Midterm

Question 1

Threat

Answer 1

Potential dangers to a system’s security

Question 2

Exploit

Answer 2

Method of attack to cause harm to a system

Question 3

Vulnerability

Answer 3

Weakness in a system that can be exploited

Question 4

Controls

Answer 4

Measures implemented to mitigate risks

Question 5

Motives

Answer 5

Why they do it, money, power, control, fame, etc.

Question 6

Arms Races

Answer 6

Constant battle between attackers and defenders in the cybersecurity realm. Attackers develop new methods to breach security, defenders respond with countermeasures.

Question 7

Chicken/Egg

Answer 7

Which should come first; implementing security measures or responding to security threats.
You can’t trust software because its pretty hard to make every single component yourself.

Question 8

Existence of Absolutes

Answer 8

In computer security nothing is absolute. Vulnerabilities can exist even in the most secure systems, and attackers continuously find new ways to exploit them.

Question 9

Confidentiality

Answer 9

Ensures that data is only accessible to to authorized users

Question 10

Integrity

Answer 10

Ensures that data is accurate and unaltered

Question 11

Availability

Answer 11

Ensures that data is accessible any time when needed

Question 12

The Three Goals of Cybersecurity

Answer 12

Confidentiality, integrity, and availability

Question 13

Confidentiality Examples

Answer 13

Encryption, authentication(passwords, biometrics), NDA policy

Question 14

Integrity Examples

Answer 14

Offline backups, blockchain, digital signatures, hashing

Question 15

Availability Examples

Answer 15

load balancing, backups, hot sites

Question 16

SetUid Model

Answer 16

Allows users to execute a program with the permissions of the program’s owner. Useful for programs/tasks that change password or file accesses, without needing to grant them full administrative access.

Question 17

Purpose of Bounds Checking

Answer 17

Ensures that data stays within the boundaries of allocated memory

Question 18

Arrays

Answer 18

More efficient but have fixed sizes. This makes them vulnerable to buffer overflows, off by ones, etc. Lack of runtime bounds checking in some languages. So they can be exploited to read data outside the array’s memory.

Question 19

Dynamic Memory

Answer 19

Some bounds checking done as part of the allocation process. Pointers unlikely to point at anything ripe to change.

Question 20

Inheritance

Answer 20

Can propagate vulnerabilities from parent classes to child classes if not properly managed.

Question 21

Security Through Obscurity

Answer 21

Security by means of hiding implementation details. Flawed way of thinking. Bad actors always have the time and drive.

Question 22

Policy Based Security

Answer 22

Defining rules and regulations that dictate how data, software, and infrastructure of a system should be accessed, used, and protected within an organization.

Question 23

Policy Based Security Examples

Answer 23

Coding policy/guide, use dynamic arrays if possible, proactively keep and check array bounds for fixed arrays, peer reviews, code reuse, code audits

Question 24

Fortress Defense

Answer 24

Makes it difficult and time consuming for attackers to breach in the system. Primarily focused on access controls.

Question 25

Fortress Defense Examples

Answer 25

Host configuration, ACLs, authentication, role-based access controls, sandboxing, firewalling, MAC, DAC, domain type enforcement

Question 26

Host Configuration

Answer 26

Refers to the setup and configuration of a system such as settings, permissions, installed programs, and etc.

Question 27

Firewalling

Answer 27

A firewall is an application/device that monitors and controls incoming and outgoing network traffic. They inspect data and determine if the data us allowed or blocked depending on rules set.

Question 28

ACL

Answer 28

Access control list. Rules or criteria that determine whether an entity is allowed or denied access to a resource or service. Filesystem ACL and Network ACL.

Question 29

Authentication

Answer 29

Verify identity of a user. Can use passwords, multi factor authentication (MFA), certificates, and etc.

Question 30

Role Based Access Controls

Answer 30

Assigns permissions to users based on their role within an organization.

Question 31

Sandboxing

Answer 31

Running applications or processes in a controlled environment (such as a VM) to limit their access to system resources.

Question 32

MAC

Answer 32

Mandatory Access Controls. A security model where access controls are determined by the owner of the information. Access controls are immutable. Access control info travels with user and data.

Question 33

DAC

Answer 33

Discretionary Access Controls. Alterable access controls. Typically in a filesystem level, API level. You have to trust users because they can make copy of data with new ACLs

Question 34

Domain Type Enforcement

Answer 34

Often called capabilities. Access controls at the programming interface level. Detailed divison of labor, roles, and duties. Can add a level of protection against software bugs. Example: only shells and certain processes can fork or execute

Question 35

Fortress Defense Evasion Techniques

Answer 35

Encapsulation, spoofing (using another’s address or identity), breach of physical security, extortion, exploit encoding and encapsulation and fragmentation

Question 36

Time-Based Defense

Answer 36

To detect and react appropriately. Involves implementing measures to detect and prevent security breaches in real time.

Question 37

Anti-Virus Software

Answer 37

Detect and remove malicious software such as bugs, worms, trojans, etc. Works by scanning files and comparing them against a database of known malware signatures, mire advanced forms use behavior detection.

Question 38

Network Intrusion Detection/Prevention

Answer 38

NIDS/NIPS. Monitors lots of network traffic and identifies anomalies which are then blocked. Can be evaded by cryptography.

Question 39

Host Based(Time Based Defense)

Answer 39

Ability to monitor and identify many system-level events.

Question 40

Time Based Defense Evasion Techniques

Answer 40

Cryptography, encapsulation, fragmentation

Question 41

Denial of Service

Answer 41

Many forms: disrupt services by overwhelming the target system with excessive requests, input validation problems

Question 42

Good Defense Plan

Answer 42

Careful planning, fortress defense tactics, detection and reaction capabilities

Question 43

Offense: Enumeration

Answer 43

Gathering information about your targets.

Question 44

Passive Enumeration

Answer 44

Stealth: Web searching, public directories, packet sniffers, social engineering

Question 45

Active Enumeration

Answer 45

Directly interact with victim, can be traced/alerted: Ping-sweeps, port-scanners, get OS version, use client software

Question 46

Offense Strategies

Answer 46

Privilege escalation, memory corruption, remote code execution/injection DoS

Question 47

Vulnerabilities of a System

Answer 47

Buffer overflows, oversights in design, input validation failures, race conditions, hardware, lack of access controls, lack of encryption, misconfigurations

Question 48

Buffer Overflows and Underflows

Answer 48

Allows memory corruption of same process memory, can be used to inject code or elevate privileges

Question 49

Injecting code/shellcode

Answer 49

Injecting malicious code into a system using vulnerabilities like buffer overflows, SQL injections, etc.

Question 50

Oversights

Answer 50

Mistakes during development or configuration in a system that can add vulnerabilities. Examples: no input validation, not applying security patches, etc.

Question 51

Input Validation Problems

Answer 51

When applications fail to properly validate user input. Ex: SQL injections, script injections, buffer overflows

Question 52

Race Conditions

Answer 52

When the outcome of a system’s event depends on time or sequence, it can lead to vulnerabilities.

Question 53

Hardware Security Holes Examples

Answer 53

Cosmic rays, memory tightly packed leading to leaks, adjusting CPU frequency can make you see data or tamper with higher levels of execution

Question 54

Misconfigurations

Answer 54

When a system is not properly configured to enforce security rules. Blame is on the new or poorly trained person