CODE & COURSE

: DFT3133 COMPUTER NETWORK

PROGRAMME

: DIP

LABSHEET

CLO

: CLO 2 SETUP A NETWORK WITH APPROPRIATE

NETWORK DEVICES FOR A GIVEN SITUATION
SUCCESFULLY. (C3, P5, PLO1, PLO2)

DURATION

10 (5.1.3 5.3.2)

2 HOURS

LABSHEET 10: BASIC SECURITY

Activity A
Activity Outcome: Identify the type of security term.
Identify the type of security threat described. For each scenario, please match
the security term to the scenario that describes it.
Scenario

Security Term

Changing the result received

for a Politeknik final exam from
B to an A in the SPMP
database

Disruption of
Service

Obtaining personal information

to impersonate another and
obtain credit

Data Loss

Destroying database records

on a computer hard drives

Identify Theft

Stealing an automative engine

design from a competitor

Data
Manipulation

Overloading an email server to

reduce its performance
preventing legitimate users
from accessing it

Information
Theft

Activity B
Activity Outcome: Differentiate between attack method
Determine if the user has been attack by attack method. Please state whether it
is virus, worm, Trojan horse, Brute Force, DoS, DDoS, Spyware, Tracking Cookies,
Adware, or Pop-ups for each scenario

1. Ahmad was surfing the internet when a program appeared claiming that
he had won a prize. When he clicked to see what prize he had won, a
program was installed on his smartphone unknowingly to his. The program
installed allowed an intruder access to his smartphone storage and
personal information. What type of attack occurred?
Adware.
2. Rohayu opened an email sent to her by his brother, Raihan. A few hours
later, Rohayu received several whatsapp message from her friends saying
that they received emails from her that she did not knowingly send. What
type of attack occurred?
Tracking Cookies.
3. Samad downloaded an app from a black market play store. Shortly after
he opened the app, his smartphone crashed and he lost all information on
his smartphone. What type of attack occurred?
DOS.
4. In rapid succession, an intruder tries a large number of possibilities to
guess passwords. As a result, other users on the network are locked out.
What type of attack occurred?
Brute Force.
5. The hacker has installs a program inside the computer. That program has
gathers personal information, including password and account information,
from the victim computer without permission or knowledge of the user.
What type of attack occurred?
Spyware.

Activity C
Activity Outcome: Identify the common DoS attacks
Denial of Service (DoS) attacks are aggressive stacks on an individual computer
or groups of computers with the intent to deny services to intended users. DoS
attacks can target end user systems, servers, routers, and network links. There
are two common DoS attacks.
a. SYN (synchronous) Flooding
A SYN flood is a form of denial-of-service attack in which an
attacker sends a succession of requests to a target's system in an
attempt to consume enough server resources to make the system
unresponsive to legitimate traffic.
b. Ping of Death
On the Internet, ping of death is a denial of service (DoS) attack
caused by an attacker deliberately sending an IP packet larger
than the 65,536 bytes allowed by the IP protocol.

Activity D
Activity Outcome: Identify the security tool and security term
There are many security tool that can be used to protect the end-user
workstation, server, and network environment. Please complete the table for
security tool and security term.
Software installed on an end-user workstation or
server to identify and remove unwanted emails

AOL Mail Spam Control .

Software installed on an end-user workstation to

detect and remove spyware and adware

Adware &
Spyware Removal Tool.

Ad Block.

Pop-up Blocker

Avira.

Anti-Virus

Software applied to an OS or application to correct

a known security vulnerability or add functionality

CCleaner.

Activity E
Activity Outcome: Identify the firewall
1. Firewall is one of the most effective security available for protecting
internal network users from external threats. A firewall resides between
two or more networks and controls the traffic between them as well as
helps prevent unauthorized access. Firewall products use various
techniques for determining what is permitted or denied access to a
network. Please define the techniques?
a. Packet Filtering
On the Internet, packet filtering is the process of passing or
blocking packets at a network interface based on source and
destination addresses, ports, or protocols.
b. Application / Web Site Filtering
A Web filter is a program that can screen an incoming Web page
to determine whether some or all of it should not be displayed to
the user.
c. Stateful Packet Inspection (SPI)
Network firewall that tracks the operating state and
characteristics of network connections traversing it. The firewall is
configured to distinguish legitimate packets for different types of
connections.