Note: The 3 questions must include full Introduction, Analysis, and Summary paragraphs. Must be written in APA format. Provide 4 references for each question. 400 words each.
1. Take a look at the US-CERT (United States Computer Emergency Readiness Team) web site at
https://kb.cert.org/vuls/id/796611
,
https://kb.cert.org/vuls/id/930724
,
https://kb.cert.org/vuls/id/287178
” Use this sources of information, and explain in your own words how threat agents and risk affects information security and whether cryptographic techniques can provide countermeasures to these threats.
2. Using the link
https://www.snort.org/talos
. Snort can be downloaded
https://snort.org/downloads/#rule-downloads
Pick one of the named rules files, open it, and choose a rule. If this is your first exposure to Snort rule syntax, please note that the rules are the sometimes-cryptic looking items starting with the word “alert”. Copy the rule you pick and describe what the rule means in your own words.
3. There are two basic categories of ciphers: secret key (symmetric) and public key (asymmetric).
For one of the cipher categories, describe a possible key management system, i.e., a method for creating, distributing, and storing cryptographic keys for the cipher category that you’ve picked. The key management system that you describe can either be a system in use (with appropriate citations), or a system of your own invention.
Talos Rules 2022-02-22
This release adds and modifies rules in several categories.
Talos has added and modified multiple rules in the and server-webapp rule sets to provide coverage for emerging threats from these technologies.
Change logs
29190
29181
29171
2022-02-23 00:33:36 UTC
Snort Subscriber Rules Update
Date: 2022-02-22
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091701.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
New Rules:
* 1:59083 <-> DISABLED <-> SERVER-WEBAPP D-Link router httpd server directory traversal attempt (server-webapp.rules)
* 1:59084 <-> DISABLED <-> FILE-PDF Adobe Acrobat PDF buttonGetIcon use-after-free attempt (file-pdf.rules)
* 1:59082 <-> DISABLED <-> SERVER-WEBAPP Zoho ManageEngine OpManager GetGraphData Alarms section SQL injection attempt (server-webapp.rules)
* 1:59085 <-> DISABLED <-> FILE-PDF Adobe Acrobat PDF buttonGetIcon use-after-free attempt (file-pdf.rules)
* 1:59080 <-> DISABLED <-> SERVER-WEBAPP Zoho ManageEngine OpManager GetGraphData Alarms section SQL injection attempt (server-webapp.rules)
* 1:59081 <-> DISABLED <-> SERVER-WEBAPP Zoho ManageEngine OpManager GetGraphData Alarms section SQL injection attempt (server-webapp.rules)
* 1:59078 <-> DISABLED <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (server-webapp.rules)
* 1:59079 <-> DISABLED <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (server-webapp.rules)
Modified Rules:
* 1:58679 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (server-webapp.rules)
* 1:58680 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (server-webapp.rules)
* 1:58681 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (server-webapp.rules)
* 1:58682 <-> DISABLED <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (server-webapp.rules)