exam 1 review Flashcards
Security mechanisms typically do not involve more than one particular algorithm or protocol (T/F)
false
The first step in devising security services and mechanisms is to develop a security policy (T/F)
true
To exploit any type of buffer overflow the attacker needs to identify a buffer overflow vulnerability in some program that can be triggered using externally sourced data under the attacker’s control (T/F)
true
Shellcode is not specific to a particular processor architecture
false
An attacker can generally determine in advance exactly where the targeted buffer will be located in the stack frame of the function in which it is defined.
false
It is possible to write a compiler tool to check any C program and identify all possible buffer overflow bugs.
false
The OpenSSL heartbleed vulnerability would have been prevented if OpenSSL had been implemented in Java (and the Java runtime environment works properly).
True
ASLR (if implemented correctly) can prevent return‐to‐libc attacks
True
_____ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
Privacy
____ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
System Integrity
A loss of _______ is the unauthorized disclosure of information.
confidentiality
A flaw or weakness in a system?s design, implementation, or operation and management that could be exploited to violate the system?s security policy is a(n) ______.
vulnerability
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) _____.
attack
A(n) ______ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
countermeasure
An example of ______ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.
masquerade
The assurance that data received are exactly as sent by an authorized entity is _____.
data integrity
A consequence of a buffer overflow error is _____.
(all of the above)
- corruption of data used by the program
- unexpected transfer of control in the program
- possible memory access violation
The function of ______ was to transfer control to a user command‐line interpreter, which gave access to any program available on the system with the privileges of the attacked program.
shellcode
______ is a form of buffer overflow attack.
(all of the above)
- Heap overflows
- Return to system call
- Replacement stack frame
A buffer can be located ______.
(all of the above)
- in the heap
- on the stack
- in the data section of the process
Each layer of code needs appropriate hardening measures in place to provide appropriate security services.
True
It is possible for a system to be compromised during the installation process.
True
The default configuration for many operating systems usually maximizes security.
False
A malicious driver can potentially bypass many security controls to install malware.
True
Performing regular backups of data on a system is a critical control that assists with maintaining the integrity of the system and user data.
True
Many users choose a password that is too short or too easy to guess because it is hard for users to remember long and random passwords.
True
User authentication is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic.
False
In a biometric scheme some physical characteristic of the individual is mapped into a digital representation.
True
Which of the following need to be taken into consideration during the system security planning process?
(all of the above)
- how users are authenticated
- the categories of users of the system
- what access the system has to information stored on other hosts