The internet - Internet security Flashcards

1
Q

Explain what the key exchange problem is, in relation to a symmetric cipher

A
  • How to pass the key (from the sender) to the receiver;
  • Without it being intercepted / securely;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain what it means for a cipher to be described as being computationally secure

A

The cipher cannot be cracked, by any known method in a polynomial amount of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is a TCP/IP protocol

A

a stack set of protocols used in turn, to format a message so it can be sent over a network
- each layer provides a specific function within the transmission of the message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

layers of the TCP/IP

A
  • application layer
  • transport layer
  • network layer
  • link layer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

summarise the application layer

A
  • established the protocols for the transmission
  • enabling communication over the network
  • Uses protocols like HTTP, SMTP, FTP, and DNS to handle specific communication tasks,
  • : Ensures that data is delivered to the correct application on the destination device through port numbers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

summarise the transport layer

A
  • establishes an end to end connection
  • performs error detection/correction
  • uses port number to pass the data on to the correct software in the application layer
  • add port number
  • split data up into segments
  • performs flow control
    -manages congestion
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what does TCP/IP stand for

A

transmission control protocol/internet protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

summarise the network layer

A
  • adds the IP addresses of the source and destination
  • Performs routing
  • selects the next host/ hop to transmit a packet to
  • performs error detection on the packet header
  • the addition of an IP and port forms a socket, which specifies the device the packet must be sent to
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

summarise the link layer

A
  • handles communication between devices on the same local network.
  • adds the mac address, identifying the NICs
  • Ensures data is transmitted over physical hardware like Ethernet or Wi-Fi.
  • MAC addresses change with each hop
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

how is data received after tcp/ip

A
  • link layer removes mac address from each packet
  • passes it to network layer
  • network layer removes IP address from each packet, passes it to transport layer
  • transport layer removes removes the port number from each packet, reassembles the packet in the correct order
  • passes it to app layer
  • app layer presents the image data for the user in a brpwser
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

features of a mac address

A

uniquely identifies a physical device with an NIC (NETWORK INTERFACE CARD)
- may be the destination computer or a router
-packets move around the lower layers of the stack as they hop across routers, changing their mac address as they go

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what are well known ports
why are they used

A

-A reserved port number that has a specific purpose
- Used because the communication is initiated by the sender, therefore the port number must be the same for all initial email communications

20 = file transfer protocol
80 and 8080 = HTTP
443 = HTTPS(encrypted HTTP)
25 = SMTP (simple mail transfer protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what is a port

A
  • a virtual endpoint used to identify specific processes or services/applications in network communication.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

examples of malicious software/ malware

A
  • worms
  • viruses
  • trojans
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

summarise worms

A
  • sub class of a virus
  • standalone software that can replicate itself without user intervention
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

summarise viruses

A
  • rely on other host files to be opened in order to spread themselves
  • most become memory resident when their host file is executed
  • once the virus is in memory, any other uninfected file that runs, becomes infected when copied into memory
17
Q

where do other common viruses reside

A

macro files usually attached to word processing and spreadsheet data files

18
Q

difference between a worm and a virus

A

viruses rely on other host files(usually executable programs) to be opened in order to spread themselves, whereas worms do not

19
Q

how does a worm enter a computer

A

through vulnerability or by tricking the user into opening a file, often an attachment

20
Q

virus or worm

A

ILOVEYOU bug - worm
Melissa - virus
blaster - worm

21
Q

summarise a trojan

A
  • manifests itself in a useful file, game, or utility you wanna install
  • when installed, the payload is released,without irritation
  • cannot self replicate
  • serve to open up back doors in your computer to the Internet, so that the processing power, Internet bandwidth and data can be exploited remotely
22
Q

what do malware do

A
  • exploits vulnerabilities in systems
23
Q

what is phishing

A

using email to manipulate a victim into visiting a fake website and giving away personal info

24
Q

methods that protect against malware

A
  • guarding against buffer overflow attack
  • guarding against SQL injection attack
  • use of strong passwords for login credentials
  • two factor authentication
  • use of access rights
  • spamming filtering
  • regular operating system and antivirus updates
25
what is buffer overflow
- occurs when a program accidentally writes data to a location too small to handle it - as a result, the overflowed data may end up in an neighbouring instruction space - malware can deliberately cause and manipulate overflow data which may then be read as malicious instruction
26
what is sql injection
when a malicious user can enter SQL commands via online databases forms to change the processing
27
What is monitoring
- observation and tracking of a system's performance, activities, or data. - can protect against the threat of hacking, which can produce malware - eg packet sniffers, user access logs
28
summarise protection
- up to date anti malware software can prevent the spread of infection
29
describe how computer A can encrypt a message, create a digital signature - and how computer B would decrypt the msg and verify that it was sent by computer A
- a messages hash value is calculated from the messages contents - the message hash value is encrypted using A's private key - encrypted hash value is used as digital signature - B's private key used to decrypt the message - the message is rehashed - A's public key decrypts the digital signature - If both hashes match, the sender can be authenticated
30
what is file transfer protocol
an application level protocol used to move files across a network - uses the client - server - operates on ports 20 and 21 - used with username and passwords
31
what is secure shell (SSH)
- encrypted protocol that allows secure communication between nodes across a network - can be used to create a tunnel through a network - the tunnel can be used to pass through data that might be blocked
32
email protocols and what theyre used for
POP3 - retrieves emails on the server IMAP - manages emails on the server SMTP - forwards emails between mail servers and their destination
33
difference between POP3 and IMAP
IMAP holds mail on the server so that multiple devices can access all mail POP downloads mail to a local device and removes it from the server
34
difference between http and https
- HTTP is used for transmitting data over the web in plain text. - HTTPS encrypts data using SSL/TLS for secure communication. - HTTPS ensures data confidentiality and integrity.
35
Describe the purpose of sockets in the TCP/IP stack.
A socket combines an IP address and a port number to uniquely identify a network connection, enabling communication between devices.
36
Discuss how improved code quality, monitoring, and protection can help address the risks posed by worms, trojans, and viruses.
1.Improved code quality: - Reduces vulnerabilities that worms, trojans, and viruses exploit. 2. Monitoring: - Detects malicious activity in real time to stop the spread of malware. 3. Protection: - Firewalls, antivirus software, and security patches prevent and mitigate threats.
37
state names of application layer protocols and explain what they'll be used for
SMTP // Simple Mail Transfer Protocol - To send emails to another client POP(3) - ) retrieve emails on the server SSH // Secure Shell - provides a secure/encrypted connection for remote management HTTP / HTTPS - So users can access email via the web
38
explain how the transport layer determines which application layer software on the server should deal with a received request
- uses the port number to determine which server should deal with the received request