# HOMEWORK No.

Course :Principles of Operating systems Code : CSE 213

PART A

Ques1) How can you define the standard security attacks?

Ans :

Security attack refers to a process whereby a person compromise your computer by installing
harmful malicious software in your computer without your knowledge. These malicious software
includes viruses, spywares, adwares, and trojan horses. These software often deletes certain vital
files on your computer, making your computer to function abnormally, spying on your online
surfing habits, and cause advertisements to pop up on your screen when you are online.

Ques2) Difference between system and program threats.

Ans :

Ques3) What commonly used computer programs are prone to man in the middle attacks.
Discuss solutions to prevent this form of attack.
Ans: ppt pdf

Man-In-The-Middle attack is the type of attack where attackers intrude into an existing
connection to intercept the exchanged data and inject false information. It involves
eavesdropping on a connection, intruding into a connection, intercepting messages, and
selectively modifying data.

The term "Man-in-the-middle attack" (MITM attack) refers to the type of attack where the attacker
intrudes into the communication between the endpoints on a network to inject false information
and intercept the data transferred between them.

Or

Make by raj 9464554250

 Defenses against the attack

Various defenses against MITM attacks use authentication techniques that are based on:

• Public key infrastructures

• Stronger mutual authentication, such as:
o Secret keys (which are usually high information entropy secrets, and thus
more secure), or
o Passwords (which are usually low information entropy secrets, and thus
less secure)
• Latency examination, such as with long Cryptographic hash function calculations
that lead into 10s of seconds; if both parties take 20 seconds normally, and the
calculation takes 60 seconds to reach each party, this can indicate a third party
• Second (secure) channel verification
• One-time pads are immune to MITM attacks, assuming the security and trust of
the one-time pad.
• Carry-forward verification

The integrity of public keys must generally be assured in some manner, but need not be
secret. Passwords and shared secret keys have the additional secrecy requirement. Public
keys can be verified by a Certificate Authority, whose public key is distributed through a
secure channel (for example, with a web browser or OS installation). Public keys can also
be verified by a web of trust that distributes public keys through a secure channel (for
example by face-to-face meetings).

See Key-agreement protocol for a classification of protocols that use various forms of
keys and passwords to prevent man-in-the-middle attacks.

PART B

Ques4) How Cryptography acts as a security tool?

Ans : (681) page number of book

Cryptography (or cryptology; from Greek κρυπτός, kryptos, "hidden, secret"; and γράφ,
gráph, "writing", or -λογία, -logia, respectively)[1] is the practice and study of hiding
information. Modern cryptography intersects the disciplines of mathematics, computer
science, and engineering. Applications of cryptography include ATM cards, computer
passwords, and electronic commerce.

Cryptology prior to the modern age was almost synonymous with encryption, the
conversion of information from a readable state to nonsense. The sender retained the
ability to decrypt the information and therefore avoid unwanted persons being able to
read it. Since WWI and the advent of the computer, the methods used to carry out
cryptology have become increasingly complex and its application more widespread.

Or

Ques5) How can you provide security to your system?

(658) page number of books

Make by raj 9464554250

Ans :
Task 1 - Install and Use Anti-Virus Programs
Task 2 - Keep Your System Patched
Task 3 - Use Care When Reading Email with Attachments
Task 4 - Install and Use a Firewall Program
Task 5 - Make Backups of Important Files and Folders
Task 6 - Use Strong Passwords
Task 7 - Use Care When Downloading and Installing Programs
Task 8 - Install and Use a Hardware Firewall
Task 9 - Install and Use a File Encryption Program and Access Controls

Ques6) How firewalls are used to protect system and network?

Ans :

Firewalls are a key part of keeping networked computers safe and secure. All computers
deserve the protection of a firewall, whether it’s the thousands of servers and desktops
that compose the network of a Fortune 500 company, a traveling salesperson’s laptop
connecting to the wireless network of a coffee shop, or your grandmother’s new PC with
a dial-up connection to the Internet.

Although home users have traditionally used only host-based firewalls, recent trends in
security exploits highlight the importance of using both types of firewalls together.
Traditional firewall architectures protect only the perimeter of a network. However, once
an attacker penetrates that perimeter, internal systems are completely unprotected. Hybrid
worms, in particular, have penetrated corporate networks through email systems, and then
have spread quickly to unprotected internal systems. Applying host-based firewalls to all
systems, including those behind the corporate firewall, should now be standard practice.

Make by raj 9464554250