Security Flashcards
What is a program threat?
Malicious code like virus, worm, Trojan horse.
Define system threat.
Attack on system resources like DoS or port scanning.
What is encryption?
Converting data into unreadable form for unauthorized users.
Symmetric vs Asymmetric encryption?
Symmetric: same key; Asymmetric: public/private keys.
Example of symmetric algorithm?
AES, DES.
Example of asymmetric algorithm?
RSA.
Levels of security measures?
Physical, human, OS/Network.
Types of security violations?
Accidental or malicious data leaks, modification, destruction.
What is a worm?
A standalone malware that replicates and spreads over networks.
What is phishing?
A social engineering attack to steal sensitive data.
Define authentication.
Verifying the identity of a user or process.
What is hashing used for in security?
To verify data integrity.
What does SSL/TLS do?
Secures communication over the internet.
What does SSL stand for?
Secure Socket Layer
What does TLS stand for?
Transport Layer Security
Why can absolute security never be achieved?
The cost for a perpetrator must simply be high enough to deter intruders.
How strong is security?
It is only as strong as its weakest link.
What is a Trojan Horse?
A malicious program pretending to be legitimate, which can block, modify, or delete data, but can’t duplicate like worms.
What is a Trap Door?
A vulnerability left intentionally, such as hardcoded credentials, allowing unauthorized access.
What is a Logic Bomb?
Code that activates under specific conditions, such as dates or times.
What is Stack and Buffer Overflow?
A technique where arguments overwrite the stack’s return address, leading to malicious control.
What are Viruses?
Code fragments embedded in programs that can duplicate and spread across networks.
What are the categories of viruses?
- File/Parasitic
- Boot/Memory
- Macro
- Source Code
What differentiates system/network threats from program threats?
System and network threats abuse services rather than exploiting program vulnerabilities.
