CO1508 Computer Systems and Security Assignment Sample

• Type Assignment
• Downloads534
• Pages8
• Words1944

Part 1: Operating System Concepts

The concept of hardware virtualization involves the provision of multiple operating systems to run on one physical machine by creating the equivalent of computing resources in their virtual form. The entire process is fed by a hypervisor in the way that CPU, memory, storage, and network resources are allocated to the virtual machines (VMs) (Malallah et al. 2021). The automotive world and Microsoft both work around hardware virtualization in Windows through Hyper-V, a built-in hypervisor for running isolated environments for testing, development, and security on Microsoft’s Windows operating system. Windows takes advantage of the hardware-assisted virtualization and improves system efficiency by optimizing resource utilization and securing the operating environment with sandboxing. Enterprise computing, cloud services, and cybersecurity applications are as much reliant on this technology.

CO1508 Computer Systems and Security Assignment Sample

Liked This Sample? Hire Me Now

Chris Walker 5 Years | PhD

There are several core components used for Windows hardware virtualization. Type 1 hypervisor is a Hypervisor that runs directly on the hardware as opposed to Type 2 hypervisors, which run inside their OS. It abstracts hardware resources and dynamically allocates them, for efficiently managing VMs with minimal overhead and maximum performance (Quraishi et al. 2021). The virtualized hardware, such as CPU, RAM, and network access adapters, is provided as an independent instance to each VM. Dynamic memory allocation is also offered by Hyper-V, allowing VMs to scale their resource usage according to demand. In addition, Windows uses memory management enhancement through Second Level Address Translation (SLAT) in virtual environments with higher overhead. Also included in the system is device emulation and passthrough so guest operating systems can get access to hardware stuff like GPUs and storage controllers. It increases the performance, especially in applications requiring great computational power.

Samples and reference materials assist students in enhancing assignment structure and academic performance. As a trusted assignment helper in UK, we ensure originality and quality. The CO1508 Computer Systems and Security Assignment Sample covers virtualization, digital forensics, firewall setup, and cybersecurity threat management. For learning use only.

Hardware virtualization in Windows is one of the most significant real-world applications, and it has become one of the most popular features of cloud computing and enterprise server management. Microsoft Azure is Nikko’s popular choice, providing cloud services, and it is based on Hyper-V. Virtualization in corporate IT infrastructures allows for one or more server workloads to run on a single physical machine instead of requiring separate physical servers (Sharma et al. 2022). It lowers costs, improves the system efficiency, and increases disaster recovery. In case of a VM failure, it can easily be migrated to another host without downtime and business continuity.

For analysis of malware in the field of cybersecurity, organizations use virtualization to create sandboxed environments. Using a VM allows cybersecurity analysts to execute potentially malicious software within the VM and see how it behaves without potentially causing damage to the rest of the host system. Detecting and analysing new cyber threats without jeopardizing critical infrastructure is essential and this is what this technique can do.

Hyper-V uses hardware virtualization in Windows and is illustrated in the diagram. It is the Hyper-V hypervisor that manages CPU, memory, and storage, acquiring them physically from the hardware. Each virtual machine runs its guest operating system on top of the hypervisor that allocates the virtualized resources to it and other virtual machines. To add further, a self-made diagram should be used depicting the hardware virtualization working in Windows and the relationship between the HyperV hypervisor to the virtual machines and physical hardware resources (Thyagaturu et al. 2022). Today, hardware virtualization in Windows, made possible by Hyper-V, enhances resource usage efficiency, strengthens security on one machine while increasing virtual output, and fosters cloud solutions based on the principle of dividing one machine into many smaller and more manageable computing and storage resources. Its application in enterprise IT infrastructure, on cloud computing, and in cybersecurity proves that it optimizes performance and finances significantly. Through the usage of hardware-assisted virtualization capabilities, Windows lets organizations run a flexible, secure computing environment, thus, this is one of the fundamental aspects of current operating system design.

Part 2: Security Tools & Techniques

Task A: Forensic Analysis using Autopsy

Autopsy, a digital forensic tool, is used to analyze disk images and recover deleted data. The analysis begins by loading the provided disk image into Autopsy. The first step involves recovering a deleted image file by navigating to the "File Analysis" module, identifying deleted files, and restoring an image file. The recovered file’s name, description, and creation date are documented.

Regular expressions are then used in a search for email addresses. To extract email addresses from system logs, documents or other files stored, we are using an appropriate regex pattern along with the “Keyword Search” feature. If email doesn’t exist then the screenshot is also recorded into the result.

The last step is to get rid of all documents in the disk image, document files are identified and counted by the "File Types" filter with their names and extensions. It gives clues to the stored (or hidden) information.

The analysis finishes with documenting of the findings and its importance in forensic investigations. Extracted emails and document listings and recovered image can be used as evidence in cybercrime investigation. Steps of the process are demonstrated through a recorded video with all forensic techniques detailed, describing the usefulness of the techniques in digital investigations.

Task B: Configuring Firewall

A firewall is one tool that we can’t live without and it regulates traffic throughout the network according to certain rules. This task requires a Linux system onto which were configured a firewall by either using UFW (Uncomplicated Firewall) or using iptables. First, the firewall is installed and even verified that it is running. If the status check (using sudo ufw status) results inactive, it is enabled (sudo ufw enable).

Rules will be applied to let the necessary traffic and to block unauthorized ones. For example, in the first case SSH access is allowed with sudo ufw allow ssh while in the second case incoming traffic on all other ports is prohibited. Add specific port based rules to allow web traffic (sudo ufw allow 80/tcp) and (sudo ufw allow 443/tcp).

For iptables, rules are defined using commands like iptables -A INPUT -p tcp --dport 22 -j ACCEPT for SSH access and iptables -A INPUT -j DROP to block all other incoming traffic. The rules are saved to persist after rebooting.

The video demonstration records each step, showing rule implementation and verification. The final configuration enhances security by controlling traffic, preventing unauthorized access, and securing network communication.

Part 3: Scenario-Based Analysis

Security Threats & Countermeasures

A ransomware attack on the banking system is a serious threat to security because it can freeze data, cause financial fraud, and damage the reputation. Customers' records, transaction history, and account details are encrypted and subjected to a ransom by attackers asking to decrypt it. More often than not, these data leaks end up on the dark web, where sensitive customer information is exposed because they fail to pay (Yaacoub et al. 2023). This leaked data can be used for identity theft, fraudulent transactions, or banking fraud, as Financial Fraud becomes a major risk. Such attacks further tarnish the institution’s reputation, hence resulting in loss of customer trust and regulatory scrutiny.

Consequently, strong security measures are needed to counter these threats. However, you should continue maintaining offline regular data backups so that any recovery doesn’t involve paying ransom. EDR solutions can also help you in early ransomware detection and mitigation. Ransomware spreading is limited by network segmentation and being ability to isolate critical systems (Karim, 2024). MFA helps secure access to sensitive data, and it limits access to data by authorized persons only. Ransomware has the primary delivery method done with phishing attempts and malicious links, and awareness training about end to this. Ransomware attacks are an issue that requires incident response plans that aid in a swift and efficient approach to handling such cases. Together, these take measures to make the organization more resilient to ransomware attacks, protecting financial and reputational damage, without putting the organization out of regulatory compliance.

Legal, Social, and Ethical Aspects of the Attack

Legal, social, ethical questions definitely come up with the news of a ransomware attack against a banking system. Data protection laws are broken when encryption of financial records becomes 'unauthorized' and these records are then exposed, it disrupts social trust, and presents ethical dilemmas between responsibilities in cyber security.

Legal Aspects

The need for security for customer data is a legal one, as financial institutions are bound by the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA). If ransomware attacks fail to be prevented, they may be subjected to legal penalties such as heavy fines and lawsuits (Elhoseny et al. 2021). GDPR stipulates that breached institutions have to disclose data breaches within 72 hours and give effect to transparency on the compromised customer information. Cybercrime laws like the Computer Misuse Act also criminalize such acts of the attackers, such as unauthorized access and encryption of data. Such attacks bring law enforcement agencies down the path of investigations in tracking and prosecuting cybercriminals for the crime.

Social Aspects

The handling of customer financial records greatly damages public trust in banks. Identity theft, financial fraud, and loss of sensitive information may cause personal and economic loss to the customer (Iftikhar, 2024). The confidence in the entire banking sector is falling down, which in turn impacts the business operations and affects the stock market performance. To minimize the social impact and provide reassurance to stakeholders in the face of improved security measures, organizations must be proactive communicators and providers of customer support.

Ethical Aspects

From an ethical perspective, banks should have frameworks for robust cybersecurity to evade theft of customers’ data. In case the institutions fail to install enough security measures, then the customer's privacy can be at risk, thereby making the institutions involved in ethical concerns (Aslan et al. 2023). Refusing to pay the ransom also fits the ethical cybersecurity principles and encourages cybercrimes. But the problem only presents an ethical dilemma as leaking data on the dark web could lead to irreversible harm to the individuals affected. Customer trust is vital, and therefore banks have to balance security, transparency, and the ethical balance of decisions to combat cyber threats efficiently.

References

• Aslan, Ö., Aktuğ, S.S., Ozkan-Okay, M., Yilmaz, A.A. and Akin, E., 2023. A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), p.1333.
• Elhoseny, M., Thilakarathne, N.N., Alghamdi, M.I., Mahendran, R.K., Gardezi, A.A., Weerasinghe, H. and Welhenge, A., 2021. Security and privacy issues in medical internet of things: overview, countermeasures, challenges and future directions. Sustainability, 13(21), p.11645.
• Iftikhar, S., 2024. Cyberterrorism as a global threat: a review on repercussions and countermeasures. PeerJ Computer Science, 10, p.e1772.
• Karim, N., 2024. Comprehensive Analysis of Ransomware Evolution and Countermeasures in the Era of Digital Transformation. International Journal of Advanced Cybersecurity Systems, Technologies, and Applications, 8(12), pp.20-30.
• Malallah, H., Zeebaree, S.R., Zebari, R.R., Sadeeq, M.A., Ageed, Z.S., Ibrahim, I.M., Yasin, H.M. and Merceedi, K.J., 2021. A comprehensive study of kernel (issues and concepts) in different operating systems. Asian Journal of Research in Computer Science, 8(3), pp.16-31.
• Quraishi, M.H., Tavakoli, E.B. and Ren, F., 2021. A survey of system architectures and techniques for fpga virtualization. IEEE Transactions on Parallel and Distributed Systems, 32(9), pp.2216-2230.
• Sharma, V.K., Singh, A., Jaya, K.R., Bairwa, A.K. and Srivastava, D.K., 2022. Introduction to virtualization in cloud computing. In Machine Learning and Optimization Models for Optimization in Cloud (pp. 1-14). Chapman and Hall/CRC.
• Thyagaturu, A.S., Shantharama, P., Nasrallah, A. and Reisslein, M., 2022. Operating systems and hypervisors for network functions: A survey of enabling technologies and research studies. IEEE Access, 10, pp.79825-79873.
• Yaacoub, J.P.A., Noura, H.N., Salman, O. and Chehab, A., 2023. Ethical hacking for IoT: Security issues, challenges, solutions and recommendations. Internet of Things and Cyber-Physical Systems, 3, pp.280-308.