CS4203 Flashcards

Question 1

Q

Asset Definition

Answer

A

Anything the computer system controls

Question 2

Q

How do buisnesses measure risk?

Answer

A

risk = expected cost x probability

Question 3

Q

Why does risk = expected cost x probability not work?

Answer

A

cannot always estimate cost of something happening
cannot always estimate probability

Question 4

Q

What is a qualitative way of measuring risk?

Answer

A

Create categories for hazards e.g. negligible, minor, major, survivable, existential.

Question 5

Q

What is a threat actor?

Answer

A

Could be company, state, hacker, etc.

Question 6

Q

What is a threat model?

Answer

A

Points of attack against a system. prioritised by risk, vulnerabilities and countermeasures.

Question 7

Q

What is an attack?

Answer

A

The execution of a threat using an attack vector by a threat actor.

Question 8

Q

What is a threat?

Answer

A

A way in which the system could be comprimised.

Question 9

Q

What is Identity?

Answer

A

Who you are.

Question 10

Q

What is an attack vector?

Answer

A

A specific vulnerability in the system that can be used in an attack against the system.

Question 11

Q

What is agency?

Answer

A

The things that you are allowed to do. (connected to identity)

Question 12

Q

What is privacy?

Answer

A

The requirement that information only be seen by those who have permission to see it.

Question 13

Q

What is authentication?

Answer

A

Proving a claim to an identity.

Question 14

Q

What is Anonymity?

Answer

A

Prevent something from being associated with an identity.

Question 15

Q

Can scripts act as users?

Answer

A

Yes and in fact it is very hard to distinguish between a person and a bot (sciprt acting as a user)

Question 16

Q

What is non-repudiation?

Answer

A

The inability to deny that you did something.

Question 17

Q

What is trust?

Answer

A

A combination fo agency and identity.

Question 18

Q

What is reputation?

Answer

A

Trust in an agent migrates from one system to another.

Question 19

Q

What is a vulnerability?

Answer

A

Aspects of a system that provide a mechanism for a threat.

Question 20

Q

What is a security model?

Answer

A

A precise statement of the rules that the system should implement and the properties it should maintain.

Question 21

Q

Why do you need a security model?

Answer

A

Security is a whole system issue, therefore everyone needs awareness of the risks, policies and warning signs.

Question 22

Q

List some consequences of being attacked?

Answer

A

Locked out of systems
Damage, time take to re-build and check integrity
Reputation damage to the company
Fines
Lawsuits
GDPR violation

Question 23

Q

Why can new technology be a bad idea?

Answer

A

users will use it incorrectly unless they have training
users will have to change their behaviour which they will resist
extra security measures will not be liked and will be circumvented where possible

Question 24

Q

What are some criticisms of security models?

Answer

A

might describe policies you cannot enforce
cannot identify every threat this way
cannot list every system component
how do you introduce new components
how do policies map to files and permissions?
does the OD provide the needed service

Question 25

Q

What is the military model for information access?

Answer

A

Individuals and assets have a sensitivity level which describes their permissions.

Question 26

Q

What are some pros and cons of the military information model?

Answer

A

Cons:
- Might be forced to fragment documents as people need access to parts but not other sections
Pros:
- Easy to move people/documents to different sections, so fewer mistakes when changing security levels

Question 27

Q

What are ACLs?

Answer

A

Access Control Lists - to each asset associate a list of users and their permissions.

Question 28

Q

Pros and cons of ACLs?

Answer

A

Cons:
- relies on identity
- looks at assets independantly (how do you make sure everything is consistent?)
- What is the difference between write and append?

Question 29

Q

What is RBAC?

Answer

A

Role-Based Access Control - A user is given a role, permissions are associated with roles and not users.

Question 30

Q

What are some pros and cons of RBAC?

Answer

A

Cons:
- basic form is just like ACLs
- Can build very general structures but these could get too complicated to maintain
- need ways to move between roles
- what if a role is revoked
Pros:

Question 31

Q

What are NIST’s five functions?

Answer

A

Identify
Protect
Detect
Respond
Recover

Question 32

Q

What are some critiques of NISTs five functions?

Answer

A

Focus on the process rather than the mechanism
Lots of mechanisms could be used in each of the functions

Question 33

Q

What are some features of cryptography other than encryption and decryption?

Answer

A

can be used to authenticate someone (public-private key)
therefore provides non-repudiation

Question 34

Q

What is the goal of encryption?

Answer

A

Make some data computationally
infeasible to read in an appropriate interval

Question 35

Q

What are the cipher styles and what are they suited to?

Answer

A

Stream (data encrypted as it is generated) - suited to network transmissions
Block (data encrypted all in one go) - suited to files

Question 36

Q

Why should you use open source ciphers?

Answer

A

creating a cipher is very specialised
if you make your own you are almost guaranteed to program in weaknesses that will be exploited
best algorithms are open source anyway so there is no need

Question 37

Q

What are the pros and cons of symmetric key encryption?

Answer

A

Pros:
- Use the same key to talk to different people
- very fast
Cons:
- Don’t know exactly who sent the message if lots of people
use the same key
- How do we get the keys in the first place?
- Can we remove a key from someone?

Question 38

Q

What is a keyserver?

Answer

A

A repository for public keys

Question 39

Q

Pros and cons of asymmetric encryption?

Answer

A

Pros:
- Message can’t be read unless attacker gets access to
receiver’s private key
- Key distribution is easy
- can be used to authenticate users
Cons:
- Orders of magnitude more complex than symmetric-key
encryption

Question 40

Q

What is signing in the context of encrypted messages?

Answer

A

Use a private key to encrypt a message or a seperate section of text, which can then be decrypted with your public key in order to check that you are who you say you are.

Question 41

Q

How could a keyserver be attacked?

Answer

A

Replace someone’s key woth your own.

Question 42

Q

What makes passwords insecure?

Answer

A

They need to be used by humans and therefore both memorable and unpredictable.
if you use words then lower entropy because of the english language and the likelyhood of two letters being next to each other

Question 43

Q

What is entropy?

Answer

A

The measure of disorder of a system.

Question 44

Q

What is Shannon entropy?

Answer

A

The number of bits needed to transmit a message X of lenght n. Used for error-correction codingg and compression.

Question 45

Q

What us a replay attack?

Answer

A

If you get the password once then you can use it against the service you want to attack.

Question 46

Q

What is reuse?

Answer

A

People use the same password on multiple services.

Question 47

Q

What is a key logger?

Answer

A

Records all of the keys a user enters.

Question 48

Q

Why do policies need to take into ccount human limitations?

Answer

A

People can only remember so much. Don’t mandate that they cannot write down passwords and then force them to remember 5 passwords each with 25 random alphanumeric characters

Question 49

Q

Pros and cons of biometrics?

Answer

A

Pros:
- cannot forget it (always with you, part of you)
- Hard to fake
Cons:
- needs to be stable enough for authentication
- needs to be unintrusive
- lookalikes
- fake fingerprints
- hold the person to the camera/fingerprint reader
- once compromised, very hard to regain security (valid person cannot change their biometrics)

Question 50

Q

Draw the OS structure.

Answer

A

Layers:
- Processes (accessing library and standard library) (multiple)
- Library (multiple)
- Standard Library
- Kernel
- Drivers
- Firmware
- Hardware

Question 51

Q

What is kernel space?

Answer

A

Has unrestricted access to everything. Root/admin privilages.

Question 52

Q

What is user space (userland)?

Answer

A

Access resources through the kernel. User privilages, all privilaged operations through the kernel.

Question 53

Q

What are the points of vulnerability in an OS?

Answer

A

Accessing other running processes
Accessing data inappropriately
Accessing hardware resources inappropriately
Where did that library come from?
What does that driver do?
What does that hardware do?

Question 54

Q

What is isolation?

Answer

A

Processes are kept seperate, with their own memory and list of open files.

Question 55

Q

What security does isolation provide?

Answer

A

A fault in one
program can’t corrupt the memory of another.

Question 56

Q

How can processes interact even with isolation?

Answer

A

Explicity through pipes, sockets or shared blocks of memory.
Implicitly by changing files they both have access to.

Question 57

Q

What are the responsibilities of thekernel and the user?

Answer

A

User:
- All of the programs and the languages
- trust the kernel to isolate from malicious code
Kernel:
- The data structures and functions that need to be standardised for all users and processes

Question 58

Q

What are traps?

Answer

A

Mechanism for crossing the trust boundary into kernel space.

Question 59

Q

What is a kernel-beneath-the-kernel?

Answer

A

A security microkernel:
- Hold sensitive data securely,
potentially even from the kernel
- Sometimes provides checks as to
what software can be loaded,
including kernels
- Isolate security features into as small as possible a code
footprint – which can then be checked extensively

Question 60

Q

How does Unix describe permissions?

Answer

A

Create groups to describe permissions, each user can be in multiple groups.

Question 61

Q

What is Security-Enhances Linux?

Answer

A

An extension to ordinary Linux that adds better RBAC in place of/alongside groups and file
permissions

Question 62

Q

What are common services?

Answer

A

Anything the OS provides is available to all processes “as standard”

Question 63

Q

What is full-disk encryption?

Answer

A

Use crypto as standard so that all files are encrypted at rest, with no user involvement.

Question 64

Q

Two virtual machines running on the same physical machine have some differences. What are they?

Answer

A

Each has its own kernel and therefore potentially a different operating system and a different sets of users, groups, permissions.

Answer 65

A

The hypervisor.

Answer 66

A

An isolated userland, instead of a VM. Same kernel, but different libraries, etc.

Answer 67

A

Updating the host doesn’t
upgrade the VMs or containers. May end up with outdated, security-compromised software running, and may not even know it.

Answer 68

A

No double spending
No duplication
No repudiation
Paying for the infrastructure

Answer 69

A

cryptographic hash
nonce is found which makes it hash to a specific value (0)
now if transaction is altered the nonce and hash won’t map to 0.
even if you can change one block, each block is connected to another block which will now not match up

Answer 70

A

Technically yes, your public identity is just your wallet. However might be able to identify you based on your transactions or if your identity is mapped to your walet then all of your transactions are visible. Also moving crypto into a bank means it will be linked to you.

Answer 71

A

Fundamentally less information about users
More points of attack
Often more value in a given attack:
attack the bank rather than just
one customer
Greater anonymity, harder to track

Answer 72

A

A (Distributed) Denial of Service attack. Prevent anyone from accessing the server, attack a router nearby, or flood with fake traffic to prevent the real trafffic from being processed.

Answer 73

A

A way to log-into or control a system other than through the normal secured channels.

Answer 74

A

A vendor or provider needs to
get in when there’s a problem for the usual route. For use in exceptional cases, so should come with exceptional requirements

Answer 75

A

A keypair/certificates

Answer 76

A

MAC or IP address

Answer 77

A

Domain Name System - maps structured network and machine names to IP addresses, gives info to anyone who asks.

Answer 78

A

Change a DNS entry and all lookups can be sent to a different machine

Answer 79

A

Machine sitting between a user and a legitimate server. Pass information on but only after stealing something. Relies on the (in)ability to identify a specific
machine

Answer 80

A

Instead of attacking the target, attack a service that it uses or downloads software from.

Answer 81

A

A Demilitarised Zone of untrusted services. Basically an area between two firewalls, allows some untrusted clients to connect to DMZ, but not through to the intranet.

Answer 82

A

Traffic can only be read by the sender and the indended recipient.

Answer 83

A

Only the sender and intended receiver know of the existence of the message

Answer 84

A

Both sender and receiver can demonstrate that they are who they say they are.

Answer 85

A

The message arrives uncorrupted

Answer 86

A

The sender cannot deny that they were responsible for the message

Answer 87

A

The message cannot be copied and reused.

Answer 88

A

Scheme must be feasible for target devices

Answer 89

A

Application, Transport, Network, Link and Physical

Answer 90

A

Packets are encapsulated as the descend the layers to be moved

Answer 91

A

The individual flaws in each individual program deployed (including the OS)

Answer 92

A

Record and analyse an individual “flow” or exchange of data over TCP/IP and similar protocols

Answer 93

A

Capture each packet

Answer 94

A

Compromise the driver
within the OS

Answer 95

A

Cut wires, or otherwise access the hardware.

Answer 96

A

Routing information, (source and destination addresses, who you’re talking to) and the data being communicated.

Answer 97

A

Create a secure passageway through an otherwise insecure network, Traffic through the tunnel is visible, but unreadable.

Answer 98

A

Secure version of IP - encrypt the payloads of the packets.

Answer 99

A

Encrypt the payload, leave the routing information intact and unchanged

Answer 100

A

Encrypt both the payload and the IP header as well

Answer 101

A

From user perspective traffic is addressed and sent as normal
VPN takes packets and tunnels them elsewhere
masks a user’s location

Answer 102

A

Transport Layer Security - leave the network layer unchanged, instead encrypt an entire exchange end-to-end in the transport layer.

Answer 103

A

different packets take different routes through a network
Can’t track back from the destination to a source, only to
the egress node of the onion

Answer 104

A

HTTPS, SSH

Answer 105

A

After securing a single exchange then create a symmetric key shared by both sides, used it to secure an exchange. Thrown away when the connection is torn down.

Answer 106

A

Take a shared basis, which can be public
Each side adds some secret element
Synthesise a common secret
Don’t disclose enough information for the common secret to be retrieved

Answer 107

A

Alice and Bob agree two numbers which do not need to be secret (p and g, both should be prime numbers).
Alice chooses secret number a and computes A = g^a mod p (Bob does the same with B and b)
Alice computes B^a mod p, Bob computes A^b mod p
these calculations are equivalent and so they now have a shared secret!

Answer 108

A

A claim to an identity, possession of the certificate is the claim. They are also (preferably) tied to a specific machine

Answer 109

A

A CA signs certificates to assert the claims they make are genuine

Answer 110

A

Bundle a set of CA public keys and distribute them in a way that has “reasonable” trust

Answer 111

A

The key bundle is then available for checking locally, without accessing a key server, which could be compromised at any time. Compromising keys now requires compromising teh update process

Answer 112

A

Allow one CA to sign the keys of other CAs or entities that validate certificates

Answer 113

A

install malicious code
find an unexpected way to get code to run
find an expected way to get code to run - but make it malicious

Answer 114

A

A program has a buffer to receive data and the attacker provides data that’s actually machine code. The attack relies on returning “too much” data and having the extra data overwrite the call stack. Specifically it re-writes the return pointer, so when the function is called the malicious data is run instead.

Answer 115

A

So programmers don’t need to remember to check manually everywhere for errors (like buffer overrun, etc.)

Answer 116

A

You cannot trust that user input will not be malicious and so you need to sanitise it to make sure it doesn’t compromise your program

Answer 117

A

Type-safe languages like Java can avoid some subtle attacks:
- run-time will stop you writing off
the end of a buffer (array) of a given length
- stop you treating an integer as a pointer etc
- can’t pass too many parameters to a function (compiler will complain)

Answer 118

A

An API for controlling program’s permissions

Answer 119

A

Refer “sensitive” operations to a security monitor

Answer 120

A

Potentially very fine-grained
Can be hard to specify
Requires us to identify what
is “sensitive” – and check every time

Answer 121

A

An isolated “place” for code to run in. Only code and data in the sandbox can be accessed by code in the sandbox

Answer 122

A

Instead of storing a plaintext password that someone who could access the database could use, instead store a derivative of a password that you can still check against. (There are still issues with this but it’s a bit better)

Answer 123

A

Two or more participants with information that only they know and a computation that needs to be performed.
With a trusted party (agent): every participant can send their private info to the agent, who performs the needed computation and returns the result to every participant.
Real world: all participants communicate using some protocol which decides for each participant what they do next.

Answer 124

A

M gains control of P_i:
- learns x_i and the result
- cannot learn other secrets
- could influence the computation
M gains control of the agent:
- learns all of the secrets- can send any value as the result including different values to different participants

Answer 125

A

A value s has to be kept secret. A (t, n)-secret sharing divides s into n pieces, such that AANY set of shares whose size is less than t does not reveal any info about s.

Answer 126

A

A random function which receives a value x, if it has seen x before it returns the same value as last time. Otherwise it computes, remembers and returns a random value. This can be shared between particpants since x alwasy gives the same answer. We don’t know if x is newly generated or remembered.

Answer 127

A

One party sends two secrets. Another party sends a bit and receives one of the secrets. The sender doesn’t know which secret was received and the receiver doesn’t know the other secret.

Answer 128

A

Sender sends a secret value, later opens the secret which is passed to the receiver. The sender cannot change the secret, only choose to reveal it.

Answer 129

A

One party (the prover) creates a value x and a public predicate C. Sends C and x to the component. If C(x) == true the component confirms this to the other party (teh verifier) without revealing x. The verifier knows that a solution exists and the prover knows it but not what it is.

Answer 130

A

Malicious participants can do anything, including not follow protocol, whereas semi-honest participants always follow protocol but can pass unexpected or tailored attack values.

Answer 131

A

A party P1 wants to compute a value of F(x0, x1) without learning the secret from another participant
P0 and without revealing its own secret.

Answer 132

A

Agree a symmetric key algorithm E
P0 creates a table T of F(x0, x1) for all pairs of values
for each possible x0 and x1, construct a random key
encrypt every element of T using the keys of both the row and the column, giving E(T)
scramble the rows and columns
send E(T) amd k(x0) to P1
send all keys (that use the value of x0) created to Oblivious Transfer
P1 sends x1 to OT and gets appropriate key
use symmetric encryption algorithm to retrieve the value of F(x0, x1)

Answer 133

A

sender sends x0, x1 to OT
reciever generates a keypair (kp, ks) and a public key kp’
if b=0, send (kp, kp’) to OT, else send (kp’, kp)
OT encrypts x0 and x1 with respective keys and returns them
sender can only decrypt the one he selected
only works if reciever follows the protocol

Answer 134

A

An unwanted or unauthorised participant in some interaction.

Answer 135

A

Entering a network to scout-out what’s there. Not an attack but is an intrusion.

Answer 136

A

Take over a machine, observe a connection, take over a connection

Answer 137

A

Listen to network topology
Find the DNS server
Query it (always responds)

Answer 138

A

TLS provides confidentiality but not authentication. Mallory can sit in the middle and pass on request, always giving the correct answer.
Can fix this issue by using certificates to authenticate.

Answer 139

A

Need to trust the certificate signing process
Need to trust key management of the person you are questioning

Answer 140

A

connections to weird machines
repeated failures to connect to one of the machines
open ports where there shouldn’t be any

Answer 141

A

Network-based looks at traffic while host-based keeps track of important files. However both typically have a rules engine looking for patterns. Network-based looks for patterns in traffic, host-based looks for patterns in log files.

Answer 142

A

Examine the packet headers
Don’t examine the payloads

Answer 143

A

Looks into the payloads
only works for unencrypted traffic

Answer 144

A

A simulated attack against a system, using tools real attackers would use against real vulnerabilities.

Answer 145

A

usually physically secure
exposed to DDoS and remote access

Answer 146

A

more exposed
less centeral admin oversight

Answer 147

A

often user managed
physically vulnerable

Answer 148

A

closer to endpoints, so often faster
fewer network points to attack

Answer 149

A

Often significant client-side programming
Avoid loading servers and incurring delays by
performing validity-checking, UI, etc, locally
Potentially remain available even
if the network is lost

Answer 150

A

Often outwith the control of central admin
May adopt different (weaker?) policies

Answer 151

A

Phones are expected to allow rapid, short-length interactions which prioritise convenience and speed
No hover feature (phishing links)
users find 2FA frustrating
data opens alongside the phone (biometrics may make it easy to force open)
device tracking and partial wipe if data lost are objectionable on personal phones, maybe give out work phones
users don’t want to carry around 2 phones

Answer 152

A

Elastic, essentially unlimited computing
Physically secure in a data centre
Protected by IDS, firewalls, …
Has to be accessed over the internet

Answer 153

A

Management needs to happen via the internet so all of the usual issues with remote logins and the hypervisor may expose info to other tenants
Provider itself who by definition has root access to all the machines and can probably read all the file systems
lots of cooperating services, any one of which could contain an exploit

Answer 154

A

Can be automated in the cloud (when they’d usually require a sysadmin)
- spinning up new servers, storage
- deploying new services
- Entirely new services (e.g. automated load balancers)

Answer 155

A

Hard to get the initial security set-up right (how to get at certificates, suthenticate new instance, etc)
disc encryption is only of limited use if the keys are stored online
Essentially constructed a man in the middle

Answer 156

A

Add defence zones with firewalls between them, assumption being that any traffic within each network zone is there appropriately. No checks on traffic except with the firewalls.

Answer 157

A

Server holds data encrypted without the keys.

Answer 158

A

Treat all machines as suspect, evne if deployed by us. Everything authenticates at every exchange.

Answer 159

A

Put the management software elsewhere, provide the keys only at run-time when a service spins up

Answer 160

A

Easier to ensure consistency: users, keys, roles, etc. Code it once and reuse
Can be automated as part of a CI/CD pipeline so that changes to the system automatically deploy it
Not all services are easy to use this way

Answer 161

A

Continuous integration/Continuous deployment - runs all tests at every major commit, then deploys the newly-coded services automatically when they’re updated

Answer 162

A

Self-propagating software, moves from machine to machine.
A deployment mechanism for a payload (exploit vulnerability to get the payload onto the target machine)

Answer 163

A

email attachment
email link
social side (get user to interact)

Answer 164

A

A virus is executed by a process which is associated with some user, therefore only has the privileges of this user. So the better the access control then the less damage a virus can do (could still be very bad)

Answer 165

A

Exploits that have never been used before

Answer 166

A

A piece of software that lets an ordinary user become an administrator (privilege elevation)

Answer 167

A

Installs rootkit
encypts entire disk
offers to decrypt disk for ransom

Answer 168

A

A virus that doesn’t actually attack the target it’s installed on, instead taking control of it and giving it orders.

Answer 169

A

Identify a pattern within the code of a virus which distinguishes its code from everything else. Look for this signature in files

Answer 170

A

Change their code at each spreading event to evade detection: break up code signature, re-write basic blocks, re-arrange them, change jumps, etc.

Answer 171

A

How are nodes connected to other nodes?
How do I “get from” one node to another?
Can I always “get” between nodes?

Answer 172

A

Degree is the number of immediate neighbours a node has. Maximum degree is N – 1 (cannot have multiple connections to the same node)

Answer 173

A

Density is the fraction of edges a node has compared to how many it could have

Answer 174

A

pdistribution of degree across network.

k is the probability that a node chosen at random will have degree k

Answer 175

A

Degree distribution is a bell curve.
Not very tolerant of failure.
Resilient to attacks.

Answer 176

A

Degree distribution decreases exponentially quickly.
When routing go for the hubs.
Tolerant of failure.
Not resilient to attacks.

Answer 177

A

Powerlaw.

Answer 178

A

Highest value(s) of k such that pk > 0. (Hubs)

Answer 179

A

Compute the shortest path between nodes, compute what fraction of those paths goes through each node. High betweenness is being on a lot of short, efficient routes

Answer 180

A

Viruses will naturally find their ways to hub and spread a lot easier there (powerlaw is vulnerable)

Answer 181

A

Maintain security as a basic part of operations, integrate into normal activities

Answer 182

A

Establishing a habit is hard
Computer is mostly less tangible
Don’t realise how much valuable data they leave online
Still think the attackers are people, rather than bots
Some attacks are too complicated to imagine

Answer 183

A

A way to extract or infer information without performing a direct attack or exploiting a
technical weakness or bug

Answer 184

A

Who is talking to whom? – even if we can’t read it
Has their pattern of communication changed?
Has a machine suddenly started using a lot more power?
Is an operation suddenly a lot slower?

Answer 185

A

Get some information changed by persuading someone it’s needed/appropriate/allowed

Answer 186

A

People re-use social media handles

Answer 187

A

Know someone and infer their links, identifying one may allow you to identify others based on who they talk to.

Answer 188

A

mask patterns in movement, make everything look the same.
add random traffic
add traffic to make other participants look more important than they are

Answer 189

A

Some content types in web pages leak information.

Answer 190

A

Specify people’s responsibilities
Specify guarantees of work standard
Specify technologies, or the properties of technologies,
or the use of standards

Answer 191

A

minimise service downtime
avoid user data loss
devise a set of behaviours that deliver the business while
complying with necessary restrictions

Answer 192

A

specify the properties of solutions
mandate specific technology

Answer 193

A

forces a sense of reality
cost/benefit analysis
forces prioritisation
stops policy demanding the impossible

Answer 194

A

The act of taking a policy and turning it into a technological solution

Answer 195

A

Snapshots: possibly taken every few minutes and probably held locally
Epoch: a complete dump of the data
Dailies: taken every day and diff’ed against the epoch to save space

Answer 196

A

Propagates changes in both directions and therefore may propagate attacks like viruses.

Answer 197

A

reduced access from the main systems
need a policy for access
could conflict with other goals, like allowing people to get old versions of files

Answer 198

A

Store a hash at every legitimate change and periodically check these.
Check if it has been encrypted is harder.

Answer 199

A

Keep all data in several independent locations, send all database queries to main and backup servers

Answer 200

A

Hot: if the main server fails the backup takes over transparently
Warm: sysadmins can spin up the backup quickly

Answer 201

A

Need to be able to operate with un-timely data (so not completely up to date)

Answer 202

A

resolve consistancy issues
ensure the data is self-consistent

Answer 203

A

Sessions:
- Alice has an extended identity
- Probably need to keep the
connection secured and open
- open connection may be easier for programmers to use
Stateless:
- Server services a request and
then forgets all about Alice
- Lots of re-authentication
- may be harder to express some operations

Answer 204

A

Systems with sensors attached to the internet

Answer 205

A

The massive convenience of using IP
Available chipsets, libraries, infrastructure, …
Leverage other IP-based things, like HTTP

Answer 206

A

Typically:
- wireless
- low-power
- physically exposed

Answer 207

A

might use clear communication if encruyption is too power hungry
how does it get crypto keys
can the hardware be tampered with?
replace components
contain keys to other services
distort recorded data

Answer 208

A

Keystrokes, network packet
arrival times, disc accesses,
process context switches

Answer 209

A

Typically have less going on than laptop/computer
fewer entropy sources to draw on
less variation in random numbers
weaker crypto

Answer 210

A

Carve-up access space, allocate one key per role. Limit impact of a stolen key, escpecially important if on a vulnerable device.

Answer 211

A

Physical Uncloneable Functions - flaws in hardware unique to each instance of a device. Take the flaws and use them to get entropy, this creates a random but repeatable function.

Answer 212

A

Yes - challenge with stimuli and the response is tthe value. Need to be careful of spoofing and replays. This is authentication, not confidentiality.

Answer 213

A

No. Easily copied, low-security protocols (often not even HTTPS), non-unique keys, standard admin passwords,…

Brainscape's Knowledge GenomeTM

CS4203 Flashcards

Brainscape's Knowledge Genome^TM