Exam Paper Flashcards
Difference between authentication and Identification
authentication : verify the identity, what user have
Identification : Identify the user, who the user is
Difference between subject and object
Subject : An active entity within an IT system
eg. Process running under a user identity.
Used when discussing operational systems enforcing
policies
Object : Files or Resources
eg. Memory, printer, directories
Subject would have control on an object according to r,w,x permission
How firewall can improve network security and what their main limitation are
• Implements ‘single point’ security measures
• Security event monitoring through packet
analysis and logging
• Network-based access control through
implementation of a rule set
• Defends a protected network against parties
accessing services that should only be available
internally
Limitation :
• Cannot protect against attacks that bypass the firewall like tunneling
• Cannot protect against internal threats or insiders
• Network firewalls cannot always protect against
the transfer of virus-infected programs or files
One-way hash function and how it is used in Access Control
Takes a message of any length, and returns a
pseudorandom hash of fixed length.
Encrypt password.
Explain TOCTTOU
Time of check to time of use
Repeated Authentication
Authenticate user before and during a session
For example, in banking.
Trusted Computing Base
“The totality of protection mechanisms within a
computer system responsible for enforcing a security
policy”
- One of more components
- Enforce a unified security policy over a product or
system - Correct enforcement depends on components within
as well as input from administrators
Hardware – Dedicated registers for defining privileges
• Operating system kernel – E.g. Virtual Machine
Hypervisor
• Operating system – Windows security reference monitor
• Services Layer – JVM, .NET
• Application Layer – Firewalls
Explain CIA and 2 Additional Properties
Confidentiality : Prevent of data disclosure
Integrity : Prevent data modification
Accessibility : Prevent data withholding
Accountability : Users should be held responsible for their actions
Non - Repudiation : non foregable evidence
Software Vulnerability
Points is software that is vulnerable and can be attacked.
Malwares, Viruses , Trojan. Bug in software that can be exploited. eg. Heartbleed in SSL.
Man - in - the - middle Attack and Example
ARP Cache Poisoning.
We can simply send an unrequested ARP reply,
and overwrite the MAC address in a hosts ARP
cache with our own
Functionality in a botnet and example in DDOS
group of hijacked Internet-connected devices, each injected with malware used to control it from a remote location without the knowledge of the device’s rightful owner
Can be used for TCP Syn flooding for DDOS. ordered to rapidly access a website as part of a larger DDoS attack.
.
“Layer Below Attack”
Accessing the layer below the layer that is secured. Messing with the hardware
Four types of threat vectors
Email
Webpage
Software Vulnerability
Chatrooms
What are intrusion detection systems? Compare host based and network based.
- Detects possible intrusion attempts
- Generates alerts and logs for administrators
Host-based (HIDS):
• Monitors the characteristics of a single host to find
suspicious activity including resource / app usage
• In many ways modern Anti-virus does this
- Single computer
Network-based (NIDS):
• Monitors network traffic and analyses a variety of
packets from different protocols to identify suspicious
activity
- Network of computers
Describe and compare “accountability” and “nonrepudiation”
accountabiity : user responsible for their actions. keep a log
Non-repudiation : unforgeable evidence that someone did something. eg. digital certificates
Access Control List (ACL) Where it is used and what are its disadvantage.
Used to show what subject is allowed to do to the named file.
Stored with an object itself, corresponding to a
column of an ACL.
eg. game.exe | Alice : r,w,e | Bob r,e
-Difficult to get an overview
-Tedious to set up
-Management of individual subjects is hard
