Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Systems Security > Mistake Review > Flashcards

Mistake Review Flashcards

1
Q

Problem with SSNs

A
  • no separation between authentication and authorization –> conceptually broken
  • can’t easily change SSN if it is exposed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How to measure password security?

A

Entropy! (predictabiity)
- strong passwords are not vulnerable to dictionary attacks (do not use common words)
- strong passwords are LONG (length is more important than using numbers and special characters)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Where to validate input?

A

on the server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Risk of improper error handling

A
  • broad category of issues that manifest when web applications do not detect or handle error conditions properly.
  • common results in leakage of sensitive info: leak software and version information, leak code and system architecture details, facilitate attacks
  • defenses: check and handle all error conditions & give simple, consistent, generic error messages
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Origin

A

Origin = <protocol, hostname, port>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does a Hash, MAC, and Signature give you?

A

HASH: Integrity
MAC: Integrity, Authentication
Signature: Integrity, Authentication, Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Systems Security (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions