Upload File

assigment4

2
 1. a. i. A pol icy to al low report ing t o al low t he u tility to r ead information from the meter ii. A pol icy to al low the u tility to s end c ommands to t he me ter to s hut off power iii. A p olicy to allow specif ic consumer devic es to read the price of power b. The utility has an incentive to only allow themselves to read and control the meter due to complaints from customers and possible NERC violation. I don't think the customer has a huge incentive to only allow specific devices to talk the meter. I think this something that need to be managed by NERC. c. It seems like you would want to implement some kind of PKI and used that that. Maybe use a TLS tunnel to pass information between the meter the control center. Access to the meter is use https and maybe a pas sword. 2. a. The H MAC is going to computationally less intensive. This may be important for this application with the low latency r equirements. The downside is the HMAC requires a shared secret while a digital signature does not require it. b. When we move to more than tw o device we really need to use digital signature if we want to be able to distinguish between each device. Since the HMAC use a shared secret that would be shared between all devices and so you can not use it to authenticate the different devices. 3. a. A false negative is w hen there is something the IDS should have detected that it did not. the negative detection was false. I think the problem here is self evident but if the IDS is not detec ting an issue. It is not doing it job and you now have some kind of intrusion in your system. b. A false positive is when there is something the IDS detected that is should have not detected. The positive detection was false. The issue here is you now have to investigate the positive detections and the more of these you get the less likely you are investigate a detection and the less useful the IDS is c. The “host-based” IDS gives you more visibility into the system it is installed on but conversely. You are limited to only get information from the host. With a network based IDS, you can get a more complete network and be able to a use that to do things you can not do with a host based IDS. 4. Yes, there are a few ways that cross my mind for how to cross the air gap. An infected thumb drive seems like it would cr oss the game easily. Another way would be to have an infected laptop plugged into the air gapped network . Maybe someone loads a compromised configuration onto device plugged into air gapped network. 5. AES 6. Hash function, Symmetric key cipher, Key exchange cipher 7. rootki ts

Upload: nikolas-urlaub

Post on 03-Nov-2015

212 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • 1. a.

    i. Apolicytoallowreportingtoallowtheutilitytoreadinformationfromthemeter

    ii. Apolicytoallowtheutilitytosendcommandstothemetertoshutoffpower

    iii. Apolicytoallowspecificconsumerdevicestoreadthepriceofpowerb. Theutilityhasanincentivetoonlyallowthemselvestoreadandcontrolthe

    meterduetocomplaintsfromcustomersandpossibleNERCviolation.Idon'tthinkthecustomerhasahugeincentivetoonlyallowspecificdevicestotalkthemeter.IthinkthissomethingthatneedtobemanagedbyNERC.

    c. ItseemslikeyouwouldwanttoimplementsomekindofPKIandusedthatthat.MaybeuseaTLStunneltopassinformationbetweenthemeterthecontrolcenter.Accesstothemeterisusehttpsandmaybeapassword.

    2. a. TheHMACisgoingtocomputationallylessintensive.Thismaybeimportant

    forthisapplicationwiththelowlatencyrequirements.ThedownsideistheHMACrequiresasharedsecretwhileadigitalsignaturedoesnotrequireit.

    b. Whenwemovetomorethantwodevicewereallyneedtousedigitalsignatureifwewanttobeabletodistinguishbetweeneachdevice.SincetheHMACuseasharedsecretthatwouldbesharedbetweenalldevicesandsoyoucannotuseittoauthenticatethedifferentdevices.

    3. a. AfalsenegativeiswhenthereissomethingtheIDSshouldhavedetectedthat

    itdidnot.thenegativedetectionwasfalse.IthinktheproblemhereisselfevidentbutiftheIDSisnotdetectinganissue.Itisnotdoingitjobandyounowhavesomekindofintrusioninyoursystem.

    b. AfalsepositiveiswhenthereissomethingtheIDSdetectedthatisshouldhavenotdetected.Thepositivedetectionwasfalse.TheissuehereisyounowhavetoinvestigatethepositivedetectionsandthemoreoftheseyougetthelesslikelyyouareinvestigateadetectionandthelessusefultheIDSis

    c. ThehostbasedIDSgivesyoumorevisibilityintothesystemitisinstalledonbutconversely.Youarelimitedtoonlygetinformationfromthehost.WithanetworkbasedIDS,youcangetamorecompletenetworkandbeabletoausethattodothingsyoucannotdowithahostbasedIDS.

    4. Yes,thereareafewwaysthatcrossmymindforhowtocrosstheairgap.Aninfectedthumbdriveseemslikeitwouldcrossthegameeasily.Anotherwaywouldbetohaveaninfectedlaptoppluggedintotheairgappednetwork.Maybesomeoneloadsacompromisedconfigurationontodevicepluggedintoairgappednetwork.

    5. AES6. Hashfunction,Symmetrickeycipher,Keyexchangecipher7. rootkits


Introduction to Six Sigma

Daniel Zanella and Alexander Weygers

Tragic Heroes

Star Wars Prequel Trilogy Trivia (Episodes I-III)

расписание электричек Москва-Железка

Star Wars Original Trilogy Trivia (Episodes IV-VI)

Improve the Color Quality Of Your Monitor

Plato - Symposium

Iron Mills Essay

Bhagavad Gita

Fortran

The Dutch Republic In International Trade

Physical Modelling Synthesis Overview

Chapter 23

xCDC14a

United States Constitution

Compressing And Decompressing Folders

Basic Buffer Overflows Explained

Venture Capital

Barclays1

Simple Functions in Haskell

How Computer Keyboards Work

Heidegger Kritik

Keyboard Shortcuts for the Opera Browser for Mac OS X

Acetone Peroxide

Oedipus The King: The Ideal Tragic Play

Aesops Fables

Effective Parenting: Establishing Boundaries

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Explore The Levels of Creation

Do you admire Leonardo da Vinci?

How Computer Monitors Work

Star Wars Trivia!

Algorithms

Cakes Recipes