Question
1.Identify one real-life cybersecurity breach that may have occurred in the last 2 years. Using the vulnerability-threat-control paradigm,
... [Show More] discuss the breach (16 Marks).
Tip: You may use any one breach from the following link.
1.Discuss the difference between cross site scripting (XSS) attack and cross site request forgery (XSRF). Further, explain with justification, which attack is easier to defend against (16 Marks).
2.What is buffer overflow? Studies online (e.g. statcounter) suggest Microsoft Windows has over 70% of the OS market share. For this reason, identify and discuss a feature in Microsoft Windows that prevents attackers from using buffer overflows to execute malware (12 marks).
1.Discuss the notion of "security through obscurity" and its implication on modern day computer security (8 marks).
2.Discuss at least two security advantages of a host running virtualisation (8 marks).
Comments (4)
Answered by Expert Tutors
Part 1:
A cybersecurity breach took place in 2020. It was the beginning of this year 2020 when an incident took place in one of the renowned company of the USA i.e. Marriott.
The information was disclosed by accessing the account of a staff member. That account had access to the information of its customers. This way the data got revealed. The hackers got access to the information of the customers.
Many changes were made after this incident took place. Some of them are :
Two-way authentication for login.
The customers are provided with some additional security.
The security policies were not implemented carefully.
After this incident, the company made some changes to its framework. Certain changes were made to prevent any such incidents in the near future.
The accounts of the affected customers were reset.
24*7 account monitoring.
Two-factor authorization.
Part 2:
Difference between (XSS) Cross-site scripting and (CSRF) Cross-site request forgery:
CSRF permits the attacker to convince a victim to perform the activities which they don't intend to whereas XSS permits the attacker to implement javascript inside the browser of the user.
CSRF is a one-way vulnerability whereas XSS is a two-way vulnerability.
CSRF does not require javascript whereas XSS requires javascript. [Show Less]