Question

In: Computer Science

1. In terms of security, why would you not use rm command to delete files? 2....

1. In terms of security, why would you not use rm command to delete files?

2. Shred and dd are tools used to securely delete files. Which is the best tool for securely deleting a file from a system and why? Consider the limitations of each tool when choosing your answer.

3. What encryption is used to encrypt HTTP traffic (HTTPS)?

4. The CIA triad , confidentiality, integrity, and availability represent the three goals for cybersecurity. Which goal(s) does/do encryption fall under and why?

Solutions

Expert Solution

Question 1)
Answer:

In terms of security, the "rm" (remove) command permanently deletes files without giving any chance to undo the action or restore the lost, removed, or deleted files. Or at least it may make the file restoration process way too difficult. This is because the command does not send the deleted file to the "Trash" folder on how Windows OS does. This is a drawback from the users' perspective. The command does not destroy file data, but only unlinks references to objects from the filesystem. This frees the filesystem space, however, it may still contain any leftover data that was once present in the removed or deleted file. This can be a security concern in some situations.

Question 2)
Answer:

dd tool is the best to securely delete a file from a system. Even shred does the same task, however, shred has limitations such as:
* It only overwrites the data of the file in place. It does not overwrite the other copies of the same file present in manual and automatic backups, file system snapshots, copy-on-write filesystems, NFS caching, journaling, and wear leveling on flash drives. It requires to run the "shred" command on these devices to get rid of the file. SATA secure erase for magnetic devices are faster and more reliable when compared to shredding. Also, one may have to physically destroy for securely erasing devices such as memory cards, external hard disks, etc.

"shred" command securely deletes files and devices. However, with extreme processes and difficulty using specialized hardware and technology, sone can recover the deleted files.

dd is the acronym for data destroyer. When the tool or the command is run, securely wipes a file writing over random characters, making it much harder for someone to retrieve the file and restore the data from it. It is pretty much impossible for recovering the deleted file using the dd software. It requires an expensive machine and manually looks through the hard drive searching for the data. Still one may not be able to find or recover the data.

Question 3)
Answer:

Transport Layer Security (TLS), formerly called Secure Sockets Layer (SSL) encryption is used to encrypt HTTP traffic (HTTPS) or communications protocol. Hence, it also called HTTP over TLS, earlier called HTTP over SSL. This protocol an asymmetric public key infrastructure to secure communications.

Question 4)
Answer:

Encryption falls under Confidentiality (C) and Integrity (I) goals. The encryption makes sure the sensitive data is confidential, it is secret, and cannot be viewed by any intruder who is trying to access the message or data without authorization and without a decryption mechanism or key. Encryption makes sure only the right and authorized users or people with the decryption key are able to read the information.

Integrity is implemented making use of security mechanisms like data encryption and hashing. Thus, encryption scrambles data such that it is not or cannot be unscrambled without access to the decryption key and knowledge of the algorithm. The ones with the right decryption key can unscramble the message or data.


Related Solutions

What are the UNIX commands for each of these steps? 1. Delete all the files in...
What are the UNIX commands for each of these steps? 1. Delete all the files in the Classes and Backup directories only. 2. Redirect echo step 23 to mark this step in the lab3.txt file 3. Display all of the directories and sub-directories including files so I can verify you completed all the steps correctly. 4. Repeat the above step and redirect the output to the file lab3.txt without erasing what is already in it! 5. Redirect echo step 26...
Linux 1. Give a command line (one command) for displaying the files lab1, lab2, lab3, and...
Linux 1. Give a command line (one command) for displaying the files lab1, lab2, lab3, and lab4. Can you give another command lines that do the same thing by making use of the file name similarities? What is the command line for displaying the files lab1.c, lab2.c, lab3.c, and lab4.c? (Hint: use shell metacharacters.) 2. How to determine the number of users who are logged on to Linux server system at this time? What command did you use to discover...
Explore how to use various combinations of switches for the DIR command to find files/folders in...
Explore how to use various combinations of switches for the DIR command to find files/folders in C:\WINDOWS\SYSTEM32 directory. Objective: List each search line by line and give then the command used to discover the following and include a small sample of your discovery. (Example: How would you pause the display? DIR /P and give two files discovered) What switches would you use to find. Example of structure: #!/bin/bash # EOQ-111.sh maw 2/24/20XX # Archive class work and set all files...
What chmod command would you use to impose the following permissions? 1. on a directory(called dir1)...
What chmod command would you use to impose the following permissions? 1. on a directory(called dir1) and all its subdirectories such that: the owner would have read, write, and execute; the group would have read and execute; and others would have read(write the command in two ways: using rwx and using numeric value) 2. on file (called file1)such that: the owner would have read and write; the group would have no permissions; and others would have write (write the command...
1)When would you use the Power Sizing Method to estimate Costs? 2)In terms of cost estimating,...
1)When would you use the Power Sizing Method to estimate Costs? 2)In terms of cost estimating, what is a learning curve analysis and when is it most useful?
PART 5: Learn about commands used to view contents of files: use the cat command to...
PART 5: Learn about commands used to view contents of files: use the cat command to review the contents of the /home/test/passwd.bak type:   cat passwd.bak 2. now add the |more to the last command (see what happens when you push the up arrow curser key-it recalls the last command) 3. now try to cat the passwd.bak file but look at the first few lines and then the last few lines using the head and tail commands type:  head passwd.bak   and    tail...
Solve the question using 2 dimensional pointers. You must use new and delete operator in the...
Solve the question using 2 dimensional pointers. You must use new and delete operator in the program and try to make an easier logic of the problem. Q2. Write a C++ program using a dynamic array (or arrays) to assign passengers seats in a Bus and your program will ask the user how many rows the Bus has and will handle that many rows (Assume the Bus does not always have the same rows). (5 points) Expected output: Assume a...
1.If you wanted to increase aggregate demand, what kind of policy would you use? Why? 2.If...
1.If you wanted to increase aggregate demand, what kind of policy would you use? Why? 2.If you wanted to increase aggregate supply, what kind of policy would use? Why?
1. Define the terms internal security threat and external security threat. Provide examples of each. 2....
1. Define the terms internal security threat and external security threat. Provide examples of each. 2. Describe the role of the HIM professional after medical identity theft has been discovered. 3. Discuss access controls such as authentication, termination of access, and remote access control. 4. Identify security threats that can occur during the electronic transmission of data. How could these be mitigated by policies and procedures? 5. Describe the role of the HIM professional in contingency planning.
- What SQL command would you use to make a table for products that includes three...
- What SQL command would you use to make a table for products that includes three columns: a product’s ID, a product’s cost, and a product’s selling price? - What SQL command would you use to make a table for telephone directory that contains a person’s full name, a person’s cellphone number, and a person’s home phone number? - What SQL command would you use to make a table for an inventory of network equipment that includes the following: the...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT