代写SEHS4515、代做Python/Java程序

日期：2024-04-15 08:45

SEHS4515 Individual Assignment 2324s2 Page 1

SEHS4515 Computer Security

Individual Assignment

Due: 19 April 2024 (Friday) 6:00pm

Objectives

? To let students apply computer security concepts in real-life settings.

? To show students’ understanding of the requirements and technologies in

computer security.

Instructions

? This assignment should be completed individually and neatly.

? Plagiarism will be penalized severely. Marks will be deducted for assignments

that are plagiarized in whole or in part, regardless of the sources.

? Late submission is subject to mark deduction penalty.

? Answer ALL questions.

? Please state clearly your source of reference.

? You can attach your reference materials.

Submission

? Submit your work in softcopy before the due date.

? Save your work, or scan your handwritten work, into a PDF file. Use the file

name yourname_StudentID.pdf and submit it via Blackboard.

Grading Aspects

? Marks are given to the accuracy of both steps and answer. Detailed steps should

be provided.

? No mark would be given if your work is not readable (especially for handwritten

work) and/or the steps cannot be followed.

? Late submission will have mark deduction of 20% per day late, including Sunday

and public holiday. Late more than 4 days will not be accepted.

SEHS4515 Individual Assignment 2324s2 Page 2

Question 1 (25%)

Read the following article about “Travel agencies’ customer databases being hacked”:

https://www.pcpd.org.hk/english/enforcement/case_notes/casenotes_2.php?id=2018DB0

2&content_type=&content_nature=&msg_id2=545

(a) Analyze the possible threat(s), vulnerability(es) and risk(s) in the above case. (6%)

(b) Compare the attack in the article with WannaCry attack. (6%)

(c) What countermeasure(s) did the travel agency take? Briefly explain each of them.

(7%)

(d) Suppose the agency has approximately $413 million in annual revenue. There are two

incidents of such attack per year and each attack causes 10% drop of the annual

revenue. Perform a risk analysis and suggest an acceptable cost of mitigation service.

(6%)

Question 2 (25%)

(a) Suppose you are designing the public and private keys for RSA public-key encryption.

Given p=11 and q=23.

(i) If the public key is e=13, what is private key d? (5%)

(ii) A message m=7 is encrypted using the above RSA settings, what would be the

cipher text c? (5%)

(iii) A cipher text c=3 is decrypted using the above RSA settings, what would be the

plain text m? (5%)

(b) Calculate the multiplicative inverse of 31 mod 70 using the Extended Euclidean

Algorithm. (5%)

(c) Assume your HKID card number is made from the last six digits of your student ID

number. For example, if student ID = 12345678S, then HKID = S345678(*).

Calculate the check digital (*). (5%)

SEHS4515 Individual Assignment 2324s2 Page 3

Question 3 (20%)

Multi-factor authentication (MFA) is a method of computer access control in which a

user is granted access only after successfully presenting several separate pieces of

evidence an authentication mechanism.

(a) What is the meaning of “separate pieces of evidence”? (5%)

(b) Are username and password considered as two separate pieces of evidence? Justify

your answer. (5%)

(c) Perform a simple research from the Internet, what is the maximum number of factors

used in MFA can you find? Briefly explain each factor. (10%)

Question 4 (30%)

There are 12 types of malware listed in this website:

https://www.kaspersky.com/resource-center/threats/types-of-malware

For each type of malware, find out the following information.

(a) Their characteristics (12%)

(b) The way they spread (6%)

(c) The potential damages/negative effect they cause (12%)

- End of Assignment -