|
SPR100编程辅导、辅导c/c++,Python程序课程
SPR100 Labs
Assignment 2 (5%): Risk, Network Traffic and Encryption
Overview:
In this assignment you are going to learn how to think about threats, vulnerabilities and controls,
demonstrate some simple risk calculations, demonstrate some simple traffic filtering techniques and
demonstrate encryption and digital signatures.
Objective:
1. Do self-directed learning.
2. Gain a better knowledge of:
Risks and do some simple risk calculations
Wireshark and some of its features
Encryption and digital signatures
Activities
Part 1: Threats, Vulnerabilities and Controls (1%)
Here you will apply your knowledge of risk management by working backwards from a set of ‘controls’
to possible threats.
There are many websites and news articles that give you a list of tips on how to safely use your
computer and the Internet and most of these articles offer similar guidance to the following:
1. Patch, patch, patch
2. Install protective software
3. Choose strong passwords
4. Backup, backup, backup
5. Control access to your computer (devices)
6. Use email and the Internet safety
7. Use secure connections
8. Protect sensitive data
9. Use desktop firewalls
10. Stay informed
Select four (4) items from items 2 to 10 on list above, determine the likely control each item represents,
the vulnerability it is likely protecting against, the threat that would take advantage of the vulnerability
and then explain how these all fit together. See the table below for an example.
Guidance Control Vulnerability Threat Explanation
Patch, patch, patch Deter Software:
Holes, Bugs or
Insufficient Testing
Directed Patching ensures the
software is most up to
date such that it better
Page 1 of 4
SPR100 Labs
For ‘Threats’ and ‘Control’ use those given in Week 2 and 3 presentations. Ensure that you give enough
information for the vulnerability and explanation so that it is clear to the reader as to what you are
meaning.
Add your four (4) additional entries to the table above and insert the table in your assignment report
under the heading of Threats, Vulnerabilities and Controls.
Part 2: Risks Calculations (1%)
Now that we have touched on threats, vulnerabilities and controls, we’ll briefly look at calculating risk
and do some simple risk calculations based on the method given in class:
ALE = Likelihood x Potential Impact
If you recall, the data in class was presented in the following manner.
Threat Vulnerability Likelihood Potential
Impact
ALE Rank
Technological
Obsolescence
Server Failure
(data loss)
50% $1000 $500
Below is given the threats, vulnerabilities, chance of a threat happening, and the cost if the threat
successfully exploits the vulnerability. You need to calculate the risk (in this case the ALE), and rank the
vulnerabilities in terms of risk.
Information:
You can expect to have a technical failure of hardware, specifically of a server to happen once
every three (3) years. The server loss will mean data loss. The impact if this happens will cost
you $1500 due the need to replace the server and restore the data.
There has also been an increase in software attacks by script kiddies and you know they cause
data loss as they just love wiping all the servers. From talking with your friends you have
determined that this happens about once every two (2) years. Fortunately, you keep backups
and it takes only a day to restore wiped servers at a cost of $500.
If that is not enough, you know from the press that information extortion is on the rise through
Ransomware. Attacks are more common than they were at once every two years. All you need
to do is restore all the encrypted servers.
From talking with security you know that theft of your multilayer switch is probably likely to
happened once in ten (10) years. This is a nuisance as it will $3600 as you have to reconfigure
your remaining router and it takes time to get a replacement router.
Do the calculations based on the data above and enter the data into the table above and insert the
table into your assignment report under the heading Risk Calculations. Now rank you risks, with “1”
being the highest risk.
Page 2 of 4
SPR100 Assignments
Part 3: Network Traffic Filtering (2%)
One area of concern in IT security is secure connections. In this section of the assignment you’ll be given
some self-directed learning and then gain a few skills with Wireshark.
Resources:
Packet Analyzer (Wikipedia)
Wireshark (Wikipedia)
Wireshark (Official Website)
Wireshark online documentation
Wireshark User Guide PDF
Data Packets and IP Addresses
Before we can discuss Wireshark in detail you need to understand networks a little more, such as IP
addresses and data packets. Discussing networks and how they work is a course unto itself. The purpose
here is to give you some information as a starting point. Read the following two (2) links as they will
help you better understand the later parts.
IP Addresses
Data Packet
Introduction to Wireshark
In this part we will be introducing you to the packet analyzer Wireshark.
Steps:
1. Read the material on Packet Analyzers and Wireshark from Wikipedia (see above) to get an idea of
the tool you’ll be using.
2. Open the application Wireshark – so you can see the interface while you read the manual.
Wireshark in available on the Windows 10 virtual machine and on all College computers.
3. Read the following sections of the Wireshark manual:
1 Introduction
3 User Interface
While you are reading the manual don’t hesitate to explore the Wireshark application.
Demonstrating Traffic Filtering (2%)
Here you are going to apply some of your knowledge of Wireshark to filter out unnecessary information.
This skill will become invaluable in the future when you do a lot of packet sniffing.
Steps:
1. Open the application Wireshark
2. Read the following sections of the Wireshark manual:
5 File Input, Output, and Printing
5.1 Introduction
5.2 Open capture files
6 Working with captured Packets
3. Open the pcap that is posted on Blackboard with this assignment.
4. Demonstrate you know how to filter the traffic by showing screen captures of specific types of
protocol packets in the opened pcap:
a) DNS protocol packets – take as screenshot and name it MSU_DNS.jpg
b) HTTP protocol packets where the http host is “www.darkreading.com” – take as screenshot and
name it MSU_HTTP.jpg.
Page 3 of 4
SPR100 Assignments
c) DNS or TCP protocol packets (i.e. protocol packet with either protocol types) – take as
screenshot and name it MSU_DNS_TCP.jpg. Make sure that both types of packets are visible in
the screen shot
d) TCP and TLS protocol packets (i.e. packets that include both protocol types) – take as screenshot
and name it MSU_TCP_TLS.jpg
5. Insert the images, each with an appropriate subheading, into your assignment report under the
heading Traffic Filtering.
Note:
The Wireshark filter needs to be visible in each screenshot, otherwise it will be automatically
considered incorrect.
A command prompt with name, date and time in the title needs to be visible in each screenshot.
Part 4: Encryption and Digital Signatures (1%)
Protecting our web traffic is often done behind the scenes through the use of SSL. More often than not
our email traffic is insecure. Given this, you are going to learn to send encrypted and digitally signed
emails. For this you will need to use GoAnywhere OpenPGP Studio (OPS) from Go Anywhere (you are
expected to install this on your Windows 10 VM) and learn how to use it. To demonstrate you have
learnt to do use this application, send your instructor two emails from your Seneca email account:
An email with your Public key
And email with a message encrypted with the instructor’s Public key (available on the course
website) and signed with your Private key. The encrypted message should say “I have
completed this part of the assignment”
The Subject line of your email should be “SPR100: Encrypted Message”
Nothing needs to be included in your assignment report.
Assignment Write-up
Follow the formatting guidelines given on Blackboard for lab reports.
Deliverable
Submit your assignment through Blackboard.
Note:
Submissions deadlines are given through the assignment submission link.
Labs submitted late will be penalize 50% per day.
Late assignments still need to be satisfactorily completed and submitted by the end of Week 12
to meet SPR100’s Promotion Requirements.
请加QQ:99515681 或邮箱:99515681@qq.com WX:codehelp
|
