Introduction

Question 1

Which are the main Security Goals?

Answer 1

(CADAC) Confidentiality, Accountability, Data Integrity, Availability, Controlled Access.

Question 2

What does Confidentiality mean?

Answer 2

Confidentiality means that data transmitted or stored should be only be disclosed to those entitled. Confidentiality of entitles is also referred to as anonymity..

Question 3

What does data integrity mean?

Answer 3

Data integrity means that it should be possible to detect any modification of data, as well as it requires to be able to identify the creator of some data.

Question 4

What does accountability mean?

Answer 4

Accountability means that it should be possible to identify the entity responsible for any communication event.

Question 5

What does availability mean?

Answer 5

Availability means that services should be available and function correctly.

Question 6

What does controlled access mean?

Answer 6

Controlled access mean that only authorized entities should be able to access certain services or information.

Question 7

Which are the main security threat types?

Answer 7

(REFILS) Repudiation (denial of communication acts), eavesdropping, forgery of information, impersonation (masquerade), loss or modification of information, sabotage.

Question 8

Explain masquerade/impersonation.

Answer 8

Masquerade or impersonation is when an entity claims to be another entity.

Question 9

Explain eavesdropping.

Answer 9

Eavesdropping is when an entity reads information it is not intended to read.

Question 10

Explain authorization violation.

Answer 10

Authorization violation is when an entity uses a service or resources it is not intended to use.

Question 11

Explain loss or modification of information.

Answer 11

loss or modification of information is when data is being altered or destroyed.

Question 12

Explain denial of communication acts (repudiation).

Answer 12

Denial of communication acts (or repudiation) is when an entity falsely denies its participation in a communication act.

Question 13

Explain forgery of information.

Answer 13

Forgery of information is when an entity creates new information in the name of another entity.

Question 14

Explain sabotage.

Answer 14

Sabotage is any action that aims to reduce the availability and/or correct functioning of services or systems.

Question 15

What does a detailed network security analysis needs?

Answer 15

A detailed network security analysis needs:

1. evaluates the risk potential of the general threats to the entities using a network; and
2. estimates the expenditure (resources, time, etc.) needed to perform known attacks.

Question 16

Why a detailed security analysis of a given network / configuration / specific protocol architecture would required/is important?

Answer 16

1. Might be required in order to convince financially controlling entities in an enterprise to grant funding for security enhancements
2. evaluates the feasibility and costs on different attacks and compares it to the cost of protection.

Question 17

What are the possible classification of attacks against protocols?

Answer 17

Passive and active attacks.

Question 18

What is an active attack?

Answer 18

An active attack is an attack which has active intervention of attackers. Ex.: man-in-the-middle attack, any manipulation of protocol (such as modification, insertion, deletion of packets), IP-spoofing, phishing…

Question 19

What is a passive attack?

Answer 19

A passive attack is an attack which the attacker is not involved in the protocol. Ex.: attacker observes the protocol, tries to gain information, eavesdropping attack, war-driving (sniffing at wireless network)

Question 20

Where can an attack happen in a layered protocol architecture?

Answer 20

In the interface (endsystem [initiator/responder], network) or in the layers (application layer, communication layer, etc).

Question 21

What is a cryptographic algorithm?

Answer 21

A cryptographic algorithm is a mathematical transformation of input data (e.g. data, key) to output data.

Question 22

Where are the cryptographic algorithms used?

Answer 22

Cryptographic algorithms are used in cryptographic protocols.

Question 23

What is a cryptographic protocol?

Answer 23

A cryptographic protocol is a series of steps and message exchange between multiple entities in order to achieve a specific security objective.

Question 24

What is a security service?

Answer 24

A security service is an abstract service that seeks to ensure a specific security objective.

It can be realized with the help of cryptographic algorithms and protocols.

Question 25

What are the main security services?

Answer 25

(ACINA) Access Control, Confidentiality, Integrity, Non-repudiation and Authentication.

Question 26

Explain the authentication security service.

Answer 26

The authentication security service ensures that an entity has the identity it claims to have. Ex.: Logon services (User/password), certificates, etc.

Question 27

Explain the integrity security service.

Answer 27

The integrity security service ensures that the data created by specific entities may not be modifies without detection. Ex.: Version Control systems, backup, checksums.

Question 28

Explain the confidentiality security service.

Answer 28

The confidentiality security service ensures the secrecy of protected data. Ex.: Encryption, security tokens.

Question 29

Explain the access control security service.

Answer 29

The access control security service ensures that each identity access only those services/information it is entitled to. EX.: ACL, file system permissions.

Question 30

Explain the non-repudiation security service.

Answer 30

The non-repudiation security service protects against that entities participating in a communication exchange can later falsely deny that the exchange occurred. Ex.: System log, digital certificates.

Question 31

Cite some general security supporting mechanisms.

Answer 31

Key management, random number generation, event detection/security audit trail, intrusion detection.

Question 32

Cite some communication specific security supporting mechanisms.

Answer 32

Traffic padding (adding bogus traffic to prevent traffic flow analysis), routing control (influencing the routing of packets in a network).

Question 33

What is cryptology?

Answer 33

Cryptology is the science concerned with communications in secure and usually secret form.

Kryptós - hidden
Lógos - word

Question 34

What is cryptography?

Answer 34

Cryptography is the study of the principles and techniques by which information can be concealed in ciphertext and later revealed by legitimate users employing a secret key.

Question 35

What is cryptanalysis?

Answer 35

Cryptanalysis (analýein = to loosen, to untie): the science (and art) of recovering information from ciphers without knowledge of the key.

Question 36

What is cipher’s definition?

Answer 36

Cipher is a method of transforming a message (plain text) to conceal its meaning. It is used as synonym for the concealed ciphertext. Ciphers are one class of cryptographic algorithms. The transformation usually takes the message and a (secret) key as input.

Question 37

Which are the main applications of cryptographic algorithms?

Answer 37

Data encryption and data signing.

Question 38

Define data encryption.

Answer 38

Data encryption transforms plain text data into ciphertext in order to conceal its meaning.

Question 39

Define data signing.

Answer 39

Data signing computes a check value or digital signature to a given plain- or ciphertext, that can be verified by some or all entities being able to access the signed data.

Question 40

All cryptographic algorithms can be used for encryption and data signing?

Answer 40

No. Some can be used for both purposes, but some are only secure and/or efficient for one of them.

Question 41

Which are the principle categories of cryptographic algorithms?

Answer 41

Symmetric cryptography (one key for en-/decryption or signing/checking), asymmetric cryptography (public and private key), cryptographic hash functions (do not use keys but simply compute a certain transformation of the input data).

Question 42

Cite some types of cryptanalysis.

Answer 42

Ciphertext only, known ciphertext/plaintext pairs, chosen plaintext or chosen ciphertext, rubber-hose cryptanalysis (violence, intimidation, coercion, torture), differential cryptanalysis and linear cryptanalysis.

Question 43

What are the main direction to do cryptanalysis of public key?

Answer 43

Computation of discrete logarithms and factorization of large integers.

Question 44

On average, how many possible keys have to be tried to succeed in a brute force attack?

Answer 44

Half of all possible keys.

Question 45

How can a encryption algorithm be classified?

Answer 45

1. By the type of operations used for transforming plain text to cyphertext (substitution and/or transposition [re-arranges the elements in the plain text])
2. By the number of keys used (symmetric or asymmetric ciphers)
3. By the way in which the plain text is processed (stream or block ciphers)

Question 46

Give some examples of symmetric en-/decryption algorithms.

Answer 46

DES, AES, RC4

Question 47

Give some examples of asymmetric en-/decryption algorithms.

Answer 47

RSA, Diffie-Hellman, ElGamal

Question 48

Give some examples of Cryptographic hash functions

Answer 48

MD-5, SHA-1, CBC-MAC

Question 49

Which was the first cypher device?

Answer 49

Scytale: leader evolving a tapered baton.

Question 50

Explain the Vigenère Cipher

Answer 50

Based on a key, search for the letter you want to encrypt in the lines and check on the columns the key. The intersection between both is the cyphered letter.

Question 51

Where do the rotor principle was employed?

Answer 51

Enigma machine.

Question 52

In which kind of attack the knowledge of the en- /decryption key or its length is irrelevant?

Answer 52

Brute force attacks as well as rubber-hose.

Question 53

Considering Block Cipher and stream Cipher, which one is more efficient in terms of security?

Answer 53

Block ciphers are more secure, because they have more diffusion.

Question 54

Explain the avalanche effect.

Answer 54

Avalanche effect is the desirable property of cryptographic algorithms that given a slightly changed input, the output would change significantly.

Question 55

What is a possible real-world attack to the confidentiality?

Answer 55

Port scanning, dumpster diving (search on garbage), wiretapping, key logger, phishing and pharming, social engineering.

Question 56

What is a possible real-world attack to integrity?

Answer 56

Salami attacks (minor data security attacks that together result in a larger attack), man-in-the-middle, session hijack.

Question 57

What is a possible real-world attack to availability?

Answer 57

DoS, DDoS, syn/ICMP flood attacks, electrical power attacks, server room environment attacks.

Question 58

What is a possible real-world attack to accountability?

Answer 58

spoofing

Question 59

What is a possible real-world attack to access control?

Answer 59

Packet sniffing (data not encrypted), password attacks (dictionary or brute force).