Maryam Ahmadi
CIM 220 Section B
Professor Ali Niknam
March 20, 2015
IBM Zone Trusted Information Channel (ZTIC) 1. What are some common types of malicious software, or malware? What best describes the ‘man-in-the-middle’ type attack? * The common types of malicious software or malware are adware, bot, bug, ransomware, rootkit, spyware, Trojan horse, virus, and worm. A ‘man in the middle attack’ is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting his own public key for the requested one, so that the two original parties still appear to be communicating with each other. 2. Provide some examples of each type of authentication factor. What are your personal experiences with each? * Personal factor is a personal question that may be used to recover passwords. An authentication factor is a piece of information or process used to verify the identity of a person requesting access to a restricted asset or area. I have never encountered this personal experience in my life thus far with using technology. 3. Can you think of any drawbacks of the ZTIC device? * The drawbacks that the ZTIC device would be a transaction is initiated on a computer with malware installed, the security of the transaction is compromised. Not even a padlocked areas of the internet that would otherwise be secure can protect against this. 4. How might malicious attackers try to get around devices like the ZTIC? * Hackers have created malicious software programs than can modify data as it is sent to a bank's Web server but then display the information the consumer intended in the browser. As a result, a person's bank account could be emptied. Man-in-the-middle attacks are also effective even if the bank's customer is using a one-time password generator. The ZTIC, however, bypasses the browser and goes