New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

CIS Lab 9

by: Khanh Phan

CIS Lab 9 CIS 2010

Khanh Phan

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

lab quiz
Intro Computer Based Information Systems
James Senn
Class Notes
CIS, 2010
25 ?




Popular in Intro Computer Based Information Systems

Popular in CIS

This 11 page Class Notes was uploaded by Khanh Phan on Tuesday June 14, 2016. The Class Notes belongs to CIS 2010 at Georgia State University taught by James Senn in Summer 2016. Since its upload, it has received 9 views. For similar materials see Intro Computer Based Information Systems in CIS at Georgia State University.


Reviews for CIS Lab 9


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 06/14/16
CIS  2010  Laboratory  #1 2   Digital  Security:    Encryption  and  Password  Protection  Practices   Part  I:  Encrypting  Files     This  laboratory,  which  focuses  on  digital  security,  consists  of  two  parts:    protecting  files  and   protecting  documents.           When  there  is  a  des ire  to  protect  against  interception  of  data,  such  as  during  the  transfer  of  a   file  or  transaction  over  communication  links,  encryption  is  an  effective  security  measure.    With   encryption,  a  mathematical  algorithm  is  used  to  convert  the  data  into  an  enciphered  form.  The   algorithm  translates  the  message  into  its  disguised  cipher  text  form.  T he  message  can  later  be   read  or  processed  provided  the  recipient  has  a  valid  key   for  decoding  the  data.     PREREQUISITES   Part  I  of  this  laboratory  will  help  you  establish   or  improve  skills  in  encrypting  files.    The   process  shown  here  can  be  used  for  a  wide   range  of  data  files.       You  will  need,   • A  USB  memory  stick   • Access  to  the  following  apps:     o HxD.exe,   o SafeHouseExplorer.exe   • Access  to  the  Windows  Notepad  app     At  the  end  of  this  lab,  you  are  expected  to  provide  the  completed  lab  protocol,  including  an   encrypted  file  you’ve  created  using  the   Windows  Notepad .       Your  lab  instructor  will  advise  you  whether  to  deliver  the  completed  file  on  a  USB  memory  stick,   demonstrate  the  results  d uring  the  lab,  or  transmit  the  results  to  the   Desire2LEarn  assignment   site.  (Be  certain  your  name  is  on  the  completed  protocol.)       PART  I:  CREATING  PLAIN  TEXT  FILES   The  first  steps  in  this  lab  take  you  through  the  creation  of  a  simple  data  file.  When  the  f ile  is   later  encrypted,  you  will  see  how  the  data  you  entered  to  create  the  file  appear  in  digital  form   and  later  in  encrypted  form.       Ordinary  documents,  such  as  word  processing,  spreadsheet,  and  text  files  are  called  “plain  text”   files  because  the  contents  of  the  document  are  stored  in  a  way  that  the  material  can  be  read   without  a  password.     To  begin,     1. Perhaps  you  have  a  secret  beverage  recipe  you  want  to  protect  via  encryption.  To  do  so,   create  a  text  file  using  the  Windows  Notepad  application.  From  the   Start/Accessories   Menu,  Choose  Notepad.      (If  your  computer  does  not  have  Accessories  or  show  an   Accessories  menu,  type   Notepad  in  the  Search  /  Search  the  Web  and  Windows  search  bar.)   CIS 2010 Laboratory #13: Encrypting Files Page | 1 This lab was created by Professor Richard Baskerville. 2. Enter  secret  information  into  the  plain  text  file ,  as  shown  below.             3. Save  this  file,  naming  it  as  “PlainText.txt”.       HxD  is  a  simple  disk  editor  that  allows  you  to  examine  and  change  the  contents  of  a  disk  drive  or   memory  location.         4. Run  HxD.                    Load  PlainText.txt  by  selecting  “File”,  “Open”,  and  choosing  PlainText. txt.       Page | 2   5. The  hexadecimal  editor  displays  the  offset  address  of  the  contents  of  the  file  in  the  leftmost   column,  the  contents  of  the  file  in  binary  form  (represented  by  numbers  in  the  base  16  (or   “hexadecimal”)  in  columns  00  through  0F,  and  also  in  simple  t ext  format  in  the  right  most   column.     Your  file  will  display  in  a  format  like   the  one  below.  The  contents  will  vary  as  you  have   inserted  your  name  when  preparing  the  secret  recipe.         6. How  much  of  the  PlainText  file  can  be  read  without  the  notepad  applicat ion  that  created  it?     How  secure  is  information  stored  in  plain  text  on  a  computer?   ____________________     7. Close  the  file  by  choosing  “File”  and  “Close”  from  the  HxD  menu.     SafeHouse  Explorer  is  a  simple  encryption  program  that  creates  an  encrypted  director y  as  a   repository  for  files  containing  sensitive  information.     8. Run  SafeHouse  Explorer.    Cancel  the  Learn  More  screen,  accept  the  User  Agreement,  and   click  Finish.     Create  a  new  volume  by  choosing  “Tools”  and  “Create  a  new  safe  house  volume”           Page | 3           9. The  “Create  SafeHouse  Volume”  dialog  box  will  open.    Choose  “Next”.   10. Choose  an  appropriate  name  and  folder  for  your  confidential  volume.             11. Check  that  the  folder  name  and  filename  are  correct  and  choose  “Next”   12. Set  the  filesize  to  12k,  not  expandable,  and  prei nitialize.    Choose  next.   Page | 4         13. What  is  the  smallest  size  for  a  SafeHouse  Volume?   ____________________   14. In  the  following  dialog  box,  choose  and  enter  a  good  8 -­‐character  password.    How  can  lost   passwords  be  recovered?   ____________________   15. What  is  the  password   you  used  in  the  previous  step?   ____________________     16. Double  check  your  work,  and  choose  “Create  Volume”         17. After  noting  the  “Volume  Created  Successfully”  message,  Choose  “Finish”.    Select  “Yes”  to   “Open  volume  now”.   Page | 5   18. Open  Windows  Explorer  and  locate  the  P lainText  file  created  earlier.    Drag  this  file  into  the   main  right-­‐hand  pane  of  the  SafeHouse  Explorer  window.           19. Using  HxD,  open  the  SafeHou se  volume  created  above.    What  warning  is  given  in  plain  text   in  the  file?   ____________________     20. With  HxD,  browse  through  the  SafeHouse  volume.    What  information  is  readable?    What   parts  of  the  the  secret  information   from  the  PlainText.txt  file  is  readable ?   ____________________     Page | 6   Part  II  Password  Protecting  and  Encrypting  Documents   Security  breaches  on  the  digital  world  seem  to  occur  more  frequently  with  every  passing  day.     Consequently  managers  are  expected  to  be  sensitive  to  protection  of  valued  business   documents  and  files.    Yet  security  should  be  a  personal  concern  as  well,  as  we  store  more  and   more  personal  information  on  digital  devices,  in  an  Internet  cloud,  and  on  Web  and  e -­‐mail  sites.   Good  security  practices  begin  with  the  choice  of  passwords.       PREREQUISITES   Part  II  of  this  laboratory  will  help  you   establish  or  improve  skills  in  constructing   passwords  and  password  protecting   encrypted  documents.  You  will  need,   • Access  to  the  Internet   • Access  to  Microsoft  Excel   • USB  memory  stick     At  the  end  of  this  lab,  you  are  expected  to   provide  the  completed  lab  protocol,   including  a  password  protected  Excel  file.       Your  lab  instructor  will  advise  you  whether  to  deliver  the  completed  file  on  a  USB  memory  stick,   demonstrate  the  results  during  the  lab,  or  transmit  the  results  to  the  Desire2Learn  assignment   site.  (Be  certain  your  name  is  on  the  completed  protocol.)       PASSWORD  GUIDELINES   1 Strong  passwords  adhere  to  the  well -­‐defined  guidelines.  A  minimum  password  length  of  12  to   14  characters  if  permitted   • Generating  passwords  randomly  where  feasible   • Avoiding  passwords  based  on  repetition,  dictionary  words,  letter  or  number  sequences,   usernames,  relative  or  pet  names,  romantic  links  (current  or  past),  or  biographical   information  (e.g.,  ID  numbers,  ancestors'  names  or  dates) .   • Including  numbers,  and  symbols  in  passwords  if  allowed  by  the  system   • If  the  system  recognizes  case  as  significant,  using  capital  and  lower -­‐case  letters   • Avoiding  using  the  same  password  for  multiple  sites  or  purposes     Some  guidelines  advise  against  writin g  passwords  down,  others  permit  writing  down  passwords   as  long  as  the  written  password  lists  are  kept  in  a  safe  place,  such  as  a  wallet  or  safe,  not   attached  to  a  monitor  or  in  an  unlocked  desk  drawer,  and  not  stored  on  a  computer  system  in   plaintext.     1 Page | 7   Examples  of  weak  passwords  include:   • Default  passwords:  password,  default,  admin,  guest,  etc.   • Passwords  containing  dictionary  words  (in  any  language):  chameleon,  RedSox,  sandbags,   bunnyhop!,  IntenseCrabtree,  etc.,     • Words  with  numbers  appended:  password1,  dee r2000,  john1234,  etc.,     • Words  with  simple  obfuscation:  p@ssw0rd,  l33th4x0r,  g0ldf1sh,  etc.,   • Common  sequences  from  a  keyboard  row:  qwerty,  12345,  asdfgh,  fred,  etc.   • Numeric  sequences  based  on  well -­‐known  numbers  such  as  911  (9 -­‐1-­‐1,  9/11),  314159...   (pi),  or  27182...  (e),  etc.   • Identifiers:  jsmith123,  1/1/1970,  555–1234,  "your  username",  etc.   • Anything  personally  related  to  an  individual:  license  plate  number,  Social  Security   number,  current  or  past  telephone  number,  student  ID,  address,  birthday,  sports  team,   relative's  or  pet's  names/nicknames/birthdays/initials,  etc.,     PART  ONE:    Forming  and  Testing  Passwords   1. Open  web  browser  pages  to  two  password  testing  sites,  e.g.,:   a.     b.       2. Test  the  password  “password ”     What  is  the  score,  complexity,  and  length  of  time  to  crack  this  pas  d? ____________________   3. Test  the  password  “TZG9x!5Vl.2LIq7wEy3l”     What  is  the  score,  complexity,  and  length  of  time  to  crack  this  pas  d? ____________________   4. Test  the  passphrase  “AlmaMater,weareloyaltothenameofGeorgiaState”     What  is  the  score,  complexity,  and  length  of  time  to  crack  this  pas  d? ____________________   5. Test  the  passphrase  “AlMa -­‐wearlotothnaofGeSt”     What  is  the  score,  complexity,  and  length  of  time  to  crack  this  pass word?   ____________________   6. Test  the  passphrase  “AM-­‐walottnoGS”       What  is  the  score,  complexity,  and  length  of  time  to  crack  this  pas  d? ____________________   7. Test  the  passphrase  “walttnoG”       What  is  the  score,  complexity,  and  length  of  time  to  crack  this  password?   ____________________   8. Test  the  passphrase  “Wa12uG5!”       What  is  the  score,  complexity,  and  length  of  time  to  crack  this  pas  d? ____________________     9. Many  instances  will  limit  the  number  of  characters,  the  use  of  numbers,  or  the  kinds  of   symbols  that  may  be  used  in  passwords.    Is  it  easier  or  more  difficult  to  construct  a  good   short  password  or  a  good  long  password?      Why  or  why  not?     Page | 8   PART  TWO:  Encrypting  and  Password  Protecting  a  Document   10. Using  the  passphrase  approach  above,  create  two  strong  8 -­‐character  length  passwords.   a. What  is  password  #1?   b. What  is  the  score,  complexity,  and  length  of  time  to  crack  this  password?   ____________________   c. What  is  password  #2?   d. What  is  the  score,  complexity,  and  length  of  time  to  crack  this  password?   ____________________   11. Open  Microsoft  Excel  and  create  a  new  microsoft  excel  worksheet  named  “MySecret”.   12. Insert  secret  information  into  the  spreadsheet,  e.g.,       Page | 9   13. From  the  Excel  “File”  menu,  choose  “Save  As”,  and  select  “Tools”  and  “General  Options”   from  the  sub  menu.     !     14. Into  the  two  password  boxes  in  the  Save-­‐As,  General  Options  dialog,  enter  each  of  the   two  strong  8-­‐character  length  passwords  from  step  10.       !   Page | 10 15. You  will  be  prompted  to  reenter  each  of  the  two  passwords.    (Read  the  caution).    Then   press  the  Save  button.    Choose  “Yes”  if  you  are  prompted  to  overwrite  an  existing  file.     16. Close  Excel.   17. Using  Excel,  open  the  workbook  file  just  created:  MySecret.    Enter  the  two  passwords  in   the  dialog  boxes  as  prompted:         18. In  what  way  can  you  recover  a  workbook  file  that  has  been  protected  by  password,  but   for  which  you  have  forgotten  the  password?   ____________________       Page | 11


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Kyle Maynard Purdue

"When you're taking detailed notes and trying to help everyone else out in the class, it really helps you learn and understand the I made $280 on my first study guide!"

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.