CSCI262 Deck 1 Flashcards
1
Q
What is authentication
A
Authentication is the binding of an identity to a subject
2
Q
What are threats against password systems
A
Password guessing. Password exposure. Login trojan programs. Poor passwords. Password Cracking
3
Q
What is password entropy
A
It is the randomness and uncertainty of a password
4
Q
What is the entropy formula
A
log2N
5
Q
What is the entropy of a bank PIN
A
log2(10)*4
6
Q
What are the qualities of some cryptographic hash functions
A
One way/pre-image and Collision resistant
7
Q
What is a one-way/pre-image hash function
A
Computationally infeaasible that for a given digest Y we can find X such that H(X) = Y
8
Q
What is a collision resistant hash function
A
Computationally infeasible to find messages X and ‘X while X!=X such that H(X) = H(‘X)
9
Q
What is a password salt
A
Salt is a random value added to a password prior to running it through the hashing algorithm
10
Q
What is an Access Control
A
A security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance
11
Q
What is Authentication
A
Verification that the credentials of a user or other system entity are valid
12
Q
What is Authorisation
A
The granting of a right or permission to a system entity to access a system resource
13
Q
What is an Audit
A
Review or exam of system records and actitvities to ensure compliance with policies
14
Q
What are 4 types of Access Control policies (acronym)
A
DAC. MAC. RBAC. ABAC
15
Q
What does DAC stand for
A
Discretionary Access Control
16
Q
What does MAC stand for
A
Mandatory Access Control
17
Q
What does RBAC stand for
A
Role Based Access Control
18
Q
What does ABAC stand for
A
Attribute Based Access Control
19
Q
What is DAC
A
Users user their own discretion to specify who can access what
20
Q
What is MAC
A
Control access based on comparing security levels with security clearances
21
Q
What is RBAC
A
Control access based on user’s roles
22
Q
What is ABAC
A
Control access based on user’s attributes
23
Q
How can we show a Access Control matrix in written form. E.g: Process1 READ File 1 and Read / Write File2
A
A(Process1. File1) ⊇ Read – A(Process1.File2) ⊇ Read – A(Process1.File2) ⊇ Write
24
Q
What is an advantage of an ACM
A
Allows for fast and easy determination of the access control rights for any subject-object pair
25
What is a disadvantage of ACM
n subjects and m objects results in a matrix with nm cells
26
What is an Access Control List
A list of subjects that are authorised to access an object such as in Unix systems with r-w-x. These permissions can be defined in octal notation
27
What is the octal notation of read
4
28
What is the octal notation of write
2
29
What is the octal notation of execute
1
30
What is an advantage of an ACL
Main advantage is size
31
What is a disadvantage of ACL
Don't provide an efficient way to enumerate all the access rights of a given subject
32
What is a Group-Based Access Control
Where users are assigned groups and those groups are given permissions to access objects
33
What is a negative permission
A negative permission is an entry that specifies what access operations a user is not allowed to perform
34
What is a privilege
A subject is assigned privileges that allow the subject to execute certain operations on certain operations
35
What are is a protection ring
Where each subject is assigned a number depending on its importance
36
What is Attribute Based Access Controls
Where access is dictated by the values of attributes assigned to objects
37
What is a database
A database is a structured collection of data stored for use by one or more applications
38
What is a DBMS
A DBMS allows or related data to be centrally stored and controlled
39
What does DBMS stand for
Database Management System
40
What is an In Band SQLi
Same communication channel for attacking and retrieving data
41
What is an Out-of-band SQLi
Attacks involve data being collected through different channels
42
Example of an inference attack
If we know Mary is the only female employee in the Security department we can query SELECT SUM(SALARY) FROM EMPLOYEE WHERE DEPARTMENT = 'Security' AND GENDER = 'F';
43
What is Malware
A program that is inserted into a system with the intent of compromising the CIA of data or applications or OS
44
What is a Virus
A piece of software that can "infect" other programs or any type of executable content by modifying them
45
What is a Macro Virus
Exploits the active content supported by document types such as MS Word or Excel files
46
What is the general Virus logic
Search for infectable objects. If found then infect. If not found then exit and repeat
47
What is a memory resident virus
A virus that installs themselves into the memory of the host computer when the original virus program is executed meaning that even after the origin program closes new objects can be infected
48
What are the three components of a virus
Infection mechanism. Trigger. Payload.
49
What is a Virus Infection Mechanism
The mean of which a virus spreads or propagates enabling it to replicate
50
What is a Virus Trigger
The event or condition that determines when the payload is activated
51
What is a Virus Payload
What the virus does besides spreading
52
What are types of Virus
Boot Sector Infector. File Infector. Macro Virus. Multipartite Virus.
53
What is a Worm
A program/virus that copies itself from one computer to another
54
What is the difference bertween a Virus and a Worm
A virus needs a host file and user interaction to spread whereas a Worm is self-replicating meaning it can spread automatically without user interaction
55
What is a popular type of Worm
The Morris Worm
56
What is the Morris Worm
One of the first computer Worms distributed via the internet within 24 hours 6000 out of 60000 computers were infected
57
What is a Trojan Horse
A Trojan renames itself to the name of a valid file system they can install themselves in different ways to escape detection
58
What is a Bacteria
A bacterium or rabbit is a program that creates many instances of itself to burn up resources of some type aiming to result in some level of DoS
59
What is a Logic Bomb
A program that performs a malicious action when some external event occurs
60
What is a Backdoor
A secret entry point into a program that allows someone to gain access without going through usual security access procedures
61
What is Ransomware
An attack on availability that will not be stopped until a payment is made includes encryption of files
62
What are the two types of DoS
Bandwidth Consumption and Resource Saturation
63
What is Bandwidth Consumption DoS
Any communication network has an upper bound on the volume of traffic at one time . When that limit is reached traffic cannot be transmitted
64
What is Resource Saturation DoS
Rather than consuming bandwidth with large volumes of traffic other metrics can result in a DoS such as using up all disk space through unrestricted file uploads
65
What is a legacy DoS attack
Ping of Death
66
What is a classical DoS
Where an attacker sends a lot of messages to overwhelm the capacity of the connection to a target meaning other valid traffic cannot get through
67
What is a TCP SYN Flood
Where the attacker only sends the TCP message 1 (SYN) which is a half-open request
68
What is a reflection attack
The attacker sends packets to a known service on the intermediary with a spoofed source address of the target system
69
What is an amplification attack
Each attack packet produces multiple responses this could be by attacking a broadcast address which sends responses to the entire network
70
Defences against DoS
Attack detection and filtering. Puzzles
71
What is a Puzzle
During suspicious traffic times a puzzle can be sent such as a CAPTCHA the concept is that a zombie machine will not solve it but real users will
72
What are the three types of attackers
Clandestine. Masqueraders. Misfeasors
73
What is a Clandestine attacker
These try to avoid intrusion detection or auditing system
74
What is a Masquerade attacker
These pretend to be a legitimate user
75
What is a Misfeasor attacker
These are legitimate users who are misusing the privileges they have
76
What is the difference between IPS and IDS
IPS technologies respond to a detected threat while IDS only detect
77
What does IDS stand for
Intrusion Detection System
78
What does IPS stand for
Intrusion Prevention System
79
What two kind of models are used for finding malicious actors
Anomaly detection and Signature/misuse based
80
What is Anomaly detection
When observed behaviour differs from the typical behaviour of a user this requires statistical data on typical user behaviour (baseline)
81
What is Signature or misuse based detection
When observed behaviour indicates an attempt to inappropriately use resources
82
What are metrics/methods we can use for anomaly intrusion detection
Statistical. Knowledge based. Machine learning
83
What are two tools we can use for Signature Based Intrusion Detection
STAT and NFR
84
What is STAT
Tool that monitors the security state of a system. If it goes from a less priv state to a more priv state the way this transition has occurred is monitored
85
What does STAT stand for
State Transition Analysis Tool
86
What does NFR stand for
Network Flight Recorder
87
What does NFR do
Take packets from the network and filters them. Backend writes info generated by these filters to disk and admins can query this backend without impacting network performance
88
What does an Agent do
Collects data from sources including log files. networks or other processes
89
What is a Director
A Director further analyses information using an analysis engine
90
What is a honeypot and what does it do
A honeypot diverts attackers from a critical system and is usually filled with fabricated information to appear valuable and when touched it will cause alarms
91
What is a buffer
A memory lcoation where data is sotred and can contain many instances of data
92
What is a buffer overflow
Where more input can be placed into a buffer than the capacity allocated which can result in overwriting other information
93
What are 6 vulnerable C++ functions
gets(). Sprintf(). Strcat(). Strcpy(). Vsprintf(). Scanf()
94
How can we prevent buffer overflows
Use a canary or guard value
95
What does a canary/guard value do
It is a placed just before the return address to check it has not been changed
96
Why do Buffer overflows occur
Poor coding practices and no error checking
97
What is a PaaS
PaaS is a OS in the cloud
98
What does PaaS stand for
Platform as a Service
99
What does IaaS stand for
Infrastructure as a Service
100
What does IaaS do
Gives customers access to resources such as VMs and other virtualised hardware
101
What are the 4 cloud deployment methods
Public. Private. Community. Hybrid
102
What is a Community Cloud
Shares characteristics of a private cloud and public cloud
103
What is a Hybrid cloud
Composition of two or more clouds
104
What are Cloud Specific security threats
Abuse and nefarious use of cloud computing. Insecure APIs. Malicious insiders. Account hijacking
105
What is a Security as a Service
A package of security services offered by a service provider that offloads much of the security responsibility from an enterprise to a security services provider
106
What are categories of Security as a Service
IAM. DLP. Web Security. Email Security. Security Asssessments.
107
Define firewall
A mechanism or device for controlling connections/traffic between networks
107
What is a packet filtering firewall
Each incoming/outgoing IP packet is weighed up with respect to the rules and then forwarded or discarded
107
What are the two types of packet filtering firewalls
Static (1st gen) and Dynamic (4th gen)
107
Name 4 types of firewalls
Packet filtering, Stateful inspection, Application gateway and circuit level gateway
108
What are the two types of stateful inspection firewalls
Static and Dynamic
108
What is a DMZ
The area between an internal network and the big bad outside world of the internet
108
What is a Static Packet filtering rule
When the rules are developed prior to installation and can only be changed by direct human input
109
What is a Dynamic Packet filtering rule
When the firewall is able to respond to events and change rules appropriately
110
What is a Application level gateway
Also known as a proxy server, it acts as a relay for application level traffic such as web traffic
