Case 1: Researching Trojan Attacks

Trojans continue to be a highly favored means of attack today and pose a serious
threat to users. Use the Internet to search for the latest information regardin
g current Trojans. You may want to visit security vendor sites, like Symantec or
McAfee, or security research sites such as sans.org to find the latest informat
ion. What are the latest attacks? What type of damage can they do? What platform
s are the most vulnerable? Write a report on your research.

Case 4: Comparing Keyloggers

Use the Internet to research different keyloggers. Create a table that lists fiv
e different hardware keyloggers, their available memory, specific features, and
their cost. Then create another table of five different software keyloggers with
their features. Are you surprised at the functionality of these devices? Write
a summary of your findings.

Case 5: Ransomware Attacks

Use the Internet to research some of the different ransomware attacks that have
occurred recently. Identify at least three attacks that are current. What do the
y do? Why are they so successful? How are they being spread? What can users do t
o protect themselves? How can ransomware be removed from a computer? Write a sum
mary of your research.

Case 7: Combating Typo Squatting

What can organizations do to fight back against typo squatting? Research the Int
ernet to find out how companies are combating this growing problem. How can thes
e typo squatting sites be taken down? What must a company do in order to stop th
ese sites? And why has it been so difficult to do this? What proactive steps can
a company take? Write a report on your research.

Case 9: Arbitrary/Remote Code Execution Attacks

In recent years the number of arbitrary/remote code execution attacks have skyro
cketed. Why is this type of attack so popular with attackers? What are some of t
he most well-known arbitrary/remote code execution attacks that have occurred? W
hat is the primary means by which attackers infect computers with these attacks?
How do these attacks commonly occur? What are the defenses to protect against t
hese attacks? Write a one-page paper on your research.

Case 18: One-Time Pad (OTP) Research

Use the Internet to research OTPs: who was behind the initial idea, when they we
re first used, in what applications they were found, how they are used today, et
c. Then visit an online OTP creation site such as www.braingle.com/ brainteasers
/codes/onetimepad.php and practice creating your own ciphertext with OTP. If pos
sible exchange your OTPs with other students to see how you might try to break t
hem. Would it be practical to use OTPs? Why or why not? Write a report on your f
indings.

Case 19: HTTPS

Hypertext Transport Protocol Secure (HTTPS) is becoming increasingly more popula
r as a security protocol for web traffic. Some sites automatically use HTTPS for
all transactions (like Google), while others require that users must configure
it in their settings. Some argue that HTTPS should be used on all web traffic. W
hat are the advantages of HTTPS? What are its disadvantages? How is it different
from HTTP? How must the server be set up for HTTPS transactions? How would it p
rotect you using a public Wi-Fi connection at a local coffee shop? Should all We
b traffic be required to use HTTPS? Why or why not? Write a report of your resea
rch.

Case 21: IPv6 ICMP

In IPv4, ICMP provides error reporting and flow control features. Although this
functionality is still part of IPv6, there are additional roles that ICMP plays
in this latest version of IP. These include fragmentation, neighbor discovery, a
nd StateLess Address AutoConfiguration (SLAAC). In addition, many ICMP messages
are sent as multicast instead of only unicast. Yet IPv6 ICMP raises a new set of
security concerns. Use the Internet to research the ICMP under IPv6 and what th
e security concerns are. Write a report on your findings.
Case 24: Testing Password Strength
How strong are your passwords? Various online tools can provide information on p
assword strength, but not all feedback is the same. First, assign the numbers 1
through 3 to three of the passwords you are currently using, and write down the
number (not the password) on a piece of paper. Then, enter those passwords into
these three online password testing services:
How Secure Is My Password (howsecureismypassword.net/)
Check Your Password (www.microsoft.com/security/pc-security/password-checker.asp
x)
The Password Meter (www.passwordmeter.com/)
Record next to each number the strength of that password as indicated by these t
hree online tools. Then use each online password tester to modify the password b
y adding more random numbers or letters to increase its strength. How secure are
your passwords? Would any of these tools encourage someone to create a stronger
password? Which provided the best information? Create a summary of your finding
s.
Case 26: Open Authentication (OAuth)
Use the Internet to research OAuth. What is the technology behind it? What are i
ts strengths? What are its weaknesses? Will it replace OpenID? Would you recomme
nd it for secure applications like online banking? Write a report on your analys
is.