Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
65 Cards in this Set
- Front
- Back
What are the three main security goals?
|
Confidentiality, Integrity and Availability
|
|
What is confidentiality?
|
People cannot read sensitive information whilst it is on a computer or traveling across a network.
|
|
What is integrity?
|
Attackers cannot change or destroy information, either while it is on a computer or while it is traveling across a network. Or, at least, if information is changed or destroyed, then the receiver can detect the change or restore destroyed data.
|
|
What is availability?
|
People who are authorized to use information are not prevented from doing so
|
|
What are the three types of countermeasures to a successful attack?
|
Preventative
Detective Corrective |
|
Why are employees and ex-employees dangerous? (4 reasons)
|
They have knowledge of internal systems.
They often have the permission to access systems. They often know how to avoid detection. Employees generally are trusted. |
|
What are the 8 types of employee threats?
|
Sabotage, Hacking, Financial Theft, Theft of Intellectual Property, Extortion, Sexual Haraassment, Internet Abuse, Carelessness
|
|
What is Malware?
|
A generic name for any 'evil software'
|
|
What are viruses?
|
Programs which attach themselves to legitimate programs on the victim's computer
|
|
What is the main way viruses spread today?
|
E-mail
|
|
What is a worm?
|
Worms are full programs that do not attach themselves to other programs
|
|
What is a direct-propagation worm?
|
A worm which can jump from one computer to another without human intervention.
|
|
What is a payload?
|
A piece of code that does damage.
|
|
What is nonmobile Malware?
|
Malware which must be placed on the users computer, by hacker, virus or worm.
|
|
What is a Trojan horse?
|
A program which replaces an existing system file taking its name.
|
|
What is spyware?
|
Programs that gather information about you and make it available to the adversary.
|
|
What is mobile code?
|
Executable code on a webpage. Code is executed automatically when the webpage is downloaded.
|
|
What is social engineering?
|
Attempting to trick users into doing something that goes against security policies.
|
|
What are the 4 kinds of social engineering?
|
Spam, phishing, spear phishing, hoaxes.
|
|
What is the first steps of a hack?
|
Scanning IP addresses to identify possible victims.
Port scanning to learn which services are open on each potential victim host. |
|
What are chain of attack computers?
|
A hacker using compromised hosts to send attacks through a chain of machines in order to hide identity.
|
|
Why is social engineering often successful?
|
It focuses on human weaknesses instead of technological weaknesses.
|
|
What is a DoS attack?
|
A denial-of-service attack. Making a server or entire network unavailable to legitimate users. Typically by sending a flood of attack messages to the victim.
|
|
What is a DDoS?
|
A distributed DoS Attack. Bots flood the victim with attack packets.
|
|
What are the characteristics of expert attackers?
|
Strong technical skills and dogged persistence.
|
|
Why are script kiddies dangerous?
|
Because of their large numbers.
|
|
Why are cybercrime gangs difficult to prosecute?
|
Many are international.
|
|
What do cybercriminals use black market forums for?
|
Credit card numbers and identity information, vulnerabilities and exploit software.
|
|
What happens during fraud?
|
Attackers deceive the victim into doing something again the victim's finical self-interest.
|
|
What is identity theft?
|
Stealing enough identity information to represent the victim in large transactions, such as buying a car or even a house
|
|
What is corporate identity theft?
|
Stealing the identity of an entire corporation. Accepting credit cards on behalf of the corporation and pretending to be the corporation in large transactions.
|
|
What is cyberwar?
|
Attacks by national governments
|
|
What is cyberterror?
|
Attacks by organized terrorists
|
|
What is cryptography?
|
The use of mathematical operations to protect messages traveling between parties or stored on a computer.
|
|
What is authentication?
|
Proving one's identity to another so they can trust you more
|
|
What is the CIA of cryptography?
|
Confidentiality, Integrity, Authentication
|
|
What is needed for encryption for confidentiality?
|
A cipher (mathematical method) to encrypt and decrypt. A secret key or keys.
|
|
What are two types of ciphers?
|
Substitution ciphers and transposition ciphers.
|
|
What is a substitution cipher?
|
Substituting one letter for another in each place.
|
|
What is a transposition cipher?
|
Changing the order of letters or bits.
|
|
What do most real ciphers use?
|
Substitution and transposition.
|
|
What can ciphers encrypt?
|
Any message expressed in binary.
|
|
What is the difference between codes and encryption?
|
Codes are more specialized, they substitute one thing for another. Usually a word for a word or a a number for a word.
|
|
What does DES encryption need as input?
|
A 64-bit plaintext block and a 64-bit DES symmetric key.
|
|
Why are cryptographic systems used?
|
Individual users and corporations cannot be expected to master these many aspects of cryptography
|
|
What is the output of a hashing algorithm?
|
A bit string of small fixed length.
|
|
Are hashing and encryption reversible?
|
Encryption is, hashing is not.
|
|
What are the three first steps of the MS-CHAP Challenge Response Authentication Protocol?
|
Verifier creates challenge message. Verifier sends challenge message to the supplicant. Supplicant adds password, hashes resulting string and sends this back as a response.
|
|
How does the verifier verify the response in MS-CHAP?
|
If the hash matches the hash created when the real password is added and hashed then the supplicant is authenticated.
|
|
What are the two types of ciphers used for confidentiality?
|
Symmetric key and public key.
|
|
How do symmetric session keys work?
|
A symmetric session key is created. A encrypts the key with Bs public key, sends to B and B decrypts with Bs private key. The key is now shared and used for the remainder of the session.
|
|
How is a digital signature created for Message-by-Message Authentication?
|
Hash the plaintext to create the brief message digest. Sign (encrypt) the message digest with the sender's private key.
|
|
What is transmitted in Message-by-Message Authentication?
|
Digital signature plus the plaintext, encrypted with symmetric key encryption.
|
|
How does the receiver verify a messages source in Message-by-Message Authentication?
|
The plaintext is hashed and the Digital Signature is decrypted with the true party's public key. If these are equal, the message is authenticated.
|
|
What is originally transmitted in Key-Hashed Message Authentication Code?
|
The original plaintext along with the plaintext with key added then hashed, all encrypted.
|
|
What are the main stages of a typical cryptographic system?
|
Negotiation stage, Initial Authentication Stage and The Keying Stage and Ongoing communication
|
|
What does the negotiation stage in a typical cryptographic system involve?
|
Selecting methods and parameters
|
|
Which protocol does the authentication stage use in a typical cryptographic system?
|
MS-CHAP - Challenge-Response Authentication Protocol
|
|
What does the keying stage of a typical cryptographic system involve?
|
The secure exchange of secrets, including symmetric keys.
|
|
What is nonrepudiation?
|
The sender cannot deny that they sent the message
|
|
How do digital signatures help with noonrepudiation?
|
The sender must use his or her private key, so it is difficult to repudiate.
|
|
What is HMAC?
|
Hashed Message Authentication Code
|
|
What is repudiation like for HMAC?
|
Both parties know the key used so they can both claim the other created it.
|
|
What are two types of Trojan?
|
RATS - Remote Access Trojans and Downloaders - Small trojans that download larger ones.
|
|
What are Rootkits?
|
Trojans which take control of super user account. Can hide from file system detection.
|