Scenario: Computer Network Security [100 marks]

On November 2020 at 09:40 am, Gaborone City Council (GCC) was hit by a cyber-attack. Malware in this case a piece of ransomware managed to get onto the councils network. GCC systems were well defended by the latest virus protection and in fact the site where the malware was hosted had been blocked through web browser filters. However, a member of staff needing the website which related to social care functions bypassed this by googling the website and going through the link provided in the search results. This let the malware attack in. The attack was detected almost immediately because the ransomware displayed a pop-up page on the laptop demanding bitcoin payment to release the key that had been used to encrypt the files. This happened to a council laptop that was attached to the corporate network. As adversaries entered the organization it appears, they are utilizing some sort of horizontal development method to move starting with one gadget then onto the next. Examination is needed to recognize the hole in the protection and make preventive measure to impede further development of the adversaries. Imagine you are security specialist, right away roped in to oversee and protect information and data. As a specialist you are tasked to develop below control measures to improve security.

a) What are the controls or countermeasures you will be attempting to prevent exploiting a computing system's vulnerabilities? [15 Mark]

b) Based on the above information available, what are the possible situation you confront as cryptanalyst? [12 Mark]

c) As a security specialist, what are the key features you will be enforcing for a trusted operating system? [15 Mark]

d) Analyse product and process to perceive how both add to quality and to security as a part of value. [12 Mark]

e) As a specialist what are the measures you will be taking to design Kerberos to withstand attacks in distributed environments? [12 Mark]

f) In the above scenario, difficult issue for an information base supervisor is the disappointment of the registering framework highly involved with changing information. In the event that the information thing to be changed was a long field, half of the field may show the new worth, while the other half would contain the old. Regardless of whether blunders of this sort were spotted effectively (which they are not), a more unobtrusive issue happens when a few fields are refreshed, and no single field has all the earmarks of being in evident mistake. What is the answer for the above said issues? Justify with an example [12 Mark]

g) When you are employing Symmetric key systems, what kind of problems you are forecasting in the above said scenario? [12 Mark]

h) In the above said scenario, Why Computer Crime Is Hard to Prosecute? [10 Mark]

Note: Referencing is mandatory for all the questions and each question carries marks for referencing.

• Please use Harvard Referencing style.