What can we do to stop this vulnerabilitywithout changing the protection mode 730 for the directory?
Learning Goal: I’m working on a cyber security question and need an explanation and answer to help me learn.25%) Assume an attacker has compromised a number of broadband connectedcomputers to use as zombie systems for a distributed denial of service (DOS) attack.If the ISP provides a maximum uplink data rate of 768 Kbps in ADSL, what is themaximum number of 128-byte IMP echo request (ping) packets a single zombiecomputer can send per second? How many such zombie systems would the attackerneed to flood a target server connected in:(a)A Fast Ethernet.(b) A Gigabit Ethernet.2. (15%) UNIX treats file directories in the same fashion as files; that is, both are defined by thesame type of data structure, called an inode. As with files, directories include a nine-bitprotection string. If care is not taken, this can create access control problems. For exampleconsider a file with protection mode 644 (octal) contained in a directory with protection mode730. How might the file be compromised in this case? What can we do to stop this vulnerabilitywithout changing the protection mode 730 for the directory?(20%) As part of a formal risk assessment of information systems in a smallaccounting firm with limited IT support, you have identified the assets “integrity ofcustomer and financial data report files on desktop systems” and “database and itsbackup systems” and the threat “corruption of these files due to import of a worm/virusonto system” and “synchronization of database and its backup.” Suggest reasonablevalues for the items in the risk register shown in Table 14.5 for this asset and threat.and provide justifications for your choices.2. (40%) Comparing with one-factor authentication, two-factor authentication providesmore protection to the user identity in online services. Please compare three differenttypes of currently available techniques for second factor with regarding to(a) Men-in-the-Middle prevention(b) Password cracking(c) Eavesdropping(d) Trojan horse or Key logging(e) Loss of second factor