15: Threats and Attacks

Question 1

Give the 4 basic types of attacks ?

Answer 1

• Integrity attack
• Authenticity attack
• Confidentiality attack
• Denial-of-service attack (DDos)

Question 2

Give examples of passive attacks ?

Answer 2

• Eavesdropping

- Traffic analysis

Question 3

Give examples of active attacks ?

Answer 3

• Masquerades
• Replay attack
• Denial-of-service attack (DDos)

Question 4

Give examples of low-tech attacks ?

Answer 4

• Guessing or stealing passwords
• Taking advantage of poor clerical controls
• Using pop-ups to ask users for data while masquerading

Question 5

Give examples of destructive attacks ?

Answer 5

• Email bomb

- DDos: programs infect other programs which infect other programs

Question 6

What is an integrity attack ?

Give example.

Answer 6

Data is modified.

Credit card transactions are modified.

Question 7

What is an confidentiality attack ?

Give example.

Answer 7

Reading private data.

Stealing CC details.

Question 8

What is an authenticity attack ?

Give example.

Answer 8

Masquerading.

Pop-ups

Question 9

What is an DDos attack ?

Give example.

Answer 9

Flooding a server with requests to overload it and thus make it unavailable

Question 10

Give the 6 security requirements ?

Answer 10

• Confidentiality
• Authentication
• Integrity
• Non-repudiation
• Access-control
• Availability

Question 11

What is a computer virus ?

What could it do ?

Answer 11

A malignant code which attaches itself to files resident on a computer.

It could overwrite or send emails.

Question 12

Give types of viruses ?

Answer 12

• Polymorphic
• Stealth
• Trojan horse
• Password crackers
• Sniffers
• Spoofing