Midterm # 2

Question 1

Authentication is?

Answer 1

The process of determining whether a user should be allowed access to a system.

Question 2

Authentication question?

Answer 2

are you who you say you are?

Question 3

authorization

Answer 3

are you allowed to do that?

Question 4

The three authentication methods?

Answer 4

Something you know
Something you have
Something you are

Question 5

How to prevent forward search attack

Answer 5

To prevent a forward search attack on a public key encryption we append random bits to the message before encrypting it

Question 6

Salt?

Answer 6

Appending a non secret random value known as salt to each password before hashing it.

Question 7

What is a salt?

Answer 7

a non secret value that causes identical password to hash to different values

Question 8

What is a two factor authentication?

Answer 8

any authentication method that requires two out of the three “somethings” is known as a two factor authentication

Question 9

what is the common criteria?

Answer 9

EAL1 through EAL7

Question 10

what is EAL1

Answer 10

functionally tested

Question 11

what is EAL2

Answer 11

Structurally Tested

Question 12

What is EAL3

Answer 12

Methodically Tested and Checked

Question 13

What is EAL4

Answer 13

Methodically Designed, Tested, and Reviewed

Question 14

What is EAL5

Answer 14

Semiformally Designed and Tested

Question 15

What is EAL6

Answer 15

Semiformally Verified Design and Tested

Question 16

What is EAL7

Answer 16

Formally Verified Design and Tested

Question 17

What are ACL’s?

Answer 17

Access control lists, columns

Question 18

What is C-lists?

Answer 18

Capabilities, rows, subject trying to perform an operation

Question 19

What are the advantages of capabilities?

Answer 19

with capabilities the association between users and files is built into the system. Capabilities are more complex to implement, and have higher overhead

Question 20

what are the advantages of ACL

Answer 20

ACL based system, which is a separate method for associating users to files is required.

Question 21

what is the confused deputy?

Answer 21

the confused deputy is a classic security problem. fooled by some other party into misusing its authority. the compiler is acting on Alice’s behalf.

Question 22

Classification applies to…

Answer 22

Objects

Question 23

Clearances apply to…

Answer 23

Subjects

Question 24

Classification and Clearances order?

Answer 24

Top Secret
Secret
Confidential
Unclassified

Question 25

what is BLP

Answer 25

Bella-LaPadula

Question 26

What is Bella-LaPadula

Answer 26

is to capture the minimal requirements with respect to confidentiality, that any MLS system must satisfy

Question 27

BLP consists of two statments

Answer 27

Simple Security Condition,

Property

Question 28

What is Simple Security Condition

Answer 28

Subject S can read object O if and only if L(O) <= L(S)

Question 29

What is Property

Answer 29

Star property, Subject S can write objects O if and only if L(S) <= L(O)

Question 30

what is the point of compartments?

Answer 30

to further restrict information flow “across” security level, compartments enforce he need to know principle.

Question 31

what is a covert channel?

Answer 31

communication path

Question 32

what is captcha?

Answer 32

is a test that a human can pass, but a computer can not pass with a probability better than guessing.

Question 33

what does firewall provide?

Answer 33

firewall provides access control for the network. Each type of firewall filters packets by examining the data up to a particular layer of the network protocol stack.

Question 34

What are the five layers of packet filter?

Answer 34

application, transport, network, link, physical

Question 35

what is the advantage of a packet filer

Answer 35

efficiency

Question 36

concept of firewall?

Answer 36

firewall has no concept of state so each packet is treated independently of all others.

Question 37

what do packet filters use?

Answer 37

they are configured using access control ists or ACLs

Question 38

what is a port scan?

Answer 38

Trudy tries to determine which ports are open through the firewall

Question 39

Application proxy?

Answer 39

the incoming packet is destroyed and a new packet is created in its place when the data passes trough the firewall.

Question 40

Protocol what is bad?

Answer 40

it is a bad idea to have the two sides in a protocol do exactly the same thing, since this might open the door to an attack. small changes to a protocol can result in big changes in its security.

Question 41

Remember..

Answer 41

You should not use the same key pair for signing as you use for encryption

Question 42

how prevent MiM attack?

Answer 42

Alice and Bob can use their shared symmetric key K_AB, to encrypt the diffie hellman exchange

Question 43

what is timestamp?

Answer 43

a time value

Question 44

what is the benefit of timestamp?

Answer 44

is that we do not need to waste any messages exchanging nonces, assuming that the current time is known to both Alive and Bob.

Question 45

Zero knowledge proofs

Answer 45

bobs cave which side

Question 46

what is Fiat shamir?

Answer 46

relies on the fact that finding a square root modulo N is as difficult as factoring.

Question 47

Why is it better to hash passwords with a salt than to hash passwords without a salt?

Answer 47

Not a secret, stored with passwords
dictionary attack more difficult
it creates more work for hacker
hacker can not use precomputed work.

Question 48

why do we hash passwords with a salt rather than encrypt the password file?

Answer 48

store you have to encrypt the key, if you get the password file you get the key.
Password file is a single point of failure

Question 49

What purpose do timestamps and nonces serve?

Answer 49

challenges used to verify authentication session PREVENT REPLAYS

Question 50

Advantage of timestamp as compared to a nonce?

Answer 50

MORE EFFICIENT

Question 51

One significant disadvantage of timestamp as compared to nonce?

Answer 51

CLOCK SKEW

time is a security concern

Question 52

Lampson’s access control matrix, capabilities?

Answer 52

C-lists, rows and describe permissions for subjects

Question 53

Lampsons access control matrix, ACLs?

Answer 53

Access control lists, are columns

Question 54

2 advantages of C-lists over ACL’s

Answer 54

Easy to add or delete

easy to delegate permissions

Question 55

2 advantages of ACLs over C-lists

Answer 55

Easier to implement

Easy to change permissions

Question 56

Differences between Authentication and identification?

Answer 56

One to one VS one to many

subject compliance VS non subject compliance (data)

Question 57

Which is easier and why? authentication or identification?

Answer 57

authentication is easier:
   Only one way for authentication
   Already know i am authenticating 
  Comparisons to ONE
with identification one to many, comparisons depends on data

Question 58

Packet fileter

Answer 58

works at the network layer, attacker uses TCP ACK scan

Question 59

Stateful packet fileter

Answer 59

works at the transport layer, attacker uses firewalk to send packets.

Question 60

what is firewalk

Answer 60

to check for port opening, port scanning

Question 61

Application proxy

Answer 61

works at the application layer, DLS attack can perform a port scanning

Question 62

MIG

Answer 62

if bob and alice are doing the same thing you can get MIG

Question 63

Method used to prevent covert channels are inherently weak. Is it better to use such weak methods or to do nothing at all?

Answer 63

better fuse weak , reduces bandwidth, EASY TO DO RELATIVELY

Question 64

methods used for inference control are inherently weak. is it better to use weak or nothing?

Answer 64

Weak, reduces data leaks, EASY TO DO RELATIVELY

Question 65

suppose that the only cryptosystem you have access to is known to be weak is it better to use this system to encrypt your data or to do nothing at all?

Answer 65

Do nothing at all , because you could flag it as import since the system is weak.

Question 66

Why do we hash passwords that are stored in a password file?

Answer 66

so if the password file is stolen or accessed by trudy they can not determine the passwords and use it to log in to that system or other resources.

Question 67

Why is it better to hash passwords than to encrypt the password file with a symmetric cipher?

Answer 67

hashes are one way and do not require that we decrypt any password files. Decrypting a password file would require that the key to be stored some where so that the system can automatically decrypt the file when verifying password. creates a security problem as to where to store the key.

Question 68

Time stamps and nonces

Answer 68

are both used in security protocols to prevent replay attacks

Question 69

Advantage of timestamp as compared to a nonce?

Answer 69

less messages required to achieve authentication as the nonce does not need to be exchanged.

Question 70

Advantage of nonce as compared to timestamp?

Answer 70

Time stapts in the first case are security critical parameter and require a window of “opportunity” to account for clock skew. Nonce do not have that and it is a disadvantage.

Question 71

One significant advantage of packet filter as compared to a stateful packet filter.

Answer 71

fast, less overhead s it does not monitor the state. stateful keeping track of state of lots of connections

Question 72

Significant advantage of stateful packet filter as compared to packet filter.

Answer 72

prevents simple TCP ACK attack on firewall to determine if ports are blocked as the firewall will know that there is no valid session or state and reject the packet.

Question 73

cost passwords are…

Answer 73

free

Question 74

connivence passwords are…

Answer 74

easier for admin to reset pwd than to issue a new thumb

Question 75

ECB

Answer 75

same plain text and same ciphertext

Question 76

forward search prevented

Answer 76

padding with random bits prevents forward search attach, can not use a precomputed set of passwords, more work for trudy

Question 77

No salt No dictionary

Answer 77

brute force, hash it and compare to all the passwords

Question 78

yes salt

Answer 78

talk the salt hash it and compare work

Question 79

work

Answer 79

size of dictionary / prob passwords in dictionary

Question 80

2^10

Answer 80

1024

Question 81

web cookies

Answer 81

cookie is provided by a website and stored on users machine, cookie indexes a database at website, cookies maintain STATE across sessions

Question 82

web uses a what protocol

Answer 82

a stateless protocol HTTP

Question 83

authorization is a form of

Answer 83

access control

Question 84

ACL

Answer 84

Access control lists store matrix by column

Question 85

ACLS

Answer 85

permissions tied to a file

Question 86

capabilities

Answer 86

permissions tied to the user

Question 87

ACLS

Answer 87

easier in changing files

Question 88

Confused deputy

Answer 88

complier is acting on alices behalf, confusing her permission with Alice’s permissions overriding a bill for example

Question 89

in practice…

Answer 89

ACLs are used more often

Question 90

capabilities make it …

Answer 90

easy to delegate authority

Question 91

Classifications apply…

Answer 91

to objets ressources

Question 92

Clearances apply…

Answer 92

to subjects users

Question 93

MLS is needed

Answer 93

when subjects and objects at different levels use on same system

Question 94

MLS is a form of

Answer 94

Access Control

Question 95

MLS enforces

Answer 95

Multilevel security enforces access control up and down

Question 96

compartments enforce

Answer 96

enforce restrictions across, the need to know principle

Question 97

Cover Channel

Answer 97

MLS designed to restrict legitimate channels of communication

Question 98

Covert channel

Answer 98

desecrate means of communication, 1 it is there , 0 it is not there

Question 99

a firewall is like a…

Answer 99

secretary

Question 100

packet filter operates at the

Answer 100

network layer

Question 101

stateful packet filter

Answer 101

operate at the transport layer, firewall will keep track then it can drop it

Question 102

packet filer disadvantages

Answer 102

no concept of state
cannot see TCP connections
blind to application data
less information to go on
on going connections we do not see it just like ARP cacheing

Question 103

dis advantage of stateful packet filter

Answer 103

can not see application data
slower than packet filtering
more work
state DoS is an issue

Question 104

what is a proxy

Answer 104

something that acts on your behalf

Question 105

Application proxy disadvantages

Answer 105

speed more work DoS

Question 106

Application proxy advantages

Answer 106

complete view of connections and applications data

Filter bad data at application layer

Question 107

webcookies make a

Answer 107

stateless protocol

Question 108

application –>

Answer 108

user space

Question 109

transport –>

Answer 109

os

Question 110

network –>

Answer 110

os

Question 111

link

Answer 111

NIC card

Question 112

Physical

Answer 112

NIC card

Question 113

client

Answer 113

speaks first

Question 114

server

Answer 114

responds to clients request

Question 115

spoofed email doesn’t have

Answer 115

authentication

Question 116

UDP is

Answer 116

efficcent

Question 117

TCP is

Answer 117

reliability

Question 118

compartments help

Answer 118

need to know bases

Question 119

UDP

Answer 119

certain delays long or short packets

Question 120

botnet

Answer 120

compromised machines

Question 121

botnet

Answer 121

can do DoS an spam

Question 122

inference control

Answer 122

not too difficult to do

Question 123

captcha the attacker

Answer 123

the attacker knows the algorithm, the data, except the random numbers

Question 124

TCP 3-way

Answer 124

the TCP 3-way handshake makes denial of service DoS attacks possible

Question 125

TCP three way handshake

Answer 125

first send SYN request
BACK SYN-ACK
ACK and data

Question 126

ARP is

Answer 126

stateless

Question 127

Ideal security protocol

Answer 127

Efficient
Precise
Robust
easy to implement, easy to use ,flexible

Question 128

security protocol over a

Answer 128

Network layer, sending important information over the network back and forth attacker can replay messages.

Question 129

challenge response

Answer 129

prevents replay, only alice can respond to properly Bob has to verify it. Number used one is a Nonce

Question 130

Number used once

Answer 130

Nonce

Question 131

another version of nonce

Answer 131

timestamps

Question 132

diffie hellman

Answer 132

man in the middle has to happen in real time

Question 133

nonce

Answer 133

generate it and send it current to prevent replay

Question 134

Time stamp disadvantage

Answer 134

synchronization of clocks, network delay

Question 135

Nonce

Answer 135

3 messages

Question 136

timestamp

Answer 136

2 messages

Question 137

Encrypt and sign with timestamp…..

Answer 137

insecure

Question 138

sign and encrypt with nonce

Answer 138

secure

Question 139

encrypt and sign with nonce

Answer 139

secure

Question 140

sign and encrypt with timestamp

Answer 140

secure

Question 141

Fiat shamir what is x

Answer 141

x = r^2 mod N

Question 142

fiat shamir what is y

Answer 142

y = r * s^e mod N

Question 143

fiat shamir what is v

Answer 143

v = S^2 mod N

Question 144

what does bob verify in fiat shamir

Answer 144

y^2 = x * V^2 mod N

Question 145

fiat shamir wha tis y ^2

Answer 145

y^2 = r ^2 * S ^(2e)