Computer Systems Security: Winter 2018 Assignment 3: Difference between revisions

From Soma-notes
No edit summary
No edit summary
Line 1: Line 1:
'''This assignment is not yet finalized.'''
Due: March 26, 2018 by the start of class.
Due: March 26, 2018 by the start of class.


Line 8: Line 6:
# [1] What is one significant reason that most currently used intrusion detection systems use signatures rather than other approaches?
# [1] What is one significant reason that most currently used intrusion detection systems use signatures rather than other approaches?
# [2] Why are insider attacks potentially more damaging than outsider attacks?  Explain using a simple example.
# [2] Why are insider attacks potentially more damaging than outsider attacks?  Explain using a simple example.
# [1] What is a concept from this class that you find confusing or hard to understand?  Please explain briefly the difficulty you are having.

Revision as of 14:18, 19 March 2018

Due: March 26, 2018 by the start of class.

  1. [2] How can you check the integrity and authenticity of a downloaded ISO image of a Linux distribution? Explain what you must assume for both integrity and authenticity to be assured.
  2. [2] Describe an attack (and associated context) that could be detected using an anomaly-based intrusion detection system but would normally be missed by both specification and signature-based intrusion detection systems.
  3. [2] How are intrusion detection system similar to anti-malware systems? How can they be different?
  4. [1] What is one significant reason that most currently used intrusion detection systems use signatures rather than other approaches?
  5. [2] Why are insider attacks potentially more damaging than outsider attacks? Explain using a simple example.
  6. [1] What is a concept from this class that you find confusing or hard to understand? Please explain briefly the difficulty you are having.