465 midterm Flashcards

midterm

1
Q

Confidentiality

A

Prevent unauthorized access to information. Example: Encryption, Access control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Integrity

A

Ensure data is accurate and unaltered unless authorized.

Example: Checksums, Backups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Availability

A

Ensure authorized users can access data when needed.

Example: Computational redundancies, Physical protections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Encryption

A

Transforms plaintext into ciphertext using a key.

Example: AES, RSA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Access Control

A

Limits access to authorized users only.

Example: Role-based access control (RBAC).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Authentication

A

Verifies a user’s identity.

Example: Passwords, Biometrics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Authorization

A

Determines what an authenticated user can access.

Example: Access Control List (ACL).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Physical Security

A

Prevents unauthorized physical access.

Example: Locks, Security guards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Backups

A

Copies of data stored for recovery purposes.

Example: Cloud backups, RAID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Checksums

A

Detects accidental data corruption.

Example: MD5, SHA-256.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data Correcting Nodes

A

Reverts small unauthorized modifications.

Example: Error-correcting codes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Physical Protections

A

Prevents damage or destruction of hardware.

Example: Fireproof safes, Server rooms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Computational Redundancies

A

Extra resources to maintain availability.

Example: Load balancers, Clustering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Assurance

A

Trust in a security system’s effectiveness.

Example: Policies, Permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Authenticity

A

Ensures a message or user is genuine.

Example: Digital signatures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Anonymity

A

Hides the sender’s identity.

Example: Proxies, Pseudonyms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Eavesdropping

A

Unauthorized interception of communication.

Example: Wiretapping, Packet sniffing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Man-in-the-Middle Attack

A

Attacker alters communication between parties.

Example: HTTPS downgrade attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Denial-of-Service (DoS)

A

Overloads a system to make it unavailable.

Example: DDoS attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Masquerading

A

Pretending to be someone else.

Example: Phishing, Spoofing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Repudiation

A

Denying having sent or received a message.

Example: Digital signatures prevent this.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Correlation & Traceback

A

Linking anonymous actions to a specific user.

Example: Traffic analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Economy of Mechanism

A

Keep security systems simple.

Example: Minimal, well-documented code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Fail-Safe Defaults

A

Default access should be restrictive.

Example: No default admin privileges.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Complete Mediation

A

Every access attempt should be checked.

Example: Session timeouts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Open Design

A

Security should not rely on secrecy.

Example: Open-source cryptography.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Separation of Privilege

A

Require multiple conditions for access.

Example: Multi-factor authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Least Privilege

A

Users get only necessary permissions. Example: Principle of least authority (PoLA).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Least Common Mechanism

A

Reduce shared system resources. Example: Separate user processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Psychological Acceptability

A

Security should be user-friendly. Example: Intuitive UI design.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Work Factor

A

Security measures should be proportionate to the attack difficulty.

Example: Strong encryption for sensitive data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Compromise Recording

A

Logging and monitoring to detect breaches.

Example: Security cameras, Intrusion Detection Systems (IDS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Access Control Matrix

A

A table defining subjects, objects, and their permissions.

Example: Each row = user/system, each column = resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Access Control List (ACL)

A

A list defining which users can access an object and what permissions they have.

Example: A file system ACL defines read/write/execute rights.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Role-Based Access Control (RBAC)

A

Assign permissions to roles rather than individuals.

Example: Admin role has full access, User role has limited access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Nonrepudiation

A

Ensures that a sender cannot deny sending a message.

Example: Digital signatures provide nonrepudiation by binding a user’s private key to a message.

37
Q

Correlation & Traceback

A

Techniques used to link anonymous online activities to an individual.

Example: Traffic analysis on Tor networks.

38
Q

Social Engineering

A

Psychological manipulation to trick users into revealing sensitive information.

Example: Pretexting, phishing, baiting.

39
Q

Man-in-the-Middle (MITM) Attack

A

An attacker intercepts and possibly alters communication between two parties.

Example: An attacker intercepting HTTPS traffic by stripping encryption.

40
Q

Denial-of-Service (DoS) Attack

A

An attack that overwhelms a system to make it unavailable.

Example: A botnet flooding a web server with excessive traffic.

41
Q

Salting Passwords

A

Adding a unique random value to each password before hashing to prevent precomputed attacks.

Example: A user’s password is hashed with a salt so two users with the same password have different hashes.

42
Q

BIOS Password

A

Prevents unauthorized users from modifying firmware settings before the OS loads.

Example: Prevents booting from unauthorized USB devices.

43
Q

Hibernation File Risks

A

Hibernation files store system memory contents and may contain sensitive data.

Example: Encryption keys or passwords could be extracted from a dumped memory file.

44
Q

What is the meet-in-the-middle attack on Double-DES?

A

Double-DES encrypts with two separate keys (K1, K2):

C = E(K2, E(K1, P))
Meet-in-the-Middle attack reduces security from 2^112 to 2^56 by:

Encrypting P with all 2^56 possible K1 values, storing intermediate results.

Decrypting C with all 2^56 possible K2 values and checking for matches.

Since only 2^56 encryptions + 2^56 decryptions are needed, security is not doubled.

45
Q

Triple-DES

A

Triple-DES avoids the meet-in-the-middle attack by encrypting three times:

E(K1, D(K2, E(K1, P)))

Since the attack needs to store 2^56 intermediate values, but now there are three independent operations, brute-forcing remains at 2^112, making it significantly harder to break than Double-DES.

46
Q

ECB Mode

A

Each block is encrypted independently: C_i = E(K, P_i)

Identical plaintext blocks produce identical ciphertext blocks, making patterns visible.

Weakness: Doesn’t provide diffusion, making it vulnerable to pattern analysis (e.g., encrypted images reveal structure).

47
Q

CBC Mode

A

Uses an IV (Initialization Vector) and XORs previous ciphertext block with plaintext before encryption:

C_i = E(K, P_i ⊕ C_(i-1))

Weakness: Susceptible to bit-flipping attacks—modifying ciphertext bits affects plaintext predictably after decryption.

48
Q

OFB Mode

A

Uses an IV and encrypts it iteratively to generate a keystream:

S_i = E(K, S_(i-1))
C_i = P_i ⊕ S_i

Weakness: Since encryption depends only on the key and IV, if IV is reused, the keystream is the same, making it vulnerable to plaintext recovery.

49
Q

CTR Mode

A

Uses a counter value instead of chaining:

C_i = P_i ⊕ E(K, Counter_i)

Weakness: If the same counter and key are reused, the ciphertexts can be XORed together to reveal plaintext.

50
Q

Birthday Paradox

A

If a hash function has N = 2^n outputs, collisions happen at sqrt(N)=2^(n/2) rate

51
Q

Weak collision resistance

A

Given a specific key X, it’s infeasible to find a X’ where they hash to the same

52
Q

Strong collision resistance

A

It’s infeasible to find any X and X’ where they hash to the same value

53
Q

Global Offset Table

A

Stores the addresses of library functions, lazy so only resolves when first called

54
Q

GOT Risks

A

Overwriting a GOT entry lets us redirect to malicious code

55
Q

LD_PRELOAD hijacking

A

Replace a library function with a custom shared library to run instead

56
Q

Linux ACM

A

DAC: Users control file permissions

57
Q

Linux file permissions

A

Uses UGO model (user, group, other), each FILE has read, write, execute permissions for each of those

58
Q

Linux ACLs

A

Access control lists used in linux, we can grant fine-grained permission to specific users

59
Q

Linux Root/Sudo

A

Root has full control, sudo lets non-root run as root

60
Q

Windows ACM

A

Uses access control lists for everything, can use role-based in some scenarios

61
Q

Windows ACLs

A

Each file and object has a ACL, explicit allow/deny rules

62
Q

Windows NTFS

A

Uses ACLs to define our granular permissions, like read/write/modify/execute

63
Q

Windows Inheritance ACLs

A

Child objects inherit permission from their parent directories

64
Q

How are RWX permissions set

A

chmod, u+rwx,g+rwx,o+rwx file.text

65
Q

What are setUID/setGID?

A

u+s lets you run with file owner privileges, g+s lets you run with group priveleges/make files inherit group, if misconfigured allows for escalation

66
Q

File copies in Windows

A

File inherits permissions from DESTINATION not original file, also same if you move a file between different volumes

67
Q

Linux sticky bit

A

Ensures only the owner can delete/rename even if world-writeable, stops meddling in shared dirs

68
Q

Integer overflow

A

When we pass our int-max we overflow into int-min

69
Q

Two’s complement

A

Most significant bit is the sign bit, 01111111 (127)+1=10000000 which is -128

70
Q

Format string attack

A

printf can allow us to use %x to read memory addresses, %n to write to memory if we forget to explicitly include our format strings.

71
Q

Caesar cipher

A

Shift forward by fixed secret key n spaces.

72
Q

Cracking Caesar cipher

A

Shift by all 25 possible shifts, or frequency analysis if we reuse keys

73
Q

Substitution cipher

A

Fixed mapping for each letter to another letter, for example A->M, B->H, C->P…

74
Q

Cracking substitution cipher

A

Frequency analysis and pattern recognition, notice common letters like words ending in S, one-letter words being A or I, repeating phrases like signatures or common words

75
Q

Vigenere Cipher

A

Take a word or string of numbers, use that repeated shift. For example we have 3 12 4 1, shift the first letter by 3, second one by 12, third by 4, fourth by 1, fifth by 3 again, and so on

76
Q

Cracking Vigenere cipher

A

Find the key length via repeated patterns, treat it like a Caesar cipher for each letter mod n

77
Q

Reusing a OTP

A

Let us have two plaintexts P1, P2, OTP key K. Encrypt both with K into P1 and P2. Now, if we XOR these together the keys cancel out and we end up with P1 XOR P2, which is usually close enough to allow us to crack it

78
Q

Block cipher

A

Encrypt in fixed-size blocks instead of bit-by-bit

79
Q

DES

A

56-bit key 64-bit blocks, but brute-forcing is easy since we have relatively few keys and our computers are way better than the 70s

80
Q

3DES

A

Apply 3 different keys to it but still slower and weaker than AES, plus if we’re not careful we can meet-in-the-middle it

81
Q

AES

A

128-block, key sizes 128, 192, or 256 bits, brute-forcing currently impossible

82
Q

RSA Finding Keys

A
  1. Pick primes p, q
  2. Compute n=p*q
  3. Compute phi(n)=(p-1)(q-1)
  4. Pick public key e coprime with phi(n)
  5. Pick private key d which is equal to e inverse mod phi(n), so d*e is 1 mod phi(n)
83
Q

RSA Encryption/Decryption

A

Start with message m, public key pair (e,n). Compute m^e mod n to get our encrypted message c.

Decrypt with private key pair (d,n), take c^d mod n to get m.

84
Q

Totient Computation

A

n(1-1/p1)(1-1/p2)(1-1/p3) and so on.

For example, if we have 2^53^75^2, we take 2^53^75^2(1-1/2)(1-1/3)(1-1/5) which equals 2^51/23^72/35^24/5 = 2^53^654=2^73^6*5=466560

85
Q

How does Diffie-Hellman work?

A

Agree on prime p and base g Alice picks secret A, sends g^A mod p to Bob
Bob picks secret B, sends g^B mod p to Alice

Alice computes (g^B mod p)^A = g^(BA) mod p
Bob computes (g^A mod p)^B = g^(AB) mod p

If they’re equal we’ve done it

86
Q

Euler’s Theorem

A

If a, n coprime, then a^phi(n) mod n is 1. Therefore, a^x mod n is equal to a^(x mod phi(n)) mod n.

Example: 3^111 mod 11, phi(11)=11-1=10, so 3^10 mod 11 is 3^0=1. Now, 111 mod 10 is 1, so 3^111 mod 11 = 3^1 mod 11 = 3.

87
Q

What is a rootkit?

A

A stealthy malware that enables attackers to maintain privileged access to a system while hiding its presence.

88
Q

What is the difference between a virus and a worm?

A

A virus attaches to files and needs execution, while a worm spreads independently over networks.

89
Q

What is the difference between polymorphic and metamorphic viruses?

A

Polymorphic viruses mutate encryption each infection. Metamorphic viruses rewrite their own code.