Security assignment 2

Security Question 1

An enterprise diffuses the following online job offer:

For our site XYZ, we are looking for an Experienced Hybrid Mobile Application Developer (Male / Female) to strengthen our website development team and applications for mobile terminals / tablets.

Your mission consists in:

-Develop cross-platform websites and mobile applications

– Design solutions and propose hybrid software architectures

– Write and validate project technical documentation

– Apply development quality rules based on internal tools (software forge, continuous integration, reporting tool …).

– Participate in costing and pre-sales. You must also be able to explain the various technical choices and present the chosen software architecture.

Required Qualifications

Computer Science Bachelor’s Degree, or a related degree

You have several experiences in the web and mobile field and especially in hybrid environments.

You have skills in: Technology: Angular, HTML5, CSS3, JavaScript, RWD, Ionic, Cordova

Mobile Culture: Technical Knowledge iOS, Android, Xamarin, Windows, Native Script English.

  1. What information should be removed from this job description to avoid security problem?
  2. Rewrite this job offer to meet the required job description.

Security Question 2

Assume that you own a building that includes workspaces such as offices, rooms and facilities:

  1. How would you secure the workspaces within your building?
  2. It is not enough to physically secure an area; you must also consider physical entry and exit controls. How can you identify authorized personnel entering your building?

Security Question 3

  1. Assume that you are working in a company and your company’s assets have been attacked by hybrid malware. What is hybrid malware?
  2. How can malware be controlled? List two examples for each control.

 

Security Question 4

For each of the following scenarios, you need to identify and justify which of the following four states has been achieved:

  • 2- Integrity. 3- Authenticity. 4- Non-repudiation.
  1. Scenario A:

Company A sends an encrypted message to Company B using a shared key. (Assumption: Both companies maintain the secrecy of the shared key.)

 

  1. Scenario B:

Company A encrypts a hashed message using its own private key.

 

  1. Scenario C:

Company A hashes a message and sends the hash and the message through two channels. Company B receives the message and hashes it using the same hash function. After comparing the received hash to the generated hash, they find an exact match.