Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Exam 2 > SL2 > Flashcards

SL2 Flashcards

1
Q

What are the security issues in the network layer? (6 types of attacks)

A

Access attacks: an unauthorised person gains access to the IoT network to steal valuable data

Denial of Service and Distributed DoS attacks: the attacker floors the target servers with a large number of unwanted requests and causes massive traffic

Data transit attacks: target to steal data while in transit at the network layer

Routing information attacks: attackers target the routing protocols in IoT systems by modifying routing paths

Sinkhole attacks: an adversary promotes a compromised node and attracts other nodes to route traffic through it

Wormhole attacks: a compromised IoT node receives data at one point in the network and transmits it to another compromised node by creating false short routes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What security requirement is compromised by sinkhole attacks?

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the solutions for the security issues in the network layer?

A

Access attacks: by monitoring and analysing network traffic

Denial of Service and Distributed DoS attacks: attacking schemes and defensive schemes

Data transit attacks: identification and authentication protocols

Routing information attacks: routing protocols and trust management

Sinkhole attacks: multiple routing protocols and intrusion detection system

Wormhole attacks: secure routing protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the difference between sinkhole attacks and wormhole attacks at the network layer?

A

Sinkhole attacks compromise a node and attracts other nodes to it.

Wormhole attacks compromise the routing between nodes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does man-in-the-middle security issue compromise?

A

Availability
integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the security issues in the middle-ware layer?

A

Man-in-the-Middle attacks: a malicious device can be virtually placed between two communicating devices to store and forward all communicated data
* Solution: secure communication protocols and key management schemes

SQL injection attacks: the attacker can embed malicious SQL statements in a program to obtain or alter private data

XML signature wrapping attacks: the attacker can break the XML signature algorithm and can exploit vulnerabilities in Simple Object Access Protocol (OWASP)
* Solution: secure signature policies

Cloud Malware Injection Attacks: the attacker can obtain control, inject malicious code, or can inject a virtual machine into the cloud

Flooding attacks in cloud: tarets the QoS in the cloud by continuously sending multiple requests to a service for depleting cloud resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the solution for Man-in-the-middle attacks and XML signature wrapping attacks?

A

Man-in-the-Middle attacks: secure communication protocols and key management schemes

XML signature wrapping attacks: secure signature policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are vulnerable to security attacks in the middle ware layer?

A

Database, web services, and cloud services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Exam 2 (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions