Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

How does embedding the public key in a digital certificate protect it from impersonators

19/11/2020 Client: arwaabdullah Deadline: 12 Hours

CS 1150 Cyber Security Lab

Goal 1: The purpose of this lab is to introduce you to some tools and applications used to secure your personal computer so you can understand the importance of protecting your system from intruders as well as implement the tools.

Goal 2: To understand the fundamental concepts of cryptography by encoding and decoding a message.

Follow the instructions below. Much of this is lab activity based. You may be required to configure and/or download software to complete the activities.

You will need a blank USB drive.

Record your answers in a separate Word document. Label each section (ex Part 1, Part 2, etc and the question number). The questions to answer are in red.

Part 1 User Security

1-1: Use an Online Password Cracker

Objective 1: To learn how to hash a plaintext password using passwords of varying strengths.

Objective 2: To understand how an online cracking program can quickly crack weak hashed passwords.

1. The first step is to use a hash algorithm to create a password digest. Use your web browser to go to www.fileformat.info/tool/hash.htm (if you are no longer able to access the site through the web address, use a search engine to search for “Fileformat.Info hash functions”).

2. Under String hash, enter the simple password red123 in the Text: line.

3. Click Hash.

4. Scroll down the page and copy the MD4 hash of this password to your Clipboard by selecting the text, right-clicking, and choosing Copy.

5. Open a new tab on your web browser.

6. Go to https://crackstation.net/.

7. Paste the MD4 hash into the text box beneath Enter up to 10 non-salted hashes.

8. In the RECAPTCHA box, enter the current value being displayed in the box that says Type the text.

9. Click Crack Hashes.

10. What was the color code returned by the program for this password? ____

11. Click the browser tab to return to FileFormat.Info.

12. Under String hash, enter the longer password redbluegreen in the Text: line.

13. Click Hash.

14. Scroll down the page and copy the MD4 hash of this password to your Clipboard.

15. Click to browser tab to return to the CrackStation site. Did it succeed in cracking the password?

16. Repeat using, redbluegreen^9999. Did it succeed in cracking the password?

17. Click the browser tab to return to FileFormat.Info and experiment by entering new passwords, computing their hash, and testing them in the CrackStation site. If you are willing, enter a string hash that is similar to a real password that you use.

18. What does this tell you about the speed of cracking passwords? Give 2 to 3 specific pointers to your less knowledgeable friends relating to password choices.

19. Close all windows.

1-2: Download and Install an Online Vault Password Manager

Objective: To learn to configure and use a browser based password program.

One of the drawbacks to using a local password management program is that it must be launched whenever a password must be retrieved or the program must be left open, which could be a security risk. An option is to use a browser-based online vault password manager program that retrieves the passwords automatically. One example of a browser-based password storage program is Last Pass, which enables you to access your passwords from any computer. In this project, you will download and install LastPass.

1. Use your web browser to go to lastpass.com and click Download Free (if you are no longer able to access the site through the web address, use a search engine to search for “Lastpass”.

1. Enter Lastpass screencast tutorials in google search.

1. Watch Filling a form (How to automatically fill a webpage) tutorial.

1. When the tutorial has completed, click your browser’s Back button.

1. Click the Download button to download LastPass.

1. After the program has downloaded, launch the program and follow the instructions for the default installation.

1. Under Create or Log In be sure to click Create a New Account.

1. Enter your email address and create a password. Be sure to remember this information.

1. Accept the default settings to finish installing and creating your Lastpass account.

1. Close your web browser.

1-3: Using a Browser-Based Password Management Program

In this project, you will use the LastPass program installed in the previous project.

1. Launch your web-browser. If necessary, enable the LastPass browser extension.

2. Notice that you now have a LastPass button at the top of the screen. Click LastPass.

3. Enter your Master Password and then click Login.

4. Point your web browser to a website you frequently use that requires you to enter your username and password.

5. Enter your username and password. Notice that LastPass now asks if you want it to remember this password. Click Save Site.

6. When the Add Site window opens, click Save.

7. Log out of the website.

8. Now log in to two other websites and record their passwords in LastPass.

9. Close the web browser.

10. Reopen the web browser and click the LastPass icon on the toolbar. Notice that you are still logged in.

11. Click the LastPass icon and select the site that you want to visit. What happens when you go to these sites?

12. Because your login information automatically appears in LastPass, you do not have to memorize any account passwords and can instead create strong passwords for each account.

IF DOING THIS ON YOUR PERSONAL COMPUTER, DELETE THE ACCOUNT AND UNINSTALL THE APPLICATION ON YOUR COMPUTER.

Questions to Answer

a. Do you think this application would help users create and use strong passwords?

b. What are the strengths of a browser-based password program?

c. What are the weaknesses?

d. Would you use LastPass or a similar application?

1-4: Testing Password Strength

Objective: To use passwords of varying complexity to see how weak passwords degrade system security.

Various online tools can provide information on password strength, but not all feedback is the same. First, assign the numbers 1 through 3 to three of the passwords you are currently using, and write down the number (not the password) on a piece of paper. Then, enter those passwords into these three online password testing services:

· How secure Is My Password (howsecureismypassword.net/)

· Check Your Password (my1login.com)

· The Password Meter (www.passwordmeter.com/)

Record next to each number the strength of that password as indicated by these three online tools. Then use each online password tester to modify the password by adding more random numbers, special characters or letters to increase its strength.

Questions to Answer

1. How secure are your passwords?

2. Would any of these tools encourage someone to create a stronger password? Why or why not?

3. Which tool provided the best information?

4. Create a one-paragraph summary of your findings.

Part 2: Cryptography

Objective: To be able to decrypt a password using a route and Caesar cipher.

Do Laboratory 20 Cryptography from your eBook. The pdf file is in the Dropbox.

Read the activity. Construct a table in Word to input the route cipher. Note: the table must be 4 rows by 5 columns. The book is incorrect. After you get the key, use it to make a reference table using your knowledge of the Caesar cipher. Then, create a 3rd translation table to translate the encryption key given in Part 2 of Exercise 1 to plaintext (the hidden message). Record the hidden message.

Deliverables: 3 tables labeled as:

Table 1-Route Cipher, Table 2 Reference Table and Table 3: Translation Table

Add this to your existing Word document.

Part 3: Computer Security

Objective: To learn to configure security on your local computer.

3-1: Configure Microsoft Windows Security

Objective: To examine and understand several security settings on a Microsoft Windows 10 computer and create a recovery drive.

IMPORTANT: YOU NEED A BLANK USB DRIVE TO COMPLETE THIS LAB AS ANY EXISTING DATA ON THE DRIVE WILL BE DELETED.

1. Click Start and Settings.

2. Click Update and security.

3. If necessary, click Windows Update in the left pane.

4. Click Advanced options, then under Choose how updates are installed change to Automatic(recommended).

5. Click Give me updates for other Microsoft products when I update Windows. This will allow for updates for Microsoft software such as Office to also be updated.

6. Click View your update history to see the updates that have been installed on your computer.

7. Click the back arrow.

8. Click the back arrow to return to Update & Security

9. Click Windows Security. This is the Microsoft AV product that is part of Windows 10.

10. 10.Click Virus & Threat protection. The Windows Defender security center dialog box appears.

11. Now perform a Quick scan of the most essential files. Click Scan now. Depending on your system it may take several minutes to complete. What was the result of the scan?

12. Click the Threat History tab. Check the full history of Quarantined threats.

Has defender already identified suspicious files on this computer and placed them in quarantine? When you are finished, close Windows Defender.

13. Now perform a Quick scan of the most essential files. Click Scan now. Depending on your system it may take several minutes to complete. What was the result of the scan?

14. Click the History tab. Be sure that Quarantined items is selected and click View details.

Has defender already identified suspicious files on this computer and placed them in quarantine? When you are finished, close Windows Defender.

15. In the Find a setting search box enter UAC and press Enter.

16. Click Change User Account Control Settings. The User Account Control Settings dialog box opens.

17. Move the slider through all of the choices and notice the description of each.

18. Position the slider to Always notify. Why is this the best security setting? Click OK and then Yes.

19. Now check your personal firewall. Return to the Settings window. Click Network and Internet.

20. Click Ethernet.

21. Click Windows Firewall to view the firewall settings.

22. Click Allow an app or feature through Windows Firewall to display the Allowed apps dialog box. Scroll through the list of apps that can transmit through the firewall.

23. Close the Allowed apps dialog box.

24. Close the Settings dialog box.

25. Finally, create a recovery drive for this computer. First insert a blank USB flash drive.

26. In the Windows search box enter recoverydrive.exe and press Enter. Click Yes in the UAC.

27. The Recovery Drive dialog box appears. Click Next.

28. The system gathers the appropriate files. In the Select the USB flash drive dialog box select the appropriate drive. Click Next.

29. Click Create to complete the process.

30. After the drive has been created close all windows.

3-2: Test Antivirus Software

Objective: To understand how virus protection software works by downloading a virus test file to determine how your AV software reacts. The file downloaded is not a virus but is designed to appear to an antivirus scanner as if it were a virus.

1. Open your web browser and enter the URL http://www.eicar.org/85-0-Download.html l (if you are no longer able to access the site through the web address, use a search engine to search for “Eicar anti-malware test file”).

2. Read the “INTENDED USE” information. The file you will download is not a virus but is designed to appear to an antivirus scanner as if it were a virus.

3. Click DOWNLOAD using SSL enabled protocol https.

4. Click the file eicar.com, which contains a fake virus. A dialog box may open that asks if you want to download the file. Wait to see what happens.

What does your antivirus software do?

Close your antivirus message and if necessary click Cancel to stop the download procedure.

5. Now click eicar_com.zip. This file contains a fake virus inside a compressed (ZIP) file.

What happened?

Close your antivirus message and, if necessary, click Cancel to stop the download procedure.

6. Click eicarcom2.zip. This file has a double-compressed ZIP file with a fake virus. What happened? Close your antivirus message and, if necessary, click Cancel to stop the download procedure.

7. If necessary erase any files that were saved to your computer.

8. Close all windows.

3-3: Analyze Files and URLs for Viruses Using VirusTotal

VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs in order to identify potential malware. VirusTotal scans and detects any type of binary content, including a Windows executable program, Android, PDFs, and images. VirusTotal is designed to provide a “second opinion” on a file or URL that may have been flagged as suspicious by other A V software. In this project, you will use VirusTotal to scan a file and a URL.

1. Use Microsoft Word to create a document that contains the above paragraph about VirusTotal. Save the document as VirusTotal.docx.

2. Now save this document as a PDF. Click File and Save As.

3. Under Save as type: select PDF(*.pdf).

4. Save the file as YourName-VirusTotal.pdf.

5. Exit Word.

6. Open your web browser and enter the URL www.virustotal.com (if you are no longer able to access the site through the web address, use a search engine to search for “Virus Total”).

7. If necessary click the File tab.

8. Click Choose File.

9. Navigate to the location of YourName-VirusTotal.pdf and click Open.

10. Click Scan it!

11. If the File already analyzed dialog box opens, click Reanalyze.

12. Wait until the analysis is completed.

13. Scroll through the list of AV vendors that have been polled regarding this file. A green checkmark means no malware was detected.

14. Click the File detail tab and read through the analysis.

15. Use your browser’s back button to return to the VirusTotal home page.

16. Click URL.

17. Enter the URL of your school, place of employment, or other site with which you are familiar.

18. Click Scan it! If the URL already analysed dialog box opens, click Reanalyze.

19. Wait until the analysis is completed.

20. Scroll through the list of vendor analysis. Do any of these sites indicate Unrate site or Malware site?

21. Click Additional information.

22. How could VirusTotal be useful to users?

How could it be useful to security researchers?

However, could it also be used by attackers to test their own malware before distributing it to ensure that it does not trigger an AV alert? What should be the protections against this?

23. Close all windows.

Part 4: Internet Security and Privacy

4-1: Compare Browser Security

Objective: To determine the security level of the most popular web browsers: IE, Firefox, Safari, and Chrome.

Using the internet, research the security features of each of these browsers. Create a table that lists the different security features. In your opinion, is there one browser that is more secure than the rest? Is there a browser that is the least secure? Give reasons for your conclusion.

4-2: Web Browser Security Settings

In this project, you will configure several security settings for the Google Chr ome web browser and assess the impact of the settings including the use of cookies.

1. Launch the Chrome browser.

2. Go to amazon.com and search for different items of your interest. Add several to the shopping cart, when finished close the chrome.

3. Launch chrome again and return to amazon.com

4. Look at the shopping cart. Are your items still available? Why?

5. Now visit other websites. Notice that the ads that are displayed are of similar items that you searched for on amazon. Why did this happen? When finished close chrome.

6. Launch chrome.

7. Click the “hamburger” icon and then click Site Settings to display the chrome settings.

8. Click the back error under the search settings window.

9. Select “See all cookies and site data”.

10. Scroll through the list of cookies on your computer. Can you determine which cookies are from third party advertising networks?

11. Click a site listed that has stored a cookie on your computer.

12. Click on the name of the cookie to display the contents.

13. Click on the back error to get back to the Content settings.

14. Click Done or Finished again to return to the settings menu.

15. Now remove all the cookies by clicking Settings, Privacy and security, Clear browsing data…

16. Set time range to All Time.

17. Click clear browsing data.

18. Under privacy click Content settings…

19. Under Cookies click Block sites from setting any data.

20. Click Block third-party cookies and site data.

21. Now block JavaScript. Scroll down to JavaScript and click Do not allow any site to run JavaScript.

22. Click Done or Finished.

23. Close this Chrome tab.

24. Return to amazon.com and search for different items of your interest as you did before. Add several to the amazon shopping cart. When finished close Chrome.

25. Launch Chrome again and return to amazon.com.

26. Look at the shopping cart, are your items still available? What happened?

27. Now visit several other websites. What do you notice about the ads that displayed now? Why?

28. Close all windows.

Note: We do not recommend that you change the settings on your personal computer. If you do this, you will need to reset the settings to the default. At WSU, when you reboot the settings will return to the department standard.

4-3: Viewing Digital Certificates

In this project, you will view digital certificate information using a Google Chrome web browser.

1. Go to www.google.com

2. Note that although you didn’t enter https://, nevertheless Google created a secure connection.

3. Click the padlock icon in the browser address bar.

4. Under Cookies, how many cookies are in use and what are the use of the cookies ?

5. Click the Certificate (Valid)link.

6. Note the general information displayed under the General tab.

7. Now click the Details tab.

8. Click Valid to to view the expiration date of this certificate.

9. Click public key to view the public key associated with this digital certificate. Why is this site not concerned with distributing this key? How does embedding the public key in a digital certificate protect it from impersonators?

10. Click the Certification Path tab. Because web certificates are based on the distributed trust model, there is a “path” to the root certificate. Click the root certificate and click the View Certificate button. Click the Details tab and then click Valid to. Notice that the expiration date of this root certificate(belonging to the third party verifier) is longer than that of the website certificate(provided to the website. Click OK and then click OK again to close the Certificate window.

11. Now go to a website from which you have purchased items online. Does it default to https:// If not, then enter your account information to log into this site.

12. Click the padlock icon in the browser address bar and view the information about this certificate as you did above.

13. How would you explain the purpose of digital certificates to a friend? Is it easy to show someone how to determine if the certificate is valid?

Project 4-4: ebook: page 591, #4. Find an example of a security policy posted on a website, and list 3 of the most important statements it makes regarding the management of information. Why did you choose these 3 statements?

Rubric

Exercises

Points

Part 1-1, #18

3

Part 1-3 questions

4

Part 1-4 questions

4

Cryptography lab

9

Begin week 2

Part 3-1, 1 question and Part 3-3 questions

4

Part 4-1 table, browser comparison and questions

4

Part 4-2 Questions

4

Part 4-3 Questions

4

Part 4-4 Questions

4

Total

40

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Top Essay Tutor
Helping Hand
Best Coursework Help
Homework Guru
Quality Homework Helper
Buy Coursework Help
Writer Writer Name Offer Chat
Top Essay Tutor

ONLINE

Top Essay Tutor

I have more than 12 years of experience in managing online classes, exams, and quizzes on different websites like; Connect, McGraw-Hill, and Blackboard. I always provide a guarantee to my clients for their grades.

$115 Chat With Writer
Helping Hand

ONLINE

Helping Hand

I am an Academic writer with 10 years of experience. As an Academic writer, my aim is to generate unique content without Plagiarism as per the client’s requirements.

$110 Chat With Writer
Best Coursework Help

ONLINE

Best Coursework Help

I am an Academic writer with 10 years of experience. As an Academic writer, my aim is to generate unique content without Plagiarism as per the client’s requirements.

$110 Chat With Writer
Homework Guru

ONLINE

Homework Guru

Hi dear, I am ready to do your homework in a reasonable price and in a timely manner.

$112 Chat With Writer
Quality Homework Helper

ONLINE

Quality Homework Helper

Hi dear, I am ready to do your homework in a reasonable price.

$112 Chat With Writer
Buy Coursework Help

ONLINE

Buy Coursework Help

Hi dear, I am ready to do your homework in a reasonable price.

$112 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

What does developmentally appropriate mean - Sadie coles rudolf stingel - Nick littlefield love changes everything - Vocational development - Lakeside healthcare at oundle - Switch expression must be a scalar or a character vector - All three models of urban structure - Research Report and PPT Slides - Professional accountability in clinical expertise - Need help with stats homework - Saint andrews cross bdsm - MY OPININON - Lotus glen correctional centre history - Prog & promotions in rec park - AMERICAN GOVERNMENT - Wingate proxy server 7.3 0 crack - Newton's version of kepler's law - Academic assignment - What is procedure call - I need help - ?? same-day +27833173182 maputsoe ABORTION CLINIC // PILLS,,,, - Spanish aunt bluff king in muse of comedy - Brass current carrying capacity - ECONOMICS Problem - What is your troubleshooting process - Leadership Analysis - Stewart & watson buckie - Managing change is an integral part of - The new colossus lazarus analysis - Vce accounting study design - E electric emergency credit - Citi 3 bus cambridge - Ducksters world war 1 - Adidas value proposition - The Role of Capitalism - Earth moon sun scale model - The negro woman poem - W8 Research Case - Continue or shut down decision management accounting - How to improve psrr of ldo - MM_ Service Marketing Report - Psc1515 quiz - Physics for scientists and engineers 6th edition solutions tipler - Miss buchanan's period of adjustment - Vikings sometimes camouflaged their ships to look like _______ - Atraumatic care in pediatric nursing - Ops 571 week 5 individual assignment operations forecasting - It service desk university birmingham - Mcdonald's corporation case study analysis - Chapter 13 leverage and capital structure solutions - Del monte tomato sauce 250g price - Www cbussuper com au - HRM 652 EVALUATING RESULTS AND BENEFITS - Rsa authentication manager 7.1 installation and configuration guide - Md 101 exam questions pdf - Solidworks turn on automatic solve mode - Personal training client case studies - What is the shape of the sif4 molecule - Density of bronze g ml - The 'lost in space' program at semco could be considered ______. - Gantt chart for mobile app development - Robin hood case study swot analysis - You are the head of the project selection team at simsox - Law conversion course ucl - Cortello cabernet sauvignon napa valley 2016 - Essays - Discussion - Discussion - Conflict Resolution through Emotional Competence - Tina jones musculoskeletal subjective data - Thank You Letter - Vold's theoretical criminology 6th edition - The new asylums frontline summary - Homework - Othello tragic hero essay - Organizational Theory : Final Paper - SEX TRAFFICKING - Forecasting: principles and practice - Visual basic programming challenges solutions - Garland chocolates case study - Hm - Speeches for school captain - Samsung hails graphene ball battery success - The safer food group exam answers - The digital competence framework for citizens - Schwartz model organizes values into - Wk-2 - Csu academic referencing tool - Sodium hydroxide is a common one crossword clue - Health services Financial - Volume licensing service centre - Peoplesoft customer connection website - Hcpcs ii codes were created for billing - Judgment ps4 gold tuna cat food - Consolidation of less than wholly owned subsidiaries solutions - Beneath her shirt a book was eating her up - Thermaroof tr27 lpc fm - Rubric for evaluating children's books - Minimum land size for subdivision brisbane - Have you ever seen rain