mccaffery_a12

.docx

School

University of Rhode Island *

*We aren’t endorsed by this school

Course

434

Subject

Computer Science

Date

Apr 3, 2024

Type

docx

Pages

Uploaded by EarlBraveryPheasant31

Nicholas McCaffery CSF 434/534 - Assignment#12 Spring 2020 Question 1: ----------- Backups and encryption are not the only needed form of hardware security because they both have drawbacks. Encryption has drawbacks in the form of scalability and key distribution. Backups does little in the way of protecting it from disclosure to an unauthorized party who comes into possession with your lost or stolen hardware. Question 2: ----------- Full disk encryption is a cryptographic method that applies encryption to the entire hard drive including data, files, the operating system and software programs and self-encrypting disks are hard drives that automatically and continuously encrypts the data on the drive without any user interaction. Question 3: ----------- TPM i s a hardware solution on the motherboard, one that assists with key generation and storage as well as random number generation and HSM is a device used to manage or store encryption keys. Question 4: ----------- My computer uses a BIOS. Question 5: ----------- The keyboard is not responding when the computer enters secure boot because it is most likely not a signed driver according to secure boot while the mouse driver most likely is. Question 6: ----------- This article is about a claim that Chinese spies had inserted a covert electronic backdoor into the hardware of computer servers used by 30 US companies.The technology had been compromised during the manufacturing process in China. They inserted tiny chips about the size of a grain of rice into motherboards during the manufacturing process. China has long had a semi-state operation to hack into US tech companies and steal their intellectual property so this did not come as a total shock for China to implement a hardware hack into motherboards.

Question 7: ----------- One operating system is Network operating systems and these run on network components in order to provide the actual configuration and computation portion of networking. The second operating system is server operating systems and these work between the server hardware and the applications that are being run on the server. The third operating system is Mobile operating systems and these run on mobile devices like Apple and Android. The fourth operating system is Workstation operating systems and these work on providing a functional working space, typically a graphical interface, for a user. Question 8: ----------- A vulnerability I found for Windows 10 is the Microsoft Font Driver Vulnerability. This vulnerability was due to Windows Adobe Type Manager improperly handling specially-crafted OpenType fonts, which can result in a remote code execution vulnerability. Question 9: ----------- Kiosk OS's auto-login would be typically implemented because it is c ommonly used for interactive customer service applications, such as interactive information sites and menus. The machine can use auto-login and still be "secure” because users can’t make any configuration changes. Question 10: ----------- OS hardening is the process of preparing and securing a system and involves the removal of all unnecessary software and services. One action is to make sure the base installation of all OS and application software comes from a trusted source, and is verified as correct by using hash values. Another action is The base installation includes all current patches and updates for both the OS and applications. A third action is that Current backup images are taken after hardening and updates to facilitate system restoration to a known state. Question 11: ----------- A real world cyber incident that was at the fault of peripherals is modern laptops being prone to peripherals. Thunderbolt ports on certain computers are found to have vulnerabilities with peripheral devices. Researchers found that potential attacks could take complete control of the target computer. In addition to plug-in devices like network and graphics cards, attacks can also be carried out by peripherals like chargers and projectors that work to their correct use but in accordingly will compromise the host computer. In order to not have this happen the article says that it is essential that users should install security

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version