Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber Security Fundamentals > 9. Network Security > Flashcards

9. Network Security Flashcards

1
Q

distributed authentication

A

need to access different servers throughout the day
need to have different passwords for each service
hard to remember

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

centralised authentication

A

server gives user key to access other services

  • key is encrypted (user cannot decrypt)
  • other servers can decrypt to validate

however, tickets can be captured and sent from attacker system (spoofing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Kerberos

A
  1. user sends userID, password, and ticket grant sever ID
  2. authentication server returns User(sessionKey, TGSKey(Ticket granting ticket))
  3. user gets session key by decrypting with their own key
  4. user sends sessionKey(user) + TGSKey(TGT) to Ticket Granting Server
  5. server returns serviceServerKey(ticket) + sessionKey(serviceSessionKey)
  6. user get service session key by decrypting with session key
  7. user sends serviceSessionKey(user) + serviceServerKey(ticket) to service server
  8. service server replies with serviceSessionKey(response)
  9. user sends serviceSessionKey(email req)
  10. service server replies with serviceSessionKey(email)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

protection against replay attacks

A

maintain a replay cache on ticket granting server

if duplicated authentication request detected, error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

kerberos limitation

A
  1. machines needs to be time synched
  2. tickets and keys stored on server may get compromised
  3. key distribution center is a single point of failure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

malware

A

malicious software

  • designed to intrude, cause harm
  • affects data, time, hardware, reputation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

stuxnet

A

worm spreads using vulnerability

downloads payload and affect temperature controller

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

cross platform malware

A

worm must be cross platform as unable to guarantee specific platform. if worm on wrong platform, cause errors and reveals itself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

malware types

A
  1. worms
  2. virus
  3. trojans
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

virus

A
  1. needs a host to run
  2. when host run, virus also gets executed
  3. can be inserted via
    - overwriting
    - appending
    - prepending (best: virus runs and revert files to prevent error)
  4. uses mutex to check if host has already been infected
  5. when spreading, may change signatures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

mutated virus (metamorphic)

A

change instructions but still does the same thing

eg. a=1 to a=2-1 ….

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

encrypted virus (polymorphic)

A

decrypts itself to run
keys changes to prevent identification
encryption algorithm can change

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

virus anatomy

A
  1. concealment
  2. propagation
  3. payload
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

virus triggers

A

logic bomb

time bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

worms

A
  1. no need host
  2. harmless by itself, carries a payload
  3. auto replicate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

trojan

A
  1. hidden inside programs
  2. targeted virus
  3. do not replicate, need to remain hidden
17
Q

malware infection mediums

A
  1. attachment emails
  2. downloaded from internet
  3. social engineering

vulnerabilities caused by:

  • user apathy (it won’t happen to me)
  • non awareness
  • inadequate security policies
18
Q

malware defence

A
  1. don’t install from untrusted sources
  2. check email carefully
  3. update anti virus
  4. backup data
  5. enforce policies
  6. awareness training
19
Q

malware detection

A
  1. use anti virus
    - identify and remove malware
    - stops infection in the first place
    - protect the resources rather than the entrance
    - dictionary to store virus signatures
  2. integrity checker approach
    - identify changes to file due to malware
    - maintain copy of hashed file
    - if file is changed, signature will be different
  3. activity monitor approach
    - monitor program behaviour
    - alert user if suspicious
    - quarantine file in VM to analyse
    • some virus are environmental aware
    • if ran in VM, just sleep
20
Q

signs of malware infection

A
  1. program slow down
  2. sudden drop in available memory
  3. changes in program size
  4. very old file recently modified
21
Q

malware analysis process

A
  1. basic static analysis
  2. advanced static analysis
  3. basic dynamic analysis
  4. advanced dynamic analysis

Cyber Security Fundamentals (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions