Computer Systems Security: Winter 2018 Assignment 3

From Soma-notes
Revision as of 14:18, 19 March 2018 by Soma (talk | contribs)

Due: March 26, 2018 by the start of class.

  1. [2] How can you check the integrity and authenticity of a downloaded ISO image of a Linux distribution? Explain what you must assume for both integrity and authenticity to be assured.
  2. [2] Describe an attack (and associated context) that could be detected using an anomaly-based intrusion detection system but would normally be missed by both specification and signature-based intrusion detection systems.
  3. [2] How are intrusion detection system similar to anti-malware systems? How can they be different?
  4. [1] What is one significant reason that most currently used intrusion detection systems use signatures rather than other approaches?
  5. [2] Why are insider attacks potentially more damaging than outsider attacks? Explain using a simple example.
  6. [1] What is a concept from this class that you find confusing or hard to understand? Please explain briefly the difficulty you are having.