? From Slides Flashcards
What are we protecting in cybersecurity?
Data, systems, networks, intellectual property.
Who are we protecting assets from?
Hackers, insiders, malware, nation-states.
Why do we need to protect systems and data?
To ensure confidentiality, integrity, and availability (CIA Triad).
Does more complexity mean less security?
No, unnecessary complexity increases errors and vulnerabilities.
Is goodwill a problem in security?
Yes, attackers can exploit trust through social engineering or insider threats.
What assets do we need to protect?
Data, software, hardware, networks, personnel.
How are assets threatened?
Malware, phishing, DoS, man-in-the-middle, insiders.
How can we counter threats to assets?
Firewalls, encryption, MFA, IDS, and user training.
Are all attacks intelligent?
No, some like DoS are simple but effective.
Is prevention always possible?
No, detection and recovery are crucial.
What are four types of active attacks?
Masquerade, Replay, Modification, DoS.
What are passive attacks?
Eavesdropping, traffic analysis; hard to detect.
Why is DES limited to 56-bit keys?
NSA and IBM compromised to balance security and performance.
What are ECB mode’s advantages and disadvantages?
Fast but vulnerable to replay and pattern attacks.
How to deal with non-block data in encryption?
Use stream ciphers or padding.
What is padding in encryption?
Extra data to align plaintext to block size.
What is the risk of an unsigned public key certificate?
It can be forged, leading to MITM attacks.
How will quantum computing affect encryption?
Longer keys for symmetric, new algorithms for public-key.
Why can’t we trust CPU random number generators?
Potential backdoors and lack of transparency.
Is your face an identifier or password?
Identifier, passwords require secrecy.
Why are cleartext passwords or email storage bad?
Intercepted credentials expose systems.
Why do we need salt values?
To prevent hash collisions and defeat rainbow tables.
Why are slow hash functions important?
They slow down brute-force attacks.
How does salting prevent dictionary attacks?
Forces unique hashing for each password.
Is bcrypt the most secure Unix hash?
Yes, due to salting and iterative rounds.
Why are rainbow tables effective?
They pre-compute hashes to speed up attacks.
How does John the Ripper work?
Uses dictionary, brute-force, and hybrid attacks.
Are hotel key cards reprogrammed at each room change?
Yes, for security.
Is MFA step 2 verification in-band or out-of-band?
Out-of-band preferred; in-band is riskier.
What happens if in-band MFA is compromised?
Attacker gains access to both factors.
What is the threat model for passkeys?
Device security and backup protection.
ACLs vs. Capability Lists – which is better?
ACLs are easier to manage and scale.
What are the missing 3 bits in 12-bit systems?
SUID, SGID, sticky bits.
Why is SUID/SGID dangerous?
It allows privilege escalation.
How can SUID binaries be hidden?
Obfuscation or moving to hidden directories.
How do capabilities control binaries?
Grant limited root privileges, unlike SUID.
Advantages of capabilities over SUID?
More secure, limits privileges to necessary functions.
Disadvantages of capabilities?
Complex to configure and manage.