Uploaded by Мухаммед Максатулы

Assignment 1 (1) (1)

advertisement
Assignment 1 - 50 points
Q1. (10 points) Briefly explain what social engineering a>ack is. There are many types of social
engineering a>acks such as phishing, spearfishing, whaling, smishing, vishing, a business email
compromise and pharming. Briefly explain each type of social engineering a>acks while focusing on
their differences.
Social engineering assaults coerce people into disclosing information or jeopardizing security. Types
consist of:
1.
2.
3.
4.
5.
6.
7.
Phishing: False emails or communications requesting private information.
Spear phishing: Phishing directed at certain people or companies.
Whaling: Targeting prominent people with spear phishing attacks.
Smishing is SMS-based phishing.
Vishing is phone-based voice phishing.
BEC: Using hacked emails to commit fraud.
Pharming is the practice of sending users to phony websites.
They all take advantage of human psychology, highlighting how crucial user knowledge is to averting
these kinds of assaults.
Q2. DefiniKon 19–2 (on page 628 of the book included below) defines assurance in terms of
“confidence.” A vendor adverKses that its system was connected to the Internet for three months, and
no one was able to break into it. It claims that this means that the system cannot be broken into from
any network.
DefiniKon 19-2: Security Assurance, or simply assurance, is confidence that an en6ty meets its security
requirements, based on specific evidence provided by the applica6on of assurance techniques
a) (5 points) Do you share the vendor’s confidence? Why or why not?
I would be skeptical of the vendor's assertion. Although it is encouraging that the system was able to
remain up for three months without any security breaches, this does not imply complete security. Since
security is a continuous process, just because there hasn't been a breach disclosed during a certain time
frame doesn't guarantee the system won't experience attacks or vulnerabilities in the future.
b) (5 points) If a commercial evaluation service had monitored the testing of this system and
confirmed that, despite numerous attempts, no attacker had succeeded in breaking into it,
would your confidence in the vendor’s claim be increased, decreased, or left unchanged? Justify
your answer.
I would be more confident in the vendor's claim if it had been observed and verified by an established
commercial evaluation service. A reliable third party's external confirmation lends the vendor's claim
more weight. But it's crucial to take into account the testing's parameters, the assessment service's
methodology, and the system's unique security needs. Although achieving absolute assurance is difficult,
third-party validation may greatly raise user trust in the system's security.
Q3. You opened your inbox and found the following email. You would like to find out if an email is a
phishing email by investigating it.
(a) (10 points) List the reasons why the email is suspicious. Justify your answer.
1. Unexpected Attachment: An unexpected attachment is included in the email, and unexpected
attachments in unsolicited emails are cause for concern. Attachments might go to dangerous
websites or include malware.\
2. Request for Personal Data: The email asks the recipient to enter their personal data by clicking a
link. Sensitive information is rarely requested in unsolicited emails by reputable companies.
3. Email Address of a Suspicious Sender: The sender's email address can seem dubious or
inconsistent with their professional correspondence. Phishers frequently utilize email addresses
that seem similar to real ones.
(b) (10 points) You found URLs in the email, and one was “go.redirectonba.com”. How can you
check if the URL is malicious without visiting them? What results did you get when you checked
the URL? (Hint: online website checker).
Online URL scanners like VirusTotal may be used to determine whether the URL "go.redirectonba.com"
is malicious without having to visit the website. By sending the URL to VirusTotal, you may get a report
on whether the URL is harmful after the link is scanned by many antivirus engines. If any antivirus
engines reported the URL as possibly dangerous, it will be indicated in the results.
(c) (10 points) How can you check if the reputation of the sender’s domain? What was the sender’s
domain? What was the reputation result when you checked the sender’s domain? (Hint: domain
reputation check)
You can utilize tools similar to Cisco Talos or domain reputation services to verify the sender's domain's
repute. Utilize the service to verify the sender's reputation after determining their domain from the email
address. The outcome will show if the domain has a good reputation or is linked to harmful activity. For
instance, it might indicate that the email is suspect if the domain has received reports of spam or
phishing.
Download