2nd Lecture

Venue: BK7, Building FTMK
Date : 22 -7-2009
Time: 9.00 a.m. – 10.50 a.m.

The lecture began today began at 9.00 a.m. sharp. Luckily, it was not begun with quiz like previous week, if not I will be fear to attend the lecture of this subject in future. Mr Zaki continued to teach us the second part of the first chapter. It began with the Sub-title “Security Attacks / Threats”. Basically, there are two types of attacks, they are passive attack and active attack. The examples of passive attack are release of message contents and traffic analysis; whereas the examples of active attack are Masquerade, replay, modification of message and denial of service.
After that, Mr Zaki explained about the methods of defense. There are six ways in order for us to deal with harm, they are prevent it, deter it, deflect it, detect it and recover. Then the types of controls are encryption, software controls, hardware controls, policies and physical controls. This chapter ends with the sub-topics Security Services and Security Mechanisms. The categories of security services are:

1. Authentication


2. Access Control


3. Data Confidentiality


4. Data Integrity


5. Non-Repudiation

Then, the two types of security mechanisms are Specific Security Mechanisms and Pervasive Security Mechanisms.
Soon after finished teaching chapter 1, the lecture continued with a very interesting topic – “Basic Cryptography”. Mr Zaki managed to teach the first part of this chapter only because of lacking of time. It started with a bit explanation about the Cryptography Concept, and we have been exposed with some terminologies in cryptography like plaintext, chiphertext, cipher, encipher, etc. There are two types of Cryptography Algorithms as depicted in the following diagrams:

1. Symmetric algorithms P=D(K,E(K,P))
   






2. Asymmetric algorithms P=D(Kd, E(Ke, P)

The two methods use in Cryptography Algorithm are Substitution and Transposition. This topic was very interesting because it is quite fun to find out the original message to be delivered behind the Ciphers sometimes. The earliest substitution cipher was invented by Julius Caesar during Gallic Wars. It is known as Caesar Ciphers. Then, Mr Zaki explained to us about the Simple Substitution Ciphers. Before the lecture ends, we were given a task. We were asked to decipher a cryptogram as shown below:
“YMJ KPJQ UWNHJ BNQQ NSHWJFXJ YT WH KTZW GD SJCY BJJP”
It took me some times to find out the original message. The answer I got is “THE FUEL PRICE WILL INCREASE TO RM FOUR BY NEXT WEEK”. The answer will be discussed in the following lecture, hope that my answer is correct… ….

Lab 1

Venue : Makmal Sistem, Building FTMK.
Date : 16-7-2009.
Time : 10.00 a.m. – 11.50 a.m.

Today is the first lab session for the subject Network Information Technology Security. The lab started punctually at 10.00 a.m. Owing to the quiz yesterday, I feel a bit fear to attend the lab actually. I scared the first lab session will start with lab test. Luckily, it was not like what I have imagined before the lab started. It started with the first chapter – “Introduction to Virtualization & VMware”. Firstly, Mr Zaki explained the concept of virtualization and virtual machine (VM) for the introduction part. Based on my understanding, VM is a sort technology for us to open two or more operating system at the same time. For example, we can open Windows XP and Fedora Linux simultaneously by using VM.

Mr Zaki advised us to use VM if we want to do whatever researches in future. This is because the actual operating won’t be affected if the VM happens to be corrupted or crashed. There are three easy steps to install VM:

1. Install Virtual Machine Monitor (VMM), for example, VMWare Workstation.
   (p/s: other examples of VMM are like Connectix, UMLinux, Xen, etc.)


2. Create disk image.


3. Install the operating system you want, for example, Windows Server 2003.

As a conclusion, VM is a very good tool to use if we want to do researches or experiments, so I would take Mr Zaki’s advice to use VM whenever I want to do projects in future.

First Lecture of Network Information Technology Security.

Venue : BK7, Building FTMK.
Date : 15-7-2009.
Time : 9.00 a.m. – 10.50 a.m.

Today is the first lecture of Network Information Technology Security. Our lecturer, En. Mohd Zaki Bin M’sud began the lecture by giving us a surprise – the first quiz! That was not expected by us, we expected the lecturer to start the lecture in a normal way just like other subjects. Usually, the first lecture of most of the subjects will begin with a brief introduction about the biodata of the lecturer. Then, the lecturer will explain about the syllabus of that subject. We thought Mr. Zaki was joking only, but he distributed the quiz paper to us and asked us to complete it in 15 minutes. I was stunned for several minutes when I received the paper. This is because I did not study at all. Besides that, marks will be awarded for this quiz. Oh my god, I scared that I do not know how to answer even a single question!

Without further hesitation, I started to answer the questions. There were 12 questions in crossword puzzle form. According to Mr Zaki, the answers were basically the main terms for all chapters in our syllabus. Mr Zaki then emphasized that for those who do not how to answer question 7 will get zero mark for this quiz, thus, I tried very hard to seek for the answer of this question. It was related to the topic of cryptography. I was not familiar with this term actually.
After cracking my head for some times, I have found the “secret” of cryptography. I was quite excited and I got the answer “MY NAME” for question 7. I tried to fill in the answer, but it did not fit the given spaces. That was very weird, I thought the concept I discovered just now was wrong. But it was kind of impossible, because I could get the answer for question 2 by using the same method. I think and think and think for a while, suddenly the words from Mr Zaki just now “for those who do not know how to answer question 7 will get zero…” have inspired me to get the answer. Yeah, the answer was “MODHZAKI”, my lecturer’s name. No wonder he was so concerned on this question. Throughout this quiz, I have learnt a lot of important terms such as firewall, cryptography, worm, piracy, SNORT, etc. Luckily, I have got 10/12 for this quiz.

While marking the quiz, Mr Zaki explained the syllabus briefly to us. After that, he started to teach us the very first chapter for this subject. The first chapter was all about the introduction of Network Information Security. Throughout this lecture, I have learnt a lot of new knowledge for this subject. The lecturer this morning was quite interesting. I am looking forward for the next lecture.