Tentamen 22/03 2023 Flashcards
What is an example of token authentication? (Select 1 correct answer)
A. Password
B. Smart card
C. Fingerprint
D. Location
B
What is a smart card?
A smart card is an example of token-based authentication. It is a physical device that stores credentials or cryptographic keys, which are used to authenticate the user. Tokens like smart cards are often used in two-factor or multi-factor authentication systems.
Leaving an account with no password is an example of what? (Select 1 correct answer)
A. Spoofing
B. Elevation of privilege
C. Tampering
D. Vulnerability
D
The root of an attack tree represents what? (Select 1 correct answer)
A. Vulnerability
B. Threat agent
C. Security policy
D. Attack goal
D
What is an attack tree?
The attack tree is a hierarchical model that breaks down the steps or methods an attacker might use to reach that goal. Each branch of the tree represents a different path or strategy to achieve the root goal.
Password files can be protected by what means? (Select 2 correct answers)
A. Cryptographic protection
B. Access control
C. Virus scanners
D. Honeypots
A and B
What are honeypots?
Honeypots are decoy systems designed to attract and detect attackers, not a means of protecting password files.
A reference monitor is used in access control for which of the following reasons? (Select 1 correct answer)
A. Cryptographic hashing
B. Establish the validity of a request
C. Terminate a request
D. Detect malware
B
What is a reference monitor and what is its primary role?
A reference monitor is a security concept used in access control systems to ensure that every access request is checked against a set of authorization rules (e.g., security policies). Its primary role is to establish the validity of a request by verifying whether the requestor has the necessary permissions to access the resource.
Which of the following can be considered to be an elevation of privilege? (Select 1 correct answer)
A. Someone floods the network with requests
B. Someone extracts secrets from error messages
C. Someone ignores the security policy
D. Someone modifies data to do things other than what is permitted for that user
D
In the dormant phase of the virus lifecycle a virus ____? (Select 1 correct answer)
A. Is activated to perform the function for which it was intended
B. Places a copy of itself into other programs
C. Executes its payload
D. Is idle
D
Access control can support which of the following security goals? (Select 2 correct answers)
A. Confidentiality
B. Integrity
C. Privacy
D. Availability
A and B (C is considered kind of correct)
A strategy in which the system periodically runs its own password cracker to find guessable passwords is known as what? (Select 1 correct answer)
A. User education
B. Proactive password checking
C. Reactive password checking
D. Computer-generated password
C
What is the process for granting a right or permission to a system entity to access a system resource called? (Select 1 correct answer)
A. Authorization
B. Authentication
C. Control
D. Monitoring
A
What are the types of security controls that can be deployed in an information system (Select 3 correct answers)
A. Administrative
B. Reactive
C. Physical
D. Technical
A, C, and D
The process of IT security management includes which of the following functions? (Select 1 correct answer)
A. Determining organizational IT security objectives, strategies, and policies
B. Detecting and reacting to incidents
C. Specifying appropriate safeguards
D. All of the above
D
An attacker might say that they are from the phone company and walk into the server room. What type of attack is this? (Select 1 correct answer)
A. SQL injection attack
B. Social engineering attack
C. Command injection attack
D. Brute-force attack
B
What is a social engineering attack?
A social engineering attack involves manipulating individuals into divulging confidential information or performing actions that compromise security.
What is an SQL injection attack?
An SQL injection attack occurs when an attacker inserts malicious SQL code into a query, allowing them to manipulate a database, access sensitive data, or execute unauthorized commands.
What is a Command injection attack?
A Command injection attack occurs when an attacker is able to execute arbitrary commands on a host operating system by exploiting vulnerabilities in an application that improperly passes user input to system-level commands. This can lead to unauthorized access or control of the system.
What is a brute-force attack?
A brute-force attack is a method used by attackers to gain access to a system by systematically trying all possible combinations of passwords or encryption keys until the correct one is found. It relies on trial and error rather than exploiting system vulnerabilities.
A one-way function is a function that is what? (Select 1 correct answer)
A. Helps prevent malware
B. Easy to reverse
C. Hard to reverse
D. Prevents key loggers from capturing passwords
C
What is a one-way function?
A one-way function is a mathematical function that is easy to compute in one direction but hard to reverse. In the context of cryptography, this means that it’s easy to generate a hash value from input data, but computationally difficult to reverse the hash and retrieve the original input.
A high security risk can be caused by which of the following reasons? (Select 1 correct answer)
A. Small attack surface and deep layering
B. Small attack surface and shallow layering
C. Large attack surface and deep layering
D. Large attack surface and shallow layering
D
What does it mean to have shallow layering?
Shallow layering refers to having fewer layers of defense or security measures in place, which makes it easier for an attacker to bypass protections.
What does it mean to have a large attack surface?
A large attack surface means there are more entry points or vulnerabilities that an attacker can exploit.
What is a security policy?
A security policy is a formal document that outlines an organization’s rules, guidelines, and procedures for protecting its information, systems, and resources. It defines acceptable use, security requirements, and responsibilities to ensure the integrity, confidentiality, and availability of data and to prevent security breaches.
What is a security risk?
A security risk refers to the potential for a threat or vulnerability to exploit a weakness in a system, resulting in harm or loss to an organization’s assets, data, or operations. It represents the likelihood of a security breach occurring and the impact it could have on the organization’s security posture.
What is an access control matrix?
An access control matrix is a model used to define and manage the permissions that subjects (such as users or processes) have on objects (such as files, databases, or resources) within a system. It is represented as a table where rows represent subjects, columns represent objects, and the entries in the matrix specify the type of access (such as read, write, or execute) that each subject has on each object.
What is a capability list?
A capability list is a security model that specifies the permissions or access rights a subject (such as a user or process) has to various objects (like files, resources, or devices) in a system. It is essentially a list for each subject that enumerates the objects they can access and the types of operations (read, write, execute, etc.) they can perform on those objects. Each entry in the list acts as a “capability” that grants specific access rights.
Brief answer, what is the difference between an access control matrix and a capability list?
An access control matrix is a broader, system-wide view of access controls.
A capability list is more focused on the access rights of individual subjects.
