Assignment 1 - 50 points Q1. (10 points) Briefly explain what social engineering a>ack is. There are many types of social engineering a>acks such as phishing, spearfishing, whaling, smishing, vishing, a business email compromise and pharming. Briefly explain each type of social engineering a>acks while focusing on their differences. Social engineering assaults coerce people into disclosing information or jeopardizing security. Types consist of: 1. 2. 3. 4. 5. 6. 7. Phishing: False emails or communications requesting private information. Spear phishing: Phishing directed at certain people or companies. Whaling: Targeting prominent people with spear phishing attacks. Smishing is SMS-based phishing. Vishing is phone-based voice phishing. BEC: Using hacked emails to commit fraud. Pharming is the practice of sending users to phony websites. They all take advantage of human psychology, highlighting how crucial user knowledge is to averting these kinds of assaults. Q2. DefiniKon 19–2 (on page 628 of the book included below) defines assurance in terms of “confidence.” A vendor adverKses that its system was connected to the Internet for three months, and no one was able to break into it. It claims that this means that the system cannot be broken into from any network. DefiniKon 19-2: Security Assurance, or simply assurance, is confidence that an en6ty meets its security requirements, based on specific evidence provided by the applica6on of assurance techniques a) (5 points) Do you share the vendor’s confidence? Why or why not? I would be skeptical of the vendor's assertion. Although it is encouraging that the system was able to remain up for three months without any security breaches, this does not imply complete security. Since security is a continuous process, just because there hasn't been a breach disclosed during a certain time frame doesn't guarantee the system won't experience attacks or vulnerabilities in the future. b) (5 points) If a commercial evaluation service had monitored the testing of this system and confirmed that, despite numerous attempts, no attacker had succeeded in breaking into it, would your confidence in the vendor’s claim be increased, decreased, or left unchanged? Justify your answer. I would be more confident in the vendor's claim if it had been observed and verified by an established commercial evaluation service. A reliable third party's external confirmation lends the vendor's claim more weight. But it's crucial to take into account the testing's parameters, the assessment service's methodology, and the system's unique security needs. Although achieving absolute assurance is difficult, third-party validation may greatly raise user trust in the system's security. Q3. You opened your inbox and found the following email. You would like to find out if an email is a phishing email by investigating it. (a) (10 points) List the reasons why the email is suspicious. Justify your answer. 1. Unexpected Attachment: An unexpected attachment is included in the email, and unexpected attachments in unsolicited emails are cause for concern. Attachments might go to dangerous websites or include malware.\ 2. Request for Personal Data: The email asks the recipient to enter their personal data by clicking a link. Sensitive information is rarely requested in unsolicited emails by reputable companies. 3. Email Address of a Suspicious Sender: The sender's email address can seem dubious or inconsistent with their professional correspondence. Phishers frequently utilize email addresses that seem similar to real ones. (b) (10 points) You found URLs in the email, and one was “go.redirectonba.com”. How can you check if the URL is malicious without visiting them? What results did you get when you checked the URL? (Hint: online website checker). Online URL scanners like VirusTotal may be used to determine whether the URL "go.redirectonba.com" is malicious without having to visit the website. By sending the URL to VirusTotal, you may get a report on whether the URL is harmful after the link is scanned by many antivirus engines. If any antivirus engines reported the URL as possibly dangerous, it will be indicated in the results. (c) (10 points) How can you check if the reputation of the sender’s domain? What was the sender’s domain? What was the reputation result when you checked the sender’s domain? (Hint: domain reputation check) You can utilize tools similar to Cisco Talos or domain reputation services to verify the sender's domain's repute. Utilize the service to verify the sender's reputation after determining their domain from the email address. The outcome will show if the domain has a good reputation or is linked to harmful activity. For instance, it might indicate that the email is suspect if the domain has received reports of spam or phishing.
