Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CSE 130 > ch.10 Security > Flashcards

ch.10 Security Flashcards

1
Q

threat model

A

a formal model of the actions that an attacker can & cannot perform (aka a trusted computing base or components that an attacker can & cannot perform)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are 4 that an attacker must follow? (aka model)

A
  1. cannot read memory
  2. directly access code on system
  3. break encryption
  4. cannot impersonate a system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what does an un-sanitized input?

A

a system doesn’t validate input before using it (therefore we should always check user input before using it)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what are side channels?

A

information is leaked in indirect ways -> for instance different timing could allow for a password to be guessed if it awas 1 ms for a correct and 2 ms for an incorrect value)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what is security through obscurity?

A

the attacker does not know what program we are executing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what does an attacker observe/control in a single node system?

A
  1. observe the timing of actions
  2. observe the inputs / outputs of the system
  3. control the inputs to the system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what does an attacker observer in a multi node system?

A

observe messages sent between nodes
drop messages sent between nodes
change messages sent between nodes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CSE 130 (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions