POL 343 Portland Community College Cryptography Biometrics Technology HW Hello This report needs to be updated, has some plagiarism and grammar issues . i

POL 343 Portland Community College Cryptography Biometrics Technology HW Hello

This report needs to be updated, has some plagiarism and grammar issues . i need you to fix both, it is need to be zero plagiarism . Also you need to do this

1- updated the contents

2-Write a Executive Summary.

Again, the Plagiarism need to be Zero. 1
Contents
EXECUTIVE SUMMARY ………………………………………………………………………………………………………….. 2
CHAPTER SUMMARIES…………………………………………………………………. Error! Bookmark not defined.
Chapter 2 ………………………………………………………………………………………………………………………………… 2
CHOSEN TOPIC: Cryptography: Biometrics Technology ……………………………………………………………….. 3
Current technology related to Cryptography ………………………………………………………………………………. 4
Best Practices ………………………………………………………………………………………………………………………….. 4
Future improvements/technologies …………………………………………………………………………………………… 5
Chapter 3……………………………………………………………………………………………………………………………………. 5
Chosen Topic: Malware…………………………………………………………………………………………………………….. 6
Current technology related to Anti-Malware: F-Secure SAFE ………………………………………………………. 6
Best Practice……………………………………………………………………………………………………………………………. 7
Chapter 4……………………………………………………………………………………………………………………………………. 7
Chosen Topic: click jacking ………………………………………………………………………………………………………… 8
Prevention of clickjacking …………………………………………………………………………………………………………. 8
Best Practice……………………………………………………………………………………………………………………………. 8
CHAPTER 5 …………………………………………………………………………………………………………………………………. 9
Chosen Topic: Virtualization ……………………………………………………………………………………………………. 10
Future improvements …………………………………………………………………………………………………………….. 10
CHAPTER 6 ……………………………………………………………………………………………………………………………….. 11
Chosen Topic: Network Threats and Vulnerabilities……………………………………………………………………. 12
Best Practices ………………………………………………………………………………………………………………………… 13
CHAPTER 7 ……………………………………………………………………………………………………………………………….. 13
Chosen topic: Sensitive Data-Confidentiality……………………………………………………………………………… 14
Current technologies ……………………………………………………………………………………………………………… 15
CHAPTER 8 ……………………………………………………………………………………………………………………………….. 15
Chosen topic: Chosen topic: IaaS Security Architecture ………………………………………………………………. 16
Best Practices/Future recommendations ………………………………………………………………………………….. 16
2
EXECUTIVE SUMMARY
CHAPTER SUMMARIES
Chapter 2
This chapter covers the following: authentication, access control, and cryptography. The
chapter also indicates the significance of NIST. NIST has been used in various organizations for
security purposes. Based on this chapter, NIST is mainly allowing the data to obtain its
confidentiality, integrity, and availability. As the level of security has increased where this
chapter indicates, the users can securely access the data based on its own verification and
authentication process as this chapter discussed. And if the credentials match, at that point the
procedure is finished, and the user is granted authorization for access to and the consents and
folders returned characterize both the condition. This chapter formulates how a password should
be implemented for users to obtained higher protection of data, making a strong password and
identifying the storage password would help the users firmly classify how the password
characterized being strong or weak. The access control framework is only it confirms an
individual’s identity by analyzing a unique personal attribute or the conduct and it is the best and
precise technique for checking the verifying the identification of the clients. Also, it is the most
costly confirmation system that is utilized for recognizing the clients. An example of access
control as this chapter mentioned in the application of “Biometrics”. Based on this chapter, this
3
certain method allowing the users to use their own identity such as body identification using
hand, signature, etc. to access the data. The cryptography can be thought of as the way toward
making sure about a channel of correspondence between two people be it over the web, on paper
or even verbally to shield its trustworthiness within the sight of an outsider. In current occasions,
it includes the procedure referred to as encryption just as ciphertexts with a key to decipher the
real significance of the sentence in encryptions, there two types of a cipher: block and stream
cipher. Block cipher is for higher diffusion while the stream, cipher is for listening to the
occurrence of errors. Advanced Encryption System (AES) which also discussed in this chapter
indicates how it is utilized for obtaining higher security which also relies on NIST application
together with DES (Data Encryption Standard). According to this chapter, Asymmetric in
cryptography has both secret and private keys for users, where it can be distributed to others. In
cryptography there’s we can be called parity check, error detecting codes, and certificate
authority, which includes various methods such as digital signature, error checking, etc.
CHOSEN TOPIC: Cryptography: Biometrics Technology
Cryptography is the art of ensuring client information by changing it into an unreadable
structure. This incomprehensible structure or the ciphertext must be changed over into the
intelligible organization or the plain content arrangement, by the client who has the key
necessary for the transformation, and this procedure is called decoding (Beal, 2018). For
instance, Here, the security of the Mastercard concerning the security of the card just as the
terminal where it is to be examined. In the past times, important information was stayed quiet
inside safes and ensured with locks. Computational security was acquired gratitude to various
blends that develop exponentially in the number of locks. However, shrewd foes figured out how
4
to get around this number of blends, by tuning in to bolt clicks. Exploiting this data, the security
of the safes is just straight in the number of locks.
Current technology related to Cryptography
Due to the spread of cyber-attacks and another form of threat, many organizations today
use and applied different types of software or technologies to prevent the attacks. As part of the
Cryptography method, “Biometrics” has been applied to verify the person’s identity. This
technology uses different techniques that can be implemented for anyone. One example is the
fingerprints of users, this is to make sure that the user passes the verification through his/her
fingerprint identity. The next example is the facial images, it was done through the automated
system where the machine identifies the facial image of the user to recognize the real identity.
Biometric technology has lots of benefits to control and to avoid the cyber-attack and to protect
the data to be accessed by other unknown users.
Best Practices
Many considerations need to know before applying Biometric technology. If there is a biometric
password that is set, then the attacker tries to compulsorily place your fingerprint and take away
all the sensitive information. Some of the best practices in handling biometric information are as
follows:
1) Doing a risk analysis before implementing the system.
2) Looking for customer acceptance before installing the biometrics into the system
3) To check and then ensure the transmission of the data
4) Follows interoperability concerning the existing databases for storing authentication.
5
Future improvements/technologies
It is important to make sure everything works properly. For future improvements, the technology
should then have a strong password to avoid attackers steal the data on the system. The password
should be not a fingerprint since the attacker can easily use the user’s fingerprint to access the
data forcedly. Hence, the password should be done through the application of special keys and
characters.
Chapter 3
This chapter covers the program security, knowing that building any program it should
have enough security avoid any errors. This software also indicates three terminologies such as
bugs, failure, and error. Error is a mistake that can be done by a human or within the functions of
the software. Software bugs are a fault/failure that happened in the software. Failure has
happened in the system. Buffer Overflows has also discussed in this chapter. A buffer is an
impermanent territory that a program used to store information. At the point when more
information is stored by the program in a cushion than its breaking point, the additional
information floods. It makes a portion of the information spill out into different cradles, which
can overwrite information recently stored in them. A function needs an arrival address to return.
In buffer overflow, the arrival pointer on the run-time stack is overwritten. These outcomes in
wrong code execution as the function come back to different addresses as opposed to coming
back to work. Also, this chapter covers malware. Malware is designed to bypass the security
system and avoid detection, making it extremely difficult for security system teams to ensure that
users and the wider business are not adversely impacted. Common types of malware are Trojan
horses, spyware, bots, and rootkits. The types and the history of malware have indicated in this
6
chapter for short, malware has spread all over the world and during its history, many
organizations have been affected and even until these present days. Also, as part of this chapter,
malicious codes were firmly indicated. This happened by sending emails to the users, and this
can be avoided by modifying the registry, deleting old history etc. Hence, activating the malware
needs deep cooperation such as booting, application of files, and coding.
Chosen Topic: Malware
When we say malware, it is the term that signifies the failure or any files that create
viruses either on the computer or in any device we have. Having this would be very dangerous
since it can harm our files or to our device as discussed in chapter 3. One example of malware
that been occurred globally is computer viruses. A computer virus can be downloaded to the
device or through coding. This is not easy to recognize by the user.
Current technology related to Anti-Malware: F-Secure SAFE
F-Secure SAFE is one of the best solutions that can fight malware. This can be very
useful in all aspect even in different types of businesses. F-Secure SAFE can be installed on the
computer to prevent any viruses and it can protect the private data and information of an
organization and it can also able to recognize the virus. However, there is an additional cost of
this anti-virus since it can very helpful. But its benefits are fulfilling to all users and hence, it can
be very safe to use and apply in all kinds of businesses.
7
Best Practice
There are many ways to prevent malware and even various virus in our device. One thing
the user should consider is knowing first if there are any important files installed in your device
and have a backup on it before installing any anti-virus software. This is to avoid any loss of data
or changes of the system. Make sure that all data are stored securely.
Chapter 4
In this chapter, it founds that there is the highest usage of the internet during the year
2016 with 46% and the lowest usage was during the year 1995 with 1% only. For vulnerabilities,
there were the highest data of vulnerabilities during the year 2012. Only during the years 2008
and 2009 obtained lower vulnerabilities which are 208 and 207 recorded. It also found that
“Internet Explorer” is the most popular followed by “Chrome” and “Firefox”. In this chapter,
browser attacks, and fake websites. When it comes to fake websites, there happens lots of
vulnerabilities and attacks on the browser and successful authentication should be required. It
founds that in fake websites, it was formulated by fake coding that convinces the users to explore
and lead them to error and certain attacks. There is a tracking bug that seen in the adds as the
users can click on it which relevant to the ads. Also, the click jacking where the user will attempt
to click “Yes or NO” option. In summary, the browser is prone to attacks. There are lots of
attacks that can be happened on it, this is due to having poor authentication, fake coding, and not
enough security applied.
8
Chosen Topic: click jacking
There are different fake websites today that even appear on internet claiming their
legitimacy and authenticity. Also, users are not aware about their tactics on internet on how they
work as a fake website and even their adds. One example that appeared on fake websites is the
clickjacking. Clickjacking is something like there is posted adds on the website and the user tried
to click on it since it is required. They have to ask the user to click the adds to continue surfing.
However, it will redirect to various fake adds or fake websites. This happened mainly on social
media like Facebook.
Prevention of clickjacking
The prevention of clickjacking required secure Browser first. It is important to check the
browser if there is any attack and to secure it deeply, the user can install the No Script plugins to
make sure there is no any code copied and inputting of code on the site.
Best Practice
Web Application Firewalls (WAFs) can help the secure the website and even clickjacking
activities. WAF goes about as an intermediate gadget between a web-customer and webserver.
It’s a kind of security gadget that is utilized to shield the web servers from the assaults. These
firewalls are otherwise called “Profound parcel assessment firewalls”. The application firewall
which works by testing the HTTP requests for the site utilizing the GET and POST demands,
often executes rules which helping with separating the invalid traffic from suitable site visitors.
The web application firewall is for the most part valuable for the organizations which offer item
or administration over an internet. Examining the HTTP traffic, WAF is ready to obstruct the
9
security assaults like XSS. They are available in three kinds such as application-based networkbased and cloud-facilitated.
CHAPTER 5
It is evident that operating systems (OSs) have undergone an evolution that once supported
a single program and an individual user to numerous applications and users simultaneously. The
resources requiring OD protection include input/output devices, memory, networks, and programs.
Operating systems utilize modular and layered designs in simplifying and separating critical
functions from the nonfunctional functions. Enforcement of resources access control may be done
using several methods, such as through segmentation, reference monitors, and hardware memory
protection. As malicious software packages, rootkits acquire root status or efficiently get integrated
into OS. There are various operating system offers the necessary security roles. The critical
security features comprise of analytical data protection, enforced sharing, inter-process
synchronization, and communication, interface to the hardware, access, and allocation control to
general objects. The History of the operating system dates back to the dedication of a single
program to an entire computer. These OSs saved startup, loading as well as shutdown time besides
fully exploiting the limited resources. The first PCs suffered a critical step back since they were
meant for single users and competently an only program. It was during the 90s when multitasking
came into existence, coming alongside the learning of traditionally shared computers. The user
accesses a virtual machine, and it contains those resources. The user is unable to access resources
available to the operating system but exists outside the virtual machine. A virtual machine monitor
or a hypervisor is the software considered in implementing a VM. It equally offers translation
requests between the operating system and the virtual machine.
10
Chosen Topic: Virtualization
Information technologies are quickly developing within each division of IT organizations
and one such kind of technology known as virtualization. Virtualization is the technique of forming
a software-based or virtual exemplification of something such as servers, networks and storage
and virtual applications. It is the single most effective way to reduce IT costs while increasing
agility as well as efficiency for the entire size industry. Virtualization helps boosts efficacy in the
data centre through the facilitation of these days’ servers to run several operating applications
along with systems. Workloads could become deployed faster, whereas the accessibility and
performance surge. In addition, the operations turn out to be computerized, resulting in an IT sector
that is simple to manage. Furthermore, it leads to an IT that is less costly to possess as well as run.
The primary basis why lots of corporations are moving to virtualization is because of
consolidations since one might expanse the server to its restrictions through the fitting of various
types of software on a lone hardware bit. Furthermore, virtualization leads to green technology as
well as simulated devices, are more energy-efficient than a dedicated server. As an alternative to
working with several dedicated servers, one could hold several virtual servers that assist in saving
power and decreasing operating costs. With virtualization, the operating system offers every user
the resources that they only have to see. Moreover, the user holds access to a virtual machine that
contains the user’s resources. In short, the element of virtualization is changing the operation of
business by given company owners the chance to cut operation costs.
Future improvements
Server virtualization presents the high availability, speed, failover, scalability, performance, agility
and flexibility that modern web-based, incredibly connected businesses need. Moreover, server
virtualization is the fundamental technology that facilitates cloud computing dealers to present
11
their services future enhancements in virtualizations. Increased use of virtualizations is projected
hence the need for more future improvements on virtualizations since the ever-improving age of
mobile computing, and operating systems are focusing on novel…
Purchase answer to see full
attachment