Solutions - Network Security Essentials - Stallings - 4th ed - Chapter 1

Problems
1.1 Consider an automated teller machine (ATM) in which users provide a personal
identification number (PIN) and a card for account access. Give examples of confidentiality,
integrity, and availability requirements associated with the system. In each
case, indicate the degree of importance of the requirement. Get this solution

1.2 Repeat Problem 1.1 for a telephone switching system that routes calls through a
switching network based on the telephone number requested by the caller. Get this solution

1.3 Consider a desktop publishing system used to produce documents for various
organizations.
a. Give an example of a type of publication for which confidentiality of the stored
data is the most important requirement.
b. Give an example of a type of publication in which data integrity is the most
important requirement.
c. Give an example in which system availability is the most important requirement. Get this solution

1.4 For each of the following assets, assign a low, moderate, or high impact level for the
loss of confidentiality, availability, and integrity, respectively. Justify your answers.
a. An organization managing public information on its Web server.
b. A law-enforcement organization managing extremely sensitive investigative
information.
c. A financial organization managing routine administrative information (not
privacy-related information).
d. An information system used for large acquisitions in a contracting organization that
contains both sensitive, pre-solicitation phase contract information and routine
administrative information. Assess the impact for the two data sets separately and
the information system as a whole.
e. A power plant contains a SCADA (supervisory control and data acquisition) system
controlling the distribution of electric power for a large military installation.
The SCADA system contains both real-time sensor data and routine administrative
information. Assess the impact for the two data sets separately and the information
system as a whole. Get this solution

1.5 Draw a matrix similar to Table 1.4 that shows the relationship between security
services and attacks. Get this solution

1.6 Draw a matrix similar to Table 1.4 that shows the relationship between security
mechanisms and attacks. Get this solution