Task Write around 600 to 800 words for each of the short-essay questions. All questions are of equal value. You should provide credible references for each question according to the Faculty of Business guidelines. Topic 1- Introduction to Information Security Question 1 Many external (and internal) attacks use social engineering, which is attempting to trick users into doing something that goes against the interests of security. Compared to technical protections, human gullibility often is far easier to exploit. Research the issue of social engineering as a security concern and report your findings, including what the problem is, how it is carried out, who is affected and the recent trends. Topic 2 - Cryptography Question 2 A cryptographic system is a packaged set of cryptographic countermeasures for protecting dialogues. Explain the functionality and significance of the various stages of a cryptographic system; include suitable examples from a popular cryptographic standard. Topic 3 - Network Security fundamentals - 1 Question 3 (a) Why is rate limiting a good way to reduce the damage of some DoS attacks? (b) Do you think it could be limited in effectiveness? Why? (c) Why is DoS protection a community problem, not just a problem for individual victim firms to solve? (d) Is black holding an effective defense against DoS attacks? Why or why not? Topic 5 - Firewalls Question 4 There are a number of different filtering mechanisms for examining packets that can be used in a firewall. For example, stateful packet inspection filtering, (2) static packet filtering, (3) network address translation, (4) application proxy filtering etc. Compare and contrast four such popular filtering mechanisms. Rationale This assessment aims at partially achieving the following subject objectives: - be able to explain basic information security concepts; - be able to discuss and debate some of the security implications of computer networks. - be able to compare and contrast firewall technologies; Marking criteria Questions STANDARDS FL PS CR DI HD 1. Many external (and internal) attacks use social engineering, which is attempting to trick users into doing something that goes against the interests of security. Compared to technical protections, human gullibility often is far easier to exploit. Research the issue of social engineering as a security concern and report your findings, including what the problem is, how it is carried out, who is affected and the recent trends. 1. Major omissions or incorrect answers. (Value: 95%) 2. Either no evidence of literature being consulted or cited references irrelevant to the assignment set. Major errors in referencing style. (Value: 5%) 1. Partially complete report addressing most of the criteria. Evidence of research. Some omissions. (Value: 95%) 2. Referenced some appropriate sources. Referencing style mostly correctly used. Some errors and omissions. (Value: 5%) 1. Mostly well-researched and well-presented report addressing all criteria. Some omissions. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Some errors and omissions. (Value: 5%) 1. Comprehensive report addressing all criteria. Evidence of in-depth research. Minor omissions only. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Minor errors only. (Value: 5%) 1. Comprehensive report addressing all criteria. Evidence of in-depth research. (Value: 95%) 2. Referenced a wide range of appropriate sources. Referencing style correctly used. (Value: 5%) 2. A cryptographic system is a packaged set of cryptographic countermeasures for protecting dialogues. Explain the functionality and significance of the various stages of a cryptographic system; include suitable examples from a popular cryptographic standard. 1. Major omissions or incorrect answers. (Value: 95%) 2. Either no evidence of literature being consulted or cited references irrelevant to the assignment set. Major errors in referencing style. (Value: 5%) 1. Correct but limited explanation. Mostly correct examples. Some omissions. (Value: 95%) 2. Referenced some appropriate sources. Referencing style mostly correctly used. Some errors and omissions. (Value: 5%) 1. Mostly comprehensive explanation. Correct examples. Some omissions. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Some errors and omissions. (Value: 5%) 1. Comprehensive explanation grounded in theory/literature. Correct and well-explained examples. Minor omissions only. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Minor errors only. (Value: 5%) 1. Comprehensive explanation grounded in theory/literature. Correct and well-explained examples. (Value: 95%) 2. Referenced a wide range of appropriate sources. Referencing style correctly used. (Value: 5%) 3. Question 3 (a) Why is rate limiting a good way to reduce the damage of some DoS attacks? (b) Do you think it could be limited in effectiveness? Why? (c) Why is DoS protection a community problem, not just a problem for individual victim firms to solve? (d) Is black holding an effective defense against DoS attacks? Why or why not? 1. Major omissions or incorrect answers. (Value: 95%) 2. Either no evidence of literature being consulted or cited references irrelevant to the assignment set. Major errors in referencing style. (Value: 5%) 1. Answered at least two questions correctly along with explanation. (Value: 95%) 2. Referenced some appropriate sources. Referencing style mostly correctly used. Some errors and omissions. (Value: 5%) 1. Answered all questions correctly providing some explanation. Some omissions. (Value: 95%) 3. Referenced a range of appropriate sources. Referencing style correctly used. Some errors and omissions. (Value: 5%) 1. Answered all questions correctly providing adequate explanation. Minor omissions only. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Minor errors only. (Value: 5%) 1. Answered all questions correctly providing adequate explanation. (Value: 95%) 2. Referenced a wide range of appropriate sources. Referencing style correctly used. (Value: 5%) 4. Question 4 There are a number of different filtering mechanisms for examining packets that can be used in a firewall. For example, stateful packet inspection filtering, (2) static packet filtering, (3) network address translation, (4) application proxy filtering etc. Compare and contrast four such popular filtering mechanisms. 1. Major omissions or incorrect answers. (Value: 95%) 2. Either no evidence of literature being consulted or cited references irrelevant to the assignment set. Major errors in referencing style. (Value: 5%) 1. Correct but partially incomplete comparison. No examples. (Value: 95%) 2. Referenced some appropriate sources. Referencing style mostly correctly used. Some errors and omissions. (Value: 5%) 1. Mostly Comprehensive comparison grounded in theory/literature. Some omissions. Limited examples only. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Some errors and omissions. (Value: 5%) 1. Comprehensive comparison grounded in theory/literature. Appropriate examples with clear explanation. Minor omissions only. (Value: 95%) 2. Referenced a range of appropriate sources. Referencing style correctly used. Minor errors only. (Value: 5%) 1. Comprehensive comparison grounded in theory/literature. Appropriate examples with clear explanation. (Value: 95%) 2. Referenced a wide range of appropriate sources. Referencing style correctly used. (Value: 5%) Note: Each question is worth 25 marks.