InfoSec Flashcards
1
Q
What is a security plan?
A
A plan that identifies and organizes the security activities for a system/organization
2
Q
What is risk analysis?
A
A systematic investigation of the system, its environment, and what might go wrong
3
Q
What is a security policy?
A
A security policy is a document that defines how an organization deals with some aspect of security.
4
Q
What is a plan maintenance?
A
A plan that specify the order which controls are to be implemented.
5
Q
What is a business continuity plan?
A
A (business) continuity plan documents how a business will continue to function during or after a computer security incident
6
Q
What is a Incident response?
A
Tells the staff how to deal with a security incident
7
Q
What is ISO/IEC 27005 about?
A
Information Security Risk Management (ISRM)
8
Q
What is ISO 31000 about?
A
(general) Risk Management (RM) (principles and guidelines)
9
Q
What is risk management?
A
Coordinated activities to direct and control an organization with regard to risk
10
Q
What is risk assessment?
A
Overall process of risk identification, risk analysis and risk evaluation
11
Q
What is risk identification?
A
process of finding, recognizing and describing risks
12
Q
What is risk evaluation?
A
process of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable
13
Q
What does “Level of risk” mean?
A
magnitude of a risk expressed in terms of the combination of consequences and their likelihood
14
Q
What does “residual risk” mean?
A
risk remaining after risk treatment
15
Q
What does vulnerability mean?
A
Weakness of an asses or control that can be exploited by one or more threats
16
Q
What does threat mean?
A
potential cause of an unwanted incident, which may result in harm to a system or organization
17
Q
What is ISO?
A
the process to comprehend the nature of risk and to determine the level of risk
18
Q
What is Risk analysis?
A
Organized process for identifying the most significant risks in a computing environment, determining the impact of those risks, and weighing the desirability of applying various controls against those risks
19
Q
What is management systems?
A
A management system is a “set of interrelated or interacting elements of an organization to establish policies and objectives and processes to achieve those objectives” (ISO/IEC 27000:2014)
20
Q
What is cyber terrorism?
A
The use of computers to launch a terrorist attack
21
Q
What is an Economic attack?
A
An attack that causes economic damage.
22
Q
What is cryptanalysis?
A
the study of methods for breaking ciphertext
23
Q
What is cryptography?
A
the use and practice of cryptographic techniques
24
Q
What is cryptology?
A
the study of both cryptography and cryptanalysis
25
What is plaintext/cleartext, P?
The original form a message
26
What is ciphertext/cyphertext, C?
encrypted version of a message
27
What is a Cipher?
a pair of cryptographic algorithms, e.g., a mathematical function used for encryption and one for decryption
28
What is the cryptosystem in formal notation?
P = D(E(P))
29
What is an encryption algorithm?
A set of rules of how to encrypt plaintext and how to decrypt the ciphertext
30
What is a symmetric cryptosystem?
* Encryption and decryption keys are the same
* Provide a two-way channel to their users
* If the key is kept secret for a pair - the system also provides authentication proof
* If the secret key is compromised, the adversary can decrypt all traffic and produce fake messages
31
What is an Asymmetric cryptosytem?
*One key for encryption and another key for decryption
* Keys come in pairs
* A decryption key, KD, inverts the encryption of key KE so that:
* P = D(KD, E(KE,P))
* Also called public key
32
What is a Stream cipher?
* Each bit/byte of the data stream is encrypted separately (low diffusion)
* Fast and encryption can take place as soon as data is read
* If errors occur, only bit/byte is affected
* Susceptible to malicious insertions and modifications
33
What is a block cipher?
* Encrypts a group of plaintext symbols as a single block (typically 64, 128, 256 bits or
more) (high diffusion)
* Slower process, the last block needs to be padded, and an error affects more bytes
* Impossible to insert a single symbol into one block
34
What is The Data Encryption Standard (DES)?
* Symmetric block cipher
* Encryption and decryption algorithms are public but the design principles are classified
* Used fixed 56 bits (short) key
* Is considered insecure and was deprecated in 2017
35
What is The Advanced Encryption Standard (AES)?
* A replacement for DES
* Symmetric, block cipher (128) bits
* Three different key lengths: 128, 192, and 256 bits
36
What is the de-facto encryption standard today?
AES
* Used in e.g., WPA2, IPsec, WhatsApp, Telegram... and in hardware such as Intel & AMD processors
37
What is Rivest-Shamir-Adelman (RSA)?
* Asymmetric block cipher
* Public key system (i.e., one private and one public key)
* Long keys (1024-4096 bits)
* Slow algorithm
38
What is the Diffie-Hellman key exchange protocol?
A way in which a public channel can be used to create a confidential shared key
39
How does the Diffie-Hellman key exchange work?
1. First agree on an arbitrary staring key
2. Then pick a private key
3. Mix the (public) starting key with the secret key
4. Exchange the keys with each other
5. Mix the other shared key with their own secret key
40
What is error detecting codes?
A fast and reliable way of finding out if an error in a transmission have happened
41
Name some simple error detecting codes?
* Parity checks
* Cyclic redundancy checks
42
Name some cryptographic error detecting codes?
* One-way hash functions
* Cryptographic checksums
* Digital signatures
43
What's in Shannon's characteristics of good ciphers?
* The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption
* The set of keys and the enciphering algorithm should be free from complexity
* The implementation of the process should be as simple as possible
* Errors in ciphering should not propagate and cause corruption of further information in the message
* The size of the enciphered text should be no larger than the text of the original message
44
What is Interception?
Unauthorized viewing
CIA: Confidentiality
Network security examples: Eavesdropping or wiretapping
45
What is Modification?
Unauthorized change
CIA: Integrity
Network security examples: Integrity failures - insertion
46
What is Fabrication?
Unauthorized creation
CIA: Integrity
Network security examples: Integrity failures - replay
47
What is Interruption?
Preventing authorized access
CIA: Availability
Network security examples: DoS/DDoS
48
What vulnerabilities is there to Wi-Fi?
* It's prone to eavesdropping
* Shared media = easy insertion and easy disruption (DoS)
49
What is the standard Wireless protocol?
WPA2/802.11i
50
What does CYOD mean?
The company lists acceptable devices (that is, those that meet company security requirements) and allows each employee to choose his or her own device.
51
What is COPE?
The company owns and provides the equipment. This clearly offers the most security, but also comes at the highest cost.
52
What is segmentation?
Dividing a network into smaller segments.
53
What is important for network security countermeasures?
* System architecture
* Segmentation
* DMZ
* Redundancy
* Encryption
54
What is a Virtual Private Network (VPN)?
I provides a way to the Internet. It creates a virtual connection between a remote user and the central location.
55
What two approaches are it to VPN?
* Remote access - one fixed side (What you get if you buy a VPN Service)
* Site-to-site - two fixed sites
56
What is a firewall?
A device that filters all traffic between a protected or “inside” network and less trustworthy or “outside” network
Firewalls implement security policies or rule-sets that determine what traffic can or cannot pass through
57
What is a firewall an example of?
A reference monitor
* Always invoked (cannot be circumvented)
* Tamperproof
* Small and simple enough for rigorous analysis
58
What is a demilitarized zone?
* A perimeter network or screened subnet
* Physical or logical subnetwork
* DMZ is a form of network architecture
* Services dedicated to outside use separated
* The idea is that intrusion of DMZ hosts lead
to only limited damage to the internal hosts
59
What is a Intrusion Detection System (IDS)?
It monitors activity malicious or suspicious events
60
What is an IDS detection methods?
* Signature-based
* Heuristic
61
What is the Capability of IDS?
* Passive –sound the alarm
* Active, that’s when it become IPS
62
How does a IPS respond to an alarm?
* Monitor and collect data
* Protect
* Signal an alert to other protection components
63
What is capacity planning?
* Know what cause spikes in traffic and plan for them
64
What is network tuning?
* Adjusting the number of segments, machines, uplinks...
* Rate limiting - countermeasure that reduces the impact of an attack by limiting capacity to a host/network
65
What is shunning?
Reducing service given to traffic from certain address ranges
66
What is blacklisting?
Blocking all traffic to/from a specific host
67
What is sinkholing?
Incoming traffic is analyzed, and bad traffic rejected
68
What is a honeypot?
A virtual machine meant to lure an attacker into an environment that can be both controlled and monitored
69
What is a kernel?
* A kernel is the part of the OS that performs the lowest-level functions
70
What is a security kernel?
* A security kernel is responsible for enforcing the security mechanisms of the entire OS
* Typically contained within the kernel
71
What is kernel-mode?
Kernel-mode - executing code has complete and unrestricted access to the underlying hardware and memory
72
What is User-mode?
User-mode - executing code has no direct access to hardware or reference memory
73
What is a reference monitor?
* A reference monitor mediates access by subjects to objects (e.g., to let a user read a file)
74
What is Discretionary access control (DAC)?
Access control model based on the identity of the user
* The owner decides who is allowed to access the object
and what privileges they have
* Rights can be delegated at users’ discretion
* Most common model
75
What is Role-based access control (RBAC)?
* Controls based on a subject’s (user’s or program’s) role, not their identity
* Subject’s rights can change depending on their current role
* access is controlled at the system level, outside of the user’s control
* Used in, e.g., Microsoft Azure
76
What does reconnaissance mean?
The hacker research their target
77
What does reconnaissance (passive) mean?
* Before an attack is executed the hacker attempt to find out information about the target system
78
What does Reconnaissance (Active) mean?
Port scanning (Nmap) Scans to see which ports are open
* Ping scan
* Connect scan
* SYN scan
* FIN scan
79
What is a Ping scan?
A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers).
80
What is a SYN scan?
* Stealthy scan
* Also called half-open scan
You send a SYN packet but you never respond to the SYN/ACK
81
What is an SQL attack?
You enter SQL commands into login forms to trick the server into executing those commands.
82
What is Bluesnarfing?
Unauthorized access of information from a Bluetooth device
83
What is Blue jacking?
Using another blue tooth device within range and sending messages to the target
84
What is Bluebugging?
Accesses and uses all phone features
85
What is Pod slurping?
Using a device such as an iPod to steal confidential data by directly plugging it into a computer where the data are held
86
What is Malware?
Software planted by an agent with malicious intent to cause unanticipated or undesired effects
87
What is a Virus?
A program that can replicate itself and pass on malicious code to other non-malicious programs by modifying them
88
What is a Worm?
A program that spreads copies of itself through a network
89
What is a Trojan Horse?
A application/software that looks legit but contains code that, in addition to its stated effect, has a second, nonobvious, malicious effect
90
What is a Rabbit?
Code that replicates itself without limit to exhaust resources
91
What is a Logic Bomb?
Code that triggers when a predetermined condition occurs
92
What is a Time Bomb?
Code that triggers action when a predetermined time occurs
93
What is a Dropper?
Transfer agent code only to drop other malicious code, such as virus or Trojan horse
94
What is Hostile mobile code agent?
Code communicated semi-autonomously by programs transmitted through the web
95
What is a cross-site script attack?
* Tricking a client or server into executing scripted code by including the code in data inputs
96
What is a RAT (remote access Trojan)?
Trojan horse that, once planted, gives access from remote location
97
What is Spyware?
Program that intercepts and covertly communicates data on the user or user's activity
98
What is a bot?
Semi-autonomous agent, under control of a (usually remote) controller or "herder"; not necessarily malicious
99
What is a Zombie?
Code or entire computer under control of a (usually remote) program
100
What is a Browser hijacker?
Code that changes browser settings, disallows access to certain sites, or redirects browser to other
101
What is a Rootkit?
A collection of tools that a hacker uses to mask their intrusion and obtain admin-level access to a computer or network.
102
What is trapdoor or backdoor?
Code feature that allows unauthorized access to a machine or program; bypasses normal access control and authentication
103
What is a tool or toolkit?
Program containing a set of tests for vulnerabilities; not dangerous itself, but each successful test identifies a vulnerable host that can be attacked
104
What is Scareware?
Not code; false warning of malicious code attack
105
How does virus scanners work?
Virus scanners look for signs of malicious code infection using signatures in program files and memory
106
What is a Denial-of-Service Attacks?
A way to prevent legitimate access to a system, by flooding the system with so many false connection requests that the system cannot respond to legitimate requests
107
What is DHCP Starvation?
If enough requests flood a network, the attacker could completely exhaust the address space allocated by the DHCP servers for an indefinite period of time
108
What are some DoS weaknesses?
* The flood must be sustained.
* When machines are disinfected, the attack stops.
* Hacker’s own machine are at risk of discovery
109
How does a SYN Attack/Flood work?
* The client sends a SYN.
* Server responds with SYN+ACK
The client should now respond with an ACK, but through non –responsiveness and continues sending of a SYN from other clients the server ends up in a busy state.
110
What is Low Orbit Ion Cannon? (LOIC)
* A common tool for DoS attacks
* Requires the user to put in the target URL or IP address and then begin the attack
111
What is XOIC?
* XOIC is another DoS attacking tool.
* Performs a DoS attack on any server with an IP address, a user-selected port, and a user-selected protocol.
112
What is Ping of Death?
* A ping of death is a type of attack on a computer system that involves sending a malformed or otherwise malicious ping to a computer.
113
What is a Man-in-the-Browser?
* Malicious code in browser/add-ons
114
What is a Keystroke logger?
* Hardware or software that records all keystrokes
115
What is Page-in-the-Middle
* The user is directed to a different page than believed or intended
116
What is a download substitution?
* The attacker creates a page with seemingly harmless and desirable programs for download
* Instead of, or in addition to, the intended functionality, the user installs malware
117
What is clickjacking?
* A way of tricking user into providing desired input, like personal information
118
What is Drive-by download?
Code is downloaded, installed, and executed on a computer without the user’s knowledge.
119
What is SQL injection?
Injecting SQL code into an exchange between an application and its database server
120
What is Phishing?
A message that tries to trick a victim into providing private information or taking some other unsafe action
121
What is Spear phishing?
A more personalized attack to a particular recipient or set of recipients
122
What is Whaling?
Attacks directed at high-profile targets such as CEO:s...
123
What is Rate limiting?
countermeasure that reduces the impact of an attack by limiting capacity to a host/network
