This post reveals the cyber security assessment questions to expect from a computer science exam.
Cyber security took one of the key places in studying any Computer Science discipline long ago. No matter what IT or CS discipline you work on in college, university, or real life, cyber security is always somewhere in the scene.
In this article, prepared by MyAssignmentLab.com — technical homework help service — you will find the sequence of questions presenting a step-by-step guide for cyber security assessment. If you need assistance with your STEM assignments, pay for computer science helpers online and let them do the job from time to time.
Assess the quality of this piece, and, if needed, delegate some of your tasks to professional writers and coders.
Table of Contents
The type of attack recorded by the CCTV cameras is Device Tampering. It is executed by attackers to modify the functioning of sensors or devices, thus altering how they work. An effective way to counter device tampering is the need-to-know measures where users of the device may not be able to access the functions of the device until such a point as the function for which they need to access the device is actually underway. Tamper detection mechanisms are also effective for protecting such devices. This may include authorization codes or alarm systems that alert any unauthorized access of the devices.
- The attacker may access the codes through eavesdropping. The attacker ends up gaining access to the passphrase that generates the encryption key. A way to counter such an attack would be to implement and-to-end encryption.
- Here the attack may be carried out through a compromised-key attack where the attacker illegally holds the password and hard-coded key without the knowledge of the system security. A valid way to counter this type of attack is through more complex encryption where the code only makes sense to the authorized recipient.
- The thermostat configuration is also susceptible to an eavesdropping attack where the attacker may see how to access the reset button. How to prevent such an attack may be through the erection of a physical barrier between the unauthorized user and the device, as well as implementing access control to the device such as encryption or setting up a password.
- The printer in the organization would be susceptible to a Denial of Service (DoS) attack, where the attacker would prevent even legitimate system requests from the remote firmware update. How to counter such an attack would be through the introduction of an authentication key for any sort of updates for the printer.
The graph indicates a Multiple Independent Level of Security setup that incorporates both a software level of security and a hardware level of security. As one moves from the software layer to the hardware level, the cost of implementation increases, yet so performs the security system. There is also a mixed zone of implementation where both the hardware and the software systems are in use to enhance the overall security of the system.
The challenges faced when preparing the security program that secures the ICS/SCADA system include factors such as;
- A scarcity of information regarding the network’s traffic numbers
- Limited knowledge regarding the capabilities and specifications of new devices
- Inability to identify the threats to the system promptly
- Insufficient real-time scanning capabilities to identify suspicious activity on the network
- Unsafe authentication procedures that allow potential attackers access into network and system vulnerabilities
“Ensuring authenticity, confidentiality, reliability, resilience, and integrity of DCS against various attacks must be performed at a certain level of trust”
This statement demonstrates the fact that a DCS system is a process-oriented system in which multiple parts and layers work together to achieve the security function. As such, each level is dependent on the next, which is in turn dependent on the other. As a result, each component needs to fully trust on the next, for full functioning of the entire system.
The security objectives that should be achieved by the monitoring devices for the elderly include; Confidentiality, Authenticity, Availability and Integrity. Confidentiality means the devices’ ability to secure information from unauthorized parties while authenticity means that the communication transmitted by the monitors is legitimate. Availability on the other hand means that the monitors are available and working when needed while Integrity means that the transmitted data is secure from any unscrupulous modification. Attack vectors that may be used by outside attackers include; man-in-the-middle attacks, compromised key attacks and eavesdropping events. Such vectors may be mitigated through implementing sufficient encrypted authentication keys and passwords.
The advantages of distributed authentication in ICS include the fact that a single point of failure may not compromise the entire ICS system, like a centralized authentication system would. The centralized authentication system on the other hand is advantageous to the extent that all users of the various terminals can access every device and system using only one set of login credentials.
An example of a defense in depth strategy would be introducing multiple layers of security controls for the ICS system. The security control room for instance would be in a room with a lockable door that requires password access, with the security station also requiring a set of password passwords to authenticate access.
I would apply the risk assessment report for the IT system as is to the ICS system, since the risk mitigation measures that would work in an IT system would generally also be acceptable for an ICS system. With a few modifications and considerations, the IT risk assessment report should be able to work satisfactorily for the ICS system.
The smart grid CPS infrastructure system relies on two-way communications between smart devices, increasing reliability efficiency and affordability. Since end-to-end encryption is easy to implement in this system, security threats are minimal, and strategies such as the defense in depth are easy to set up for the system.
Conclusion – Cyber Security Assessment Questions
Some of the cyber security assessment questions above are formulated in a form of cases, some — in a form of direct instructions. Note down the sequence, or save this article in bookmarks to use both as a guide and a sample of Computer Science writing.
- 8 Best Secure Web Hosting Services [2021 LIST]
- 5 Elements To Include In A Comprehensive Cybersecurity Plan
- Cybersecurity Trends To Know In 2020 (With Infographics)
- Dark Web Largest Hosting Provider Leaked, Thousands of Emails and Passwords Hacked
- VPN Chaining: Can You Use Multiple VPNs at Once?
- WhatsApp Hacked: Update Your WhatsApp Now
- 3 Critical Cybersecurity Questions To Ask Before Buying a Marketing SAAS Product
- Best Cloud Storage Services According To Reddit Users
- Web Host Agents Scam Exposed [Eye Opener and Must Read]
- Best Home Security Cameras According To Reddit Users
- Best Password Manager According To Reddit Users
- Best Paid Antivirus According To Reddit Users
- 10 Best VPN According To Quora Users
- SurfShark Antivirus Review 2021 [MUST READ]
- 7 Best Cyber Security Colleges
- Craigslist Scams: Examples And How Not To Fall For Them
- How To Remove Avast Password Manager [ALL DEVICES]
- 7 Cybersecurity Jobs In Demand At Today’s Enterprises