465 midterm Flashcards

midterm

1
Q

Confidentiality

A

Prevent unauthorized access to information. Example: Encryption, Access control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Integrity

A

Ensure data is accurate and unaltered unless authorized.

Example: Checksums, Backups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Availability

A

Ensure authorized users can access data when needed.

Example: Computational redundancies, Physical protections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Encryption

A

Transforms plaintext into ciphertext using a key.

Example: AES, RSA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Access Control

A

Limits access to authorized users only.

Example: Role-based access control (RBAC).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Authentication

A

Verifies a user’s identity.

Example: Passwords, Biometrics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Authorization

A

Determines what an authenticated user can access.

Example: Access Control List (ACL).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Physical Security

A

Prevents unauthorized physical access.

Example: Locks, Security guards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Backups

A

Copies of data stored for recovery purposes.

Example: Cloud backups, RAID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Checksums

A

Detects accidental data corruption.

Example: MD5, SHA-256.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data Correcting Nodes

A

Reverts small unauthorized modifications.

Example: Error-correcting codes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Physical Protections

A

Prevents damage or destruction of hardware.

Example: Fireproof safes, Server rooms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Computational Redundancies

A

Extra resources to maintain availability.

Example: Load balancers, Clustering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Assurance

A

Trust in a security system’s effectiveness.

Example: Policies, Permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Authenticity

A

Ensures a message or user is genuine.

Example: Digital signatures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Anonymity

A

Hides the sender’s identity.

Example: Proxies, Pseudonyms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Eavesdropping

A

Unauthorized interception of communication.

Example: Wiretapping, Packet sniffing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Man-in-the-Middle Attack

A

Attacker alters communication between parties.

Example: HTTPS downgrade attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Denial-of-Service (DoS)

A

Overloads a system to make it unavailable.

Example: DDoS attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Masquerading

A

Pretending to be someone else.

Example: Phishing, Spoofing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Repudiation

A

Denying having sent or received a message.

Example: Digital signatures prevent this.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Correlation & Traceback

A

Linking anonymous actions to a specific user.

Example: Traffic analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Economy of Mechanism

A

Keep security systems simple.

Example: Minimal, well-documented code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Fail-Safe Defaults

A

Default access should be restrictive.

Example: No default admin privileges.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Complete Mediation
Every access attempt should be checked. Example: Session timeouts.
26
Open Design
Security should not rely on secrecy. Example: Open-source cryptography.
27
Separation of Privilege
Require multiple conditions for access. Example: Multi-factor authentication.
28
Least Privilege
Users get only necessary permissions. Example: Principle of least authority (PoLA).
29
Least Common Mechanism
Reduce shared system resources. Example: Separate user processes.
30
Psychological Acceptability
Security should be user-friendly. Example: Intuitive UI design.
31
Work Factor
Security measures should be proportionate to the attack difficulty. Example: Strong encryption for sensitive data.
32
Compromise Recording
Logging and monitoring to detect breaches. Example: Security cameras, Intrusion Detection Systems (IDS).
33
Access Control Matrix
A table defining subjects, objects, and their permissions. Example: Each row = user/system, each column = resource.
34
Access Control List (ACL)
A list defining which users can access an object and what permissions they have. Example: A file system ACL defines read/write/execute rights.
35
Role-Based Access Control (RBAC)
Assign permissions to roles rather than individuals. Example: Admin role has full access, User role has limited access.
36
Nonrepudiation
Ensures that a sender cannot deny sending a message. Example: Digital signatures provide nonrepudiation by binding a user’s private key to a message.
37
Correlation & Traceback
Techniques used to link anonymous online activities to an individual. Example: Traffic analysis on Tor networks.
38
Social Engineering
Psychological manipulation to trick users into revealing sensitive information. Example: Pretexting, phishing, baiting.
39
Man-in-the-Middle (MITM) Attack
An attacker intercepts and possibly alters communication between two parties. Example: An attacker intercepting HTTPS traffic by stripping encryption.
40
Denial-of-Service (DoS) Attack
An attack that overwhelms a system to make it unavailable. Example: A botnet flooding a web server with excessive traffic.
41
Salting Passwords
Adding a unique random value to each password before hashing to prevent precomputed attacks. Example: A user’s password is hashed with a salt so two users with the same password have different hashes.
42
BIOS Password
Prevents unauthorized users from modifying firmware settings before the OS loads. Example: Prevents booting from unauthorized USB devices.
43
Hibernation File Risks
Hibernation files store system memory contents and may contain sensitive data. Example: Encryption keys or passwords could be extracted from a dumped memory file.
44
What is the meet-in-the-middle attack on Double-DES?
Double-DES encrypts with two separate keys (K1, K2): C = E(K2, E(K1, P)) Meet-in-the-Middle attack reduces security from 2^112 to 2^56 by: Encrypting P with all 2^56 possible K1 values, storing intermediate results. Decrypting C with all 2^56 possible K2 values and checking for matches. Since only 2^56 encryptions + 2^56 decryptions are needed, security is not doubled.
45
Triple-DES
Triple-DES avoids the meet-in-the-middle attack by encrypting three times: E(K1, D(K2, E(K1, P))) Since the attack needs to store 2^56 intermediate values, but now there are three independent operations, brute-forcing remains at 2^112, making it significantly harder to break than Double-DES.
46
ECB Mode
Each block is encrypted independently: C_i = E(K, P_i) Identical plaintext blocks produce identical ciphertext blocks, making patterns visible. Weakness: Doesn't provide diffusion, making it vulnerable to pattern analysis (e.g., encrypted images reveal structure).
47
CBC Mode
Uses an IV (Initialization Vector) and XORs previous ciphertext block with plaintext before encryption: C_i = E(K, P_i ⊕ C_(i-1)) Weakness: Susceptible to bit-flipping attacks—modifying ciphertext bits affects plaintext predictably after decryption.
48
OFB Mode
Uses an IV and encrypts it iteratively to generate a keystream: S_i = E(K, S_(i-1)) C_i = P_i ⊕ S_i Weakness: Since encryption depends only on the key and IV, if IV is reused, the keystream is the same, making it vulnerable to plaintext recovery.
49
CTR Mode
Uses a counter value instead of chaining: C_i = P_i ⊕ E(K, Counter_i) Weakness: If the same counter and key are reused, the ciphertexts can be XORed together to reveal plaintext.
50
Birthday Paradox
If a hash function has N = 2^n outputs, collisions happen at sqrt(N)=2^(n/2) rate
51
Weak collision resistance
Given a specific key X, it's infeasible to find a X' where they hash to the same
52
Strong collision resistance
It's infeasible to find any X and X' where they hash to the same value
53
Global Offset Table
Stores the addresses of library functions, lazy so only resolves when first called
54
GOT Risks
Overwriting a GOT entry lets us redirect to malicious code
55
LD_PRELOAD hijacking
Replace a library function with a custom shared library to run instead
56
Linux ACM
DAC: Users control file permissions
57
Linux file permissions
Uses UGO model (user, group, other), each FILE has read, write, execute permissions for each of those
58
Linux ACLs
Access control lists used in linux, we can grant fine-grained permission to specific users
59
Linux Root/Sudo
Root has full control, sudo lets non-root run as root
60
Windows ACM
Uses access control lists for everything, can use role-based in some scenarios
61
Windows ACLs
Each file and object has a ACL, explicit allow/deny rules
62
Windows NTFS
Uses ACLs to define our granular permissions, like read/write/modify/execute
63
Windows Inheritance ACLs
Child objects inherit permission from their parent directories
64
How are RWX permissions set
chmod, u+rwx,g+rwx,o+rwx file.text
65
What are setUID/setGID?
u+s lets you run with file owner privileges, g+s lets you run with group priveleges/make files inherit group, if misconfigured allows for escalation
66
File copies in Windows
File inherits permissions from DESTINATION not original file, also same if you move a file between different volumes
67
Linux sticky bit
Ensures only the owner can delete/rename even if world-writeable, stops meddling in shared dirs
68
Integer overflow
When we pass our int-max we overflow into int-min
69
Two's complement
Most significant bit is the sign bit, 01111111 (127)+1=10000000 which is -128
70
Format string attack
printf can allow us to use %x to read memory addresses, %n to write to memory if we forget to explicitly include our format strings.
71
Caesar cipher
Shift forward by fixed secret key n spaces.
72
Cracking Caesar cipher
Shift by all 25 possible shifts, or frequency analysis if we reuse keys
73
Substitution cipher
Fixed mapping for each letter to another letter, for example A->M, B->H, C->P...
74
Cracking substitution cipher
Frequency analysis and pattern recognition, notice common letters like words ending in S, one-letter words being A or I, repeating phrases like signatures or common words
75
Vigenere Cipher
Take a word or string of numbers, use that repeated shift. For example we have 3 12 4 1, shift the first letter by 3, second one by 12, third by 4, fourth by 1, fifth by 3 again, and so on
76
Cracking Vigenere cipher
Find the key length via repeated patterns, treat it like a Caesar cipher for each letter mod n
77
Reusing a OTP
Let us have two plaintexts P1, P2, OTP key K. Encrypt both with K into P1 and P2. Now, if we XOR these together the keys cancel out and we end up with P1 XOR P2, which is usually close enough to allow us to crack it
78
Block cipher
Encrypt in fixed-size blocks instead of bit-by-bit
79
DES
56-bit key 64-bit blocks, but brute-forcing is easy since we have relatively few keys and our computers are way better than the 70s
80
3DES
Apply 3 different keys to it but still slower and weaker than AES, plus if we're not careful we can meet-in-the-middle it
81
AES
128-block, key sizes 128, 192, or 256 bits, brute-forcing currently impossible
82
RSA Finding Keys
1. Pick primes p, q 2. Compute n=p*q 3. Compute phi(n)=(p-1)(q-1) 4. Pick public key e coprime with phi(n) 5. Pick private key d which is equal to e inverse mod phi(n), so d*e is 1 mod phi(n)
83
RSA Encryption/Decryption
Start with message m, public key pair (e,n). Compute m^e mod n to get our encrypted message c. Decrypt with private key pair (d,n), take c^d mod n to get m.
84
Totient Computation
n*(1-1/p1)*(1-1/p2)(1-1/p3) and so on. For example, if we have 2^5*3^7*5^2, we take 2^5*3^7*5^2*(1-1/2)*(1-1/3)*(1-1/5) which equals 2^5*1/2*3^7*2/3*5^2*4/5 = 2^5*3^6*5*4=2^7*3^6*5=466560
85
How does Diffie-Hellman work?
Agree on prime p and base g Alice picks secret A, sends g^A mod p to Bob Bob picks secret B, sends g^B mod p to Alice Alice computes (g^B mod p)^A = g^(BA) mod p Bob computes (g^A mod p)^B = g^(AB) mod p If they're equal we've done it
86
Euler's Theorem
If a, n coprime, then a^phi(n) mod n is 1. Therefore, a^x mod n is equal to a^(x mod phi(n)) mod n. Example: 3^111 mod 11, phi(11)=11-1=10, so 3^10 mod 11 is 3^0=1. Now, 111 mod 10 is 1, so 3^111 mod 11 = 3^1 mod 11 = 3.
87
What is a rootkit?
A stealthy malware that enables attackers to maintain privileged access to a system while hiding its presence.
88
What is the difference between a virus and a worm?
A virus attaches to files and needs execution, while a worm spreads independently over networks.
89
What is the difference between polymorphic and metamorphic viruses?
Polymorphic viruses mutate encryption each infection. Metamorphic viruses rewrite their own code.