1323 Networks and Security Flashcards

Question

What does 'Store and forward' packet switching refer to?

Answer 1

A method where packets are sent to routers which then forward them until they reach the destination ## Footnote This abstracts the complexity of the physical network.

Answer 2

Congestion or errors/faults in the network ## Footnote This highlights the unreliability of the Internet Layer.

Answer 3

1500 bytes ## Footnote This is the typical Maximum Transmission Unit (MTU) for Ethernet.

Answer 4

A protocol that uses 32-bit addresses written as 'dotted quads' ## Footnote Example: 152.78.64.100.

Answer 5

Variable-size header with a minimum of 20 bytes ## Footnote Contains fields like TTL, Protocol, Checksums, and Source/Destination IP.

Answer 6

Classless Inter-Domain Routing ## Footnote Introduced in 1993 to allow variable length prefixes and reduce IPv4 consumption.

Answer 7

'Colon-hex' format ## Footnote Example: 2001:0630:00d0:f500:0000:0000:0000:0064.

Answer 8

1280 bytes ## Footnote Path MTU Discovery must be used before sending to ensure compatibility.

Answer 9

fe80::/10 ## Footnote Local addresses are never routed.

Answer 10

To limit the propagation of broadcast traffic and segment hosts ## Footnote It allows logical division of networks.

Answer 11

To connect different address spaces and manage routing tables ## Footnote Each router interface must have an address reachable by the hosts in that segment.

Answer 12

True ## Footnote Transition methods like dual stacking allow both protocols to run side-by-side.

Answer 13

Used by IPv6 hosts to access IPv4-only destinations ## Footnote This is part of the strategy to facilitate communication between different IP versions.

Answer 14

Specifies how many bits identify the network prefix.

Answer 15

A: /8 - 16 million addresses B: /16 - 65,000 C: /24 - 256

Answer 16

A unique IP address

Answer 17

A more simplified version of the OSI model which better represents what happens

Answer 18

How packets are moved between subnets (between changes in IP address space)

Answer 19

How many bits identify the network prefix

Answer 20

The first 48 bits represent the Network

Answer 21

255.255.0.0

Answer 22

Internet Control Message Protocol

Answer 23

Standard IP packets

Answer 24

Information and error messages

Answer 25

Router advertisement and neighbour discovery

Answer 26

One-to-many communication

Answer 27

Interested in them

Answer 28

* One-to-many multimedia * Live video streaming * Local service discovery * Multicast DNS allows name resolution in a local network

Answer 29

Address Resolution Protocol

Answer 30

An IPv4 address on the local subnet to a MAC address

Answer 31

An ARP 'who has' request

Answer 32

Dynamic Host Configuration Protocol

Answer 33

Automates the process of configuring addresses on a network for IPv4

Answer 34

A DISCOVER message

Answer 35

Neighbour Discovery Protocol

Answer 36

An IPv6 address on the local subnet to a MAC address

Answer 37

ICMP and multicast

Answer 38

* Router solicitation * Router advertisement * Neighbour solicitation * Neighbour advertisement * Redirect

Answer 39

The IPv6 network prefix (/64) to use

Answer 40

Stateless Address AutoConfiguration

Answer 41

Autoconfigure basic network settings without a DHCPv6 server

Answer 42

A 64-bit prefix determined from a Router advertisement

Answer 43

Based on a host MAC address

Answer 44

A pseudo-random function

Answer 45

An ephemeral randomly-generated host part for outbound connections

Answer 46

An extension of DHCP that requires router advertisement

Answer 47

DHCP Unique Identifier

Answer 48

Delegate prefixes rather than just an address

Answer 49

* No NAT * More plug and play than IPv4 - SLAAC * Streamlined header * Fragmentation only at sender

Answer 50

IPv4 is on 'borrowed time'

Answer 51

* Time and money * Hardware support * Convincing management

Answer 52

IPv6 hosts can pick their address, using many private addresses over time

Answer 53

Polling switches and routers for MAC table and ARP information

Answer 54

We don't need IPv6, CGNAT and address recovery means we have a lot more addresses

Answer 55

A 16 bit number that uniquely identifies a connection endpoint on the host. ## Footnote The range is from 0 to 65535.

Answer 56

TCP ## Footnote Port conventions include well-known ports (0-1023), registered ports (1024-49151), and dynamic/private ports (49152-65535).

Answer 57

Transmission Control Protocol, a connection-oriented protocol that includes acknowledgements and retransmissions. ## Footnote TCP provides flow control and congestion control for segments it sends.

Answer 58

* Provides connection management * Provides flow control * Uses retransmission for reliability * Receiver reassembles segments in the correct order ## Footnote TCP provides performance and reliability on an otherwise unreliable IP service.

Answer 59

They are used to track sequential packets. ## Footnote The SYN bit is also included.

Answer 60

SYN → SYN-ACK → ACK

Answer 61

SYN opens connection with a random seq num, server acknowledges, client acknowledges completing the connection.

Answer 62

Acknowledgement

Answer 63

ACKs are sent back by the receiver, and the sender must detect lost packets through retransmission timeout. ## Footnote This helps estimate when an ACK is expected.

Answer 64

Prevents a fast sender from overwhelming a slow receiver using the Sliding Window Protocol.

Answer 65

The sender should not send data unless the receiver indicates it has buffer space available.

Answer 66

Reduces send rate to cope with network congestion.

Answer 67

Packet loss is a signal of congestion.

Answer 68

User Datagram Protocol, a connectionless protocol that allows sending datagrams without establishing a connection. ## Footnote It is often referred to as 'send and forget'.

Answer 69

* Connectionless * No sequence numbers * No acknowledgements * Requires application-level retransmission if needed ## Footnote Some UDP applications may use a fixed bit rate.

Answer 70

Simpler than TCP, with an optional checksum.

Answer 71

It can drop packets, and higher protocols can send a request back to the source.

Answer 72

* Protocol * Source IP * Destination IP * Port number source * Port number destination

Answer 73

An API to use sockets in C, including server-side socket() and bind(), and client-side socket() and connect().

Answer 74

Video or Audio applications.

Answer 75

Maps host names to IP addresses

Answer 76

A single text file on a central host.

Answer 77

A distributed, hierarchical system on port 53, that uses UDP.

Answer 78

Nominet control .uk and delegate .ac.uk to JISC who delegate soton.ac.uk to Uni who delegate uglogin.soton.ac.uk by hosting an authoritative name server.

Answer 79

SOA - Start of authority AAAA - IPv6 A - IPv4 MX - Mail exchange NS - Name server CNAME - Canonical name PTR - Pointer to Canonical name SRV - Service location TXT - Text record HINFO - Host information

Answer 80

DNS record system isn't designed to have any extra information and as such it is placed in the text record.

Answer 81

Hosts query DNS for an A record and or AAAA. So clients have to know a local DNS server, may be an ASDL router or a local or public DNS server.

Answer 82

Name Authority Pointer Records.

Answer 83

A program that extracts information from the name server. They resolve the query and return the answer.

Answer 84

A referral to another server.

Answer 85

Responds from the local cache or resolve the query before replying to the client.

Answer 86

Sends queries to a different DNS server, even if the RD bit is set.

Answer 87

A continuous chunk of name space.

Answer 88

An associated set of name servers, storing list of names and tree links

Answer 89

The owner must delegate subzones, you need to 'convince' them to do it.

Answer 90

Records within a zone should be stored redundantly Manually update primary name server Secondary name servers updated by zone transfer.

Answer 91

Responsible for the 'root' zone Currently 13 of them - operated by 12 independent organisations Queried when local name servers can't resolve a name.

Answer 92

No, there are 1730+ distributed by anycast

Answer 93

Allows a client to reach the nearest instance of a server.

Answer 94

You advertise the same IP or a small IP block, at multiple points on the internet, routers learn the nearest.

Answer 95

Multicast DNS DNS for small networks with a 'zero configuration' approach.

Answer 96

Confidentiality Integrity Availability

Answer 97

Persevering authorised restriction on information access and disclosure

Answer 98

Guarding against improper information modification or destruction

Answer 99

Ensuring timely and reliable access to or use of information.

Answer 100

Property of being genuine and being able to be verified and trusted.

Answer 101

Security goal that is the requirement for actions of an entity to be traced uniquely to that entity.

Answer 102

Assets Including: Hardware Software Dara Communication facilities

Answer 103

The system can be corrupted Can be leaky Can be unavailable

Answer 104

A representation of a potential security harm to an asset

Answer 105

The materialisation of a threat.

Answer 106

Active: alter or affect the operations of an asset Passive: Attempt to learn or make use of information from the system that doesn't affect assets

Answer 107

Initiated by an entity within the security perimeter, they are authorised to access the system resources.

Answer 108

The measure of extent to which an asset is threatened by a potential circumstance or event.

Answer 109

The adverse impacts of the circumstance. The likelihood of the circumstance.

Answer 110

Any means taken to deal with a security threat / attack

Answer 111

Detection Prevention Mitigation Recovery

Answer 112

The specific connection type.

Answer 113

Coaxial cable Power line Fibre Optic Wireless

Answer 114

Transmission of frames over physical media, passing IP datagrams up the stack Detection and handling of transmission errors.

Answer 115

Primarily using messages to sender saying that more data can be sent, but can also be rate-based so speed is agreed.

Answer 116

Connectionless Acknowledged and connectionless Acknowledged, connection-orientated

Answer 117

On low error rate networks, no signalling path is established in advanced, the frames are sent, and may or may not be received by the destination.

Answer 118

Wireless (WiFi 802.11n) supports block acknowledgements

Answer 119

For long delay, unreliable links -> satellite

Answer 120

Stop-and-wait automatic

Answer 121

Repat reQuest Send frame and wait for ACK, will not get an ACK if frame is lost.

Answer 122

Pipelining Send multiple frames before receiving ACK Go back-N ARQ Use a sequence number to identify each frame, send many, and if an ACK if missing retransmit that frame. Selective-repeat ARQ Similar but only retransmit lost frames.

Answer 123

Error or packet loss detection and retransmission

Answer 124

As no link is error free and link layer detection cannot detect IP faults

Answer 125

The checksum field of the frame.

Answer 126

False, only IPv4 has checksums

Answer 127

To indicate where the frame starts and ends. Uses some bandwidth to indicate the start/end of frames.

Answer 128

Marks the start and the end with a special byte, if this byte occurs in the data, escape it using and escape byte. If the escape byte occurs then escape that.

Answer 129

Media Access Control Manages access to and from the physical medium, part of the link layer. It has a mechanism for sending frames to/from PHYS and typical frames channels/ frequencies / collisions.

Answer 130

Twisted pair cable with switches that are packet switched. One device per switch port, no contention over a medium if switch has sufficient internal bandwidth.

Answer 131

Something is needed when using a single, shared media to ensure only one sender is transmitting at any time.

Answer 132

Carrier Sense Multiple Access with Collision Detection Sender listens to see if the medium is busy, if it is the sender will wait. When the channel is free, the sender begins to transmit. Back off before retransmitting if a collision is detected, pick the time delay to retransmission from an increasing set of values.

Answer 133

As their is a hidden node problem, so they use CSMA/CA instead

Answer 134

Maximum Transmission Unit 1500

Answer 135

Supported by a part of the 802.1Q tag, only, affects the prioritisation at the switch.

Answer 136

Unicast: 1-1 Broadcast: 1-All Multicast: 1-Many Anycast: 1-Someone we don't care

Answer 137

Address Resolution Protocol Determines the destination's MAC address given their IP address, when on the same network. Uses a broadcast message, to a special broadcast address. (111.111.111.111) or (ff:ff:ff:ff:ff:ff), the frame contains the IP address of the target and the target will reply with its MAC.

Answer 138

ARP can be spoofed by machine pretending to have specific IPs In the event of a change of IP or MAC, a gratuitous ARP is sent. ARP probes can detect IP address clashes.

Answer 139

A suite of protocols which can detect loops created by bridging LANS and remove paths. Done via a spanning tree algorithm

Answer 140

Vendor allocation

Answer 141

True, they are originally 48 but can be extended to 64.

Answer 142

Allows a switch to only forward frames to ports where the devices they are addressed to are connected.

Answer 143

Observes incoming source addresses on each port, store this in a table. Can the forward future frames to that port only. If a MAC address is not in the table, it must be flooded to all ports. Entries only have a 60 second lifespan.

Answer 144

Desktop: 1Gbit/s Server: 10Gbit/s

Answer 145

Receives frames and makes the decision whether to forward the frame, and if so, on which port and performs MAC learning

Answer 146

As broadcasts can flood LANs.

Answer 147

We need to use an IP router, the router can forward the packets, but not broadcasts.

Answer 148

With router solicitation. Router periodically sends advertisements, non-local traffic is send to the router.

Answer 149

Gateways between individual link layer Ethernet LANS

Answer 150

Determine which LANs use which IP address range. They are needed to decide how to assign address space to LANs.

Answer 151

Typically uses copper twisted pair cabling, deployed using Data riser: vertically aligned switch Flood wiring per floor: To faceplates from switch room Ethernet switch stacks - one switch port per faceplate

Answer 152

Typically a fibre link

Answer 153

Typically use an ASDL router with multiple Ethernet ports and 802.11 WiFi Just a single LAN with no internal routing.

Answer 154

Virtual Switched networks over fixed infrastructure. Ethernet frame includes an optional VLAN identifier.

Answer 155

12 bit value in 802.1Q tag,. can place a switch port in specific VLAN. Can carry multiple VLANs over one trunked uplink.

Answer 156

Avoids needing to physically re-cable the network, and can control broadcasts to certain areas

Answer 157

Dynamic Host Configuration Protocol. Automatically assigns IP addresses to devices on a network.

Answer 158

Device request an IP from a DHCP server, the server leases an available IP for a specific lease time. Once the lease expires, it can be renewed or reassigned.

Answer 159

Automated Efficient management

Answer 160

Simple Mail Transfer Protocol Responsible for sending emails only, does not receive them. Text-based protocol that use specific commands and responses.

Answer 161

Sender connects to SMPTP server and sends the message. Server relay, checks the recipient's domain and locates the correct mail server. SMTP Transfer - sender's server connects to the recipients server and transfers the email. The recipients server stores the email until it is retrieved. Authentication is an extension

Answer 162

Internet Message Access Protocol Used by email clients to retrieve and manage stored emails.

Answer 163

Connection to mail server: port 143 or 993 for encrypted connections. Email synchronisation: Clients keeps TCP connection open to send requests or receive notifications. Unlike POP3, the mail is kept on the server and not deleted unless requested.

Answer 164

Hypertext Transfer Protocol Used for web browsing and communication between web servers and clients.

Answer 165

The browser connects to the web using TCP on port 80 or 443 for secure. The browser sends a request. The server responds with a status code. The browser processes the response. This is all transmitted in plaintext unless secure.

Answer 166

GET HEAD POST PUT DELETE

Answer 167

1xx: Information 2xx: Success 3xx: Redirection 4xx: Client error 5xx: Server error

Answer 168

Wraps HTTP in a TLS session to achieve confidentiality and integrity

Answer 169

Transport Layer Security

Answer 170

Improves on HTTP by adding header compression and multiplexing multiple requests over a single connection

Answer 171

Improves on HTTP/2 by not using TCP connections, but QUIC instead.

Answer 172

Quick UDP Internet Connections. A new UDP based protocol to replace TCP in some situations It does less handshakes than TCP.

Answer 173

Real Time Streaming Protocol Designed for streaming media over the internet.

Answer 174

DESCRIBE SETUP PLAY PAUSE TEARDOWN

Answer 175

Real-time Transport Protocol Handles the actual transmission of real-time media, it runs over UDP for low-latency.

Answer 176

With timestamps Uses sequence number to detect lost packets

Answer 177

The process of granting or denying specific requests to: obtain and use information and related processing services. Enter specific physical facilities

Answer 178

Prevent unauthorised users from gaining access to resources Prevent legitimate user to access resources in an unauthorised manner. Enable legitimate users to access resources in an authorised manner Implements a security policy that specifies who or what may have an instance of each specific resource and type of access that is permitted in each instance

Answer 179

Verification that credentials of a user or other system entity are valid.

Answer 180

Granting of a permission to a system entity to access a system resource

Answer 181

An independent review and examination of system record and activities.

Answer 182

An amalogous set of lews that defines those executions of a system that are acceptable or complementary, those that are not acceptable. Defined in terms of high-level rules or requirements.

Answer 183

Provides a formal representation of a class of systems highlighting their security features at some chosen level of abstraction. Abstract descriptions of system behaviours, guide the design of specific policies.

Answer 184

An entity capable of accessing objects, process that represents a user application actually gains access to an object.

Answer 185

Owner, group, world

Answer 186

A resource to which access is controlled. An entity used to contain and/or receive information

Answer 187

The way in which a subject may access an object Read/Write/Exec/Delete

Answer 188

Define a specific set of policies and authorisation rights for a system to enforce via a set of rights to fulfil security concerns.

Answer 189

DAC: discretionary MAC: mandatory RBAC: Role-based ABAC: Attribute-based

Answer 190

An owner and a discretionary access control list of the permission of each subject.

Answer 191

Users won resources and control their access. Owner may change an object's permissions at their discretion Owner may be able to transfer ownership.

Answer 192

Open to mistakes, negligence or abuse due to flexibility Management is complex Difficult to ensure that the correct access is provided to the right users. Permissions change frequents because objects and subjects change frequently

Answer 193

Explicit access relations between object's and subjects. These can quickly grow.

Answer 194

Mandatory Access Control Classification of subjects and objects by security levels.

Answer 195

Every subject has a profile, which includes their clearance and need-to-know. Every object has a security label composed of two parts: classification and a category.

Answer 196

To keep objects and users classifications up to date.

Answer 197

This is more rigid than DAC, but more secure.

Answer 198

Subjects cannot transfer their access rights.

Answer 199

Global public network connecting devices worldwide using standardised protocols

Answer 200

Lack of content controls, privacy concerns, vulnerable to hacking and malware.

Answer 201

A private network that is restricted to an organisations employees. It is used for sharing information, resources and tools within the organisation.

Answer 202

Isolated from the public internet threats via firewalls and VPNs

Answer 203

A private network that extends certain services or access external partners clients or suppliers.

Answer 204

Used for collaboration between different organisations

Answer 205

Access controls Encryption Firewalls and VPNs

Answer 206

If packets match an allowed rule, then they are forwarded otherwise they are not. E.g allow traffic from trusted IPs or block all on port 80

Answer 207

Creates a secure connection between a user and the internet, protecting data from threats.

Answer 208

The user connects to a VPN The client encrypts data prior to transmission Data is sent through a secure tunnel to the server The server decrypts the data and forwards it to destination Response from the destination is encrypted and sent back via the tunnel.

Answer 209

Security Privacy Bypass geo-restrictions Secure remote access

Answer 210

Performance issues Complexity and management: cost of VPNs is high Security and risks: encrypts between device and server only.

Answer 211

PPTP: Point to Point Tunnelling protocol: Older and faster but less secure L2TP/IPSec Layer 2 Tunnelling Protocol with IPSec: More secure commonly used IKEv2/IPSec: Internet Key Exchange Version 2. very fast, secure and ideal for mobile devices.

Answer 212

Role-based Access Control.

Answer 213

The administrator associates various permissions to each role. Each user is assigned at least one role and inherits the permissions associated to the roles.

Answer 214

Many subjects have identical attributes, and a policy is based on these attributes. Fundamental/organisation hierarchies that determine access rights.

Answer 215

A role is an abstract representation of a group of subjects that are allowed to perform the same operation on the same objects. The objects are assigned an authorised role The subjects must identify themselves to acquire these roles to access and operate on the objects.

Answer 216

Roles are an abstraction of jobs or functions Distinct from the notion of user groups Emphasis is on responsibility and associated permissions Widely used by companies Increase abstraction in policies Policies are more manageable Reduce user administration Easy to audit Higher flexibility and scalability

Answer 217

One role to inherit permissions from another role.

Answer 218

A defined relationship among roles or a condition related to roles.

Answer 219

Setting a maximum number with respect to roles. A risk mitigation technique.

Answer 220

When it is already assigned to some other specified roles.

Answer 221

Attribute-based Access Control Access control by evaluating rules against the attributes of entities, operations, and the environment relevant to the request.

Answer 222

Characteristics that define specific aspects of the subject, object, environment condition, and/or requested operations.

Answer 223

Define the identity and characteristics of the subject.

Answer 224

They can often be extracted from the metadata of the object

Answer 225

Describe the operational, technical, and situational environment or context in which the information access occurs.

Answer 226

Dynamic as Access Control is evaluated at time of request. Contextual: Environmental conditions considered Fine-grained: Providing more combination to reflect more definitive set of rules.

Answer 227

Complexity of the design and implementation, in terms of the performance impact. It is likely to exceed that of other access control models.

Answer 228

The study and practise of techniques for secure communication in the presence of adversarial behaviour.

Answer 229

Because its keys.

Answer 230

The same key is used for encryption and decryption

Answer 231

Each user has a pair of keys: Private key and a public key.

Answer 232

The sender encrypts a piece of information, with the public key of the recipient. The recipient decrypts it using their private key,

Answer 233

two primes and two related numbers (e and d) to form the public and private keys.

Answer 234

Sender encrypts a piece of info and the sender decrypts, if it can be decrypted then it must have come from the origin

Answer 235

h:{0,1}* -> {0,1}n. Where n is a security parameter, n = 128, 160, 256, 512.

Answer 236

Maps data of an arbitrary size to a bit string of a fixed size.

Answer 237

It's vulnerable to a man in the middle attack.

Answer 238

It's purpose is to enable two users to securely exchange a key that can then be used for subsequent symmetric encryption of messages

Answer 239

We add different secret information at each point, which we know that if we add the same thing we will arrive at the original info. Basically lots of MOD and primes

Answer 240

9.6 gbps compared to 10

Answer 241

Connects to a wired network. It transmits radio signals in a specific frequency range (2.4GHz to 5GHz) Client devices associate with the AP and receive these signals SSID is used to identify a network.

Answer 242

Service Set Identifier

Answer 243

A network where the client connects directly without an AP

Answer 244

As 2.4GHz is very crowded and has high interferance.

Answer 245

IEEE 802.11

Answer 246

Signal strength Interference Network congestion

Answer 247

MIMO beamforming Channel Bonding Quality of service

Answer 248

Devices receive every other node's transmission Devices can transmit and receive at the same time

Answer 249

Rely on shared channels Devices can't always sense each other's transmissions Devices can't transmit and receive at the same time.

Answer 250

A situation where two devices can't detect each other, but are transmitting to the same access point, leading to collisions

Answer 251

Request to Send / Clear to Send

Answer 252

A device sends an RTS to an access point. It will reply with a CTS if the channel is free. The device transmits while others wait.

Answer 253

Carrier Sense Multi Access / Collision Avoidance In wired networks: Collision Detections -> CSMA/CD

Answer 254

Listen to the channel, transmits, and if a collision is detected it stops, waits, and retransmits.

Answer 255

Listens to the channel and waits for it to be idle before retransmitting, uses ACKS to confirm receipt.

Answer 256

A situation where a device incorrectly assumes the channel is busy and unnecessarily delays transmission.

Answer 257

As the signal is not constrained by wires Anyone within range can listen or participate.

Answer 258

Eavesdropping Man in the middle Deauthentication: forces devices to disconnect Evil twin attack

Answer 259

Key Reinstallation attack A vulnerability in WPA and WPA2 found in 2017. Attack forces a device to reinstall an already used key, leading to the decryption of data of injection of malicious traffic.

Answer 260

A vulnerability discovered in devices affecting WPA2, allowing the decryption of data packets.

Answer 261

Wired Equivalent Policy Intended to provide data confidentiality comparable to a wired system

Answer 262

Pre-shared key

Answer 263

Initialisation Vector

Answer 264

Rivest Cipher 4 stream cipher to encrypt data Integrity Check Value.

Answer 265

RC4 is weak IV too short and is sent in plaintext Static pre-shared key Weak integrity check.

Answer 266

WiFi Protected Access. The immediate solution to WEP.

Answer 267

Temporary key derived from pre-shared key

Answer 268

Yes, for backward compatibility.

Answer 269

128 bits 48 bits

Answer 270

Still based on RC4 and relies on a shared password, vulnerable to brute-force attacks.

Answer 271

Authenticated encryption using AES with CCMP

Answer 272

AES for encryption. PSK replaced with SAE

Answer 273

Simultaneous Authentication of Equals

Answer 274

WiFi Protected Setup Intended to make it easier to connect to a WPA protected network

Answer 275

User enters an 8 digit Pin or presses a button for initial connection

Answer 276

User authentication

Answer 277

The determination of the identity of something by encompassing identification and verification?

Answer 278

ID: Username Verification: Password

Answer 279

Something the individual knows The posses They are They do

Answer 280

The most widely used authentication The user provides a username and password which is compared to a stored password.

Answer 281

Predictable passwords are common People reuse passwords Passwords can be compromised in data breaches

Answer 282

Objects that the user possesses for authentication Such as Memory cards and Smart Cards

Answer 283

Memory cards only store data Smart cards have a microprocessor to process data.

Answer 284

Challenge-response authentication protocol.

Answer 285

Requires a special reader, which needs to be maintained. Tokens can be lost or stolen providing potential unauthorised access and disruption User dissatisfaction - user may find it inconvenient.

Answer 286

Based on unique physical characteristics. This is based on pattern recognition by mapping physical characteristics to a digital representation.

Answer 287

Static: fingerprints, facial characteristics, and retinal Dynamic: voiceprint and signature

Answer 288

False matches False nonmatches The concept of accuracy does not apply in password and tokens.

Answer 289

An adversary could eavesdrop the authentication process, steal the authenticator or hijack the process ultimately to gain access to the target system.

Answer 290

A and B have shared a secret in advanced and A wants to authenticate B. A sends a unique challenge value, chall, to B B computes the hash of chall + secret. A calculate expected values of this to ensure B responded correctly, when B replies.

Answer 291

A user is granted access only after they present two or more pieces of evidence.

Answer 292

Easy to remember but hard to guess

Answer 293

In an online attack we have an online service to crack, in an offline attack, we have a password file

Answer 294

An exhaustive search of possible combinations up to a certain length.

Answer 295

|symbols|^length

Answer 296

An intelligent search that tries password associated with the user, try words in dictionary and popular passwords.

Answer 297

No guarantee the right password is found.

Answer 298

Hackers attempt to bypass the access controls protecting the system password file

Answer 299

The attacker tries to access the system password file and then compare password hashes against common passwords.

Answer 300

Password policies Changing passwords Machine generated passwords Lockout mechanics

Answer 301

Time delays are introduced between consecutive failed login attempts

Answer 302

Monitoring login to detect unusual user and then notify user of attempted logins

Answer 303

Check if an input password is in a list of common words, this might be a sign of an attacker. This is not the same as having password policies

Answer 304

We store the hash of a password rather than the password itself.

Answer 305

By hashing our new attempt, comparing to the stored hash and if they match we have the password.

Answer 306

A precomputed table on the relation

Answer 307

A reduction function that generates a new password to be hashed

Answer 308

Compute the last reduction from the target hash. If not, compute the last two reductions and check if they compute the password. Stop when you find a password that does.

Answer 309

Because it is a good trade-off between space and time.

Answer 310

Avoiding or mitigating a reverse password attack

Answer 311

Add a random salt (append or prepend) to the password. Compute the hash of the password with salt Store the hash of the salted password and salt.

Answer 312

Because it prevents duplicate password from being visible in the password file, where two entries of the same password have different salts.

Answer 313

In the Security Account Manager Database

Answer 314

brute-force/dictionary password cracker, primarily for cracking weak passwords/

Answer 315

Tool to crack hashes through rainbow tables.

Answer 316

A notion of a security policy that defines who can access our data.

Answer 317

Privacy is confidentiality for individuals, secrecy is confidentiality for organisations.

Answer 318

A condition in which your true identity is not known The confidentiality of your identity

Answer 319

Four basic groups of harmful activities Information collection Information processing Information dissemination Invasions

Answer 320

Direct intrusions on the data subjects

Answer 321

Surveillance and interrogation

Answer 322

Aggregation: combining various pieces of data Identification: linking individuals to particular information Insecurity: carelessness in protecting secured info Secondary use: info changes use without consent

Answer 323

Breaking a promise to keep a person's information confidentiality.

Answer 324

Exposing others to certain physical and emotion attributes about a person. Often creates embarrassment and humiliation. Needs protection to safeguard human dignity.

Answer 325

Use of one's identity or personality for the purposes and goals of another interfere the way an individual desires to present themselves to society.

Answer 326

Dissemination of false or misleading information about individuals

Answer 327

Dissemination of false or misleading information about individuals

Answer 328

Revelation of truthful information about a person that impacts the way others judge a person's character

Answer 329

Invasive acts that disturbs one's tranquillity of solitude

Answer 330

Government interference with people's decisions regarding certain matters of their lives

Answer 331

Communication Anonymisers: Hiding a user identity Enhanced Privacy IDL A digital signature algorithm that uses a common group public verification associated with unique private keys Zero-knowledge Proof: One party can prove to another party that they know a secret without sharing anything. Homomorphic Encryption: Encryption that allows computation on ciphertexts. Secure Multi-party Computation: Jointly computing a function over their inputs while keeping those inputs private Differential Privacy: Sharing info about a dataset by describing the patterns of groups within the dataset without the individuals Federated Learning: Training models across multiple distributed nodes without sharing local data

Answer 332

Virtual Private Network

Answer 333

Connecting one device to another via a server in the middle so that P knows A and B are connected and what they sent but B knows only P while A knows B. A -> P -> B

Answer 334

By creating an encrypted tunnel between you and the server. Encapsulating your device in the network of the server.

Answer 335

A VPN encrypts the data a proxy does not.

Answer 336

No, it depends on the protocol being used.

Answer 337

To access sensitive service or data in the company from outside. To anonymise the traffic as the ISP will no longer know which websites you will visit as it will only see a connection towards a VPN server. To simulate your current position as the VPN server.

Answer 338

Open-source software for creating a VPN using a custom security protocol based on TLS.

Answer 339

The Onion Router

Answer 340

A different approach to anonymity using a chain of proxy server, known as mixes, to create hard-to-trace communications.

Answer 341

All traffic is protected by layers of encrypted added on and removed at each proxy.

Answer 342

During path establishment, the sender places keys at each mix along the path. Data is re-encrypted as it travels the reverse path.

Answer 343

Takes bandwidth into account when selecting relays (mixes). Introduces hidden services only available via Tor.

Answer 344

Perfect Forward Secrecy Minimises the risk posed to personal information in the event of an encryption key breach.

Answer 345

Maintain the status tor nodes

Answer 346

Entry nodes: Know the identity of the sender Relay nodes: Route the messages Exit nodes: Know the identity of the receiver and can see traffic if unencrypted

Answer 347

Allows you to run a server without disclosing the IP or domain name.

Answer 348

Binds a user / company to it's public key. Consisting a public key, user ID of the owner, with the whole block signed by a trusted third party.

Answer 349

Used for secure e-mail, VPN, wireless, web servers, network authentication and code signing.

Answer 350

Public Key Infrastructure The set of hardware, software, people, processes, policies and procedure that are needed to create, manage, store, distribute and revoke digital signatures based on asymmetric cryptography.

Answer 351

To enable secure, convenient, and efficient acquisition of public keys.

Answer 352

Certification Authorities Responsible for issuing, revoking and distribution. Often a trusted third party organisation.

Answer 353

As they are signed with the CA's private key which can be decrypted using CA's public key.

Answer 354

Registration Authority Performs function for CA but does not issue certificates directly.

Answer 355

Identifies and authenticates certificate applicants Approves or rejects applications Initalising certificate revocations or suspensions. Processing subscriber requests to revoke or suspend their certificates Approving or rejecting renewal requests.

Answer 356

Means of storing and distributing certificates and certificates revocation lists and managing updates to them.

Answer 357

RA verfies subject information Generates public - private key pair CA issues the certificate.

Answer 358

Fetch the certificate Fetch the certificate revocation list Compare against CRL Check the signature using the certificate.

Answer 359

Expiration Compromised private key Human resources reason Company changes name, physical address, DNS.

Answer 360

Certificate Revocation Lists A list of certificates which are no longer valid Published regularly by the CA in the PKI repository But also sent by any relying party who has subscribed to it.

Answer 361

Not issued frequently enough to be effective against attacks Expensive to distribute Vulnerable to simple DoS attacks.

Answer 362

The most widely accepted format for public-key certificates used in most network security applications. Issuer: CA Subject: Owner Signature: Hash of the entire block signed by the CA's private key

Answer 363

Online Certificate Status Protocol where we query the CA as to if a certificate is valid.

Answer 364

Each certificate has a serial number and the revocation date, but there are overheads in retrieving and storing lists, we use OCSP.

Answer 365

Designed to secure communications over IP networks by providing encryption, authentication, and data integrity.

Answer 366

Otherwise, data could be intercepted and read. And then altered or tampered. Attackers could impersonate users to gain access.

Answer 367

Authentication header attaches a cryptographic hash to the packet. But doesn't encrypt data. Encryption Security Payload encapsulates the original data within a secure header and encrypts it. (AES)

Answer 368

Securely establishes authentication and key exchange between two devices, creating Security Assoiciations to enable encrypted communication

Answer 369

Transport Tunnel

Answer 370

In transport only the payload is encrypted, but in tunnel the entire packet is encrypted including the header.

Answer 371

Performance overhead: introduce latency due to encryption Require complex setup Incompatibility issues.

Answer 372

DNS Security Extensions A set of security protocols designed to add integrity and authenticity to the DNS

Answer 373

DNS provides no authenticity or integrity, an attacker can divert traffic by impersonating a resolver or forging response to poison a resolver DNS cache.

Answer 374

Uses public-key cryptography to digitally sign DNS records with RRSIG and DNSKEY. These are digital signatures to ensure that DNS responses come from the right source and have not been altered.

Answer 375

Resource Record Signature

Answer 376

Provides cryptographic proof of non-existance to prevent forging.

Answer 377

As each level validates the layer below until you get to the final layer.

Answer 378

The is no encryption of queries or responses so eavesdroppers can learn which domains are being resolved. Performance overhead increases latency

Answer 379

By DNS over TLS (DoT) and DNS over HTTPS (DoH)

Answer 380

Illegal profit

Answer 381

Money theft Personal document ransom Data breaches DDoS Cyptojacking

Answer 382

Malware Social engineering Social media Botnets

Answer 383

High quality intelligence Sabotage of critical infrastructure Subversion of political matters Cyberwarfare

Answer 384

Influence campaigns Data breaches DDoS Advanced Persistence Threats

Answer 385

They are the same vectors, just a nation state is more advanced.

Answer 386

Activity of fighting a cyberwar, often including the weapons and methods that are used in the cyber space.

Answer 387

As the right of self-defence of the victim is only triggered for large-scale attacks on critical infrastructure. Plausable deniability due to anonymity and lack of casulties.

Answer 388

Advanced Persistent Threat A long-term pattern of targeted sophisticated attacks Advanced: Cutting-edge Persistent: Use of stealthy technologies to remain hidden Threat: Malicious

Answer 389

A actor motivated by the pursuit of social change.

Answer 390

Web defacements Data breaches DDoS

Answer 391

The same as cybercriminals but less advanced.

Answer 392

Libertarian and anarchist Opponents of the power elite Act of civil disobedience No damage to property No personal profit Personal responsibility

Answer 393

Conspiracy theorising Obsession with privacy and secrecy Membership fluidity Culture of humour and creativity.

Answer 394

The media should not be attacked Critical infrastructure should not be attacked One should work for justice and freedom

Answer 395

False They have no leader or hierarchy

Answer 396

An organisation that publishes sensitive or classified documents

Answer 397

Legitimate access to valuable resources used for malicious purpose

Answer 398

Yes, e.g accidental deletion

Answer 399

A less skilled hacker motivated by the desire to join a real group, the challenge or just curiosity.

Answer 400

Ones found on the internet

Answer 401

An empirical model of representing the sequence of steps that cyber attacks go through. Providing a better framework to better understand cyber attacks.

Answer 402

Figure out why past attacks succeeded Develop a structured knowledge base on past attacks Identity convenient and effective ways to protect assests Forecast potential next steps of an ongoing attack.

Answer 403

Reconnaissance: Target research and selection Weaponization: Deploy cyber weapons Delivery: Deliver payload Exploitation: Execute payload Installation: persistence Command & Control: Talk to a C&C server Action on objectives

Answer 404

Delivery is putting the payload in place and exploitation is executing the payload to make use of an exploit.

Answer 405

CVE-Year-UID

Answer 406

Initial Intrusion Lateral Movement Data Exfiltration

Answer 407

An adversary discovered one of Equifax's servers was running vulnerable software. They gained access and confirmed they could run commands. They used this to send queries to other systems and retrieve data, including personal informations. They expanded from 3 that they could initally access to 51 in total through some credentials they found. They then began extracting the data through 9000 queries, a portion of which succeeded. They then began to remove data in small increments

Answer 408

Well-known: 0-1023 Registered: 1024-49151 Private: 49152-65535

Answer 409

A banking trojan horse that targeted windows and setup man-in-the-browser attacks to capture credentials through keylogging and for grabbing

Answer 410

Average users

Answer 411

Business Email Compromise Request money transfer by pretending to be a manager through a series of phishing emails.

Answer 412

Fraudulent transactions sent over SWIFT network using obtained credentials. Attempted to steal $1 billion but got $38 million due to errors in transactions. Malware placed on printer to slow down paper trial.

Answer 413

Hacker sends phishing email with malware The attachment either runs powershell or executes a macro The ransomware begins A message is displayed with paying instructions.

Answer 414

Thousands of computer affected in a matter of hours that self-propogate and spread across local network and internet using EternalBlue exploit to achieve ACE. This all was patched two months prior.

Answer 415

A kill-switch was discovered where resolving a specific domain shutdown the malware.

Answer 416

As security against them is improving

Answer 417

Malicious cryptomining to earn rewards by competing for execution of heavy cryptographic algorithms.

Answer 418

Designed to stay hidden, so may only execute while idle using Monero as no specialist graphic cards are required and it is less tracable.

Answer 419

Names, email, phone Encrypted and unencrypted security Questions and answers Dates of birth Hashed passwords

Answer 420

All 3 billion by Oct 2017

Answer 421

Organised crime gangs perform data breaches for financial reasons.

Answer 422

It can be publicly disclosed Go towards private intelligence Or sold on the black market All depending on who stole it.

Answer 423

Distributed Denial of Service Aimed at making the service unavailable to its users by overloading its resources. This is done by service request flooding

Answer 424

Distributed: traffic is generated by many different sources.

Answer 425

A large group of computers networked together to use their combined computing power to cause DDoS attacks.

Answer 426

Because security is not a priority for manufacturers who use poor default passwords and open ports with no updating mechanisms.

Answer 427

It would continuously scan for vulnerable devices over the internet, those with factory default usernames and passwords and then exploit them to connect to a C&C server.

Answer 428

A series of cyber-attacks and releases of information aimed to influence thinking and choice of a large number of persons.

Answer 429

Using a massive amount of bots in social media platforms. Each one spreading ideas and messages in way which is difficult to detect from real humans.

Answer 430

Changing the appearance of a website.

Answer 431

Usually hacktivists choosing based on media attention and ease to hack.

Answer 432

The adversary compromises the weakest link in the supply chain and will reach the target from there. This is done by targeting vulnerable libraries

Answer 433

A malicious update was download by ~18k customers that infected thousands of networks. Including federal agencies.

Answer 434

Techniques to psychologically manipulate people into performing an action or divulging some information

Answer 435

Form an attack Gather information Prepare Develop Relationship Exploit relationship Debrief Some of these steps can be skipped depending

Answer 436

Social engineer Target Compliance Principles Techniques Communication Goal Medium

Answer 437

Giving a victim less time to think by pushing them to act fast.

Answer 438

Getting something in return

Answer 439

Social engineer: Group Target: Individual Compliance Principles: Scarcity, authority Techniques: Phishing Communication: Direct, unidirectional Goal: Unauthorised Access, Financial gain Medium: Email, webpage

Answer 440

Through their website and then employee social media pages

Answer 441

Looking for confidential information that has been thrown in the trash rather than shredded

Answer 442

Simply looking over the target's shoulder to obtain information when they are at their computer.

Answer 443

Sending email appearing to be from a reputable source with the goal of influencing or gaining personal information.

Answer 444

Social engineering using telephone and text messages and caller id spoofing

Answer 445

The attacker shows up in person posing as someone not suspicious, like maintenance.

Answer 446

Leaving infected media where people can find it, e.g a USB in the Car Park. Or a gift with a wiretap inside

Answer 447

Accessing a secured building without any smart-card or biometric by simply walking closely behind an authorised person

Answer 448

Wait for an authorised person to enter, quickly join them. They are likely to hold the door open and let the attacker in. To help the attacker can wear a fake badge or show to be searching for it.

Answer 449

Protection against everyday threats but ineffective against advanced threats

Answer 450

Firewalls Secure configuration Security Update User access control Malware protection

Answer 451

Accept incoming connections via Internet from untrusted host Establish outbound connection from untrusted hosts Control the flow of data between these devices and the internet.

Answer 452

To make sure that only secure and necessary network services can be accessed from the internet.

Answer 453

Block/allow traffic based on factors such as src/dst/protocol Block all inbound connection by default Every inbound rule must be motivated and document Remove or disable unnecessary firewall rules promptly after they are not needed

Answer 454

Ensure that computers and network devices are properly configured to reduce vulnerabilities and provide only the services required to fulfil their role.

Answer 455

Remove / disable unnecessary software Disable auto-run software Change default / guessable passwords Ensure users are authenticated before allowing them access

Answer 456

Ensure devices and software are not vulnerable to known security issues for which fixes are available.

Answer 457

All software must be licenced and supported or removed. Have automatic software updates enabled where possible Make sure updates are applied within 14 days.

Answer 458

Ensuring that user accounts are assigned to authoirised individuals only and provide access to only those assets the user needs to carry out their role.

Answer 459

Setup a process to create and approve a new user account. Always authenticate users before granting access to applications and devices. Remove or disable unneeded accounts Remove or disable special access privileges when not needed Implement MFA, where applicable Use separate accounts to perform admin activities only

Answer 460

To restrict execution of known malware and untrusted software from causing damage or accessing data.

Answer 461

Updated antimalware Application whitelisting

Answer 462

Understand the risk - what, who, and the impact Encryption Fragmentation - split into pieces Backup Privacy protection - remove Personal Identifiable Info

Answer 463

Having more than one person required to complete a critical task. Like firing a missile.

Answer 464

Splitting infrastructure based on business processes, necessary exposure, risk levels.

Answer 465

To make lateral movement harder

Answer 466

Observe and record all traffic to detect and block malicious traffic Signature based and anomaly based is how alerts are set off.

Answer 467

Because it could be a legitimate thing, e.g an admin or a contractor.

Answer 468

A decoy to lure attackers by simulating a real system that is isolated.

Answer 469

To conduct research on adversaries.

Answer 470

Essential the quality of the simulation, how much interaction this is between systems.

Answer 471

Authorised simulated attack, aimed at assessing security of a system.

Answer 472

Penetration Testing Execution Standard

Answer 473

Fostering awareness about the importance of Pentesting Establishing fundamental principles for carrying out a penetration testing

Answer 474

Pre-engagement interaction (goal definition) Intelligence gathering Threat modelling: How could they be attacked Vulnerability analysis: Which am I going to exploit Exploitation Post exploitation: What can I do now I am in

Answer 475

Like cyber essentials but for big businesses and a lot more complicated.

Answer 476

National infrastructure that if lossed or compromised could have a major detrimental impact on the availability and integrity of essential services, including ones that could result in loss of life or casualities.

Answer 477

Industrial Control Systems Control our critical infrastructure, safety critical processes and most production process.

Answer 478

Supervisory Control and Data Acquisition Systems (SCADA) Remote Terminal Units Master Terminal Units Human-Machine interfaces Programmable Logic controllers Intelligent Electronic Devices

Answer 479

Security through obscurity There proprietary and not well-known software, interfaces and protocols. So an attacker has to gather this

Answer 480

Vendor publish manuals online IP leak Some devices can be bought cheaply and reverse engineered

Answer 481

By air-gapping the devices to make them harder to reach. They have to be reached in-person.

Answer 482

Cyber attack on Iranian nuclear plant messing with their centrifuges

Answer 483

No casualties Anonymity - so hard to retaliate without committing a war crime You don't lose any weapons.

Answer 484

Three Ukrainian energy distribution companies were hacked by gather credentials developing a bad update to firmware and then wiping their systems clean before Voice DDoS their helplines.

Answer 485

Phishing training End Point protection with anti-malware detect traffic anomalies Segregate IT and SCADA 2 factor authentication Session timeouts for VPN Segregation of duties Avoid allowing shared password or defaults.

1323 Networks and Security Flashcards

(541 cards)