hw1 - CMPSCI 177 - Computer Security Fall 2011 First...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
CMPSCI 177 - Computer Security Fall 2011 First Homework - Security Terms and Obtaining Vulnerability Information Due: Thursday ,29SEP 11 2:00pm Part I Answer questions 1,4, 11, and 18 at the end of Chapter 1 in Bishop’stext. Part II 1. Your task is to find out the details of the Stuxnet worm. In particular ,what type of vulnerability (i.e., what feature, etc. failed) is it? Also, what applications were affected? 2. Is there a patch for this vulnerability? If yes, who generated the patch? Does it fix all occurrences of the vulnerability identified in question 1, above? If no, whynot? 3. What is a "zero-day exploit"? Did the Stuxnet worm contain a zero-day exploit? If yes, howmany? Part III The intent of this part is to get you familiar with the vulnerability databases that are available online. 1. Go to Mitre’s CVE web site (http://cve.mitre.org).
Background image of page 1
This is the end of the preview. Sign up to access the rest of the document.
Ask a homework question - tutors are online