Chapter 2

Question 1

Basics of a program

Answer 1

• Data resides in RAM: numbers and other coded data, stored in consecutively numbered locations
• Programs are lists of instructions
• Instructions reside in RAM

Question 2

Sections of RAM

Answer 2

• Control Sections: instructions and unchanging data

- Data sections: variables that change, stack, heap, BSS Segments

Question 3

Memory Layout

Answer 3

low -> high

text
data
bss segment
heap (goes down)
stack(goes up)

Question 4

Stack Frame for function call

Answer 4

local variables, parameters, return address

Question 5

Process

Answer 5

A running program

isolated and contained

Question 6

Operating system

Answer 6

In charge of process management, dispatching, RAM Management (MMU), I/O management (file management, user interface, network protocols)

Question 7

Buffer Overflow: The Morris Worm

Answer 7

First major internet worm

disabled 10% of computers

utilized buffer overflow(program fails to keep track of input, input modifies RAM it shouldn’t and an attacker can take over)

Question 8

Finger Program

Answer 8

Retrieved info about other users, was vulnerable to buffer overflow

Question 9

Buffer Overflow

Answer 9

When calling another procedure we have to save the PC on the stack, overrunning a buffer can modify data on the stack and potentially overwrite the PC causing the wrong instruction to be executed when the procedure is finished.

Question 10

Data Execution Prevention (DEP)

Answer 10

Protective measure where the OS will only execute instructions in a control section not the data section. Not all systems or programs can use DEP

Question 11

Lessons from Morris Worm

Answer 11

1) Pick good passwords
2) Patch Regularly
3) Review System Configuration
4) created CERT (computer emergency response team) which was first nationwide computer security team

Question 12

Common Vulnerability Enumeration (CVE)

Answer 12

Tracks and reports problems with security

Question 13

Ways to study cyber attacks

Answer 13

1) Attack Scenarios

2) Attack Case Studies

Question 14

Attack Scenario

Answer 14

Goals: Describe goals of attack

Resources: Required personnel, skills, equipment

How it happens: descibe how it takes place

Collateral Results: attack results in addition to the goals noted above

Recommended Mitigation: basic steps that could prevent attack

References: authoritative sources

Question 15

Attack Case Study

Answer 15

Overview: summarizes the attack

Perpetrator: brief description of threat agent

Attack Scenario: as previously described

Risk Management: how pre-attack risk management affected outcome

References: consolidated list including those from the attack scenario

Question 16

Access Control Strategies

Answer 16

1) Islands
2) Vaults
3) Puzzles
4) Patterns

Question 17

Islands (access control strategy)

Answer 17

• We can only touch what is there
• processes are islands (think of the Von Nuemann Model of memory)
• isolation and mediation
• not allowed to access resources

Question 18

Vault (access control strategy)

Answer 18

• We can retrieve things from the vault only if allowed
• something restricts access
• least privilege

Think of a bank safe deposit box: we have the key, the banker lets us retrieve the box, we can modify contents, we can’t retrieve or modify other boxes

This is how permissions work in regards to files and processes

Question 19

Puzzles (access control strategy)

Answer 19

Protect data by presenting a puzzle (authorized users no the answer)

Security Through Obscurity (weak puzzle such as protecting data by hiding it)

Strong puzzles use cryptogrophy

Question 20

Patterns (access control strategy)

Answer 20

Make decisions based on similarities

antivirus software searches computer for patterns found in viruses

biometrics work of patterns

Problems: false positives and false negatives

Question 21

Open Design (A Basic Principle)

Answer 21

We open our systems for third party analysis to help ensure effectiveness

withhold changeable, secret information

Kerckhoff’s Principle: rely on a changeable secret but make the rest of the design public and open to review

Shannons maxim: the enemy knows the system

Question 22

Kerckhoff’s Principle

Answer 22

ely on a changeable secret but make the rest of the design public and open to review

Question 23

Shannons maxim

Answer 23

the enemy knows the system

Question 24

Chain of Control (A Basic Principle)

Answer 24

we must never run programs that violate or bypass our security policy. to avoid, we

1) Start the computer using a BIOS that maintains our security policy
2) If the software we start (i.e. the OS) can start other software, then the other software complies with the security policy or is constrained from violating the policy via access restrictions or other mechanisms

Question 25

Ways of subverting Chain of Control

Answer 25

At BIOS we may:
-boot a different OS that doesn’t enforce access restrictions

Inside the OS:

• Install a privileged program that can bypass access restrictions
• trick an authorized user into leaking sensitive files

Question 26

How to Keep processes seperate

Answer 26

Hardware: (CPU)

• Program Modes
• RAM protection

Software: (OS)

• Program Dispatcher
• Memory Manager
• User Identities

Question 27

Program Modes

Answer 27

Kernel/Supervisor Mode

• Highly privileged programs with full CPU access
• dangerous

User Mode:

• for most programs and all applications
• CPU blocks any attempt to use Kernel mode instructions

Question 28

3 Types of Security Controls

Answer 28

Physical, Logical, Procedural

also there are three categories: Preventative, Detective, Corrective

Question 29

CIA Properties plus 2

Answer 29

Confidentiality

Integrity

Availability

Authentication

Nonrepudiation