Exam Flashcards
The common resources that can be targeted in DoS attacks are ___ and ___ ?
The common resources that can be targeted in DoS attacks are network bandwidth (for network) and system resources (like memory and CPU).
Lamport’s one-time password scheme relies on using hash functions that are ___ and ___ .
Lamport’s one-time password scheme relies on using hash functions that are one way and collision resistant.
Examples of each of the main authentication bases are … ? (Three examples)
- Something you know (password, PIN, security questions)
- Something you have (Security Tokens, smart cards, etc.)
- Something you are (Fingerprint, Facial Recognition)
“Online” and “Offline” attacks differ in that ___.
- Online requires the connection to be active, therefore imposing certain restriction for breaking a password.
- Offline does not require the connection to be active, therefore has unlimited chances to break the password.
A minimum time between password changes is specified so users ___.
So that users do not change their password too often in a short period - which could lead to weaker password choices.
Two security properties of cryptographic hash functions are ___ and ___.
- Collision Resistance - Hard to find two different inputs that produce the same hash.
- Preimage Resistance - Difficult to figure out the original input from its hash.
A mechanism capable of distinguishing between humans and computers may be a ___.
CAPTCHA
3 classes of intruders that an IDS may attempt to find are…?
- Clandestine Users - Individuals who gain unauthorised access to privileged system resources or data.
- Masqueraders - Users who access the system by impersonating another legitimate user, often through stolen credentials.
- Misfeasor - A legitimate user who has authorised access but uses them in an improper or unauthorised manner.
Two primary properties used in malware classification are ___ and ___.
- Functionality - What the malware does such as stealing data, encrypting files for ransom or causing system damage.
- Propagation Method - How the malware spreads, like through email attachments, infected websites, or network vulnerabilities.
Race conditions can occur when ___ and can result in ___.
Race conditions occurs when two or more processes try to change or access the same data at the same time and can result in unpredictable or incorrect behaviour in a system.
It’s like two people trying to edit the same document simultaneously without coordinating. If they don’t take turns properly, they might overwrite each other’s changes or create confusion.
Phishing emails are typically sent in bulk because ___.
Phishing emails are typically sent in bulk because attackers want to increase the chance of victims falling for the scam.
The Biba model is for the purpose of ___ while BLP is for the purpose of ___.
The Biba model is for the purpose of ensuring data integrity, while BLP (Bell-LaPadula) is for the purpose of maintaining data confidentiality.
The Biba model focuses on preventing unauthorized users from modifying sensitive data, thereby ensuring that the information remains accurate and uncorrupted.
The Bell-LaPadula model, on the other hand, is primarily concerned with keeping sensitive information secret and preventing unauthorized access to it.
SYN flooding is an example of ___.
Denial of Service attack (Dos).
To be stateless means ___ and is relevant in the context of ___.
To be stateless means each request from a client to a server is treated as completely new, with no memory of past interactions.
It is relevant in the context of client puzzle connection protocol.
What’s the difference between spear phishing and general phishing?
Spear Phishing is targeting a specific person.
General Phishing is targeting all victims and expecting some to be fooled.
Three types of malware are?
- Viruses
- Trojan Horses.
- Worms
The term “shellcode” refers to ___ and is relevant in the context of ___.
“Shellcode” refers to code that hackers use to control a compromised computer system.
It’s important in the context of computer security breaches and attacks.
The difference between logging and auditing is ___.
Logging - involves recording detailed information about events and actions in a system.
Auditing - the process of reviewing and analysing these log files to check for anything unusual or important.