SEHS4515 Individual Assignment 2324s2 Page 1
SEHS4515 Computer Security
Individual Assignment
Due: 19 April 2024 (Friday) 6:00pm
Objectives
• To let students apply computer security concepts in real-life settings.
• To show students’ understanding of the requirements and technologies in
computer security.
Instructions
• This assignment should be completed individually and neatly.
• Plagiarism will be penalized severely. Marks will be deducted for assignments
that are plagiarized in whole or in part, regardless of the sources.
• Late submission is subject to mark deduction penalty.
• Answer ALL questions.
• Please state clearly your source of reference.
• You can attach your reference materials.
Submission
• Submit your work in softcopy before the due date.
• Save your work, or scan your handwritten work, into a PDF file. Use the file
name yourname_StudentID.pdf and submit it via Blackboard.
Grading Aspects
• Marks are given to the accuracy of both steps and answer. Detailed steps should
be provided.
• No mark would be given if your work is not readable (especially for handwritten
work) and/or the steps cannot be followed.
• Late submission will have mark deduction of 20% per day late, including Sunday
and public holiday. Late more than 4 days will not be accepted.
SEHS4515 Individual Assignment 2324s2 Page 2
Question 1 (25%)
Read the following article about “Travel agencies’ customer databases being hacked”:
https://www.pcpd.org.hk/english/enforcement/case_notes/casenotes_2.php?id=2018DB0
2&content_type=&content_nature=&msg_id2=545
(a) Analyze the possible threat(s), vulnerability(es) and risk(s) in the above case. (6%)
(b) Compare the attack in the article with WannaCry attack. (6%)
(c) What countermeasure(s) did the travel agency take? Briefly explain each of them.
(7%)
(d) Suppose the agency has approximately $413 million in annual revenue. There are two
incidents of such attack per year and each attack causes 10% drop of the annual
revenue. Perform a risk analysis and suggest an acceptable cost of mitigation service.
(6%)
Question 2 (25%)
(a) Suppose you are designing the public and private keys for RSA public-key encryption.
Given p=11 and q=23.
(i) If the public key is e=13, what is private key d? (5%)
(ii) A message m=7 is encrypted using the above RSA settings, what would be the
cipher text c? (5%)
(iii) A cipher text c=3 is decrypted using the above RSA settings, what would be the
plain text m? (5%)
(b) Calculate the multiplicative inverse of 31 mod 70 using the Extended Euclidean
Algorithm. (5%)
(c) Assume your HKID card number is made from the last six digits of your student ID
number. For example, if student ID = 12345678S, then HKID = S345678(*).
Calculate the check digital (*). (5%)
SEHS4515 Individual Assignment 2324s2 Page 3
Question 3 (20%)
Multi-factor authentication (MFA) is a method of computer access control in which a
user is granted access only after successfully presenting several separate pieces of
evidence an authentication mechanism.
(a) What is the meaning of “separate pieces of evidence”? (5%)
(b) Are username and password considered as two separate pieces of evidence? Justify
your answer. (5%)
(c) Perform a simple research from the Internet, what is the maximum number of factors
used in MFA can you find? Briefly explain each factor. (10%)
Question 4 (30%)
There are 12 types of malware listed in this website:
https://www.kaspersky.com/resource-center/threats/types-of-malware
For each type of malware, find out the following information.
(a) Their characteristics (12%)
(b) The way they spread (6%)
(c) The potential damages/negative effect they cause (12%)
- End of Assignment -
请加QQ:99515681 邮箱:99515681@qq.com WX:codinghelp
- 网易硬刚腾讯 两大游戏玩家之间的口水仗不断
- 全球“最独特”的一台华为 nova 6 5G 版手机是什么样子的?
- 拼多多抖音淘宝京东,谁是真低价?
- 老杨第一次再度抓握住一瓶水,他由此产生了新的憧憬
- 丰田章男称未来依然需要内燃机 已经启动电动机新项目
- B站更新决策机构名单:共有 29 名掌权管理者,包括陈睿、徐逸、李旎、樊欣等人
- 苹果罕见大降价,华为的压力给到了?
- 三明列东又有房子要拆迁!住这里的人要发了!
- 放大招后,广州又忍不住了…
- 私募积极加仓,百亿股票私募仓位指数创出近八周新高
- 他,传闻中马云最想见的人
- 升级的脉脉,正在以招聘业务铺开商业化版图
- 如何经营一家好企业,需要具备什么要素特点
- 智慧驱动 共创未来| 东芝硬盘创新数据存储技术
- 创意驱动增长,Adobe护城河够深吗?