COMP3500: Security Attacks Analysis and Mitigation Strategies Assignment 1


1. [6 marks] Discuss any three reasons for increasing trend of cyber security attacks in the
current Internet.
2. [6 marks] Briefly describe the Cigital risk management framework.
3. [6 marks] What approach would you recommend for applying Cigital risk management for an
online healthcare company which is using password-based authentication for the staff and
patients for accessing the healthcare services.
4. [6 marks] Explain cross site scripting attacks, time of check and time of use race condition
attacks and compare between these attacks.
5. [8 marks] Ransomware
a. [2 marks] Explain WanaCry ransomware.
b. [2 marks] What was the impact of the attack.
c. [2 marks] Are there any lessons to be learned from this attack?
d. [2 marks] Discuss if have you noticed any changes in the recent ransomware attack
behaviour compared to WanaCry.
All assignments must be submitted via Canvas (Assessment tab for COMP3500). If you submit more
than once, then only the latest will be graded. Your submission should be one file containing:
A PDF file which contains your Full Name, Student number and answers to all questions.
The mark for an assessment item submitted after the designated time on the due date, without an
approved extension of time, will be reduced by 10% of the possible maximum mark for that
assessment item for each day or part day that the assessment item is late. Note: this applies equally
to week and weekend days.
A plagiarised assignment will receive a ZERO mark (and be penalised according to the university rules).