Final Exam

Question 1

What is CIA?

Answer 1

Confidentiality, Integrity, Availability. How do we keep something secret, how do we control modification, and how can we make sure that it can be accessed

Question 2

What is authentication? What are the four ways of validating?

Answer 2

What you know, what you are, where you are, something you have. It is the process of identifying someone’s identity

Question 3

What are the three kinds of access models and what do they do?

Answer 3

Discretionary, mandatory, and role based. An individual sets the access control, the system sets access control and the individual can’t make edits, controls are based off of roles, not individuals

Question 4

What are examples of symmetric crypto?

Answer 4

AES, 3DES

Question 5

How many keys are used in Symmetric crypto?

Answer 5

1

Question 6

How many keys are used in asymmetric crypto?

Answer 6

2

Question 7

What are examples of asymmetric crypto?

Answer 7

Sha, md5

Question 8

Why can’t you unhash?

Answer 8

Because you run crypto with additional text so that everything gets mixed up

Question 9

What are some mitigation strategies that should be employed?

Answer 9

Whitelist applications. Find trusted applications that need to be used and block all others. Patch applications within two days of finding risks. Patch the operating system within two days of finding risks, and minimize the number of users

Question 10

What are the PII Principals? (7)

Answer 10

Notice
Purpose
Consent
Security
Disclosure
Access
Accountability

Question 11

What are the top Owasp threats

Answer 11

Injections, Broken authentication, cross-site scripting

Question 12

How can you protect your wifi

Answer 12

Use WPA2 instead of WEP

Question 13

What is the internet of things?

Answer 13

Connection of physical things to the internet. RFID, security cameras, etc.

Question 14

How can we create a risk assessment for heartbleed?

Answer 14

Use Dread and Fair

Question 15

How did the NSA use testing to find heartbleed in 2013?

Answer 15

s

Question 16

What are some problems with wireless?

Answer 16

There are no physical protections, you dont know if you are being watched, you can blutooth snarf from up to a mile away, can air bridge gapped networks, mobile devices can be multi homed, lots of easy to use attacks

Question 17

How can you protect tokens?

Answer 17

Expiration times, limited types of uses, limited number of uses, sign/encrypt, use standard formats

Question 18

Is open source more secure?

Answer 18

Depends, there are more eyes looking at the code but the code is open. They are usually more security minded but there is less funding for security

Question 19

What is DREAD?

Answer 19

Damage potential
Reproducability
Exploitability
Affected users
Discoverability

Question 20

How does the FAIR model calculate risk?

Answer 20

(Threat event frequency * Threat capability * Control strength) * Estimated probable loss

Question 21

What is stride?

Answer 21

Spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege

Question 22

What does stride use to compare to?

Answer 22

Data flows, data stores, processors, interactors

Question 23

What is GRC?

Answer 23

Governance, risk management, compliance

Question 24

Biometric characteristics

Answer 24

Uniqueness, permanence, collectability, performance, acceptibility, circumvention

Question 25

What is the minimal response plan?

Answer 25

Detect
analyze
contain or eradicate
provide workarounds
prevent re-infection
log events
preserve evidence 
conduct a post-mortem
apply lessons learned

Question 26

What is IPS/IDS

Answer 26

Intrusion detection and protection. They are mostly meant to detect problems rather than actually fix them

Question 27

Token protections

Answer 27

expiration time
limited usages
sign/ encrypt
rng
use saml

Question 28

Tokens

Answer 28

handle - reference or artifact
assertion - directly validated
bearer - used by any client (bonds)
proof - specific client