Q42: Suppose we have identified the following vulnerabilities. An attacker may steal data from a database server on a company network either by breaking into the server room, installing a malware on the server, or gaining the remote access to the server. The attacker could install the malware by bribing an employee who have access to the server or scamming a staff (send a fake email to download a fake update). The attacker could gain the remote access to the server either by stealing a password digest file or shoulder surfing. Build an attack tree for this scenario. [5 marks]
Q43: Bob wants to send a critical information to Alice. Illustrate how Alice can use digital signature and public key encryption to ensure if the message is from Bob. [3 marks]
Q44: Select parameter d for the following values selected for RSA algorithm. [5 marks] The followings values selected for RSA algorithm is correct. P = 3, Q = 5, n = 15, (n)= 8, e = 3, d = ____
Attack tree is a diagram of a root , leaves and child nodes. It must have a single root which is a goal. Here, 'Steal data from database' is the goal and root node. It is constructed by finding all capable ways of attacks and sequencing or arranging the several attack methods and it's intermediate steps.
Steps to draw attack tree:
1) find root or goal of the attack, In this question, Steal data from database
2) find objective. Here, Gaining access remotely is the objective
3) find all methods of attack. Here, shoulder surfing, bribing staff, steal digest file , etc, ..are methods of attack.
4) arrange them and draw as multileveled tree.
Get Answers For Free
Most questions answered within 1 hours.