Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CS6035 IIS > Midterm - CH 1,3,4,5,6,7, 10, 11, 12 > Flashcards

Midterm - CH 1,3,4,5,6,7, 10, 11, 12 Flashcards

1
Q

Defensive or Secure Programming

A

the process of designing and implementing software so that it continues to function even when under attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

injection attack

A

wide variety of program flaws related to invalid handling of input data

This problem occurs when program input data can accidentally or deliberately influence the flow of execution of the program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

command injection

A

the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SQL injection

A

The user-supplied input is used to construct a SQL request to retrieve information from a database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

code injection

A

the input includes code that is then executed by the attacked system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

cross-site scripting (XSS) attacks

A

concerns input provided to a program by one user that is subsequently output to another user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

XSS reflection vulnerability

A

The attacker includes the malicious script content in data supplied to a site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Malware propagation mechanisms include those used by…(3)

A

viruses, worms and Trojans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The principal objectives of computer security are to

A

prevent unauthorized users from gaining access to resources,
to prevent legitimate users from accessing resources in an unauthorized manner,
and to enable legitimate users to access resources in an authorized manner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A consequence of a buffer overflow error is

A

corruption data used by the program,
unexpected transfer of control in the program,
possible memory access violation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

To defend against database inference attacks we can apply

A

perturbation, de-identification, anonymization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the

A

verification step

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

‘No write down’ is also referred to as the

A

‘*-property’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

_____ is a process that ensures a system is developed and operated as intended by the system’s security policy

A

Assurance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

____ data are data that may be derived from corporate data but that cannot be used to discover the corporation’s identity

A

Sanitized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the

A

verification step

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The most important changes needed to improve system security are to ____

A

disable remotely accessible services that are not required,
ensure that applications and services that are needed are appropriately configured,
disable services and applications that are not required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The following steps should be used to secure an OS:

A

test the security of the basic OS,
remove unnecessary services,
install and patch the OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

form of buffer overflow attack

A

heap overflows, return to system call, replacement stack frame

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

a set of automated tools designed to detect unauthorized access to a host system

A

intrusion detection system (IDS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A multilevel secure system for confidentiality must enforce:

A

No read up: A subject can only read an object of less or equal security level. This is referred to in the literature as the simple security property (ss-property).
No write down: A subject can only write into an object of greater or equal security level. This is referred to in the literature as the *-property1 (pronounced star property).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

_____ will integrate with the operating system of a host computer and monitor program behavior in real-time for malicious action

A

behavior blocking software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

intrusion management encompasses

A

intrusion detection, prevention and response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which of the following need to be taken into consideration during the system security planning process

A

how users are authenticated, the categories of users of the system, what access the system has to information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
______ include system corruption, bots, phishing, spyware, and rootkits.
Payloads
26
Virus Propagation Phase
The virus places a copy of itself into other programs or | into certain system areas on the disk.
27
Virus Triggering Phase
The virus is activated to perform the function for which it was intended.
28
Virus Execution Phase
The function is performed. The function may be harmless, such as a message on the screen, or damaging, such as the destruction of programs and data files.
29
Infects files that the operating system or shell consider to be executable.
File Infector Virus
30
An attack, that exploits social engineering to leverage user’s trust by masquerading as communications from a trusted source
Phishing Attack
31
Is a set of programs installed on a system to maintain covert access to that system with administrator (or root) privileges, while hiding evidence of its presence to the greatest extent possible.
Rootkit
32
An attempt to compromise availability | by hindering or blocking completely the provision of some service.
Denial-of-service (DoS) attack
33
DDoS Flooding attack targets...(3)
Network BW, System resources, Application resources
34
The ICMP echo response | packets generated in response to a ping flood using randomly spoofed source addresses is a good example.
Backscatter traffic
35
This attacks the ability of a network server to respond to TCP connection requests by overflowing the tables used to manage such connections.
DoS attach, SYN Spoofing Attack
36
The attacker sends packets to a known service on the intermediary with a spoofed source address of the actual target system. When the intermediary responds, the response is sent to the target.
Reflection Attack
37
Involve sending a
packet with a spoofed source address for the target system to intermediaries. They
differ in generating multiple response packets for each original packet sent. This can
be achieved by directing the original request to the broadcast address for some network.
Amplification Attacks
38
Can be deployed as operating systems updates to provide some protection for existing vulnerable programs. These defenses involve changes to the memory management of the virtual address space of processes.
Run_time Defenses
39
Most commonly
the address of a standard library function is chosen, such as the system() function. The attacker specifies an overflow that fills the buffer, replaces the saved
frame pointer with a suitable address, replaces the return address with the address of the desired library function, writes a placeholder value that the library function will believe is a return address, and then writes the values of one (or more) parameters to this library function.
return to system call attack
40
If the allocated space includes a pointer to a function, which the code then subsequently calls, an attacker can arrange for this address to be modified to point to shellcode in the overwritten buffer.
Heap Buffer Overflow
41
The process of designing and implementing software so that it continues to function even when under attack. Software written using this process is able to detect erroneous conditions resulting from some attack, and to either continue executing safely, or to fail gracefully.
Defensive Programming
42
This problem occurs when program input data can accidentally or deliberately influence the flow of execution of the program.
Injection Attack
43
When the input is used in the construction of a command that is subsequently executed by the system with the privileges of the Web server.
Command Injection Attack
44
In this attack, the user-supplied input is used to construct a SQL request to retrieve information from a database.
SQL Injection Attack
45
This is a software testing technique that uses randomly generated data as inputs to a program. The intent is to determine whether the program or function correctly handles all such abnormal inputs or whether it crashes or otherwise fails to respond appropriately.
Input Fuzzing
46
This strongly suggests that programs should execute with the least amount of privileges needed to complete their function.
Principle of Least Privilege
47
A process that includes planning, installation, configuration, update, and maintenance of the operating system and the key applications in use,
Hardening a System
48
3 Steps to hardening a base OS
* Removing unnecessary services, applications, and protocols. * Configuring users, groups, and permissions. * Configuring resource controls.
49
Which restricts the server’s view of the file system to just a specified portion. Files in directories outside the __________ are not visible or reachable at all.
Chroot Jail
50
Refers to a technology that provides an abstraction of the computing resources used by some software, which thus runs in a simulated environment called a virtual machine (VM).
Virtualization
51
A bot is a computer compromised by malware and under the control of a bot master (attacker).
TRUE
52
Characteristics of APT include _(3)_____. | Advanced Persistent Threats
A. Using zero-day exploit B. Low-and-slow C. Targeting high-value data
53
The best defense against being an unwitting participant in a DDoS attack
prevent your systems from being compromised
54
Both static and dynamic analyses are needed in order to fully understand malware behaviors
True
55
A Botnet can use _______ for command-and-control.
A. Email B. HTTP C. IRC
56
In a ______ attack the attacker creates a series of DNS requests containing the spoofed source address for the target system.
DNS amplification
57
APT attacks
Boy in the middle--covertly changes a computer's network routing Clickjacking--web users unknowingly click on something that is not as it is portrayed. Man in the Browser--Modifies web pages covertly Man in the middle--Eavesdrops Keyloggers--covertly records keystrokes
58
Takes advantage of a previously unknown weakness or vulnerability in a system.
Zero-Day Exploit
59
APT Lifecycle
- -Define target - -Research target infrastructure/employees - -Test for detection - -deployment - -establish outbound connections - -exfiltrate data - -remain undetected - -Repeat
60
Advanced Persistent Threat (APT)
Advanced: Use special malware Persistent: Long-term presence, multi-step, low-and-slow Threat: Data targeted is high value Tend to target specific organizations
61
Examples of Attacks/Frauds by botnets
- -Spam - -DDOS - -Click fraud - -Phishing and Pharming - -Keylogging and data/ID theft - -Key/password cracking - -Anonymized terrorist and criminal communication - -Cheat in online games and polls
62
Why DDoS attack?
Why DDoS attack? - -Attacker does not need to use his own computer - -So many computers involved in the attack, it is difficult to distinguish legitimate from malicious traffic
63
C&C design
- -Must be efficient and reliable - -Stealthy - -Resilient
64
T/F: The botmasters prefer dynamic DNS servers
True: Because of the frequent change between domain name and IP address.
65
Anomaly detection
The way the bots look up a domain suggest the domain is most likely used for C&C.
66
What can be done when the anomaly is detected?
Map the domain name to a sinkhole
67
What is the advantage of the sinkhole?
Researchers can discover where the bots are in the net.
68
Malware analysis: Static Analysis
Attempts to understand what a malware instance would do if executed.
69
Malware analysis: Dynamic Analysis
Attempts to understand what a program does when executed.
70
Different granularities of analysis
Fine-grained: Looking at instruction by instruction | Coarse-grained: looking at function calls
71
Malware Obfuscation: Packing
A technique whereby parts or all of an executable file are compressed, encrypted or transformed in some fashion.
72
T/F: Can use signatures to detect packing.
False: A number of legitimate programs use packing/unpacking
73
Types of malware: Needs a Host
trap doors, logic bombs, trojan horses, viruses, browser plug-ins, extensions, scripts
74
Types of malware: Independent
Worms, botnets, APT
75
Trojan Horses
Hidden in an apparently useful host program
76
Virus
Infect a program by modifying it. Can self copy
77
4 Stages of a Virus
- -Dormant phase: Program infected, but virus has not been triggered - -Propagation phase: Virus is being spread - -Triggering phase: When the host program is run, the virus is run. - -Execution phase: When the virus runs and performs malicious activities. (also looks to spread)
78
Email attachment that when opened will be sent to all people in address book
virus
79
Keyboard app that logs user input and sends it to the attacker
trojan horse
80
Virus Structure
Virus code has to be physically inserted into the program code. The virus code runs first, then the original program. virus code may run last, too, to do any clean up. Program needs to run cleanly to avoid detection.
81
Types of viruses
Parasitic virus: scan/infect programs Memory-resident virus: infect running programs Boot sector virus: Runs when the system is booted Macro virus: executable program embedded in a word processing document; triggered when doc opened Polymorphic virus: encrypt part of the virus program using randomly generated key
82
Rootkit
Resides in OS. Modifies OS code and data structure. Can hide itself by manipulating functions that list directory contents.
83
T/F: Linux, iOS, Windows, and Android have all been infected by rootkits
True
84
Rootkit facts
- -All OSes can be affected - -Can modify hidden and read-only files - -Can spread in any form - -Cannot remain in memory after reboot, but since it is a part of the OS, it will return with the OS is restarted - -Rootkits cannot affect HW that does not have FW - -Rootkits are always malevolent
85
Worms
Use network connections to spread from system to system.
86
Malware Prevention and Detection
Prevention: Limit contact to outside world Detection/Identification Removal Prevention hampers productivity, so detection is preferred.
87
4 Generations of anti-virus software
Simple scanners--use signatures of known viruses. not effective against polymorphic viruses Heuristic scanners--Integrity checking (checksum). Can be defeated by compressing file to have the same size as the pre-infection file. Activity traps: Look for specific activities that malware performs. Not effective against newer malware. Full-featured analysis: State of the art. Host-based, network-based, and sandbox-based.
88
Why are signature-based anti-virus solutions still used?
- -Efficient - -Effective against known malware - -good first line of defense
89
Importance of DB security
- -Databases store massive amounts of sensitive data - -Data has structure that influences how it is accessed - -Accessed via queries or programs written in languages like SQL - -Transactional nature of queries (done completely or not done at all) - -Derived data or database views
90
Who are the biggest threats to DB?
Insiders and unauthorized users
91
Databases are attractive to users because
- -they store info that is easily monetized - -they store info about a lot of users - -query languages used to access data can be abused
92
RDBS table
RDBS table | A table is defined by a schema and consists of tuples
93
DB Access Control
GRANT or REVOKE
94
Privileges
SELECT, INSERT, UPDATE, or DELETE
95
Defenses against inference attacks
- -Do not allow aggregate query results when the set of tuples selected is either too small or too large (Perturbation) - -De-identification: transform data by removing identifying info. - -Anonymization: replace exact values with a more general values
96
Mandatory Access Control (MAC)
Is not at the user discretion. Solves the problem of information control. Company decides who has access to data.
97
What is needed to implement MAC?
Labels are a key requirement. They indicate sensitivity and/or category of data. Indicate clearance/need-to-know requirements
98
Labels also have a _______
Compartment.
99
``` T/F L1 = (TS, {A,B,C}) L2=(S,{B,C}) L3=(S,{B,C,D}) L1 > L3 ```
False L1 > L2 L2 < L1 L1 and L3 are not comparable.
100
Bell and La Padua (BLP) Model
Developed by the DoD | Assumes classification of data and clearances for subjects
101
BLP Read/Write rules
Read-down rule (ss-property): user with label L1 can read the document with L2 only when L1 dominates L2 Write-up rule (*-property): User with label L1 can write document with label L2 when L1 is dominated by L2.
102
Tranquility Principle
States that classification of a subject or object does not change during a session.
103
Clark-Wilson Policy
Users should be able to access certain programs usser -> program -> obj
104
T/F: RBAC is an example of MAC
True. Only the company can decide roles of its employees.
105
BLP-like models
SELinux and SCOMP
106
problems with DAC
- information flow problem (cannot control that if someone has access to a file would further share the contain of it) - in many organizations, the user does not get to decide how/who to share
107
label in MAC
- indicate sensitivity/category/clearance/need-to-know - TCB associates labels with object/user - exact nature of label depends on model/policy
108
biba vs BLP
- biba focuses on integrity while BLP focuses on confidentiality - biba read up, write down
109
trusting software
- functional correctness - maintain data integrity - protect disclosure of sensitive data - confidence
110
TCB design principles (6)
- least privilege for users/programs - economy: keep trusted code as small as possible - open design: obscurity doesn't work - complete mediation - fail safe default - easy of use
111
how to build a TCB
- authentication | - access control (MAC & DAC)
112
how to protect data in OS
it needs to protect itself (tamperproof)
113
data protection security features of trusted OS
- object reuse protection - disk blocks, mem reuse - allocate disk or mem, then look to see what's left behind - zero out objs before use - secure file deletion - secure disk destruction
114
kernel design requirements
- enforce all sec mechanisms - good isolation, small size - reference monitor controls access to objects - tamperproof - un-bypassable - analyzable
115
use of testing
- demonstrate the existence of problem
116
testing challenge
- test case generation - code coverage - exponential number of different executions - different execution environments
117
formal verification
- checking a mathematical specification of a program - model checking, automated theorem proving - exponential time & space complexity
118
T/F: model checking can show absence of a problem
True. Model checking is a form of formal verification.
119
Two parts to Access Control
1. Decide who should have access to certain resources. An access control policy. 2. Enforcement--only accesses defined by the access control policy are granted
120
Access Control Matrix (ACM)
- abstract state: rows-users, column-resources - ACM[U,O] defines what access right user U have on object O Rows correspond to sources of the request (users/subjects/groups) Columns correspond to the resources that need protected
121
Discretionary Access Control
Access is at the discretion of its owner. Owner can grant access to other users and also allow or not allow the other users to propagate this access.
122
Access Control List (ACL)
Columns for an object that define each users rights of that object. handle access to object Oi (column wise)
123
Capability List (C-List)
``` Capability List (C-List) Rows for a user that define that user's rights for each object. ``` - handle right of user Ui (row wise)
124
Where should ACL be stored?
- -In trusted part of system - -Consists of access control entries - -Should be stored along with other object meta-data - -Checking requires traversal of the ACL
125
Where should C-List be stored?
- -It is per user - -A capability is an unforgeable reference/handle for a resource - -User catalogue of capabilities defines what a certain user can access - -Can be stored in objects/resources themselves
126
ACL vs C-List
Efficiency--ACL are not as efficient as C-List Accountability--Can be found easily in ACL. With C-List, each user's catalog must be checked to see if access ok. Revocation--Revoking access in ACL is easy Most OS uses ACL
127
How does OS implement ACL?
The OS keeps track of info about each file and its metadata, called an i-node. Open files are stored in the meta-data table. The file must be active.
128
Role Based Access Control (RBAC)
The access rights are associated by roles/jobs. Users can have more than one role.
129
RBAC benefits
- -Policy need not be updated when a certain person leaves - -new employee should be able to activate the desired role. - -Start with minimum access SELinux supports RBAC
130
Fail-safe defaults
mplies that when an access control policy is silent about access to a certain user, that access must be denied.
131
a capability in C-list
- unforgeable reference/handle for a resource | - user catalog of capabilities define defines what a certain user can access.
132
hydra
store c-list in objs, resources themselves
133
how sharing happens?
create new ACE, and add access right to that
134
most OS use ACL or C-list? why?
ACL, which is good for accountability and revocation. C-list is only good for efficiency
135
a movie ticket is a capability or access control entry?
capability (holder get access)
136
when does access check for ACE stop?
neg/deny found or transverse the whole list
137
how is access control implemented in unix
- each resource look like a file - each file has an owner - each file can possibly be accessed by owner, group or everyone - permission r,w,x - ACL implemented using bitmap, 9 bits
138
how does OS implement ACL?
- process call open file - openfile table get i (index) from i-node table and return to the process - ACL bit is stored at the same location on i-node table. This will grant access and point to the file data.
139
TOCTOU (time to check time to use) vulnerability
permission changed between checking and using
140
in unix, you can share the file by sharing the file descriptor
false
141
setuid bit set
the uid of the process will be the owner
142
Botnet command-and-control must be centralized, i.e., all bots communicate with a central server(s).
False "Distributed control mechanisms, using peer-to-peer protocols, are also used, to avoid a single point of failure."
143
what is authentication?
- who are you? prove it! - the process making the request does it on behalf of a certain user, subject, or principal. - claims & verification about the identity.
144
what is authorization?
Does this requester have permission to access this resource?
145
Authentication goals
Availability: When the correct credentials are presented, the resources should be made available. No false negatives: A false negative is when a process presents the correct credentials, but access is denied. No false positives: A false positive is if the incorrect credentials are presented, but access is given.
146
How is authentication implemented?
Something only the user knows: password, pin Something the user has: token, smart card, etc. Something the user is: fingerprint, iris scan, etc.
147
To authenticate
1. capture evidence 2. compare it 3. authenticate it
148
Examples of threats to authentication system
- -guessing PW - -impersonating a real login program (ie a trojan horse) - -keylogging: grabs keystrokes to record password
149
Trusted Path
Connection between the user and the TCB. Should be provided by the OS and hardware.
150
Trusted Login Path
Keyboard and display must have trusted paths to OS
151
Hash function threats
- if we know the common passwords, we can figure out their hash - for dictionary and offline attacks, we have the dict and plenty of time (online system can stop the attack after a certain amount of trials)
152
false negative
negative outcome was generated falsely
153
how to reduce work for brute force attack?
- try popular password first | - rainbow table lookup
154
problem with tokens
- must have them - may require additional hardware - need user to confirm identity (challenge/response) - cost & misplaced trust
155
Operating Systems Definition
Hardware: I/o...Memory….CPU Operating Systems: Windows or Android, etc Applications run on operating system
156
Operating Systems' uses
- Makes it easier to use resources. Allows for high-level abstractions ­like files ­- Hardware is controlled by the OS ­- Provides isolation ­(each process believes it is the only one running on the system)
157
TCB
trusted computing base/kernel - The operating system has direct control of the hardware resources. - The OS must determine who is an authorized user of the resources.
158
TCB (trusted computing base) Requirements
- Complete mediation ­: the OS comes between the hardware resources and applications. The OS must make sure the application has the necessary authorizations. - The OS must be tamperproof. - The OS must be correct­­: the protected resources are used properly.
159
OS controls access to protected resources by?
­- Establish the source of the request (authentication - who?) ­- Authorization or access control ­ does the source of the request have the right to access the resource. - The OS follows the policies for authorization and authentication
160
what is a system call?
- ask the OS for (access to) resources. - is often called protected procedure call - go through call gates (controlled/defined fashion)
161
why does system call have higher cost?
- user domain to OS domain (control transfer)
162
How can we trust OS?
- hardware support memory protection | - processor execution modes/rings (system & user)
163
what is system call instruction in x86
sysenter/sysexit
164
how does TCB ensure complete mediation?
- make sure no protected resources could be accessed w/o going through the TCB - TCB acts as a reference monitor that cannot be bypass
165
how does the OS ensure complete mediation?
- virtualizes physical resources and provides API - file for storing persistent data on disk - virtual resources must be translated to physical resource handle
166
how does TCB ensure correctness?
- secure coding with type safe language
167
Virtualization helps with limiting the damage caused by a compromised OS by...
- -Using a hypervisor between OS and hardware | - -VMs on top of hypervisor have their own OS and apps (isolation)
168
Logical addresses are stored on ____ Physical addresses are stored on _____
pages frames

CS6035 IIS (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions