Discuss about the Advanced Network Security for Disks Work.
Provide a general explanation of how symmetric key encryption of files or disks work.
Symmetric key encryption for files or disks is a process by which a single key is used to encrypt or decrypt a message. This implies that a person who is encrypting the message must provide the recipient with the key for them to decrypt it (Saranya, Mohanapriya and Udhayan 2014). To explain the process further, it could be said that in symmetric encryption, senders encrypt messages but without the same key provided to the recipient, it cannot be decrypted again. For this purpose, the cipher text has to be sent separately to the recipient for decrypting the encrypted text. This method might be fast from the viewpoint of implementation, but it also has weaknesses. The weakness is that, if the key is intercepted by a hacker, the message can easily be decrypted.
With respect to the file server, explain to the company what is full-disk encryption and file-based encryption, and explain the tradeoffs between the two approaches. Include recommended technologies.
Full-disk Encryption: At the file server level, full-disk encryption can be explained as an encryption process that works by automatically converting a file-server data in a form (Saranya, Mohanapriya and Udhayan 2014). This is impossible for any third person to understand who do not possess the key to undo this conversation.
File-based Encryption: At the file-server level, file-based encryption is an encryption process that provides keys according to each file in the server so that they could be unlocked independently.
Tradeoff between the two approaches: The general tradeoff between the two approaches requires that both of these technologies provide good protection to encrypted files when it comes to data theft, however, it depends only on the way by which a person handles the encryption keys.
Explain to the company any security ramifications of cloud storage to backup. Include reasons why or why not there are security ramifications.
The security ramification of cloud storage in case of backup that there are chances of data theft is very likely to occur in these matters. However, it is not justified to put forward the fact that cloud storage is an unsafe option for data backup (Rudd et al. 2017). Although, the tempting target that they provide by being available in a much bigger virtual storage space makes it vulnerable to data theft. There are data theft issues because the cloud backup system forms an environment which is beyond control, therefore, there are security ramifications present when a company would like to create a backup in the cloud-based virtual space.+
Provide a general explanation of how digital signatures work, and what problems they solve for the company.
A digital signature is regarded as the digital counterpart of a traditional and authentic handwritten signature. However, it provides much more inherent security as it provides solution to the problem of tampering the traditional signature produced by hand (Hoffstein et al. 2015). It is also based on encryption process of public key or asymmetric cryptography using a public key algorithm. It uses the mechanism where two mathematically linked keys are used, one public and one private key. In one way of hash data, the signature is to be provided, the private key is then provided to encrypt the hash code. The hash algorithm is the digital signature.
Digital signature solves the problem of authentication of a person, since original handwritten signatures can be forged and digital signatures cannot.
Regarding both encryption on the file server and use of digital signatures, explain to the company what keys will be in use and provide recommendations on managing, sharing and changing keys.
In case of digital signatures for a company, the keys that would be used for handling the digital signatures are the private keys and the public keys.
For managing, sharing and changing the keys for digital signatures, the use of the hash keys require the signer’s public key to decrypt the hash (Jain et al. 2015). The managing and sharing of the digital signatures has to be perfectly done so that it cannot be decrypted by unauthorized personnel.
What are the motivations and goals of malicious users in using the Trojan horse attacks? Include in your answer examples of negative impact of such attacks on users and software developers.
There are different mindsets behind a hacker’s motive of hacking but using a Trojan horse malware means that the hacker want to impersonate someone else’s identity as their own. The things that could motivate a hacker into using a Trojan horse malware to hack is to get hold of the encryption key form a developer’s end (Wright and Cache 2015). This helps a hacker to map every encrypted part of a password a user types down. The enabling of unauthorized access makes a hacker use Trojan horse malware.
This definitely forms a negative impact to a user as this means breaching of personal and confidential information. Every individual has a right to their private information. For example, if a user is robbed off his or her bank account details by a hacker using Trojan horse malware, it has a high risk of losing of the user’s money. Whereas, the developers who create these software impermeable to hacking face the wrath of the seniors for their failure in developing a hack-proof application.
Select two examples of real Trojans or malware distributed via reputable sources, and describe those examples.
Example 1: As per the latest news, in July the Japanese parliament suffered a malicious Trojan horse attack after a politician opened a link transferred via email. The Trojan horse attack has been reported to be from a reputed Chinese organization (Jansen and Leukfeldt 2016). The attack infected the lower house of the Japanese parliament infecting all the computers in service. However, the damages incurred by the data breach are still unclear.
Example 2: News of NotPetya first broke on 27 June in Ukraine and the Netherlands. Bothe the countries confirmed hacking attacks that affected their systems. Soon, similar incidents were confirmed by Ukraine’s government, the British advertising group WPP, and the offices of multinationals in Spain. It was found that it quickly traced the attacks to Petya, a form of ransomware which encrypts the Master Boot Record.
What role can file hashes, digests, or signatures play in securing downloads? What are the limitations of these techniques?
Hash functions are essentially necessary since they are one of the parts of the process that is performed during the creation of digital signatures (Ince 2017). Therefore, they provide the keys to authenticate any download.
The message digest helps in identifying any duplicate or potentially harmful download. It is a cryptographic hash function created by a one-way hashing formula that is designed to protect the integrity of a piece of data to warn the copyright owner of any legalized data if someone is using their original work and modifying it without having any authorization.
Before downloading any software, the user has to make sure that the software is trustworthy and may not bring about any malicious software attacks on the systems used (Ince 2017). The recommendations for a user to download a software is as listed as below:
Reference
Hoffstein, J., Pipher, J., Schanck, J.M., Silverman, J.H. and Whyte, W.J., Security Innovation Inc., 2017. Digital signature method. U.S. Patent 9,722,798.
Ince, D. ed., 2017. A Dictionary of the Internet. Oxford University Press.
Jain, N., Stiller, B., Khan, I., Makarov, V., Marquardt, C. and Leuchs, G., 2015. Risk analysis of Trojan-horse attacks on practical quantum key distribution systems. IEEE Journal of Selected Topics in Quantum Electronics, 21(3), pp.168-177.
Jansen, J. and Leukfeldt, R., 2016. Phishing and malware attacks on online banking customers in the Netherlands: a qualitative analysis of factors leading to victimization. International Journal of Cyber Criminology, 10(1), p.79.
Rudd, E.M., Rozsa, A., Günther, M. and Boult, T.E., 2017. A Survey of Stealth Malware Attacks, Mitigation Measures, and Steps Toward Autonomous Open World Solutions. IEEE Communications Surveys & Tutorials, 19(2), pp.1145-1172.
Saranya, K., Mohanapriya, R. and Udhayan, J., 2014. A review on symmetric key encryption techniques in cryptography. International Journal of Science, Engineering and Technology Research (IJSETR), 3(3), pp.539-544.
Shukla, J., 2015. Fixing computer files infected by virus and other malware. U.S. Patent 8,935,789.
Wright, J. and Cache, J., 2015. Hacking exposed wireless: wireless security secrets & solutions. McGraw-Hill Education Group.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download