It security part 2 Flashcards by Abderrahmen Malouche

What is the purpose of the cryptographic hash function?
A hash function is a function that records arbitrary long messages to long outputs (n bits)
It stores the data in a hash table
Accelerates password identification
Slows down password identification

A hash function is a function that records arbitrary long messages to long outputs (n bits)

How well did you know this?

Not at all

Perfectly

CAs are typically organized in a hierarchy, where the key of a subordinate CA is
attested by another CA at a higher level
True
False

True

How well did you know this?

Not at all

Perfectly

Clocks must be synchronized for nonces (unpredictable real numbers)
True
False

False

How well did you know this?

Not at all

Perfectly

What is the difference between risk minimisation and risk optimisation?
Risk should be optimized by spending as little as possible on it, i.e. the value of the
minimisation is reduced
They mean the same thing
Minimizing should be supported by all possible resources
Optimisation should be supported by all possible resources

Risk should be optimized by spending as little as possible on it, i.e. the value of the
minimisation is reduced

How well did you know this?

Not at all

Perfectly

What does the open design principle say?
Safety through obscurity
Outsiders can have a say in the design, they can make the changes themselves
Software security should not depend on the secrecy of the design
Not only to be used by a closed community

Software security should not depend on the secrecy of the design

How well did you know this?

Not at all

Perfectly

How are you protected for long-term storage on iOS?
Keys used for encryption are only saved in iCloud for backup restoration
Data is cryptographically bound to the device
Data is immediately deleted if decryption fails
Data is only accessible after successful fingerprint authentication

Data is cryptographically bound to the device

How well did you know this?

Not at all

Perfectly

What type of attack is possible if the key space is small?
brute force
Trojan
malware
any

brute force

How well did you know this?

Not at all

Perfectly

Nonces (unpredictable real numbers) do not require an extra message to be sent
True
False

False

How well did you know this?

Not at all

Perfectly

What is a certificate chain?
issued certificates are stored in a certificate chain
revoked certificates are stored in a certificate chain
each end-user certificate can be verified by verifying a certificate chain (root to user)

each end-user certificate can be verified by verifying a certificate chain (root to user)

How well did you know this?

Not at all

Perfectly

What is a stack frame?
A pair of memory addresses representing the top and bottom of a stack
The programming framework of the stack
When a function is called, the area on the stack that the function handles
The memory area pointed to by the stack pointer

When a function is called, the area on the stack that the function handles

How well did you know this?

Not at all

Perfectly

What factors determine the IT security risk? (Multiple answers are fine)
repair
threats
countermeasures
vulnerabilities

threats
countermeasures
vulnerabilities

How well did you know this?

Not at all

Perfectly

What is NOT a definition or characteristic of stack overflow?
A special form of buffer overflow
Occurs when a procedure copies user-controlled data into the local buffer stack without
checking the size
User-controlled data overwrites other values in the stack, including the potential return value
The stack indexing is incorrect, resulting in an overflow

The stack indexing is incorrect, resulting in an overflow

How well did you know this?

Not at all

Perfectly

Which is NOT one of the hacker groups?
Script Kiddie
Disgruntled employee
Hacktivist group
Terrorist organization
Computer crime organization
State sponsored attacker
Computer scientists

Computer scientists

How well did you know this?

Not at all

Perfectly

What do we mean by key space in encryption?
On the backing store, the place where the key can be safely stored
The area indicated by the key pointer
There is no location for the key
The key space of the algorithm is the set of all possible permutations of the key

The key space of the algorithm is the set of all possible permutations of the key

How well did you know this?

Not at all

Perfectly

What is stretching?
hash depends not only on the password but also on a random value
hash computation time is accelerated by optimisation
To artificially increase the hash counting time
the password hash can be randomly long

To artificially increase the hash counting time

How well did you know this?

Not at all

Perfectly

What is a MAC?
the name of certain apple products
unique identifier
the hash function is located at the address pointed to by the MAC
can be seen as a hash function with an additional input (the key)

can be seen as a hash function with an additional input (the key)

How well did you know this?

Not at all

Perfectly

Clocks need to be synchronized for timestamps
True
False

True

How well did you know this?

Not at all

Perfectly

Which characteristic does NOT describe the White/Grey box?
Static analysis
Dynamic analysis with specific inputs
Aims to maximize code coverage
Verification where we have only minimal prior knowledge of the system -> only inputs and
outputs are examined, we do not know the inner workings
Generates inputs that trigger new code paths
Much more efficient, but high cost of entry

Verification where we have only minimal prior knowledge of the system -> only inputs and
outputs are examined, we do not know the inner workings

How well did you know this?

Not at all

Perfectly

With homomorphic encryption, the cloud service provider can perform certain
operations on the encrypted data and obtain the encrypted result without ever having
access to the data
True
False

True

How well did you know this?

Not at all

Perfectly

How does public key binding to an authorized user work?
The public key is assigned to the user by specifying the private key
The user ID and the public key are automatically generated together
The user can choose the public key that suits him
The name and the public key are linked to the digital signature of an authenticated
authenticator

The name and the public key are linked to the digital signature of an authenticated
authenticator

How well did you know this?

Not at all

Perfectly

How can we ensure key freshness?
with timestamps, time windows
a nice refreshing cocktail
calendar synchronisation
timers

with timestamps, time windows

How well did you know this?

Not at all

Perfectly

The Oracle attack allows an attacker to efficiently decrypt any encrypted CBC
ciphertext message with (adaptively) formatted ciphertexts to the server and observe
its response
True
False

False

How well did you know this?

Not at all

Perfectly

What is Stretching?
multiple iterations to slow the exhaustion attack
a random number generated by the system to make the pre-compute attack impractical.
Adds a long random string to the password before…

multiple iterations to slow the exhaustion attack

How well did you know this?

Not at all

Perfectly

What is the birthday paradox and how does it relate to the hash function?
choose an arbitrary date as birthday and extend it with a hash function
if you randomly draw elements from a set of N elements, a repeating element has a high
probability of being encountered after sqrt(N) choices
chooses an arbitrary date as a birthday, nothing to do with the hash function
randomly drawing elements from a set of N elements, it can be stated with 100% probability
that it will not meet sqrt(N)

if you randomly draw elements from a set of N elements, a repeating element has a high
probability of being encountered after sqrt(N) choices

How well did you know this?

Not at all

Perfectly

Global types of fingerprint patterns: swirl, loop, arc True False

True

Proof of cancellation In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the user wants to see the results in an orderly way) When the computation is outsourced, the user can be sure that the service provider has actually performed the requested task. Allows keyword searches on encrypted data. The provider cannot learn which words have been searched or what the statistical properties of the encrypted data are. When a data is stored in the cloud, the user can be sure that the data still exists When data is removed from the cloud the user can be sure that all copies of it have been deleted.

When data is removed from the cloud the user can be sure that all copies of it have been deleted.

What is the average complexity of an exhaustive key search attack on a k-bit key? (k-1) 2^(k-1) * 10^10 (k-1)^2 2^(k-1)

2^(k-1)

A countermeasure against side-channel attacks, e.g. to break the link between the leaked information and the confidential data True False

True

What is the hash-and-sign paradigm? reduces efficiency if you sign the message hash instead of the message increases efficiency by signing the hash of the message instead of the message increases efficiency if it duplicates the message hash reduces efficiency if it duplicates the message hash

increases efficiency by signing the hash of the message instead of the message

What type of information is useful to collect before the attack (there can be several good answers) System architecture Security mechanism used Access rights Geological location

System architecture Security mechanism used Access rights

The Caesar cipher is easy to crack because a fixed number is the size of the key space. What is this number? 22 64 67 25

The Caesar cipher is easy to crack because a fixed number is the size of the key space. What is this number? 128 64 256 192

128 256 192

What are the characteristics of a monoalphabetic substitution cipher? (Multiple answers are allowed) disadvantage: the frequency of letters depends on the language, not on the content of the text e.g. in Hungarian the most common letter is "e" generalization of Caesar cipher advantage: takes up little storage space letter substitution is determined by permutation disadvantage: very easy to crack with the right technical tools the key is the permutation, which has an area of 26!

disadvantage: the frequency of letters depends on the language, not on the content of the text e.g. in Hungarian the most common letter is "e" generalization of Caesar cipher the key is the permutation, which has an area of 26! letter substitution is determined by permutation

How many steps does it take to crack a complete system? Attacks consist of 5 steps Preparation, execution, cryptographic verification, debugging Always one big bug causes the compromise of the whole system Usually a combination of several attacks building on each other and several different vulnerabilities

Usually a combination of several attacks building on each other and several different vulnerabilities

What programming error can lead to SQL injection The system is not connected to the network, so cannot be checked by the application Data from the client side is processed by the application without verification, malicious code can be executed on the system No direct access to the application and the database created from known malware Non-programming error leads to SQL injection

Data from the client side is processed by the application without verification, malicious code can be executed on the system

Which risk is not relevant for IT security? Unauthorised access Loss of confidentiality or availability of information attacks against services provided by different systems technical or hardware damage to the machine during a storm

technical or hardware damage to the machine during a storm What

What are the steps for fingerprint matching (multiple answers are fine) matching the two fingerprints according to the most similar minutia pairs search for parallel similarity between minutiae Calculating a global similarity score and making a decision create a minutia correspondence

matching the two fingerprints according to the most similar minutia pairs search for parallel similarity between minutiae Calculating a global similarity score and making a decision create a minutia correspondence

Which of the following is NOT an advantage of cloud computing? Increases system reliability and user-friendliness Flexible provision of resources Increases risk in terms of security, privacy and confidentiality Reduced price for the user Efficient for service providers IT systems easy to deploy, operate and maintain

Increases risk in terms of security, privacy and confidentiality

Which can be an effective defense against ROP? NX bit DEP ASLR random addresses -> cannot predict gadaget addresses Harvard arch

ASLR random addresses -> cannot predict gadaget addresses

How can we ensure that the established key remains secret? By encrypting With RSA Key exchange protocols Cannot be kept secret

Key exchange protocols

What are the types of side-channel information? Timing network power consumption human

power consumption Timing

Which protocol is used to securely access web pages? HTTPS HTTP GOOGLE CHROME MOZILLA FIREFOX

HTTPS

In the access protection model, what is a reference monitor? The entity that enforces the access protection policy The dashboard interface to monitor the operation of the access control policy The entity that keeps track of existing references to objects for the garbage collector The entity that defines the access control rules

The entity that enforces the access protection policy

In an XSS attack, an attacker successfully executes JavaScript code in the context of another origin True False

True

What is the difference between MAC and DAC? For Mac, the reference monitor must check all access, for DAC this is set by the user For MAC, untrusted users can grant access rights, for DAC not possible With DAC, untrusted users can grant access rights, not possible with MAC Access protection is discrete for DAC, continuous for MAC

With DAC, untrusted users can grant access rights, not possible with MAC

What are the functions of the certification authority? (multiple answers are fine) publish valid certificates and certificate revocation lists organizes certificates issues certificates to users or other CAs

publish valid certificates and certificate revocation lists issues certificates to users or other CAs

What does the term MAC function mean? Medium Access Control protocol Mandatory Access Control based access protocol Message Authentication Code calculation Key generation on Apple MacBook computers

Message Authentication Code calculation

Which is NOT true for Android? Least code running with root privileges At startup, each component assumes that the underlying components are sufficiently secure Application signatures allow developers to be verified Ability to exploit security capabilities of some processors despite processor independence

Application signatures allow developers to be verified

What is a certificate revocation list (CLR)? A sequence of steps to follow when revoking a certificate List of certificates revoked after expiration List of certificates revoked before expiration List of certificates about to expire

What can be overwritten other than the return address during a stack overflow attack? controllable data non-controllable data return address only the contents of the entire stack

non-controllable data

Linux implements a non-discretionary access control (DAC) system True False

What is the use of storing the hash of the password in the control table instead of the password? It is not useful to store a hash instead of a password Because of the hash, it takes 1000 years to crack the password The hash cannot be used to decrypt the password, but it can be used to compare whether the password is correct Instead of a hash, a fraction of the password is stored

Verifiable calculation In some applications it may be useful if the provider can sort the encrypted data (e.g.: the user wants to see the results in an orderly way) When the computation is outsourced, the user can be sure that the provider has actually performed the requested task. Allows keyword searches on encrypted data. The provider cannot learn which words have been searched or what the statistical properties of the encrypted data are. When a data is stored in the cloud, the user can be sure that the data still exists When data is removed from the cloud the user can be sure that all copies of it have been deleted.

What is a zero-day vulnerability? vulnerabilities that are known only to potential attackers online mail vulnerabilities vulnerability of the computer's own back-up storage vulnerabilities that are accidental, not known to anyone

What are the disadvantages of cloud computing? Increases the risk from security, privacy and confidentiality perspectives Increases system reliability and user friendliness Flexible provision of resources Reduced price for the user Efficient for service providers Easy deployment, operation and maintenance of IT systems

What is the AES block size? 32 bits 64 bit 256 bit 128 bit

Which does NOT increase security risks? Threats Vulnerabilities Countermeasures Short password

Signature errors occur when a variable with a signature is interpreted as a signature or when a signed variable is signed. True False

Sequence preserving encryption... In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the user wants to see the results in order) When the computation is outsourced, the user can be sure that the provider has actually performed the requested task. Allows keyword searches on encrypted data. The provider cannot learn which words have been searched or what the statistical properties of the encrypted data are. When a data is stored in the cloud, the user can be sure that the data still exists When data is removed from the cloud the user can be sure that all copies of it have been deleted.

There is no need to revoke a certificate if there is a change in the personal data in the certificate True False

How does Caesar encryption work? substitutes plaintext letters from a set of real numbers replaces the letters in plain text with letters of the alphabet at a specified distance from it complements the letters in plain text with the letters in the real number set complements the letters in plain text by one letter of the alphabet spaced at a given distance from it

Side-channel attacks are based on information caused by the actual execution of the cryptographic algorithm (leaked by the algorithm) True False

How can we measure the strength of a randomly chosen password? H = L * logN 2 H = L * log2 L * N H = L * log2 N H = L * logL N

What can financial resources be converted into? (there may be several good answers) increase information gathering skills deepen technical expertise renting space with appropriate temperature access to advanced attack tools and methods

1 2 4

Return-to-LibC attack? Specifies a LibC in-memory function as return address parameterized by malicious code On boot, the machine will no longer load the op. system because the op. system will be infected with LibC No such attack, Return-toLibC is a valid assembler instruction Overwrite the LibC library with a long NOP sled which is terminated with a RET statement

What hard math problem does the RSA system pose? key pair generation algorithm Discrete logarithm Taylor polynomial Differential calculus

Why do these vulnerabilities occur in practice? due to shitty BME connecting to external peripherals IT systems are increasingly complex, making it difficult to fully cover all possible problems operating system upgrade

What is Salting? multiple iterations to slow the exhaustion attack a random number generated by the system to make the pre-compute attack impractical. Adds a long random string to the password before stacking

What should not be logged? Allow resource access Unsuccessful system call Location information (geolocation) Password

What does the open design principle say? The software can be freely developed by anyone later Design should be open to the community The number of shared mechanisms should be minimised The default value should be chosen so that the system remains secure in case of failure

What is security? antivirus protection for your computer protects against accidental hardware failures focuses on the risks from deliberate attacks by intelligent attackers (malware)

Which approach is least effective against XSS? Blacklist HTTP- only cookie CSP Whitelist

What is not in a DMZ layout? Direct connectivity between the internal network and the DMZ Application proxy Packet filter Server

What questions should be answered in the risk optimization process (multiple answers are fine)? What are the potential threats? What are the known vulnerabilities/vulnerabilities? How likely are these vulnerabilities to be exploited by potential threats? What is the expected loss? What countermeasures will reduce the risk in a cost-effective way?

all

The sequence of NOP instructions that slides the CPU instruction execution stream to its final, desired location True False

Which of the following is performed as the first step when booting iOS? kernel is initialized low level bootloader iBoot code verification apple root certificate is loaded

What is usually the first step in a web server attack? lock out the user maximize the attack surface redirect important data

Developing secure software is difficult. Which reason is NOT supported? Security testing is difficult Developers face time, functionality and resource constraints Attackers have a much easier time than developers Security is difficult to measure

Software detects corrupted input data, what should it do? The software must still perform the programmed calculations The input data must be rejected and the event logged The software should attempt to recover the corrupted data The software shall log the corrupted data

The debugging system is a database of errors, which includes information about privacy True False

What is a CVE (Common Vulnerabilities and Exposures)? An online platform for critical vulnerability testing A parameter in the operating system to check the virtualized environment currently in use A technique to exploit vulnerabilities in electric cars A database containing all known vulnerabilities, i.e. a publicly available database containing all vulnerabilities

What is the best performance for fingerprint matching? High FA and low FR rate High FA and FR rate Low FA and FR rate Low FA and high FR rate

Why use automated vulnerability checking software? They find all bugs, even the unknown ones No need to spend any time on manual testing during penetration testing IDS systems are also detected They can look through a lot of bugs quickly, a great help for manual testing

What are the criteria for threat classification? (There may be several good answers) Motivation information gathering capabilities level of technical expertise level of (resources)

all

What is nonces? single use keys set of single-use viruses Co-domain of single-use keys Unpredictable real numbers

user authentication = process of verifying the identity of the requested user True False

What is the Kerckhoffs principle? assume that the encryption algorithm is known to the attacker assume that the encryption algorithm is not known to the attacker assume that the encryption algorithm is known to the user assume that the encryption algorithm is not known to the user

What is NOT the purpose of the OWASP project? To distribute the best security software on the market To raise funds for security awareness training To gather the best experts to develop OWASP materials To serve as a checklist for developers with the TOP 10 list

IT security does not deal with ...? Random hardware failures Unauthorized modification of data Unavailability of services provided by the IT system Unauthorized access to data

What are the two main types of modern corrections? Flooding/Flow Overloading Blocking Network monitoring

1 2

Data ownership verification In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the user wants to see the results in an orderly way) When the computation is outsourced, the user can be sure that the service provider has actually performed the requested task. Allows keyword searches on encrypted data. The provider cannot learn which words have been searched or what the statistical properties of the encrypted data are. When a data is stored in the cloud, the user can be sure that the data still exists When data is removed from the cloud the user can be sure that all copies of it have been deleted.

What is one of the key differences between Linux and Windows in terms of access control? The Linux security system allows a wider range of policies to be written The Windows security system allows you to describe a wider range of policies

For nonces (unpredictable real numbers), it is enough to measure time locally True False

How is the cyber underground organized (who are the players)? information traders resource traders service providers R&D people, tool makers criminals, fraudsters and attackers cashier

all

What is Stuxnet? An improved version of the Trojan New virus scanner The most threatening Malware in history A database of viruses

What types of vulnerabilities exist in IT systems? (More than one answer is fine) technical physical personal operational

all

In hacking, shellcode is a small piece of code used to exploit a vulnerability in software. True False

For time stamps, replay can only work within a small time window True False

Searchable encryption... In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the user wants to see the results in an orderly way) When the calculation is outsourced, the user can be sure that the provider has actually performed the requested task. Allows keyword searches on encrypted data. The provider cannot learn which words have been searched or what the statistical properties of the encrypted data are. When a data is stored in the cloud, the user can be sure that the data still exists When data is removed from the cloud the user can be sure that all copies of it have been deleted.

What is the function of the Secure Enclave coprocessor? Application signature verification Touch ID sensor management Secure system loading Secure capture and storage of movement-related data

What is safety? focuses on risks from accidental failures, accidents and natural disasters helps to protect against viruses received by correspondents protects against malware in case of unsafe downloads from various torrent sites protects against operating system failures

What types of countermeasures exist to reduce the risk? (There may be several good answers) physical network none technical

1 4

What is fingerprint minutia? Global fingerprint pattern (swirl, loop, ...) Graph of line endings and branchings Specific area on the fingerprint, such as core and delta Triple combination of type (line end or branch), position, direction

What is black-box testing? A check where even the source code is known to the ethical checker Testing only input and output, fuzzing The check uses programs unknown to the developer Verification where only the minimum prior knowledge of the system is known -> only inputs and outputs are examined, the inner workings are not known

What does buffer overflow exploit? The program has a memory leak, it does not release all the buffers it has reserved The program refers to an already freed buffer area The program does not check how much data is written to a given buffer size The program increments the buffer index until it turns negative and thus flushes out the buffer

What is the key to Caesar encryption? an arbitrary number generated when the key is generated an arbitrary letter from abc the offset value a pointer pointing to the encrypted message