• Uncategorized

Lecturer First Part



TheUnited States Computer Emergency Readiness Team (US-CERT) aims atenhancing internet safety and effectiveness. This is achieved byaddressing all major internet incidents, studying online threats, andcommunicating important cybersecurity data with reliable and trustedpartners globally.

  1. of Alerts

In2013, US-CERT generated three key cyber alerts. The first alert isTA13-317A – Microsoft Updates for Multiple Vulnerabilities. Thesystems affected are Microsoft Office, Internet Explorer, and WindowsOperation System. The vulnerabilities allow remote code execution.The second alert is TA13-309A – CryptoLocker Ransomware Infections.The systems that were affected by the alert include Microsoft Windowssystems like Windows 8, Vista, and XP. The ransomware limits accessto affected computers. The victim is forced to provide payment to theattackers so as to recover computer files. The third alert isTA13-288A – Microsoft Updates for Multiple Vulnerabilities. Thesystems affected are Internet Explorer, Microsoft Office, WindowsOperating System, and Microsoft Server Software (US-CERT).

  1. Dangerous Threats or Attacks

Thesystem vulnerabilities can allow remote information disclosure. Themost dangerous attack, under Secure Your Email, is Phishing. This isbecause it encourages users to send confidential information toillegitimate sites or persons. Important confidential informationthat is requested illegitimately is online banking details. The mostdangerous attack, under Browse the Web safely, is vulnerabilities.This is because it allows the browser to download malicious codesthat can collect sensitive data (Symantec).


1.When creating passwords, the potential account users should usecharacters’ mix that is memorable and difficult to crack byunauthorized persons. Characters mix has numbers, lower and uppercaseletters, and symbols (Symantec).

2.Data authentication ensures that the received or used data iscorrect. Tips on developing authentication data involve using anauthentication protocol that has several parties. All the partiesmust access and authorize the information before it reaches theend-user. Financial data of companies should be authorized by severalpeople for example, the Finance Manager, the Accounts Clerk, and theInternal Auditor.

3.It is not advisable to use personal information when creating apassword. Personal information includes names, date of birth, placeof work or residence, date of important events like weddinganniversary, and the name of work and education institutions(Symantec).


How-ToGeek. Howto Create a Strong Password (and Remember It).How-To Geek, November 2016,http://www.howtogeek.com/195430/how-to-create-a-strong-password-and-remember-it/.Accessed 22 November 2016.

US-CERT.2013Alerts.US-CERT, November 2016, https://www.us-cert.gov/ncas/alerts/2013. Accessed 22 November 2016.

Symantec.How to Protect. Symantec, November 2016, https://us.norton.com/security_response/browsewebsafely.jsp.Accessed 22 November 2016.