Download - Assigment4
-
1. a.
i. Apolicytoallowreportingtoallowtheutilitytoreadinformationfromthemeter
ii. Apolicytoallowtheutilitytosendcommandstothemetertoshutoffpower
iii. Apolicytoallowspecificconsumerdevicestoreadthepriceofpowerb. Theutilityhasanincentivetoonlyallowthemselvestoreadandcontrolthe
meterduetocomplaintsfromcustomersandpossibleNERCviolation.Idon'tthinkthecustomerhasahugeincentivetoonlyallowspecificdevicestotalkthemeter.IthinkthissomethingthatneedtobemanagedbyNERC.
c. ItseemslikeyouwouldwanttoimplementsomekindofPKIandusedthatthat.MaybeuseaTLStunneltopassinformationbetweenthemeterthecontrolcenter.Accesstothemeterisusehttpsandmaybeapassword.
2. a. TheHMACisgoingtocomputationallylessintensive.Thismaybeimportant
forthisapplicationwiththelowlatencyrequirements.ThedownsideistheHMACrequiresasharedsecretwhileadigitalsignaturedoesnotrequireit.
b. Whenwemovetomorethantwodevicewereallyneedtousedigitalsignatureifwewanttobeabletodistinguishbetweeneachdevice.SincetheHMACuseasharedsecretthatwouldbesharedbetweenalldevicesandsoyoucannotuseittoauthenticatethedifferentdevices.
3. a. AfalsenegativeiswhenthereissomethingtheIDSshouldhavedetectedthat
itdidnot.thenegativedetectionwasfalse.IthinktheproblemhereisselfevidentbutiftheIDSisnotdetectinganissue.Itisnotdoingitjobandyounowhavesomekindofintrusioninyoursystem.
b. AfalsepositiveiswhenthereissomethingtheIDSdetectedthatisshouldhavenotdetected.Thepositivedetectionwasfalse.TheissuehereisyounowhavetoinvestigatethepositivedetectionsandthemoreoftheseyougetthelesslikelyyouareinvestigateadetectionandthelessusefultheIDSis
c. ThehostbasedIDSgivesyoumorevisibilityintothesystemitisinstalledonbutconversely.Youarelimitedtoonlygetinformationfromthehost.WithanetworkbasedIDS,youcangetamorecompletenetworkandbeabletoausethattodothingsyoucannotdowithahostbasedIDS.
4. Yes,thereareafewwaysthatcrossmymindforhowtocrosstheairgap.Aninfectedthumbdriveseemslikeitwouldcrossthegameeasily.Anotherwaywouldbetohaveaninfectedlaptoppluggedintotheairgappednetwork.Maybesomeoneloadsacompromisedconfigurationontodevicepluggedintoairgappednetwork.
5. AES6. Hashfunction,Symmetrickeycipher,Keyexchangecipher7. rootkits