Embedded Files
The case study is a valuable teaching tool that can be used to integrate all aspects of the syllabus.
This case study will be provided 12 months before the May examination session (18 months before the November session) so that students can carry out detailed research prior to the HL paper 3 examination, which contributes 20% of the final mark.
The computer science case study provides the stimulus material for the investigation of a scenario involving current developments and/or issues in computer science. The information obtained will prepare students and form the basis of the requirements for answering the questions in HL paper 3.
The case study is an opportunity to keep the course abreast of current technology by introducing new technical concepts or issues requiring a more in-depth investigation than that required in the rest of the course.
Through their investigation of the case study, students should be able to:
demonstrate an understanding of the computer science concepts fundamental to the system(s) in the case study (objective 1)
demonstrate an understanding of how the system(s) in the case study work (objective 1)
apply material from the course syllabus in the context of the case study (objective 2)
explain how scenarios specified in the case study may be related to other similar local and global scenarios (objective 3)
discuss the social impacts and ethical issues relevant to the case study (objective 3)
explain technical issues relating to the case study (objective 3)
evaluate information that may be gathered from local and global sources including field trips, interviews, primary and secondary research, invited guest speakers
and online interviews (objective 3)
evaluate, formulate or justify strategic solutions based on the synthesis of information from the case study itself, additional research and new stimulus material provided in the examination paper (objective 3).
Symmetric and Assumetric key encryption
2-Factor Authentication
Multifactor Authentication
SSL Encryption
Possible questions for Case Study 2015:
Possible questions for Case Study 2014:
Christian:
1. List at least three different threats that face computer users today
2. Why do these threats cause major costs to companies?
3. How does the traditional antivirus detect viruses?
4. What is anomaly-based detection?
5. What is the purpose of a Denial of service attack?
6. Construct a diagram showing the architecture of a distributed denial of service attack
7. Discuss three different forms of denial of service attack and the appropriate countermeasures for each
8. Suggest an appropriate network security set up to be used in Guanjong high school
9. Why is a BYOD environment desireable to hackers?
10. Are DoS attacks always criminal in nature? Discuss.
Kyle:
Define the following types of cyber threats:
- Bot Zombies
- Zero-day attacks
- DoS/DDoS attacks
- worms
What are the primary roles of antivirus software?
How does it carry out these goals?
What is a firewall?
Define HTTP, HTTPS, and SSL/TLS
What is a proxy server and how does it assist in preventing malware attacks
What are the main goals of a cyber-criminal
Luke:
1. Define Zero-day attacks
2. Identify the interviewee's business
3. Explain how Denial of Service (DoS) attacks work
4. How did creation of malwares have changed over years?
5. Identify different methods of detection.
6. Identify advantage / disadvantage of using traditional firewalls
7. What is the difference between bots and botnets?
8. Define smurf attacks
9. What are some examples of Advanced Persistent Threats (APTs)? And how do they work?
10. In which field the interviewee believed is the most problematic today?
Notes/Terms:
Bot zombies - an automated system made to attack another system for the purpose of creating havoc or stealing sensitive data of an individual, company or organization.
Zero day attacks - a zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it. IT exploits vulnerabilities (may use web browsers, attachments, torrents),
DoS attack - Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death andTeardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers.
Smurf Attack - a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP Broadcast address. Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim's computer will be flooded with traffic. This can slow down the victim's computer to the point where it becomes impossible to work on. The name Smurf comes from the file "smurf.c", the source code of the attack program, which was released in 1997 by TFreak.
Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected.
Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.
Intrusion Prevention System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.
APT (advanced persistent threats) targets companies for espionage, political or financial gain. An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization.
SSL/TSL is used as a network protocol to secure data being sent across an untrusted network by authenticating through an encryption process.
SSL/TLS protocols - In the authentication process, a TLS/SSL client sends a message to a TLS/SSL server, and the server responds with the information that the server needs to authenticate itself. The client and server perform an additional exchange of session keys, and the authentication dialog ends. When authentication is completed, SSL-secured communication can begin between the server and the client using the symmetric encryption keys that are established during the authentication process.
Man-in-the-middle is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection
As a BYOD deployment invariably will include a wider range of device types, the same security controls that before were applied to a singular device type now have to be applied to a multitude of hardware and operating system combinations, often with differing levels of effectiveness. Risk are even magnified when mobile devices are also taken into consideration because of the added security risks in wireless protocols.
Resources:
Page updated
Report abuse