A threat is a potential violation of security. Common threats to computer security include snooping, modification (or alteration), masquerading (or spoofing), repudiation of origin, denial of receipt, and denial of service (DoS). Provide a definition and a real-life example or scenario for each threat. In addition, explain how each threat/attack can be prevented or defended. A sample answer is provided below for denial of receipt (you may omit denial of receipt from this activity, as the answer is given here):
- Denial of receipt: This is a false denial that an individual received some information or a message. For instance, Kevin in California orders an expensive watch from a jewelry store in Maryland. As requested, Kevin pays for the watch and shipment. The store owner ships the watch to Kevin. Although Kevin receives the watch within a few days, he pretends that he is still waiting and asks the store owner when he will receive the watch. This is a denial of receipt attack.
The store owner can defend against this kind of attack only by proving that Kevin received the item despite his denial. The store owner should choose a “signature required” delivery option, which requires the recipient’s signature or another electronic acknowledgement of receipt from the recipient.
One pager with references