Understanding Adversaries and Attacks This week we will learn from Ross Anderson Ross Anderson bio: https://en.wikipedia.org/wiki/Ross_J._Anderson home
Question:
Understanding Adversaries and Attacks
This week we will learn from Ross Anderson
Ross Anderson
bio: https://en.wikipedia.org/wiki/Ross_J._Anderson
home page: https://www.cl.cam.ac.uk/~rja14/
book: Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition https://www.cl.cam.ac.uk/~rja14/book.html
Watch the following on-line lecture. It has really good stuff!.
If you prefer reading, the material is also covered in Chapter 2 of his excellent book. The third edition of Ross Anderson's book, "Security Engineering" is available via the Seneca Library. If you are serious about a career in cybersecurity you should take the time to read it. Seriously, you should read it. However it is almost 1200 pages long, so no need to read it all immediately.
Resources
- Lecture video: who is our adversary? https://youtu.be/o1x_Oa0XiDI
- Reading: Chapter 2: Who Is the Opponent? from Security Engineering: A Guide to Building Dependable Distributed Systems
- pdf file download: https://www.cl.cam.ac.uk/~rja14/Papers/SEv3-ch2-7sep.pdf
- also available in Safari Books database in Seneca Libraries
Watch the lecture, and read the chapter, and answer the following questions, which are asked in order of when they appear in the lecture:
- What three areas will solutions come from?
- Describe Stuxnet
- Describe the issues around bug discovery and responsible disclosure
- 2. Describe the Vulnerability Lifecycle
- 3. What is Google Zero's reponsible disclosure policy? Why is this necessary?
- What is the CERT window of disclosure? What is it good for?
- Why can disclosure be difficult? Describe the Heartbleed example of this.
- What is the moral of this story?
- Describe Meltdown
- What is coordinated disclosure?
- Why shouldn't we obsess over zero day exploits? What advice does Google have about this?
- How have we trained users to do the wrong thing?
- Describe the hierarchy of tools
- Why do you have to be careful about the data you store?
- What was the final summary, in your own words?
- Describe any cybersecurity terms or concepts you have never heard of.
Please help me explan and answare there all questions. make sure is clealy and correct folllow the snstruction. use your own word don't use AI