1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
Alex17521 [72]
3 years ago
6

What is occurring when an attacker manipulates commonplace actions that are routinely performed in a business?

Computers and Technology
1 answer:
serg [7]3 years ago
4 0

Answer:

Vulnerable business processes, also called business process compromise (BPC), occurs when an attacker manipulates commonplace actions that are routinely performed.

You might be interested in
One of the earlier applications of crypto-graphic hash functions was the storage of passwords to authenticate usersin computer s
vagabundo [1.1K]

Answer: provided in the explanation part.

Explanation:

This is actually quite long but nevertheless i will make it as basic as possible.

Question (a)  

Attack A:

One way property of hash means that we can't find the input string if given the hash value. The calculation of hash from input string is possible but it is not possible to calculate the input string when given the hash. If the hash function is properly created to have one-way property then there is no way of finding the exact input string. So this attack won't work as the one-way property of hash function can't be broken if the hash function is properly created.

Attack B:

Suppose h() is the hash function. And h(x) = m where x is the string and m is the hash. Then trying to find another string y such that h(y) = m is called finding out the second pre-image of the hash.

Although we can't know the exact initial string for sure, we can by using brute force method find out a second preimage.

This attack will take a very long time. It has the time complexity of 2n. It requires the attacker to have an idea about the kind of passwords that might be used and then brute force all of them to find the string that has the same hash. Each try will have a chance of 1/2n to succeed.

Rainbow attack using rainbow table is often used for such brute-force attack. This comprises a rainbow table which contains passwords and their pre-hashed values.

Therefore, it is not possible to determine the second preimages of h so easily.

Attack C:

Collisions refer to finding out m and m' without knowing any of them. Finding out collisions is easier than finding preimages. This is because after finding out 2n pairs of input/output. The probability of two of them having the same output or hash becomes very high. The disadvantage is that we can't decide which user's hash to break. However, if I do not care about a particular user but want to get as many passwords as possible, then this method is the most feasible.

It has the time complexity of 2n/2.

Hence, this is the attack which has the most success rate in this scenario.

Question (b)

The brute force way of finding out the password usually involves using a rainbow attack. It comprises a rainbow table with millions of passwords and their hashes already computed. By matching that table against the database, the password can be recovered.

Therefore it is often preferred to salt the password. It means we add some random text to the password before calculating the hash.

The salts are usually long strings. Although users usually do not select long passwords, so a rainbow table with hashes of smaller passwords is feasible. But once salt is used, the rainbow table must accommodate for the salt also. This makes it difficult computationally. Although password might be found in the rainbow table. The salt can be anything and thus, make brute-force a LOT more difficult computationally.

Therefore salt is preferred to be added to passwords before computing their hash value.

Question (c)

A hash output length of 80 means there can be exactly 280 different hash values. This means there is at least one collision if 280+1 random strings are hashed because 280 values are used to accommodate all the possible strings. It is not hard with today's computation power to do match against more than this many strings. And doing so increases the probability of exposing a probable password of a user.

Hence, 80 is not a very secure value for the hash length.

cheers i hope this helps!!!!

6 0
3 years ago
How does climate research depend on digital technology
vodomira [7]
Together We Can Create Digital Systems That Provide Scale, Speed & Enable GrowthCohesive Digital Strategy · Secure IT Infrastructure · Secure Digital Foundation · New Digital EconomyTypes: Digital Business, Digital Operations, Digital Systems, Digital Technology<span>Digital Systems & TechDigital OperationsDigital Business<span>Latest Thinking</span></span>
8 0
3 years ago
To achieve balance—that is, to operate an information system that satisfies the user and the security professional—the security
marta [7]

the answer is True

there has to be a balance between security and the user experience

7 0
3 years ago
____ convert a program design developed by a systems analyst or software developer using one of many computer languages.
erica [24]

Answer:

"Programmer " is the correct answer for the following question.

Explanation:

A programmer is a person who created the software They are basically a coder who develop a code for the program or the software. They are specialists in some in the programming code area. The programmer are writing the program for a different kind of software.

The main objective programmer they convert the program design which is developed  by a systems analyst or system designer using a different kind of computer language  

4 0
3 years ago
The security administrator for Corp wants to provide wireless access for employees as well as guests. Multiple wireless access p
Artemon [7]
It’s B I took the test
7 0
3 years ago
Other questions:
  • One of the major disadvantages of application service providers (ASPs) is that they:
    6·1 answer
  • Nathan wants to create multiple worksheet containing common formatting styles for his team members. Which file extension helps h
    5·1 answer
  • Sabian que hay una violadora sexuar el nombre de usario es SASHENKAFASION me acaba de decir que hackio en donde vivo,mi nombre c
    5·1 answer
  • A computer virus is a program that can copy itself and infect a computer without the permission of the owner. How do you think a
    9·1 answer
  • What are the OSHA construction standards also called ?
    10·1 answer
  • Write a program that accepts the lengths of three sides of a triangle as an input from the user: A, B, C
    13·1 answer
  • Reading (BCK FORM 2C IT 2020-2021)
    12·2 answers
  • The process of sending a result back to another part of the program is
    14·1 answer
  • What happens when you create a variable in a video game program?​
    5·1 answer
  • How many ways are used to insert an image from file?koi h kya​
    10·1 answer
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!