Blue Ridge Consulting Services (BRCS) provides security consulting and services to over 1000 clients across a wide range of enterprises in Australia. A new initiative at BRCS is for its two offices in Sydney and Melbourne to provide internships to students who are pursuing their postgraduate studies in reputed institutes in Sydney and Melbourne in the Networking and Cyber Security domains.
Students are required to demonstrate their theoretical as well as practical knowledge related to information security. To evaluate suitable candidates for this prestigious internship program, BRCS has asked applicants to prepare a detailed report and a presentation addressing the following sections:
A. Crypto-malware Attacks (maximum 600 Words)
Most recently, threat actors have started using Crypto-malware to attack victims’ devices and networks. This malware encrypts all files on a victim’s device and demands ransom for a key (to be delivered to the victim) to unlock these files. Use Library/Internet resources to research about Crypto-malware Attacks. Based on your research address following:
1. What do these attacks do? How these attacks are different from other malware attacks? Why are they so successful? In what ways ransom is paid?
2. Explain in detail the spreading mechanism(s) of crypto-malware.
3. Discuss any two crypto-malware variants developed during 2018-2019. Critically analyse their working mechanism.
4. Recommend any two security tools/techniques to withstand these attacks.
B. Load Balancing Algorithms (maximum 600 Words)
Load balancing is a technology that can help to distribute work across a network. Different algorithms are used to make a decision on load balancing. These include random allocation, round-robin, weighted round-robin, round-robin DNS load balancing, and others.
1. Explain the need for load balancing in today’s networks. What benefits are achieved with load balancing from the information security perspective?
2. From the current literature survey, research about these above-mentioned load balancing algorithms and discuss their working mechanism with advantages and disadvantages.
3. Do these algorithms compromise security? Provide proper justification regarding your recommendation.
4. Explain a recent case study where load balancing helped to prevent a total network collapse.
C. Blockchain for the Internet of Things (IoT) (maximum 600 Words)
With recent developments, it is predicted that there will be 18 billion internets of things (IoT) enabled devices by 2022 having a large influence across many vertical markets. Blockchain technologies have the potential to track, coordinate, carry out transactions and store information from these large number of devices, enabling the creation of applications that require no
centralized cloud. Based on your research and analysis
1. Discuss IoT and their Characteristics. Also, highlight the application areas of IoT.
2. Explain the working mechanism of Blockchain and Its advantages in comparison to centralised coordination.
3. Critically analyse, the advantages of using Blockchain for access control in IoT.
4. Evaluate how Blockchain can ensure security in IoT.
D. Penetration testing Tools (maximum 600 Words)
A Penetration testing also called pen testing or ethical hacking is a mechanism of testing a computer system, network or web application to determine security vulnerabilities that an attacker could exploit. Burp Suite and OWASP Zed Attack Proxy (ZAP) are two penetration testing tools for web applications having similar features.
1. Analyse and compare the features of these tools.
2. Download and install each selected tool on your personal /lab computer using Virtual machine (Kali Linux /Windows 8.1 Professional) in Virtual Box. Perform penetration testing against two vulnerable web applications (Include snapshots).
3. Which tool among these two would you recommend? Justify your recommendation.