Week 9

Question 1

When is a system secure?

Answer 1

A system can be considered secure if all resources are used and accessed as intended under all circumstances

Question 2

What is an intruder?

Answer 2

An intruder is a hacker that is attempting to breach security

Question 3

What is a threat?

Answer 3

A threat is a potential security violation

Question 4

What is an attack?

Answer 4

An attack is an attempt to breach security

Question 5

What are the different categories of security violations?

Answer 5

1. Breach of confidentiality - Unauthorised reading of data
2. Breach of integrity - unauthorised modification of data
3. Breach of availability - unauthorised destruction of data
4. Theft of service - unauthorised use of resources
5. Denial of service - prevention of legitimate use

Question 6

What are some more different categories of security violations?

Answer 6

1. Masquerading (breach authentication) - Pretending to be an authorized user to escalate privileges
2. Replay attack - As is or with message modification
3. Man-in-the-middle attack - Intruder sits in data flow, masquerading as sender to receiver and vice versa
4. Session hijacking - Intercept an already-established session to bypass authentication
5. Privilege escalation - Common attack type with access beyond what a user or resource is supposed to have

Question 7

What are the four different levels of security?

Answer 7

1. Physical – Data centres, servers, connected terminals
2. Network – Intercepted communications, interruption, DOS
3. Application – Benign or malicious apps can cause security problems
4. Operating System – Protection mechanisms, debugging

Question 8

What is malware?

Answer 8

Malware is software that is designed to exploit, disable, or damage a computer

Question 9

What is a trojan horse?

Answer 9

A trojan horse is a code segment that misuses its environment. Exploits mechanisms for allowing programs written by users to be executed by other users

Question 10

What is ransomware?

Answer 10

Ransomware is software that locks up data via encryption, demanding payment to unlock it

Question 11

What is a trap door?

Answer 11

A trap door is a specific user identifier or password that circumvents normal security procedures. This could be included in a compiler

Question 12

What is a code-injection attack?

Answer 12

A code injection attack occurs when system code is not malicious but has bugs allowing executable code to be added or modified. This is usually the result of poor or insecure programming paradigms

Question 13

What is a virus?

Answer 13

A virus is a code fragment embedded in legitimate program. They are self-replicating and designed to infect other computers. They are very specific to CPU architecture, operating system, applications and are usually borne via email or as a macro

Question 14

What are some types of virus?

Answer 14

1. Standard virus - infects system by appending itself to a file
2. Boot virus - infects the boot sector of a systema and executes every time the system is booted

Question 15

What is a denial of service attack?

Answer 15

A denial of service attack is where the targeted computer is overloaded preventing it from doing any useful work

Question 16

What is a distributed denial-of-service attack?

Answer 16

A distributed denial of service attack is launched from multiple sites at once towards a common target typically by zombies. They overload the target and prevent it from doing any useful work

Question 17

What is encryption?

Answer 17

Encryption constrains the set of possible receivers of a message. Encryption algorithm consists of:
- Set K of keys
- Set M of messages
- Set C of ciphertexts (encrypted messages)
A function E : K → (M→C). That is, for each k  K, Ek is a function for generatingciphertexts from messagesBoth E and Ek for any k should be efficiently computable functions A function D : K → (C → M). That is, for each k  K, Dk is a function for generatingmessages from ciphertextsBoth D and Dk for any k should be efficiently computable functions

Question 18

What is symmetric encryption?

Answer 18

Symmetric encryption is where the same key is used to encrypt and decrypt; therefore k must be kept secret. Data-encryption standard (DES)was most commonly used symmetric block-encryption algorithm (created by US Govt);encrypts a block of data at a time

Question 19

What is asymmetric encryption?

Answer 19

Asymmetric encryption is where public key encryption is used. Public key encryption is bade on each user having two keys:
- Public key - published key used to encrypt data
- Private key - key known only to individual user used to decrypt data

Question 20

What is authentication?

Answer 20

Authentication is a method used to constrain the set of potential senders of a message. Authentication is complementary to encryption and can also prove messages are unmodified.

Question 21

What is message authentication code?

Answer 21

A message authentication code (MAC) is a cryptographic checksum generated from a message using a secret key and is used to securely authenticate short values.

Question 22

What is a digital certificate?

Answer 22

A digital certificate is a certificate that proves who or what owns a public key

Question 23

What are certificate authority?

Answer 23

Certificate authority are a trusted party their public keys include with web browser distributions

Question 24

How can passwords be kept safe?

Answer 24

Passwords can be kept safe by:
- Frequent change of passwords
- History to avoid repeats
- Use of “non-guessable” passwords
- Log all invalid access attempts (but not the passwords themselves)
- Unauthorized transfer

Question 25

What is the goal of protection?

Answer 25

The goal of protection is to ensure that each object is accessed correctly and only by those processes that are allowed to do so