Physical Attacks

Question 1

Physical Attacks

Answer 1

Direct attacks on computational devices

Question 2

Name some Environmental Factors

Answer 2

Electricity, Temperature, and Limited Conductance

Question 3

Electricity (as an environmental factor)

Answer 3

Computing equipment requires stead uninterrupted power supply

Question 4

Temperature (as an Environmental Factor)

Answer 4

Computer chips have a natural operating temperature and exceeding that temperature significantly can have sever consequences.

Question 5

Limited Conductance (as an Environmental Factor)

Answer 5

Computing equipment relies on there being limited conductance in its environment. If random parts of a computer are connected electronically, then that equipment could be damaged.

Question 6

Eavesdropping

Answer 6

The process of secretly listening in on another person’s conversation

Question 7

Protection of sensitive information must go beyond computer security and extend to the ______________ in which this information is entered and read.

Answer 7

Environment

Question 8

What are 3 simple eavesdropping techniques?

Answer 8

1. Using social engineering to allow the attacker to read information over the victim’s shoulder (over shoulder)
2. Installing small cameras to capture the information as it is being read (via camera)
3. Using binoculars to view a victim’s monitor through an open window (look through open window)

Question 9

What is the commingle referred to name of the direct observation techniques that were named?

Answer 9

Shoulder Surfing

Question 10

Wiretapping

Answer 10

A form of eavesdropping involving physical connection to the communications channels to breach the confidentiality of communications;

to tap a telephone or telegraph wire or cellular signal in order to get information.

Inexpensive coaxial copper cables where information is transmitted via electrical impulses that travel through the cables.

Question 11

Danger/Risk of Wiretapping

Answer 11

Because it’s relatively inexpensive, impulse can be measured and can reconstruct the data being transferred through a tapped cable - allowing an attacker to eavesdrop on network traffic.

Question 12

True/False: Wiretapping Attacks are passive?

Answer 12

True

Question 13

Why are wiretapping attacks considered passive attacks?

Answer 13

Because there is no alteration of the signal being transferred which makes them extremely difficult to detect; it’s snooping;

Question 14

Passive Attack

Answer 14

When attacker cannot interact with any of the parties involved, attempting to break the system socket based upon observed data.

Question 15

Name two type is Signal Emanations

Answer 15

1. Radio Frequencies

2. Visible Light

Question 16

Computer screens emit _______________________ that can be used to ________ what is ____________________.

Answer 16

Radio frequencies
Detect
being displayed

Question 17

What type of reflections can be used to reconstruct a display from its reflection on a wall, coffee mug, or eyeglasses.

Answer 17

Visible Light

Question 18

Both ____________________ and _____________________ require the attacker to have a receiver close enough to detect the signal.

Answer 18

Radio signal and Visible light

Question 19

Acoustic Emissions

Answer 19

An attacker using an audio recording of a user tying on a keyboard to reconstruct what was typed.

Question 20

Differential Power Analysis (DPA attack)

Answer 20

A side channel attack on smart cards with secure crypto precede or. Each crypto operation requires different power consumption.

a powerful tool attackers used to extract secret keys and compromise the security of tamper resistant devices

(extremely effective, low cost, and widely known)

Question 21

Side Channel Attack

Answer 21

any attack based on information gained from the implementation of a computer system, rather than weaknesses in the implemented algorithm itself. i.e. DPA

Question 22

Hardware Keyloggers

Answer 22

Small connectors that are installed between a keyboard and a computer

Question 23

Keylogger

Answer 23

Any means of recording a victim’s keystrokes, typically used to eavesdrop passwords or other sensitive information

Question 24

USB Keylogger

Answer 24

A device containing male and female USB connectors, which allow it to be placed between a USB port on a computer and a USB cable coming from a keyboard.

Question 25

Emanation Blockage

Answer 25

Limiting the release of information from escaping into its general environment

Question 26

Different type of Emanation Blockage

Answer 26

+Visible Light Emanations
+Acoustic Emanations
+Electromagnetic Emanations

Question 27

How to block Visible light emanations?

Answer 27

By enclosing sensitive equipment in a windowless room, we block it.

Question 28

How to block Acoustic Emanations?

Answer 28

By enclosing sensitive equipment in a room lined with sound-dampening materials, we block this.

Question 29

How to block electromagnetic emanations?

Answer 29

By making sure every electrical cord and cable is well grounded and insulated, we block this.

Question 30

Faraday Cages

Answer 30

An enclosure used to block electro magnetic fields/emanations in the air.

Surround sensitive equipment with metallic conductive shielding or mesh material where holes in the mesh are smaller than the wavelengths of the electromagnetic radiation we wish to block.

Question 31

Computer Forensics

Answer 31

The practice of obtaining information contained on an electronic medium, such as computer systems, hard drives, and optical disks, usually for gathering evidence to be used in legal proceedings.

Question 32

(True/False)

Many of the advanced techniques used by forensic investigators for legal proceedings can also be employed by attackers to uncover sensitive information.

Answer 32

True

Question 33

What all does a Forensic Analysis involve?

Answer 33

It involves the physical inspection of the components of a computer, sometimes at the microscopic level, but it can also involve electronic inspection of a computer’s parts as well.

Question 34

When a ___1___ is deleted, many ___2__ remove the ______3*_____.

Answer 34

1. file
2. OS
3. file’s metadata

Question 35

Metadata

Answer 35

Information about file size, location, and other properties; data about data;

Question 36

Space within the __1__ containing __2____ is __3__ allowing future ___4*_______ to ____5____ it.

Answer 36

1. disk
2. metadata
3. freed
4. file operation
5. overwrite

Question 37

T/F?

Can forensic tools uncover “deleted” data if no overwriting has occurred?

Answer 37

True

Question 38

Cold Boot Attack

Answer 38

A type of side channel attack where begins a process for obtaining unauthorized access to a computer’s encryption keys when the computer is left physically unattended.

+ memory dump of RAM
+ used for retrieving encryption keys from a running OS for malicious reasons
+ relies on DRAM & SRAM

Question 39

DRAM

Answer 39

Dynamic Random-Access Memory aka Dynamic RAM : type of RAM or computer memory and the most commonly used as main memory; used for the data or program code needed b a computer processor to function.

Question 40

T/F? DRAM is voalitle?

Answer 40

True

Question 41

What does cooling the DRAM in low temperature cause?

Answer 41

A significant slow in decay. This makes the content of the memory able to be reconstructed.

Question 42

How have researchers demonstrated how to reconstruct memory image?

Answer 42

By having powering off preceded by freezing the RAM and then booting from a live CD

Question 43

ATM

Answer 43

Automatic Teller Machine that allows customers of financial institutions to complete withdrawal and deposit transactions without human assistance.

Question 44

The ATM has an _______1*__________ processor that creates a __2__ of a card number using the entered __3__ and __4__ it to the ___5__ hash on the card or in a ___6__ database.

Answer 44

1. internal cryptographic
2. hash
3. PIN
4. compares
5. stored
6. remote

Question 45

3 Types of Attacks on ATMs?

Answer 45

Fake ATM, Lebanese Loop, and Skimmer

Question 46

Fake ATM

Answer 46

captures both credit/debit cards and PINs at the same time.

Question 47

Lebanese Loop

Answer 47

Sleeve inserted into the card slot of the ATM, unknowingly. Customer inserts card, thinks machine malfunctions and leaves. The sleeve is then removed with the victim’s card.

Question 48

Skimmer

Answer 48

A device that reads and stores magnetic stripe information when a card is swiped. Skimmer is installed, unknowingly, over card slot of ATM & store’s credit card info. Info can be retrieved later and used to make duplicates of original cards.