Computer Systems Security: Winter 2018 Assignment 3: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
Due: March 26, 2018 by the start of class. | Due: March 26, 2018 by the start of class. | ||
| Line 8: | Line 6: | ||
# [1] What is one significant reason that most currently used intrusion detection systems use signatures rather than other approaches? | # [1] What is one significant reason that most currently used intrusion detection systems use signatures rather than other approaches? | ||
# [2] Why are insider attacks potentially more damaging than outsider attacks? Explain using a simple example. | # [2] Why are insider attacks potentially more damaging than outsider attacks? Explain using a simple example. | ||
# [1] What is a concept from this class that you find confusing or hard to understand? Please explain briefly the difficulty you are having. | |||
Revision as of 14:18, 19 March 2018
Due: March 26, 2018 by the start of class.
- [2] How can you check the integrity and authenticity of a downloaded ISO image of a Linux distribution? Explain what you must assume for both integrity and authenticity to be assured.
- [2] Describe an attack (and associated context) that could be detected using an anomaly-based intrusion detection system but would normally be missed by both specification and signature-based intrusion detection systems.
- [2] How are intrusion detection system similar to anti-malware systems? How can they be different?
- [1] What is one significant reason that most currently used intrusion detection systems use signatures rather than other approaches?
- [2] Why are insider attacks potentially more damaging than outsider attacks? Explain using a simple example.
- [1] What is a concept from this class that you find confusing or hard to understand? Please explain briefly the difficulty you are having.