IT Security and Risk Management

+ Free Shipping
Category:

 

NMIMS Global Access

School for Continuing Education (NGA-SCE)

Course: IT Security and Risk Management

Internal Assignment Applicable for June 2023 Examination

Assignment Marks: 30

Instructions:

  • All Questions carry equal marks.
  • All Questions are compulsory
  • All answers to be explained in not more than 1000 words for question 1 and 2 and for question 3 in not more than 500 words for each subsection. Use relevant examples, illustrations as far as possible.
  • All answers to be written individually. Discussion and group work is not advisable.
  • Students are free to refer to any books/reference material/website/internet for attempting their assignments, but are not allowed to copy the matter as it is from the source of reference.
  • Students should write the assignment in their own words. Copying of assignments from other students is not allowed
  • Students should follow the following parameter for answering the assignment questions

For Theoretical Answer

Assessment Parameter Weightage
Introduction 20%
Concepts and Application 60%
related to the question
Conclusion 20%

For Numerical Answer

Assessment Parameter Weightage
Understanding and usage 20%
of the formula
Procedure / Steps 60%
Correct Answer & 20%
Interpretation
  1. Even in this age of Google Pay, Apple Pay and Samsung Pay, where you can use virtual payments to purchase items in real stores and restaurants with your smartphone, the

“old fashioned” credit card and debit card isn’t going away anytime soon. With that said, many people who use them are afraid that the payment information that’s on those cards could be lifted by hackers, even if they remain inside a wallet. That fear includes

 

NMIMS Global Access

School for Continuing Education (NGA-SCE)

Course: IT Security and Risk Management

Internal Assignment Applicable for June 2023 Examination

the newer credit and debit cards that have RFID chips inside. That’s why some folks who use those kinds of cards are buying RFID blocking wallets, which are supposed to keep hackers from taking your payment information. Explain RFID Hacking and ways

to avoid it. (10 Marks)

  1. Access control is a method of guaranteeing that users are who they say they are and that they have the appropriate access to company data. Most security professionals

understand how critical access control is to their organization, which access control techniques would you want or expect your bank to employ to keep your bank account

safe? Give detailed justifications for your recommendations. (10 Marks)

3. CovidLock is a new Android ransomware that conducts a lock-screen attack against its victims. A security research Team, in the course of monitoring newly registered Coronavirus and COVID labeled domain names, discovered a website luring users into downloading an Android application under the guise of a COVID-19 heat map. The coronavirusapp.site domain initially contained an iframe sourcing directly from infection2020.com (a website from an independent developer for tracking US-based COVID-19 news) and a small banner above that encouraged the installation of the malicious application for real time updates.

The app portrays itself as a Coronavirus Tracker. As soon as it starts running, it asks the user to allow it to conduct battery optimization. The ransomware does this to keep itself running in the background and to make sure that Android does not close the app to optimize battery performance. Once the initial phase is over, the app requests access to Android’s Accessibility feature. By integrating accessibility features and services, Android developers can improve the app’s usability, particularly for users with disabilities. But it is common for attackers to use this functionality to keep the malware persistent.

NMIMS Global Access

School for Continuing Education (NGA-SCE)

Course: IT Security and Risk Management

Internal Assignment Applicable for June 2023 Examination

Once admin rights are achieved by the app, the attack is launched. As soon as the victim clicks on “Scan Area For Coronavirus,” the phone locks itself with a message on the locked screen. It asks for $250 as ransom in the form of bitcoins. Failure to do so, according to the attacker, can lead to the leaking of the victim’s private data, including photos, videos, and more.

  1. Explain the various types of malware and how is ransomware different from a

virus/worm? (5 Marks)

  1. What precautions should an employer of an SME take to prevent ransomware attacks

on a company resources? (5 Marks)

**********

 

Reviews

There are no reviews yet.

Be the first to review “IT Security and Risk Management”

Your email address will not be published. Required fields are marked *

Shopping Cart