03 Technical Network Security

Question 1

Access Control

Answer 1

Selective restriction of access to a network resource

Question 2

Access Control Mechanisms use:

Answer 2

user identification, authentication and authorization to restrict or grand access to a specific user.

Question 3

Subject:

Answer 3

a particular user or process that wants to access a resource

Question 4

Object:

Answer 4

a specific resource that the users wants to access such as a file or a hardware device

Question 5

Reference Monitor:

Answer 5

checks the access control rule for specific restrictions.

Question 6

Operation:

Answer 6

represents an action taken by a subject on an object.

Question 7

Principles of Access Control:

Answer 7

• Separation of Duties (SoD)
• Need-to-know
• Principle of Lease Privilege (POLP)

Question 8

Principles of Access Control: SoD:

Answer 8

Separation of Duties (SoD):

Conflicting responsibilities create unwanted risks such as security breaches, info theft, and circumvention of security protocols.

Question 9

Principles of Access Control: need-to-know:

Answer 9

Under the need-to-know access control principle, access is provided only to the info that is required for performing a specific task.

Question 10

Principles of Access Control: POLP

Answer 10

Principle of Least Privilege (POLP):

• POLP believes in providing employees a need-to-know access, not more not less.
• Helps orgs by protecting it from malicious behavior, achieving better system stability and system security.

Question 11

Access Control Model:

Answer 11

• Mandatory Access control (MAC)
• Role-based access control (RBAC)
• Discretionary Access Control (DAC)
• Rule-based access control (RB-RBAC)

Question 12

Access Control Model: MAC

Answer 12

• Only the admin/system owner has the rights to assign privileges.
• Does not permit end user to decide who can access the information.

Question 13

Access Control Model: RBAC

Answer 13

Role-based Access Control (RBAC)

-Permission is assigned based on user roles.

Question 14

Access Control Model: DAC

Answer 14

Discretionary Access Control (DAC)

End user has complete access to the information they own.

Question 15

Access Control Model: RB-RBAC

Answer 15

Rule-based access control (RB-RBAC)

-Permissions are assigned to a user role dynamically based on a set of rules defined by the admin.

Question 16

Two types of MAC models:

Answer 16

• Bell-LaPadula (BLM)

- Biba Integrity Model

Question 17

DAC Model: Access Control Matrix

Answer 17

Access control matrix is a two-dimensional array in which subjects are placed against the objects.

Question 18

BLM Model

Answer 18

Bell-LaPadula Model (BLM)

• Focuses on data confidentiality and controlled access to classified information.
• This model believes in read-down, write-up.

Question 19

Biba Integrity Model:

Answer 19

-Exact opposite of BLM model: read-up OK, write-down OK

Question 20

Biba Integrity Model: 3 data integrity axioms

Answer 20

1. : Prevent data modification by unauthorized parties
2. : prevent unauthorized data modification by authorized parties
3. : maintain internal and external consistency

Question 21

DAC Model: Access Control Matrix

Answer 21

Access control matrix is a two-dimensional array in which subjects are placed against the objects.

Question 22

RBAC Implementation:

Answer 22

-Just Enough Administration (JEA): Restricts logon rights of IT administrators.

Question 23

Zero Trust Network Model:

Answer 23

• Never Trust, Always Verify

- Zero trust model states that no one is trusted by default, whether you are inside or outside the network.

Question 24

Zero Trust Network Model: Identity Verification

Answer 24

• The user/device must access the network in a secure manner regardless of location.
• AC must be implements on a need-to-know basis.
• Network traffic must be inspected and logged.
• Network must be broken down into a number of smaller segments and each segment enforced with individual access requirements.

Question 25

IAM:

Answer 25

Identity and Access Management (IAM)

Question 26

IAM is responsible for:

Answer 26

- providing the right individual with right access at the right time. - Access Management: authentication, authorization, identity management, identity repository.

Question 27

IDM:

Answer 27

User Identity Management - User identifications ensure that an individual holds a valid identity. - Ex: username, account number, user roles etc.

Question 28

IDM: Identity Repository

Answer 28

The user repo is a database where attributes related to the user's identities are stored.

Question 29

AM:

Answer 29

Access Management

Question 30

5 Types of Authentication:

Answer 30

- Password Auth - Smart Card Auth - Biometric Auth - Two factor Auth - Single Sign-n Auth (SSO)

Question 31

Password Auth:

Answer 31

- combo of username/passowrd | - Vulnerable to password cracking such as brute force or dictionary attacks.

Question 32

Smart Card Authentication:

Answer 32

Token RFID

Question 33

6 types of Biometric authentication:

Answer 33

- Fingerprint scanning: ridges and furrows on the surface of a finger which are unique to each person are used for identifying them. - Retinal Scanning: a person is identified by analyzing the layer of blood vessels at the back of their eyes. - Iris Scanning: The colored part of the eye suspended behind the cornea is analyzed. - Vein structure recognition: thickness and location of veins are analyzed to identify a person. - Face recognition: uses facial features to identify or verify a person. - Voice Recognition: voice patters to identify/verify a person.

Question 34

Two Factor Auth:

Answer 34

-using two different auth factors out of 3 (something you know, something you have, and something you are) to verify the identity of an individual.

Question 35

EX of combo of two fac auth:

Answer 35

- password + smart card/token - password + biometrics, -password + one time password (OTP), -smart card + biometrics.

Question 36

Best companion of Two Fac Auth, and is hardest to forge or spoof:

Answer 36

Something you are is the best companion for two fac auth (biometrics)

Question 37

SSO:

Answer 37

Sing Sign-on Auth (SSO) -Allows a user to auth themselves to multiple servers on a network with a single password without reentering it every time.

Question 38

Advantages of SSO:

Answer 38

- user needs to enter credentials once for multiple application - no need to remember multiple passwords, - reduces the time for entering user/pass, - reduces network traffic to the centralized server,

Question 39

Authorization:

Answer 39

involves controlling access of information for an individual (ex: user can only read a file, but not write in it or delete it)

Question 40

4 Types of Authorization Systems:

Answer 40

- Centralized Authorization - Decentralized Authorization - Implicit authorization - Explicit authorization

Question 41

Types of authorization systems: Centralized

Answer 41

- Network access auth is done using a single centralized authorization unit. - Maintains a single database for authorizing all the network resources or applications. - Easy and inexpensive authorization approach.

Question 42

Types of authorization systems: Decentralized

Answer 42

- Each network resource maintains its authorization unit and performs authorization locally. - It maintains its own database for authorization.

Question 43

Types of Authorization systems: Implicit

Answer 43

- Users can access the requested resource on behalf of others. - The access request goes through a primary resource to access the requested resource.

Question 44

Types of Authorization: Explicit

Answer 44

- Unlike implicit authorization, explicit authorization requires separate authorization for each requested resource. - It explicitly maintains authorization for each requested object.

Question 45

Accounting:

Answer 45

- Is a method of keeping track of user actions on the network. - Keeps track of Who, when, and how.

Question 46

2 types of encryption:

Answer 46

1. symmetric, | 2. asymmetric.

Question 47

Symmetric encryption:

Answer 47

- Oldest technique used for encrypting digital data. - Is called a symmetric encryption since a single key is used for encrypting and decrypting the data. - Is used to encrypt large amounts of data.

Question 48

Asymmetric Encryption:

Answer 48

-Uses two separate keys. --Public key: used for encrypting messages. --Private key: decrypting messages. -Also called public key encryption, is used to encrypt small amounts of data.

Question 49

Hashing:

Answer 49

Form of cryptography that transforms the info into a fixed-length value or a key that represents the original info.

Question 50

Hashing ensures the security of information by:

Answer 50

-checking the integrity of the info on both the sender and receiver sides. Checking the integrity of info: - Sender of message creates a hash code of it and sends the message to the receiver along with its hash code. - The receiver again creates a hash code for the same message at the receiver side and compares both the hash codes. If both hash codes match, the message has not been tampered with.

Question 51

Digital signature:

Answer 51

- Uses the asymmetric key algorithm to provide data integrity. - A digital signature is created using the hash code of the message, the private key of the sender, and the signature function. - It is then verified using the hash code of the message, the public key of send, and the verification function.

Question 52

10 Digital Signature Attributes:

Answer 52

- Serial number: Unique certificate identity - Subject: represents owner of the certificate - Signature algorithm: states the name of the algorithm. - Key-usage: specifies the purpose of the public key. - Public-Key: used for encrypting a message or verifying the signature of the owner. - Issuer: provides the identity of the intermediary who issued the cert. - Valid From: denotes the date from which the cert is valid. - Valid to: denotes the date till which the cert is valid. - Thumbprint algorithm: specifies the hashing algorithm used. - Thumbprint: specifies the hash value for the certificate.

Question 53

PKI:

Answer 53

Public Key Infrastructure

Question 54

PKI is a set of:

Answer 54

hardware, software, people, policies and procedures required for creating, managing, distributing, using, storing, and revoking digital certs.

Question 55

Components of PKI:

Answer 55

- A certificate authority (CA) that issues and verifies digital certs. - A registration authority (RA) that acts as the verifier for the CA. - A cert management system for generating, distributing, storage, and verification of certificates.

Question 56

DES:

Answer 56

Data Encryption Standard is: symmetric encryption

Question 57

AAA:

Answer 57

authentication, authorization, and accounting