Choose Any Six Problems Tinled Exam 120 Minutes Open Book Course Charts No 2840593

Choose any six problems. Tinled exam, 120 minutes. Open Book & Course charts, no notes. Show all work. Make assumptions clear. Explain your approach. Laptops for reference to book and PPT 1. Consider a program that aliows a surgeon in one city to assist in an operation on a patient in another city via an Internet connection. a. Show a hypothetical diagram that shows information/link elements. b. Identify a security requirement with one example of Integrity, Confidentiality, and Availability for element(s) in your diagram. c. Identify a threat associated with the security requirements in b. 2. Software Vulnerability a Explain and demonstrate by example in a diagram how a buffer overflow flaw can exist in a software program b. Explain how the Morris worm used a buffer overflow to attack a machine c. Identify two possible methods for avoiding program memory boundary problems and how these would eliminate the Morris worm attack. 3. Virus Detection a. Explain how virus signature software such as Norton and McAffee work to detect viruses b. Explain how the Sandboxie and Buster Sandbox (or Cuckoo) work to help detect viruses c. Explain how a and b differ and how they might compliment each other. 4. If you were a hacker, which of the attacks, or pieces of attacks, you have seen in Pfleeger would you use for each of the following objectives. Explain how they work and what features would you use. Make appropriate assumptions to make you approach work. a. Your competitor is preparing a proposal for a big contract that you want to Win. You want to track his proposal team’s research ,o try to understand his strategy. b. A terrorist organization is developing a cyber weapon and you want to slow their progress by destroying their programs and data c. You want to surprise your co-worker with your cyber skills but do not want to do any damage. 5. You are a software developer. Identify and explain five things that you would do to ensure “secure” software 6. You are a malware developer. Identify five things that you would do to minimize the detection and elimination of your code. 7. Passwords a. If a password can be entered every second how long would it take to guess a. 5 random lower case letters, b. 5 letter English words chosen by the user c. 5 random upper and lower case letters plus decimal numbers b. Explain a hash and how it protects a password in a machine