HomeFeaturesCyber Security Assessment

Cyber Security Assessment [Step By Step GUIDE]

If you purchase via links on our reader-supported site, we may receive affiliate commissions.

This post reveals the cyber security assessment questions to expect from a computer science exam.

Cyber security took one of the key places in studying any Computer Science discipline long ago. No matter what IT or CS discipline you work on in college, university, or real life, cyber security is always somewhere in the scene. 

In this article, prepared by MyAssignmentLab.com — technical homework help service — you will find the sequence of questions presenting a step-by-step guide for cyber security assessment. If you need assistance with your STEM assignments, pay for computer science helpers online and let them do the job from time to time. 

Assess the quality of this piece, and, if needed, delegate some of your tasks to professional writers and coders.

Question 1

The type of attack recorded by the CCTV cameras is Device Tampering. It is executed by attackers to modify the functioning of sensors or devices, thus altering how they work. An effective way to counter device tampering is the need-to-know measures where users of the device may not be able to access the functions of the device until such a point as the function for which they need to access the device is actually underway. Tamper detection mechanisms are also effective for protecting such devices. This may include authorization codes or alarm systems that alert any unauthorized access of the devices.

Question 2

  1. The attacker may access the codes through eavesdropping. The attacker ends up gaining access to the passphrase that generates the encryption key. A way to counter such an attack would be to implement and-to-end encryption.
  2. Here the attack may be carried out through a compromised-key attack where the attacker illegally holds the password and hard-coded key without the knowledge of the system security. A valid way to counter this type of attack is through more complex encryption where the code only makes sense to the authorized recipient.
  3. The thermostat configuration is also susceptible to an eavesdropping attack where the attacker may see how to access the reset button. How to prevent such an attack may be through the erection of a physical barrier between the unauthorized user and the device, as well as implementing access control to the device such as encryption or setting up a password.
  4. The printer in the organization would be susceptible to a Denial of Service (DoS) attack, where the attacker would prevent even legitimate system requests from the remote firmware update. How to counter such an attack would be through the introduction of an authentication key for any sort of updates for the printer.

Question 3

The graph indicates a Multiple Independent Level of Security setup that incorporates both a software level of security and a hardware level of security. As one moves from the software layer to the hardware level, the cost of implementation increases, yet so performs the security system. There is also a mixed zone of implementation where both the hardware and the software systems are in use to enhance the overall security of the system.

Cyber Security Assessment

Question 4

The challenges faced when preparing the security program that secures the ICS/SCADA system include factors such as; 

  1. A scarcity of information regarding the network’s traffic numbers
  2. Limited knowledge regarding the capabilities and specifications of new devices
  3. Inability to identify the threats to the system promptly
  4. Insufficient real-time scanning capabilities to identify suspicious activity on the network
  5. Unsafe authentication procedures that allow potential attackers access into network and system vulnerabilities

Question 5

“Ensuring authenticity, confidentiality, reliability, resilience, and integrity of DCS against various attacks must be performed at a certain level of trust”

This statement demonstrates the fact that a DCS system is a process-oriented system in which multiple parts and layers work together to achieve the security function. As such, each level is dependent on the next, which is in turn dependent on the other. As a result, each component needs to fully trust on the next, for full functioning of the entire system.

Question 6

The security objectives that should be achieved by the monitoring devices for the elderly include; Confidentiality, Authenticity, Availability and Integrity. Confidentiality means the devices’ ability to secure information from unauthorized parties while authenticity means that the communication transmitted by the monitors is legitimate. Availability on the other hand means that the monitors are available and working when needed while Integrity means that the transmitted data is secure from any unscrupulous modification. Attack vectors that may be used by outside attackers include; man-in-the-middle attacks, compromised key attacks and eavesdropping events. Such vectors may be mitigated through implementing sufficient encrypted authentication keys and passwords.

Question 7

The advantages of distributed authentication in ICS include the fact that a single point of failure may not compromise the entire ICS system, like a centralized authentication system would. The centralized authentication system on the other hand is advantageous to the extent that all users of the various terminals can access every device and system using only one set of login credentials.

studying any Computer Science discipline

Question 8

An example of a defense in depth strategy would be introducing multiple layers of security controls for the ICS system.  The security control room for instance would be in a room with a lockable door that requires password access, with the security station also requiring a set of password passwords to authenticate access.

Question 9

I would apply the risk assessment report for the IT system as is to the ICS system, since the risk mitigation measures that would work in an IT system would generally also be acceptable for an ICS system. With a few modifications and considerations, the IT risk assessment report should be able to work satisfactorily for the ICS system.

Question 10

The smart grid CPS infrastructure system relies on two-way communications between smart devices, increasing reliability efficiency and affordability. Since end-to-end encryption is easy to implement in this system, security threats are minimal, and strategies such as the defense in depth are easy to set up for the system.

Conclusion – Cyber Security Assessment Questions

Some of the cyber security assessment questions above are formulated in a form of cases, some — in a form of direct instructions. Note down the sequence, or save this article in bookmarks to use both as a guide and a sample of Computer Science writing. 


Daniel Segun
Daniel Segunhttp://www.techsegun.com/
Daniel Segun is the Founder and CEO of SecureBlitz Cybersecurity Media, with a background in Computer Science and Digital Marketing. When not writing, he's probably busy designing graphics or developing websites.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.