Final Exam (Not Including Midterm Material)

Question 1

Security

Answer 1

Focused on external threats, unlike protection, which is focuses on internal concerns

Question 2

Breach of Confidentiality

Answer 2

Information is no longer secret

Question 3

Breach of integrity

Answer 3

Information may have been changed

Question 4

Breach of availability

Answer 4

System/information may not be available

Question 5

theft of service

Answer 5

Using a service that the user should not be allowed to

Question 6

denial of service

Answer 6

An attack that makes it so that the system cannot complete services

Question 7

masquerading

Answer 7

An unauthorized user claiming to be a user that is authorized

Question 8

authentication

Answer 8

an attempt to verify that a user or
message is what it claims to be

Question 9

replay attack

Answer 9

Retransmitting the previously transmitted password to try to get authenticated

Question 10

message modification

Answer 10

When an attacker changes the contents of a message from an authenticated user

Question 11

man-in-the-middle attack

Answer 11

Attacker intercepts messages from both parties and pretends to be the person they want to communicate with

Question 12

session hijacking

Answer 12

After a user is authenticated, another user cuts them off and communicates in their name

Question 13

privilege escalation

Answer 13

The enabling of more privileges than an entity (process, system, person) should have

Question 14

Trojan horse

Answer 14

A program that acts in a clandestine or malicious manner rather than simply performing its stated function

Question 15

trap door

Answer 15

A back-door daemon left behind after a
successful attack to allow continued access by the
attacker.

Question 16

logic bomb

Answer 16

A remote-access tool designed to
operate only when a specific set of logical conditions is met

Question 17

stack/buffer overflow

Answer 17

Adding a long too many items to a stack or a buffer to overwrite or get access to other parts of memory

Question 18

virus

Answer 18

A fragment of code embedded in a legitimate program that, when executed, can replicate
itself; may modify or destroy fi les and cause system crashes and program malfunctions.

Question 19

attack surface

Answer 19

The amount of the program that is vulnerable to attacks

Question 20

worm

Answer 20

A program that spreads malware between
computers without intervention from humans

Question 21

port scanning

Answer 21

A program that spreads malware between
computers without intervention from humans

Question 22

zombie system

Answer 22

Compromised systems that
are being used by attackers without the owners’
knowledge.

Question 23

distributed denial-of-service attack

Answer 23

a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

Question 24

encryption

Answer 24

Turning plaintext into something that
looks like random garbage (ciphertext ), using a
key

Question 25

key

Answer 25

A sequence of symbols used to convert plaintext into cyphertext and back again

Question 26

symmetric encryption

Answer 26

The same key is used to encrypt and decrypt a message

Question 27

block cipher

Answer 27

Cyphers are encrypted in blocks. Can be unsafe because the same message will be encrypted the same way

Question 28

cipher-block chaining

Answer 28

Like a block cypher, but combines the block with the previous block to avoid the same message being encrypted the same way

Question 29

stream cipher

Answer 29

Encrypts bytes as they are sent, instead of in blocks

Question 30

asymmetric encryption

Answer 30

Uses a key pair. Encryption key is different than decryption key.

Question 31

private key

Question 32

public key

Answer 32

A key that is kept secret

Question 33

(secure) hash function

Answer 33

Turning a large message into a smaller hashed function

Question 34

message digest

Answer 34

a fixed size numeric representation of the contents of a message, computed by a hash function

Question 35

digital signature

Answer 35

An encrypted signature proving the authenticity of a document

Question 36

password

Answer 36

A secret message used to get access to a system

Question 37

one-time password

Answer 37

A password that can only be used once