Lesson 3

Question 1

__________ is related to scientific methods of identifying the authors of a crime by examining objects or substances involved in the crime.

Answer 1

Forensic analysis

Question 2

In the context of cybersecurity, it is related to the explanation of a cybercrime, based on the analysis of information or traces led by the attacker in the computing systems used or attacked.

Answer 2

Forensic analysis

Question 3

Forensic analysis aims to explain the state of a computing system by extracting information and using it to reconstruct the series of actions undertaken by the attacker.

Answer 3

Forensic analysis

Question 4

True or false:
Providers (ISPs) in order to both collect connection information from specific previously-identified targets in real time, and to analyze connection information of ISP subscribers in order to identify potential suspects via an automatic process (whose details are not publicly known).

Answer 4

True

Question 5

The term “__________” has been given to practices where governments or governmental organizations perform surveillance and data collection at a national scale (or larger). This is opposed to “___________”, which targets an individual of (supposed) interest.

Answer 5

mass dataveillance; personal dataveillance

Question 6

______ against the hardware are a real threat, even for implementations of algorithms that have been mathematically proven secure.

Answer 6

Physical attacks

Question 7

________ and _______ are two common classes of attacks that require a physical access to the device.

Answer 7

Attacks by observation; attacks by perturbation

Question 8

Nowadays, a serious but unfortunately possible attack scenario is a _______ triggered by a JavaScript application embedded in a web page.

Answer 8

hardware attack

Question 9

Physical attacks can be classified as ________, _________ and a new field known as _________. The first two assume the insider attacker model i.e., the device is under the attacker’s control, while the last one assumes the outsider model. The outsider model requires fewer hypotheses for the attacker and thus can be considered as more dangerous.

Answer 9

observation attacks
perturbation attacks
hardware-targeted software attacks

Question 10

__________ are physical attacks based on the observation of the circuit behavior during a computation. They exploit the fact that some physical quantities depend on intermediary values of the computation in the device. This is the so-called _________.

Answer 10

Side-channel analysis (SCA);
information leakage.

Question 11

The most classic leakages are _________, _________, and ______.

Answer 11

timing
power consumption
electromagnetic emissions (EM)

Question 12

DES stands for?

Answer 12

Data Encryption Standard (DES)

Question 13

AES stands for?

Answer 13

Advanced Encryption Standard (AES)

Question 14

ECC stands for?

Answer 14

Elliptic Curve Cryptography (ECC)

Question 15

_________ are now a well-known class of physical attacks where a device undergoes a modification of physical parameters in order to obtain an incorrect behavior. Most classical fault injection means are power glitches, clock glitches, laser pulses, and electromagnetic pulses.

Answer 15

Fault attacks

Question 16

__________ can also be generated in multicore SoC using the Dynamic Voltage and Frequency Scaling (DVFS), i.e., the energy management technique that saves energy by regulating the frequency and voltage of the processor cores. It has been shown that a misconfiguration of these two parameters can be used to induce faults in the hardware. Each core being individually controlled, one core can inject a fault in another core. Even if it has not yet been demonstrated, this attack should be achievable from within a browser.

Answer 16

Perturbation

Question 17

Here are two examples target in the Internet. Finding a path for each packet sent on the Internet, no matter its source and its destination, is a key service known as “______” a : attacking this basic and essential network service can, for instance, isolate a whole country or at the opposite redirect all the traffic of a country through a surveillance point. Another crucial network service, _______, translates readable hostnames into IP addresses. An attack against this service can redirect a user to a fake banking web site in order to steal the user’s credentials.

Answer 17

routing;
DNS

Question 18

A secure extension to DNS, called ______, is now available, but its deployment will take time and will not solve all the problems, in particular those related to privacy. Any type of network may be attacked, taking advantage of its characteristics. Attacks were focus on the Internet and some of its specificities: domain name, routing, and potentially non-encrypted payload.

Answer 18

DNSSEC

Question 19

The _______ is a complex assembly of an extremely large number of devices, from user machines or devices to routers, linked by a huge array of wireless and wired networking technologies.

Answer 19

Internet

Question 20

The _____ is a hierarchical decentralized naming system for the Internet, with scalability and flexibility as key design goals.

Answer 20

DNS

Question 21

It is used for address resolution,i.e., hostname to IP mapping (e.g., “www.example.com” resolves to IPv4 address “1.2.3.4”), as well as the inverse mapping. It is also used by such services as email (DNS records enable a search for mail servers) and blacklisted email hosts.

Answer 21

DNS