Enterprise Info Security Essay Example | Topics and Well Written Essays - 1250 words

Enterprise entropy Security - Essay ExampleThis may result in erratic program behavior, including memory admission fee errors, incorrect results, a crash, or a breach of corpse security. They atomic number 18 thus the basis of umteen software vulnerabilities and can be maliciously exploited Understanding the difference between data and programs is a very important element of avoiding various overflow attacks. When one understands that data is just computer information while a program is the software screen, he or she can be able to utilise new plea systems. Its easy for someone to understand how to use the modern security features wish Data Execution Prevention (DEP) can be applied in modern operating system like Mac OSX, Linus and Microsoft Windows. For example DEP works in two different ways either its computer hardware encoded or software encoded. Software-encoded DEP do not protect data pages from execution of codes, but from another pillowcase of attack. Knowledge about this security features and operating systems is very important when one is looking for the best defense against overflow attacks. Question 4.2 Consider a system that writes event numbers to its audit log and uses a table to translate these numbers into messages. What is the potential advantage of using this level of indirection in log saddle entries? What are the potential dangers? This system is the Computer Aided Dispatch System ( pawl System). Potential advantage CAD system is a greater boost to public communication. These include providing instant and reliable communication by dint of warning device connections, mobile data systems, and time and records management systems. Potential Dangers The design, development, purchase, and installation of CAD systems can be a confused for both a medium or large-size public safety agency. It involves not save the installation of computers and the CAD software, but usually connection to a wide variety of other systems alarm inputs, mobi le data systems, time synchronization sources, records management systems. This process is therefore very expensive and complicated to handle (Computer-Aided Dispatch Software Resource, Para 2). Question 4.3 How spoofing can be performed When a particular simple machine claims to own a particular IP address and the first machine sends all its messages to that machine. Using this attack, a machine can listen to all the traffic that a machine wants to send out. This happens when two machines are on the same network. Normally one machine sends a packet to the other machine IP address and the network routes back to its destination. This kind of attack is called ARP spoofing. RP doesnt have any way to check if a particular responding machine does in fact own a particular IP address. This can be exploited by having other machines claim to be certain IP addresses. Defenses against spoofing Some of the defense mechanism against spoofing includes Guarding algorithm for ARP spoofing Updatin g ARP cache method Checking the ARP cache each and every time Information encoding Controlling by the use of switching equipments Configuration of static ARP cache (Li, B., Dong, K., Dong, L. & Yang L.) Question 5.1 Explain the model of twofold signature used in SET (Secure Electronic Transfer) Protocol and its Components. Secure Electronic dealing (SET) is system of protecting electronic transaction using credit cards online. This process uses the concept of dual signature. Dual signature concept operates in the following procedure The owner of the card will dispatch the cards payment information