1)    Near the end of a program with software development, the software engineering lead notes that the specified defect density threshold may not be achieved. Defect density is the ratio of defects per thousand software lines of code (#defects / KSLOC) and is used as a measure of software quality. At a meeting to discuss actions on addressing the issue, the security lead is in attendance. Given that the meeting is "sensitive", an assistant program manager (APM) questions as to whether the security lead should be present. How should the security lead reply? Note: The answer must be brief and the answer must be justified.

 

I would assume that the security lead would need to be present to discuss how the defects in software quality can make the software vulnerable to attacks. Am I missing something here?

2)    A company is considering releasing software to allow access to their inventory databases via the web. The software had previously only been used internally within the company by expert users. As a security consultant, what actions would you recommend before enabling the web access? What would be the business case argument with respect to the measures to address the security concerns?

 

Access control would be important. What else?

3)    Your company has just instituted a policy forbidding the use of non-approved "thumb drives" (a.k.a. "memory sticks") on company personal computers (PCs). Unfortunately, the associated memorandum did not include an explanation beyond noting the "security risk". You are the security lead for a very technical engineering team and your management believes that a more detailed explanation may be needed. Provide a brief but detailed explanation of what occurs when a thumb drive is inserted into a PC and why it could be a security issue.

 

Thumb drives can install malicious software without the use knowing it. It could then infect that entire system. What else should I be thinking about here?

4)    Consider the simplified application of the RSA (Rivest, Shamir, & Adelman) algorithm. Let 'p' be 11 and 'q' be '3'. Therefore, n = (p-1) * (q-1) = 10 * 2 = 20. The value 'e' is also set to '7' and the value 'd' is set to '43'. Let P be a message to be decrypted and let P be equal to the number '13'. Are values for 'p', 'q', 'n', 'e', and 'd' valid per the algorithm? Explain your answer. Also, provide the associated ciphertext for P and show the decryption back to plaintext. Note: all calculations << must >> be done assuming use of a simple hand calculator (with an exponentiation function) with no more than eight (8) digits of display. Provide all calculations.

 

5)    E-mail addresses can be 'hijacked'. Once an address is 'hijacked', an attacker could send numerous messages from that address. Explain the difficulties of such a hijacking. Assuming no breach of the home system of a hijacked e-mail address, how could potential recipients be identified?

There are a number of reasons that can explain how an account can get hacked: The password was easily guessable, the use entered credentials into a phishing site, the website where you had your account had a security breach or there is spyware on the computer being used. If an account has been hacked the recipients of the spam-email includes a bunch of people known to the user, if a user tries to access an account and the password no longer works and the user's sent folders shows a large amount of emails that thy did not send. The attacker could have changed all of your account details so you might need to contact the ISP to regain control of the account. You will also need to check for spyware and identify theft. If your account was spoofed, they simply created an email that had fake details (usually the "From" or "Reply-to" address), and there is very little you can do to stop this. And what you can do is likely to be ineffective. In short, you'll need to do the following:

1. Take the IP address from the email header
2. Contact the ISP for that address
3. Ask them to block it

However, the spammer could be using a different IP address the next day, and the ISP could either ignore or deny your request.

 

Need help with the last question: Assuming no breach of the home system of a hijacked e-mail address, how could potential recipients be identified?

6)    Consider quantum cryptography. Assume that the message to be transferred in the single ASCII letter 'Q'. Using quantum cryptography, provide a detailed example regarding the transmission and decryption of that message. Assume that only half of the selected filters are correct. Note: Ensure that the transmitted message can be understood by the recipient. Would quantum cryptography be subject to a "man in the middle" attack? Why or why not?

 

7)    Consider the following situation. The configuration management site for safety critical software is found not to be secure. There is concern that an attacker may have modified source code to introduce an error (or a worm). How could such an attack be countered?  

8)    What would be a good argument for or against the proposition that the following is ethical behavior. Without telling anyone, a system administrator checks the user accounts for presence of common games. If the administrator found an executable of the same size, he would run the executable and if it was a game (such as a chess program), he would remove it.

If this is a business, then this is probably ethical because most companies requires that all users accounts are nor private because they are using company equipment. Should they be paying games at work? Probably not.

9)   How could one diagrams the steps of developing software starting with system requirements and ending with system acceptance test. For each stage in your diagram, note where (and to what extent) security engineers should be involved in either the development or review process. Be complete.

10) Often, the data from two relations must be combined (i.e. 'joined') as part of a transaction updating the database. Explain how this might or might not affect the two phase commit protocol.

11) Do VPNs provide protection for message traffic between a home site and a remote site (say an executive at a hotel in another country)? If so, how? Furthermore, to what extent would any or all message traffic be protected? 

12) how a virus can be "polymorphic"? Why would such a characteristic make a virus more difficult to detect?

A polymorphic virus is a complicated computer virusthat affects data types and functions. It is a self-encrypted virus designed to avoid detection by a scanner. Upon infection, the polymorphic virus duplicates itself by creating usable, albeit slightly modified, copies of itself. This makes it more difficult to detect because of the modification.

 

Is there more to this?

13) A company uses the guard type of firewall to secure its network. Unfortunately, this has resulted in delays in network address. How might the company address these delays? What are the pros and cons of these options?

 

The consideration must be taken when installing the software firewall on the existing devices because software firewall going to use the CPU and other resources on the devices.. Make sure the device have sufficient hardware resources to provide excellent performance in this environment. If there are not enough resources available for software firewall to operate, this can impact the network performance. 

There are options that have lower security and high performance all the way up to higher security and possibly lower performance unless you mitigate the performance issues. There are benefits and disadvantages to firewalls. The overall benefits are: the prevention unauthorized users in the network, the prevention of sensitive information exposure to unauthorized hosts., the flow of data between two networks or between two hosts can be controlled, examination of data packet protocols can be allowed or denied within the network. As all the network traffic goes through firewall, placing the firewall at the edge of the network gives one point of entry for all data. It makes easy to manage one point of entry.

The disadvantages include: failure of firewall can cause the disconnection from the internet or other connected networks since there is only one point of entry,

No all attacks can be detected by firewalls, hackers can try different ways to get around the firewalls by checking the vulnerabilities of the specific firewall.

Placing the firewall on the network edge can slow down the network performance because firewall has to check each packet going in to out of the network.

 

Am I missing anything here?

14) How might a client attempting to access a web page for a potential purchase be able to detect and thwart the effects of DNS spoofing?

15) Access to a secure area is provided by a scan of a finger. It has been proposed that security could be improved by adding a retinal scanner in addition to the finger scan. Explain why or not this addition would effectively improve security. Would it improve security more than using an entry card with an RFID chip?

16) Consider a session hijack. Provide a diagram showing the session hijack and the 'reset' of the original sender. Using this diagram, show two approaches by which such an attack might be thwarted.

17) In wireless communication, a service set identifier (SSID) identifies an access point. Once communication is established, the SSID is contained in all management and data frames. Explain why. Determine whether or not any session would be subject to a replay attack. Explain your answer. Lastly, discuss how such an attack could be thwarted.

 

18) Given the operation of paging tables, is it possible for a buffer overflow from one program to affect another program? If so, explain how. How could the effects of buffer overflow be mitigated? Paging would seem to be unpredictable but is such unpredictability sufficient? 

19) In many operating systems, both argument parameters and local data are kept on a process stack. Explain (using diagrams) how the flow of program execution could be changed by an attacker. How would such an attack be thwarted?

20) Explain why after failing to enter a correct password three or more times, some systems will "time out" and not permit any access for some period of time.

21) Consider the use of one-time pads. Why is a one-time pad a "perfect" cipher? Is the use of one-time pads susceptible to statistical analysis (especially if it is known that the plaintext is in American English)? Would the use of a diffusion technique improve the performance of one-time pads?

22) In many software engineering processes, all source code is inspected and any "dead" code (i.e. code that does trace back to requirements (and hence serves no intended purpose) and that does not execute during requirements based testing) is removed. Do such practices fully eliminate the possibility that an attacker may add or alter software function?

23) how security program would detect cross-site scripting and how it would protect the user.