CIT 315 TUTORIAL QUESTIONS

Tutorial Question 1
(a) What is password stealing in computer network?
Password stealing is a process whereby hackers extract digital password using techniques
and tools depending on:
 the strength of the password
 security of communication channel
 client and host machines vulnerabilities

(b) Give any three examples of password stealing software

Examples of password stealing software are:
(i) SpyAgent (ii) Realtime-spy (iii) Wifi-hacker

Tutorial Question 2
(a) Briefly discuss the following
(i) Computer worms
A computer worm is a type of malware that, once it infects a machine, can
automatically copy and extend itself to connected devices.

(ii) Trojan horse

A Trojan horse is a type of malware that is often disguised as legitimate software.
Once activated, Trojans can enable cyber-criminals to spy on you, steal your
sensitive data, and gain backdoor access to your system.  A Trojan horse is not a
virus. It is a destructive program that looks as a genuine application. Unlike
viruses, Trojan horses do not replicate themselves but they can be just as
destructive.

(b) Explain how computer worms spread in a network ?

Worms can easily spread through shared folders, e-mails, malicious web pages, and servers
with a large number of vulnerabilities in the network.

Tutorial Question 3
(a) What is Secure Sockets Layer (SSL) certificate? and what are its uses

Secure Sockets Layer (SSL) is a global standard web security protocol which creates a secure
connection between a website and browser.

SSL ensure that all data passed between a web server and browser remains encrypted and
secure. This encryption technique prevents from hackers to stealing sensitive information
such as credit card details, names and addresses. In case, if a site is secure by SSL then a
padlock is displayed or the address bar shows the URL as https instead of http.

Briefly explain the reason why attacker is worried to know the operating system of his
victim.

The attacker is interested to know the operating system (OS) of his victim because once
the OS is known, its vulnerabilities will be determined and the network will be opened to
attack.

1
 (b) Explain any tool that can be used to detect operating system?
Xprobe: it uses Internet Control Message Protocol (ICMP) to determine the remote
OS. It sends many different ICMP queries to the target host.

Tutorial Question 4
(a) What are the three basic criteria for measuring effectiveness of Biometric

The three basic criteria:

 False reject rate: which is the percentage of supplicants who are in fact
authorized users but are denied access
 False accept rate: which is the percentage of supplicants who are
unauthorized users but are granted access
 Crossover error rate: which is the level at which the number of false
rejections equals the false acceptances.

(b) List the three human characteristics that are normally considered to be unique in
biometrics.
The three human characteristics that are usually considered truly unique in bioinformatics.
 Fingerprints
 Retina of the eye (blood vessel pattern)
 Iris of the eye (random pattern of features found in the iris, including
freckles, pits, striations, vasculature, coronas, and crypts)

Tutorial Question 5
Explain the following concepts in security

(i) A firewall is a security tools which is designed to monitors incoming and

outgoing network traffic based on security rules and protects your system. Its
main purpose is to create an obstacle between internal and external network in
order to protect cyber threats.

A device that selectively discriminates against information flowing into or out of the
organization
 A computing device
 Specially configured computer
Combines with routers to define organisation network perimeters.

(ii) List the versions of Firewall

Operates based on three versions:
 Operating system
 Software
 Basic input/output system (BIOS) firmware
Tutorial Question 6
(a) Discuss the following concepts in security
(i) Access: A subject or object’s ability to use, manipulate, modify, or affect
another subject or object. (Authorized users and hackers).
(ii) Risk: The probability that something unwanted will happen.

2
 Subjects and objects: A computer can be either the subject of an attack - an
agent entity used to conduct the attack—or the object of an attack — the
target entity.
(iii) Asset: The organizational resource that is being protected: software,
hardware or people.

(b) Define firewall and list the 3 versions which its operation is based on.

 A firewall is a security tools which is designed to monitors incoming and outgoing

network traffic based on security rules and protects your system. Its main purpose is
to create an obstacle between internal and external network in order to protect
cyber threats.

Examples of firewall versions

 Operating system
 Software
 Basic input/output system (BIOS) firmware

Tutorial Question 7
(a) What is Denial-of-Service (DoS) attacks?
Denial-of-service attack (DoS) is a type of attack on a network that is designed to:
 bring the network to its knees by flooding it with useless traffic
 user is deprived of the services: e-mail, database, file servers, web sites
 DoS attack does not usually result in the theft of information or other security
loss

(b) What are the characteristics of DoS attacks?

i. unusually slow network performance (opening files or accessing websites)
ii. unavailability of a particular website
iii. inability to access any website
iv. dramatic increase in the amount of spam you receive in your account

Tutorial Question 8
Explain the following concepts in security

(i) Vulnerability: A weaknesses or fault in a system or protection mechanism that

opens it to attack or damage. E.g.
 flaw in a software package
 unprotected system port
 unlocked door
Some well-known vulnerabilities have been examined, documented, and published; others
remain latent (or undiscovered).
(ii) Exploit: A technique used to compromise a system.
Or, an exploit can be a documented process to take advantage of a vulnerability or exposure,
usually in software, that is either inherent in the software or is created by the attacker.
 Threat agents may use systems and information asset illegally for their
personal gain.
 Exploits make use of existing software tools or custom-made software.

3
Tutorial Question 9

(a) Explain the following terms in Internes Security:

(i) Logic Bombs
Logic bombs are unwanted code that has, in some way, been inserted into software
It is meant to initiate malicious functions when specific criteria are met
Do not occur frequently, but have grave consequences
Often detected before they are set off
It intends to activate viruses, worms, or Trojans at a specific time, date, and other
parameters.

(ii) Information leakage

Information leakage is an application weakness where an application reveals sensitive data
like:
 technical details of the web application
 environment variables
 user-specific data
Sensitive data may be used by an attacker to exploit:
 Target web application
 Hosting network
 Web application users
Leakage of sensitive data should be limited or prevented whenever possible

(iii) Back Doors

Backdoors are used in computer programs to bypass normal authentication and other
security mechanisms.
used by developers as a legitimate way of accessing an application
Hackers would use existing backdoors to make changes to IT resources.

(b) What is intrusion detection and protection system?

Protects organisation resources from possible attacks.
Detects unauthorized activity within the inner network or on individual machines
The prevention component enables IDPSs to create a new filtering rule for servers
communications or other activity as configured by the administrator
Host-based, Network-based or Hybrid

Tutorial Question 10
(a) Give any four examples of the ways to prevent computer worms.
How to Prevent Computer Worms:
1. Install good Anti-virus Software
2. Don’t Download Suspicious Email Attachments
3. Never Download Software from Unreliable Websites
4. Keep All Software Updated
5. Never Open Suspicious Email Attachments
6. Regularly Backup your Important Files
7. Regular Scan your computer
8. Use a Firewall
9. Use SSL Certificate
4
 10. Avoid Unsolicited Email

( b) Explain the way forward in case of DoS attacks.

Unfortunately, there are no effective ways to prevent being the victim of a DoS or DDoS
attack, but effort to reduce it include:
i. Install and maintain anti-virus software
ii. Install a firewall, and configure it to restrict traffic coming into and leaving
your computer
iii. Follow good security practices for distributing your email address. Applying
email filters may help you manage unwanted traffic

Tutorial Question 11
Explain the following
(i) Mass theft attacks
Mass Theft: hackers run programs that enter stolen username and password details on tens
of thousands of sites until one hit.
(ii) Wi-fi traffic monitoring attacks
Wi-Fi Traffic Monitoring Attacks: hacker uses a simple application available from the internet
for free to watch all traffic on a public Wi-Fi network.

Tutorial Question 12
What is social engineering in the context of information security?

Social engineering is the use of deception to manipulate individuals into divulging

confidential or personal information that may be used for fraudulent purposes "people with
an online account should watch for phishing attacks and other forms of social engineering"

Tutorial Question 13
Explain the following terms
(i) Brute force attacks
 Guessing or entering different passwords over and over until it’s
cracked.
 “123456” is still the most common password on the planet.
 The tools can easily be downloaded for free.
(ii) Dictionary attacks
 Common words which can be obtained from dictionary.
 Hackers simply run script that tries each of the dictionary words
as password.