Scribd
Upload
13 views2 pages

G.E 01

The document outlines guided exercises for a Computer Security course at Djillali Liabes University. It includes tasks such as providing examples of security concepts, classifying security violations, analyzing security policies in a medical context, and detailing steps in a cyber attack along with preventive measures. The exercises aim to enhance understanding of key security principles and practices.

Uploaded by

belgacem.maroua719
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views2 pages

G.E 01

The document outlines guided exercises for a Computer Security course at Djillali Liabes University. It includes tasks such as providing examples of security concepts, classifying security violations, analyzing security policies in a medical context, and detailing steps in a cyber attack along with preventive measures. The exercises aim to enhance understanding of key security principles and practices.

Uploaded by

belgacem.maroua719
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Djillali Liabes University, Sidi Bel Abbes

Faculty of Exact Sciences


Department of Computer Science

3rd Year bachelor ISIL – (S6) Course: Computer Security

Guided Exercises 01 : Introduction to Computer Security

Exercise 1:
Provide examples for the following: Adversary, Attack, Countermeasure, Risk, Security
Policy, Asset, Threat, Vulnerability.
Exercise 2:
1. Classify each of the following as a violation of confidentiality, of integrity, of
availability, or of some combination thereof.
a) Omar copies Sara’s homework.

b) Ali destroys Ahmed’s system.

c) Mustafa changes the amount of Mustafa’s check from $100 to $1,000.

d) Lina fakes Maya’s signature on a document.

e) Omar claims the domain name “[Link]” and refuses to let the
publishing house buy or use that domain name.
f) Mustafa obtains Ali’s credit card number and has the credit card company cancel
the card and replace it with another card bearing a different account number.
g) Ali spoofs (Pretends to be) Lina’s IP address to gain access to her computer.

Exercice 3:
Security targets in University Medical Center
University Medical Center has a security policy which amongst other things contains the
following rules:
1. In every department of the hospital, the chief consultant has unlimited access to all
patient records for patients which have been treated in the department.
2. A department’s nurses have access to read the patient records for all patients who are
being treated in the department.
3. Persons who are not associated with the hospital have no access to the patient record
system.
4. The hospital has the aim that the patient record system should be available for online
reading for at least 99.5% of the time, measured over a 3-month period, and it must be
available for insertion of new patient records and changes to existing records for 90% of
the time, measured over the same period.
How would you classify these rules in relation to CIA targets? (In other words, for each
rule you should try to say to what extent it is related to a target for confidentiality,
integrity and/or availability.)
Exercice 4:
Identify the steps involved in a typical cyber attack. For each step, provide an example or
scenario to illustrate its significance in compromising a system's security. Additionally,
propose preventive measures that could mitigate the risk associated with each step.

Step Example Preventive Measures


Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and
Control
Actions on
Objectives
Exfiltration
Covering Tracks

You might also like