this wireless home network is to implement VPN
technology. It is mostly used to secure the data transfer across the network. VPN technology can modify
the network and location of the user make it unpredictable for the attackers to identify the user IP
address.

Question 3 7 Marks

In late September 2019, a number of hospitals and health clinics across the Barwon, Gippsland and
South Western regions of Victoria were targeted by a ransomware incident which stemmed from a
shared Managed Service Provider (MSP) that had been infected with ransomware. In order to
quarantine the spread of ransomware across the networks, the hospitals isolated and disconnected a
number of systems from the internet. As a result, access to patient records and contacts, as well as
scheduling and financial management systems was significantly impacted. Medical staff had to revert to
manual paper-based administration, resulting in patient appointments and surgeries being rescheduled.
There was no indication that the personal or medical information belonging to patients was subject to
unauthorised access or exfiltration. A multi-agency incident response team was established, comprising
of hospital officials, service providers and cyber security experts working alongside state and federal
police and the ACSC. Compromised networks were fully remediated within a number of weeks.

a) Provide a solution, which the health clinics across the Barwon, Gippsland and South Western
regions of Victoria could implement to improve the overall security of their systems.
(4 Marks)

In this scenario, the hospital must have to isolate and disconnect the number of workstation systems
like internet to quarantine the ransomware infection. As the patient’s data has been compromised
further, investigation is essential. The departments in the hospital must have to shut down the systems
that maintains patient record, management and booking systems and should convert those to manual
systems. Moreover, an Intrusion Detection system should have to be installed. The hospital that has
been affected should work on scheduling and booking to reduce the impact on the patients and required
to schedule some services and other information.

b) Critique the response of the authorities to the ransomware attack. (3 Marks)

As multiple hospitals and clinics were under ransomware attack, the multi-agency team
responded rapidly to fix this. The first response of the authorities was to make all the devices
that are unaffected offline by which it can stop spreading the ransomware. After contacting the
state and federal police the team should contact the cyber insurance company and access the
damaged files or system under the guidance of ACSC. The ransom demanded by the attackers

Copyright © 2018-2021 VIT, All Rights Reserved. 6

MITS5004- IT Security
must not be paid and finally, the systems should be backed up from the recent backup by the IT
professionals.

Question 4 7 Marks

a) In your opinion, which steps could be taken to harden the Operating Systems and how could an
IT System benefit from Operating Systems hardening? Justify your answer.  (4 Marks)

Answer:

The steps that needs to be taken for hardening the OS are mentioned below:

 Delete / remove unnecessary drivers

 Secure boot should be enabled or configured
 The SSD or HDD that stores the OS and host it should be encrypted
 There should be limited and authenticated access permissions
 Restricting the number of user creation of User accounts and logging them

Benefits of OS hardening for the IT system are mentioned below:

 The process of OS hardening saves money in case of a longer run

 Enhances the overall performance of the OS
 It also closes all the access points for the cyber attackers to the access the OS
 OS hardening also minimizes the security holes for protecting the all the users
 It also limits the user access

b) Differentiate between Type 1 and Type 2 Hypervisors in terms of performance, ease of use and
security. (3 Marks)

Type 1 Hypervisor:

Type 1 Hypervisor runs on directly on the hardware of the host machine, which controls the
entire hardware for managing the guest OS. It is also known as the Bare Metal or native
Hypervisor. Some of the examples of this type of Hypervisor includes Microsoft Hyper V, Xen,
and many more. The overall performance of this hypervisor is higher because there is absence
of middle layer. Moreover, this hypervisor is faster than type 2 hypervisor. In terms of security,
this hypervisor is more secure than the type 2 hypervisor. Furthermore, it is very easy to use as
all the hardware support are available.

Type 2 Hypervisor:

Type 2 Hypervisor runs on a conventional OS, which is similar to any other computer
applications. It is also known as the Host OS Hypervisor. Some of the examples of Type 2

Copyright © 2018-2021 VIT, All Rights Reserved. 7

MITS5004- IT Security
Hypervisor are Virtual Box, VMware Workstation, and many more. Type 2 hypervisor has
minimum performance as it involves an extra overhead. This is comparatively slower than type
1 hypervisor as it has system dependency. It is less secure as compared to the Type 1 hypervisor
and it is complex to use as the user needs to install OS separately and it does not allow to use or
access the resources of the host directly.

Question 5 7 Marks

While some people are being sent to jail for using open WiFi connections, an ethicist for the NY Times
Syndicate is saying there's nothing ethically wrong with piggybacking on an open WiFi connection,
assuming you're not sucking up all the bandwidth. His point is that it's the responsibility of whoever
owns the WiFi access point to secure it, if they don't want it used. He also points out that if you find an
open connection, you should try to figure out who owns it to let them know it's open in case they want
to cut it off. Of course, he leaves out the strongest argument for why there's nothing wrong with using
free WiFi, assuming you're either on public property or your own property: those radio waves are no
longer under the control of the access point owner once they drift off his or her property. If those radio
waves reach my property, then it's not "theft" any more than if your regular radio plays loud enough
that I can hear it on my property. 

Answer all questions based on the above case study. 

a) As a masters of Information Technology student, in your opinion is it ethical piggybacking on an

open WiFi connection? Justify your answer.  (4
Marks)

Listening to the radio or viewing TV using the old rabbit ears is no more "stealing" than utilizing
an open Wi-Fi network. If the Wi-Fi waves reaches to a user and accessed without being hacked,
there should be no doubt that such access is both legal and moral. Piggybacking is against the
law in a number of states, as well as federal prohibitions such as the Computer Fraud and Abuse
Act. In the state of New York, for example, piggybacking is considered a Class A misdemeanour.
Wi-Fi piggyback is feasible because many home networks remain unprotected or unsecured and
anybody who is in the broadcast area is able to connect to the Wi-Fi router.
In an open Wi-fi, even if the hotspot a user using isn't a fake and is just unprotected, hackers in
the area can eavesdrop on the user’s connection and can get vital information about user’s
activity. Hackers with the right expertise and equipment may intercept and read data sent in an
unencrypted form of plain text. Therefore, inn y opinion, it is morally ok for piggybacking on an
open Wi-Fi connection if it is in the reach of an unknown user with a clear mind without any
intention of attacking purpose. 

Copyright © 2018-2021 VIT, All Rights Reserved. 8

MITS5004- IT Security

b) In todays day and age if a WiFi user was to claim “he was unaware of his connection being open”
would you go buy his statement? Support your argument with valid reasoning. (3
Marks)

Following this statement, I can say now in current situation that, the ability of a hacker to put
himself between a user and the connection point poses a greatest danger to free Wi-Fi security.
An unprotected Wi-Fi connection can potentially be used by hackers to spread malware. If a
user allows file sharing across a network, a hacker can simply infect his computer with tainted
software. Therefore, if a person is a network engineer and don't set access restrictions, he might
be held accountable. Someone who uses the WiFi in a residence where no one knows the
security risks is likely to obtain a Wi-Fi pass. An unprotected WiFi connection may be used by
hackers to spread malware and infect a user’s system. Malware is any program that is meant to
disrupt, damage, or obtain access to a computer system, and it is a severe danger to the wireless
security of your company. Hence, I can go and buy his statement because, I support the
argument for the above reasons. 

Copyright © 2018-2021 VIT, All Rights Reserved. 9