Enterprise Info Security Essay Example | Topics and Well Written Essays - 1250 words

Enterprise Info Security - Essay Example This may result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. They are thus the basis of many software vulnerabilities and can be maliciously exploited Understanding the difference between data and programs is a very important element of avoiding various overflow attacks. When one understands that data is just computer information while a program is the software screen, he or she can be able to apply new defense systems. It’s easy for someone to understand how to use the modern security features like Data Execution Prevention (DEP) can be applied in modern operating system like Mac OSX, Linus and Microsoft Windows. For example DEP works in two different ways; either its hardware encoded or software encoded. Software-encoded DEP do not protect data pages from execution of codes, but from another type of attack. Knowledge about this security features and operating systems is very important when one is loo king for the best defense against overflow attacks. Question 4.2 Consider a system that writes event numbers to its audit log and uses a table to translate these numbers into messages. What is the potential advantage of using this level of indirection in log file entries? What are the potential dangers? This system is the Computer Aided Dispatch System (CAD System). Potential advantage CAD system is a greater boost to public communication. These include providing instant and reliable communication through alarm connections, mobile data systems, and time and records management systems. Potential Dangers The design, development, purchase, and installation of CAD systems can be a complicated for both a medium or large-size public safety agency. It involves not only the installation of computers and the CAD software, but usually connection to a wide variety of other systems: alarm inputs, mobile data systems, time synchronization sources, records management systems. This process is ther efore very expensive and complicated to handle (Computer-Aided Dispatch Software Resource, Para 2). Question 4.3 How spoofing can be performed When a particular machine claims to own a particular IP address and the first machine sends all its messages to that machine. Using this attack, a machine can listen to all the traffic that a machine wants to send out. This happens when two machines are on the same network. Normally one machine sends a packet to the other machine IP address and the network routes back to its destination. This kind of attack is called ARP spoofing. RP doesn't have any way to check if a particular responding machine does in fact own a particular IP address. This can be exploited by having other machines claim to be certain IP addresses. Defenses against spoofing Some of the defense mechanism against spoofing includes; Guarding algorithm for ARP spoofing Updating ARP cache method Checking the ARP cache each and every time Information encryption Controlling by th e use of switching equipments Configuration of static ARP cache (Li, B., Dong, K., Dong, L. & Yang L.) Question 5.1 Explain the concept of dual signature used in SET (Secure Electronic Transfer) Protocol and its Components. Secure Electronic Transaction (SET) is system of protecting electronic transaction using credit cards online. This process uses the concept of dual signature. Dual signature concept operates in the following procedure; The owner of the card will take the cards payment information