Lab 4 - CIS Control 01 - Vulnerability Scanning and Asset Discovery Tool (Active Scanning)

Discuss the following types of security vulnerabilities that affect code: Buffer Overflow Code Injection. You have an online web store having URL mystore.com. Explain why the following hyperlinks (URL) are not very safe, and how will you make them secure: http://www. com/ distributor/distributor.asp?distID=123 http://www. com/changepassword.php?userID=123

TASK 01 (SHODAN)•For this assignment you will have to do some observation task on some vulnerabilities that can be exploited to attack ICS security.•Remember: ONLY OBSERVE for study purpose. UNITEN will not be responsible for your experimentation beyond the required task.Search for potential location of ICS devices•Use Shodan website•Search for location that is linked to port 102 in Malaysia•Note how many are there in Malaysia1.Find out what all those displayed information mean from the search. Explain it in your report. [5 marks]2.Use the map in SHODAN to actually find out where these location actually is. [2 marks]3.Cross check with google map if the location is actually real. List at least TWO detailed address and information found through SHODAN, [3 marks]4.Extra bonus marks: Find out other port number that might be used by ICS device and perform a search. List them out and perform the same test. Write the same report of your findings. TASK 02 (GOOGLE HACKING)•For this assignment…

 What is Iloveyou Virus all about? How does the Iloveyou virus affect the whole world? If you’ve given a chance to talk to the creator of the Iloveyou Virus, what do you say to him? Elaborate on your answer. Reference: 2. Earth’s Deadliest Computer Virus: Iloveyouhttps://www.youtube.com/watch?v=soZyb6lMx4c&t=6s

Please help me with the answer below with detailed explanation. if you copied and pasted from other answers, I will rate down and report it. Project Part 2: Firewall Selection and Placement Scenario The senior network architect at Corporation Techs has informed you that the existing border firewall is old and needs to be replaced. He recommends designing a demilitarized zone (DMZ) to increase network perimeter security. He also wants to increase the security of network authentication, replacing the current username and password approach. Tasks For this part of the project, perform the following tasks: Research and select firewalls for the Corporation Techs network. a. Describe each firewall (This is not refering to the brand), why you selected it, and where it should be placed for maximum effectiveness. b. Address network, server, and workstation firewalls. Describe a plan for creating a DMZ and explain how it makes the network more secure. Research network authentication and create a…

Don't use AI.

Your company has made a data-sharing agreement with another company. The administration of both companies has decided to use FTP to exchange data across their networks. On both ends of the network, data will be exchanged between already-established servers. You've been given the duty of coming up with a firewall-specific technique to allow this new connection. What is your plan of action? Which one would you recommend, and why?

Match the attack vector with the identified attack (see attched photo) You can only choose one attack for each and once used you cannot re-use the attack.

For the ZeuS malware, please write a short paragraph based on the given background and website info: ZeuS – Trojan ZeuS is a modular banking trojan that uses keystroke logging to compromise credentials when a victim visits certain banking websites. Since the release of the ZeuS source code in 2011, many other malware variants have adopted parts of its codebase, which means that incidents classified as ZeuS may actually be other malware using parts of the original ZeuS code. https://www.cisecurity.org/insights/blog/top-10-malware-december-2022   Zeus malware can give attackers full access to infected machines. While the original Zeus variant primarily utilized man-in-the-browser keyloggers to gain access to an infected computer’s banking credentials and other financial information, many forms of the Zeus virus can also be used to add CryptoLocker ransomware to an operating system or add infected computers to a botnet to perform distributed denial-of-service (DDoS) attacks. The Zeus…

Make a distinction between spoofing and session hijacking. In the case that you're a web user, what are some of the countermeasures you use to protect yourself against session hijacking?

INSTRUCTIONS: Fill in the nmap SYN Scan Responses for the remainder of this table. NMAP Port Status Reported Response from Target No response from target or ICMP destination unreachable. NMAP Analysis The service is listening on the port. The service is not listening on the port. The port is firewalled.

A vulnerability has this CVSS vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H   1.In your own words, please provide an explanation regarding each metric and discuss the characteristics that pertain to this vulnerability. You do not necessarily need to provide the score or severity rating. Describe a possible vulnerability that could reasonably have such a vector string.   2.Initially, the vulnerability is not easily reproducible and various aspects of it have not been independently confirmed. The vendor has no solution, although some members of the user community have contributed a potential fix. How does this change the vector string? Explain and provide the updated vector string.

Given have a firewall between the Internet (represented by a cloud) and your network router. And some active attacks are added from the list of active attacks; os exploits, viruses, trojans, etc. Please refer to the diagram attached.  Are these attacks able to get to your network? Do you feel your system is secure? What’s wrong with this scenario?

A fake profile of woman is created on Orkut. The profile displays her correct name and contact information such as address residential phone number cell phone number etc. Sometimes it even has her photograph. The problem is that the profile describes her as a prostitute or a woman of loose character so other Orkut members see this profile and start calling her at all hours of the day asking for favours, this leads to a lot of harassment for the victim and also defames her in society. What is the type of cyber-crime in this case. State the various types of cyber-crimes?

SCENARIO 1: You have just completed a routine security audit on the company’s information systems, and you found several areas of vulnerability. For example, file permissions have not been updated in some time, no comprehensive password policy exists, and network traffic is not fully encrypted. You noted these areas, among others, in a report to your supervisor. The report included specific recommendations to fix the problems. Your supervisor responded by saying that budgets are tight right now, and she could not approve your requests to resolve these issues. As an IT professional, you are very uncomfortable with the risk level, but you have been unable to sway your supervisor. When you discussed the situation with a colleague, he said, “Why worry about it? If it’s good enough for her, it should be good enough for you.” What do you think of your colleague’s advice, and why? Is this an ethical question? If you are still is uncomfortable, what are your options? SCENARIO 2: You work for a…

Answer the following questions. Question a. Consider the following scenario: You are working as an IT support specialist and receive a call from a remote user saying they can’t access the company website. After verifying the user as an employee, how would you start trying to solve this problem? 1)Ask questions and gather information to identify the problem. 2)Tell the user it is a virus and ask to run a virus check. 3)Tell the user they need to bring or send the computer to the corporate office for troubleshooting. 4)Ask the user to clear the cache of the web browser. Question b. What does the “isolating the problem” troubleshooting method try to do? 1)Ask the user questions to make them feel part of the solution 2)Expand the area of the problem. 3)Shrink the scope of the potential issue. 4)Recreating the problem

What Punishment for Webcam Spying is Appropriate?   Microphones, digital cameras, and webcams have many practical and harmless uses. These technologies also can leave you open to spying. For example, one school district used software, which was supposed to track the school-distributed laptops in case of theft, to take photos and scree captures of students. In another instance, a person noticed that when she gave a customer service rep access to her computer, he turned on her webcam without asking for her permission.   Cybercriminals can use spy tools take photos, or record video or audio, without turning on a light or other notification that indicates your camera or microphone is in use. The Flame virus is one way for spy tools to infect your computer. Security experts recommend using a sticker to cover your webcam and inserting a dummy plug in the microphone port when you are not using it. These technologies also allow people to take photos or videos in a public setting and share them…

You are asked to implement a group policy in your company's AD domain. Your security implementation should apply to the user account when they login to the computer irrespective of which computer they access. What steps will you take to accomplish this? * Create an OU, add the users account to this OU, create a group policy with the restrictions under the user configuration and then apply the GPO to the OU Create an OU add the computers account to the OU, create a group policy with the restrictions under the user configuration and then apply the GPO to the OU Move the computer accounts to the Users OU, create a group policy with the restrictions under the user configuration and then apply the GPO to the OU Create an OU, add the computer accounts to the OU, create a group policy with the restrictions under the Computer configuration settings and then apply the GPO to the OU

Figure 1 shows the network topology of Jose Capablanca Chess Academy. There are three groups of users in this network: students, instructors, and administrators. As a network engineer, you are required to design IP addressing scheme for this network. The number of hosts required for each group can be referred from the given network topology. You need to make sure that all subnets use the same prefix length and the same number ofhost bits. Assume that you use a modern router and your router support the use of subnet zero. By starting with the given network address and subnet mask 10.5.160.0/23 assigned by the network administrator, you can begin designing your IP addressing scheme. Produce the IP addressing scheme and answer the questions using answer sheet template as in Figure 2 (the number of rows is dependent on the number of networks you create). Administration 10 Hosts Given Network Fa00 RI 1 Switch 2 Switches 5 Switches Fa0/0 Fa0/1 R2 27 Hosts 120 Hosts Instructor Student Figure…

You have been hired as a cybersecurity consultant for a company that has recently been breached in a crypto malware attack. According to file server logs, a large number of files on the network have been modified (encrypted). The company is looking for your guidance on the requirements below. Please provide a solution (in your own words) and your reasoning.   a/ How to determine which files have been encrypted by the crypto-malware attack? The company would like to know the most efficient way as there are over 100,000 files potentially impacted.   b/ What kind of policies and/or training would you suggest as a precautionary measure?   c/ The company had some backups in alternate servers, but no consistent backup and recovery plan. The organization has agreed to have an RPO of 1 hour and an RTO of 4 hours. Please suggest the most appropriate backup strategy (full, differential, or incremental) to meet the requirement.   d/ The company would like your help with their disaster recovery…

13 DO NOT COPY FROM OTHER WEBSITES COrrect and detailed answer will be Upvoted else downvoted. Thank you

Objective The goal of this project is to enable students to get hands-on experience creating secure networked architectures. Each team will implement an encrypted overlay network, and implement clients that will use this overlay network to discover and communicate with other clients connected to the network. Creating such a network will give students an intuition of how overlay networks work on services such as Kubernetes and Docker Swarm. Requirements Design and implement an encrypted overlay network that consists of a single network end-point and multiple clients that can connect to this network. Each client can communicate with other clients as long as these clients are on the same network. Network Design A high-level design of the network is shown in the figure below. The traffic flows as follows - • Flow 1 -> This flow occurs every time a new client is started. Each client has a name (e.g., client1.c6610.uml.edu, client2.c6610.uml.edu) that it registers with the network. • Flow…

For the RogueRaticate malware, please write a short paragraph based on the given background and website info: The RogueRaticate campaign, otherwise known as FakeSG, was spotted by Proofpoint in May 2023 but its activity may date back to November 2022. It's the first major fake-browser-update campaign to emerge since SocGholish and typically leads to the NetSupport RAT being installed on the victim's machine. A month later in June, the first activity from the ZPHP campaign, also known as SmartApeSG, was spotted and finally made public in August by Trellix. Like RogueRaticate, ZPHP also most often leads to the installation of NetSupport RAT, which has been infecting machines since around 2017, according to SentinelOne. The most recent of the four campaigns is ClearFake, which was first spotted in July and made public in August by researcher Randy McEoin. Proofpoint characterized ClearFake as a campaign that drops infostealer malware and is able to tailor lures not just by the user's…

Rachel is the cybersecurity engineer for a company that fulfills government contracts on Top Secret projects. She needs to find a way to send highly sensitive information by email in a way that won't arouse the suspicion of malicious parties. If she encrypts the emails, everyone will assume they contain confidential information. What is her solution? A. Hide Message in the time index of the email B. Hide Message in the front of the email's text C. Hide Message in the company's logo within the email

Wireshark is known to be one of the most essential tool used in cybersecurity operations. It is generally used as packet capturing tool. It breaks down packets and displays different traffic information used for real-time or offline analysis. It filters and zooms out root causes of problem which can ultimately help secure the network. In this chapter, a list of laboratory activities are done to introduce to you the functionality of WIRESHARK (Please see Topic Learning Outcome). With these activities, summarize the functionality of Wireshark that is being used for network security. Use the given format below. LIST AS MANY AS YOU CAN. FUNCTION/FEATURE DESCRIPTION DESCRIPTION/IMPORTANCE IN NETWORK SECURITY THREAT (if any) LABORATORY 1. Capture ICMP data packets It displays network information of host destination and source.  Particularly the IP and MAC Address Capturing ICMP data packets is used to determine if the data were received by the intended destination. It is commonly used…

https://view.officeapps.live.com/op/view.aspx?src=https://lms-asm.moe.gov.ae/api/Files/GetFile/822bbd70-99f4-45e0-a4ef-1355c4f9fb73/CDI-2021-T2-G11G-LMS%2520Stream%2520Project%25201%2520Stages%25204-5.docx?clientContextId=MTcxLDcwLDYwLDIyNyw3MSw0NywyNTUsMTAsMjA2LDg2LDE4NiwyNTIsMzMsMTc3LDIxMiwxMSw2OCwyMTAsMjMzLDIwMCwyMCw5NSwxNjUsMjI3LDYsMTMzLDE3NSwyMjUsMTE1LDE0MywyMTMsMzQsMjEwLDQzLDMyLDEzMCw4OCwxOTksMTkzLDU0LDIsMTk2LDIwNCwyNDgsMjQyLDk0LDk4LDIyNSwyMTgsMjQ5LDIxLDIxOSwxODcsOTUsMTU3LDEwOSw4MiwxMjAsMTU3LDI0MCw1MywxMzgsMjQ4LDUsMTc0LDMxLDQyLDE2NiwyMTUsMTM5LDE2MSw2LDEyMiwyMDYsNTgsNzcsMTU5LDIwNyw2Miw3NywxOTAsMTAsMTcxLDEzOCwxMjIsMTkwLDg1LDIzNSwxMzYsMjEwLDIyNSwyNDEsMjExLDE3MiwxNDAsMTA3LDgwLDI3LDEyNSwxOTEsMTIxLDM2LDE2OCwxMzIsMTc2LDI5LDEyNiwyMDAsMTI1LDIxNiwxNDksMjQxLDIxNSwxNywyMiwyMDMsMjM5LDExMCwyNTUsNTQsMCwyMDMsMTM2LDMwLDIwMywxMzYsMjI5LDE2MCp7IkNvbnRleHRJZCI6Ijg1ODk5NyIsIkNvbnRleHRJZHMiOm51bGwsIkV4dGVybmFsVXNlcklkIjoiMjg3ODUxIiwiUGVybWlzc2lvbnMiOlsiVmlldyIsIlRha2UiLCJWaWV3QWN0aXZlT25seSJdLCJFeHRlcm…

Imagine a software that enables a surgeon to operate remotely on a patient who is in another country using just the internet. Why would anybody want to remain after the lights are out? How potentially damaging do they anticipate it to be? Which of your shortcomings do you believe they would highlight in an effort to cast doubt on you? Is it conceivable for harm to occur when there isn't a violent attacker there to exploit these vulnerabilities?