Andrew Seamon
IT Comp Sec
Final Exam
5/12/20
1) Risk Register
Asset
Threat/Vulnerability
database
and its
backup
systems
integrity of
customer
and
financial
data report
files on
desktop
systems
synchronization of
database and its
backup
corruption of these
files due to import of
a worm/virus onto
system
Existing
Controls
Recent
backups
Likelihood Consequence
4 - Major
Level of
Risk
High
Risk
Priority
2
2Unlikely
Antivirus
Software
5 - Almost
Certain
4 - Major
Extreme
1
Justifications
Asset 1: Synchronization of a database can be done overnight during non-business hours. The
likelihood of the primary and secondary databases becoming out of sync is unlikely since the
business should be backing up the primary on a strict schedule. Should an entry on the primary
database become corrupted or missing, it could most likely be found on the backup database
and restored onto the primary.
Asset 2: A small firm without proper IT support will most likely contain outdated or obsolete
antivirus. Because of outdated protections, it’s almost certain that a virus or worm will affect
not only the original system, but all others on the network. With an infection this severe, it is
highly likely that files will become corrupted, leading to a loss of critical data within the
systems. This loss of data will seriously impact the daily operations of the accounting firm.
2) Comparing three types of 2FA with respect to different forms of attacks against them
SMS Code
- Password Cracking
o No need to crack something which is already in plaintext
- Eavesdropping
o Easy to do. Depending on the user, it could be difficult to pull off quick enough.
- Loss of Second Factor
o Losing ones phone is likely if the user is not careful. Also, if user is not smart,
they will show text messages on the lock screen.
- Trojan Horse/Key Logging
o Not useful since the code is invalid as soon as its used.
- Man in the Middle Attack
o MitM is likely, and will not be found out if done correctly.
Physical Key
- Password Cracking
o Not easy since most physical keys will change their value either on a schedule
(hourly) or each time a code is used
- Eavesdropping
o Not easy to do since some physical keys are required to be plugged into the
system which requests the code.
- Loss of Second Factor
o Losing a physical key is catastrophic. If a user lost their key, they would need to
act quickly to either shut down that factor or figure out where it went.
- Trojan Horse/Key Logging
o Not possible since codes change often and are not valid after use
- Man in the Middle Attack
o Possible, but not likely to work, since the code usually does not need to be
typed. Instead the device must be plugged in and software takes care of the rest.
Authentication App
- Password Cracking
o Possibly an easy method since codes are likely generated through an algorithm.
Depending on the owner of the app, it could be a bad algorithm which is easy to
guess.
- Eavesdropping
o Easy to do, but not likely to work unless you can act more quickly than the user.
- Loss of Second Factor
o Same argument as the SMS codes. If the user loses their phone, they have no
way to authenticate a login, meaning the attacker can use it however they wish.
- Trojan Horse/Key Logging
o Not useful since most authentication apps allow the user to tap to copy the
code, and in some cases tap “Allow” to allow the login to go through
-
Man in the Middle Attack
o Probably not feasible, as some authenticators don’t even use codes (just a “tap
to login” or “tap to deny” option). In the case of an authenticator which presents
real codes, it is probably not likely to work since all traffic would be heavily
encrypted to protect users.
3) Decryption
Ciphertext: XWNVTMBHG BL PATM KXFTBGL TYMXK T IXKLHG ATL YHKZHWWXG PATM HGX
ATL EXTKGXW BG LVAHHE
Decrypted: EDUCATION IS WHAT REMAINS AFTER A PERSON HAS FORGODDEN WHAT ONE HAS
LEARNED IN SCHOOL