Mod 2 Flashcards
(28 cards)
Define physical security
A physical object creating a barrier to unauthorized access
Define destructive entry
Using force to defeat physical security
Define nondestructive entry
Compromising security without leaving signs of a breach
Though not the only point of attack, this system manages a computer’s resources and tends to be the focal point of security, and attacks.
the Operating System (OS)
What is the purpose of an Access Control Entry (ACE)?
to allow/deny a type of access to a file/folder by a user/group
What is an Access Control List (ACL)?
the set of ACEs for a file/folder
Define Access Control Model
an Access Control Model is a framework that defines how permissions and access to resources are granted or restricted
What are the two types of Access Control Models?
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
What is the primary difference between DAC and MAC models?
In DAC, users set permissions over the resources they own.
In MAC, users are unable to allow/deny permissions on resources they own.
What are the 1st and 2nd part of file access control?
1st: Access Control Model
2nd: Closed/Open Policy
What is the key difference between Open and Closed policies?
In a closed policy, an actor must explicitly possess the right to do an action.
I.E: Can’t do it unless it says you can.
In an open policy, an actor is assumed to be able to do all actions, unless a rule explicitly denies it.
I.E: You can do it unless it says you can’t.
Define injection attacks
malicious code is injected into safe code
What type of attacks are Unix Shell attacks?
Injection attacks
How does a Unix Shell attack work?
The Unix shell enables a command argment to be obtained from the output of a different command. This is known as command substitution. While parsing the command line, the Unix shell replaces the output of a command between back quotes ( ‘ ‘ ) with the output of a different command.
For example, assume the command print name.txt prints Taylor, and the command find * searches for names. The command find ‘print name.txt’ would effectively equal: find Taylor
What type of architecture is used for modern operating systems?
microkernal
What 4 criteria must biometric indentification traits follow?
Universality - almost everyone has it
Distinctiveness - each person’s slightly different
Permanence - it shouldn’t change significantly over time
Collectability - it should be effectively dtermined and quantifiable
Define Dictionary Attack
each word in a dictionary is hashed and the resulting value is compared with hashed passwords
Define password salt
a random string of data attached before or after a password before it is hashed
Define 2 factor authentication (2FA)
authentication that uses 2 of the 3 factors of authentication
- something you have
- something you know
- something you are
Define spoofing
pretending to be someone else
What’s the purpose of the address resolution protocol (ARP)?
It connects the network to the data layer by converting IP addresses to MAC addresses. This takes place between the network and link layers.
What layer do Denial of Service Attacks happen?
Network (IP) Layer
How do Denial of Service attacks work?
large number of packets are sent to a client, which either slows down or crashes the client trying to process them
What’s an IP spoofing attack?
an attempt by an attacker to send packets from a fake IP address they’re pretending to be
