information security
Write the questions followed by your answers.
1. Using the web and other resources research the Conficker malware and Koobface malware.
Select one (1) of the pieces of malware and write a complete overview of each piece of malware. Describe what type of malware it is: (e.g. virus, worm, DoS, blended, botnet, or various other types). You need to explicitly identify and provide a description of the key attributes including: how the infection occurs, what triggers it and what the payload is.
Note that there are typically several different infections, payloads, triggers, defenses that need to be discussed. This is true for many examples of malware and not just Conficker and Koobface.
This information is readily available on the internet. Therefore the value you will add is to provide your information so that each of the attributes is clearly identified, labeled and described. A cut and paste of information without adding value will not be a good answer.Present your finding using the template provided below.
This problem requires some detail.
NAME:
OVERVIEW: (General overview. Include in the overview what platforms and or applications are affected. Also include any other information that you consider important for an overview.)
TYPE:
INFECTION: (There can be numerous infections. Consider user visible and internal infections.)
PAYLOAD:(There can be numerous payloads. Consider user visible and internal payloads.)
TRIGGER: (There can be numerous triggers. Consider user caused and internal triggers.)
DEFENSE: (How can you defend against this malware?)
ADDITIONAL COMMENTS:
(15 points)
2. Describe what a social engineering attack is.
[ your answer goes here ]
Provide 3 examples of social engineering attacks and describe how they could be used to undermine the security of your IT infrastructure.
[ your answer goes here ]
How can social engineering attacks be defended against?
[ your answer goes here ]
(15 points)
3. Assume you have a computing environment consisting of a mix of machines running three (3) Windows platforms with the following operating systems; XP, Vista and Windows 7. There are also machines running Linux and Apple iOS. Your environment runs a mix of email and various office applications (e.g. word processing, spreadsheet, slide presentation, database). There is regular use of internet sites both for business and some personal use. There are also laptops, mobile phones and tablets that connect wirelessly to your network.
The environment is spread across a wide geographic area. While it might be tempting to have a solution that uses one type of system, such as Windows 7 this is not a possibility given the problem statement. The heterogeneity of the platforms in the environment is typical of the complexity faced by many organizations today. The environment is as defined and you must deal with the stated variation and complexity.
What do you consider to be the major risks to your environment and why? Describe the risks and vulnerabilities involved in the above stated environment. There are many risks to consider. You must provide a minimum of 10 risks with explanations. Your explanations must provide some detail.
Place your risks and descriptions in a numbered list.
(40 points)
4. Explain what spyware is?
[ Your answer goes here ]
Provide an example of a specific piece of spyware. Explain the key attributes of it using the following template.
[ Your answer goes here ]
NAME:
OVERVIEW: (General overview. Include in the overview what platforms and or applications are affected. Also include any other information that you consider important for an overview.)
TYPE:
INFECTION: (There can be numerous infections. Consider user visible and internal infections.)
PAYLOAD:(There can be numerous payloads. Consider user visible and internal payloads.)
TRIGGER: (There can be numerous triggers. Consider user caused and internal triggers.)
DEFENSE: (How can you defend against this malware?)
ADDITIONAL COMMENTS:
(15 points)
5. Provide a description of a malware attack that affected your home or work assets. If you have never experienced a malware attack find someone that has and conduct an interview with them to answer the questions.
[ your answer goes here ]
Identify the type of malware it is and the attributes of the attack.
[ your answer goes here ]
Describe the damage the malware caused and how the attack was responded to.
[ your answer goes here ]
What could have been done to prevent this attack?Why weren’t these steps taken initially?
[ your answer goes here ]
(15 points)
Please be sure to submit your answers as an attachment using the assignment tool.