INFORMATION SYSTEMS AND SECURITY AUDIT
1. Define the following terms: (6 Marks)
In information security, integrity means that data cannot be modified undetectably. This is not the same thing as referential integrity in databases, although it can be viewed as a special case of Consistency as understood in the classic ACID model of transaction processing. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality.
Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred.
In law, non-repudiation implies one's intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction. Electronic commerce uses technology such as digital signatures and public key encryption to establish authenticity and non-repudiation.
2. Describe the function of Record Layer in SSL Architecture (2 Marks) The SSL Record Protocol provides basic security services to various higher-layer protocols. In particular, the HTTP, which provides the transfer service for Web client/server interaction, can operate on top of SSL. Three higher-layer protocols are defined as part of SSL: the Handshake Protocol, the Change CipherSpec Protocol, and the Alert Protocol. These SSL-specific protocols are used in the management of SSL exchanges.
3. List the four phases of virus nature (2 Marks)
The first phase of a virus code attack is the placement of the code where it may be executed so that it can install itself in the main memory. Listed below are some methods adopted for the installation of viral code in the computer memory. The first phase of a virus code attack is the placement of the code where it maybe executed so that it can install itself in the main memory.
The second phase involves saving the viral code to hard or floppy disk in such a way as to make it difficult to be detected and removed. The layout of MicroSoft Disk Operating System (MS-DOS) provides the following areas in a hard or floppy disk which is largely hidden from users but accessible to DOS commands only. One of the most common techniques used by virus writers is to copy Boot Sector 0 to an unused sector on the disk and then overwrite Boot Sector 0 with viral code. Whenever the disk is booted, the viral code is executed and loaded into the memory. The viral code then loads the original boot sector from its new position and passes control to it, and then system is able to continue apparently normally.
The third phase involves a test for a condition which if met, will activate the virus. A condition may be a specified time, date or after a specified number of copies of the viral code have been made.
The fourth and final phase is the action phase of the virus. During this phase, the virus attacks the target system and the effect of the attack may be destructive or non-destructive.
4. Briefly describe the three cryptographic algorithms (5 Marks) DES
This is the 'Data Encryption Standard'. This is a cipher that operates on 64-bit blocks of data, using a 56-bit key. It is a 'private key' system. RSA
RSA is a public-key system designed by Rivest, Shamir, and Adleman. HASH
Please join StudyMode to read the full document