Final Exam Review
Which default file describes the network interfaces available on a Linux system?
/etc/network/interfaces
Linux typically stores password hashes for system accounts in this file:
/etc/shadow
Convert the following 32-bit memory address to a little-endian format. Note that the number below is a 32-bit memory address; leading zeros are not included, but they do need to be considered during conversion. 0x4008F8
0x00F80840
Consider the following python script: import hashlib x = hashlib.md5() salt = chr(61) password = 'testing' saltedpassword = salt + password x.update(saltedpassword) x.hexdigest() Pick above lines such that you can compute the md5 digest object for the saltedpassword string and print it as a MD5 digest in hexadecimal format
1. x.update(saltedpassword) 2. x.hexdigest()
Which orange book division is just right (not less or more than necessary) to address the Design Basis Threat of Malicious Code?
B
Which aspect of building a Trusted OS is most relevant to the discussion of Multics ring-based architecture?
Design
Name this principle: "Keep the design small and simple as possible"
Economy of Mechanism
Information (data or code) has not been tampered within a period of interest
Integrity
Authentication words or techniques should be classified and protected by a user to what level?
Highest level of information to which it permits access
DMCA makes it illegal to sell, manufacture or distribute any devices that disable antipiracy mechanisms functionality. What part of a threat is addressed by this restriction?
Means
Which one of these rule targets is non-terminating? Which means the rule processing continues even if the rule matches.
LOG
Which controlled sharing mechanism supports superior revocation capabilities on per-object basis?
List-based Mechanisms
Consider a Multics Data segment with ring bracket (5, 48, 48) and effective mode RW. It means:
This Data Segment is RW for code executing in rings 0 - 5 but R only for code executing in rings 6 - 48
Segment addressing works in this way:
Name of the segment provides the base address, to which the offset is added
The 8 design principles from Saltzer & Schroeder Paper are for designing these:
Protection Mechanisms
What does the Ware Report recommend to limit damage from fully cleared maintenance personnel or system personnel?
Two-man teams
What types of errors will be more likely when the sensitivity of the Biometric device is set to a value such that exact matches are required between the presented biometric and the stored biometric?
Type I Errors
Authenticators are of three types. A device that generates a one-time code (e.g. DUO used at UNO) is an example of this type of authenticator:
Something on only you have
This Linux command-line command is used for copying files and directories
cp
What is the behavior of this Linux command-line command? nc -lvp 1234
listen on port 1234 for an incoming connection in verbose mode
This Linux command-line command is used to list information about all files, including hidden directories contained within the current working directory.
ls -a
This Linux command is used for transferring files/directories to a different location:
mv
Which of the answers listed below refers to a command used for invoking a text editor in Unix-like operating systems?
nano
This Linux command-line command is used to view active internet connections and listening ports.
netstat
Which one of these iptables commands will set the default firewall policy such that all incoming packets that do not match a rule are discarded?
sudo iptables -P INPUT DROP
A Trusted Path provides the assurance that:
the user is indeed communicating with the trusted component
According to the Ware report, at a minimum, the CPU hardware needs to support how many operating states for supervisor protection?
two states
This Linux command-line command searches within files for lines containing a match to a given pattern
grep
Configure an iptables firewall on a host machine to allow a webserver running on its port 8080 to be only accessible from another machine on the network with the following IP address 192.168.36.200. The IP address of the host machine is 192.168.36.100. Consider the firewall to be its default state initially. Your firewall configuration should only expose the ports and protocols necessary for the task. List all commands necessary to accomplish this task.
$ sudo iptables -P INPUT DROP $ sudo iptables -A INPUT -p tcp -s 192.168.36.200 --dport 8080 -j ACCEPT
Consider a Multics Code segment with ring bracket (0, 1, 63) and effective mode RE. Pick all the statements that are true about this segment
1. Code segments executing in rings 2 through 63 can make an inward call to it via a gate location 2. Code executing in ring 0 and 1 can call it without a ring crossing fault.
Pick necessary the components of a dictionary attack:
1. Compute power and/or storage space 2. Dictionary or a wordlist generation algorithm 3. Hashing and comparison functions 4. Hashes to crack
Check all the problems that arise with Segmentation
1. Fragmentation of memory 2. Offsets could be larger than segment size
Select all the causes for buffer overflows being so exploitable?
1. Lack of input validation by programmers 2. Data can be interpreted as code and code as data 3. Unsafe C functions for string processing 4. EIP is stored on the stack 5. The von Neumann Architecture
Arrange the steps in The Flaw Hypothesis method, starting with the first step:
1. Map System 2. Hypothesize 3. Test 4. Generalize
Pick all the requirements for designing a Reference Validation Mechanism (RVM)
1. The RVM must be always invoked 2. The RVM is small enough to be subject to analysis and tests to assure it is correct 3. The RVM must be tamper proof.
Select all the desirable characteristics of cryptographically strong hash functions:
1. They are one-way functions 2. Collisions are extremely difficult to find 3. Transform a large set of bits to a fixed length hash
Select all the ways in which dictionary attacks can be mitigated:
1. User training and education on password complexity 2. Increase computational overhead 3. Enforce longer and complex passwords
Patents are valid for these many years...
19-20 years
Psychological Acceptability principle recommends this for user interfaces:
Allows to apply/configure protection mechanisms correctly
When setting new file permissions, what is the number used with chmod to give the owner full permissions, and read and execute to the group and the world.
755
Clearance is NOT applied to:
Data
What happens when a biometric device makes a Type I error?
A legitimate authentication request is rejected
According to the Ware report, providing satisfactory security controls in a computer system is this sort of a problem
A system design problem
Fail-safe defaults principle recommends this:
Access is based on permission rather than exclusion
Select all the parts of a Threat:
Agent, Means, Motive, Opportunity
In directory listings or navigation, _______ denotes the current directory and ______ denotes the parent directory.
Answer 1: . Answer 2: ..
It is both information and container-oriented
Availability
What will be the outcome of this Linux command-line command: echo keep things simple >> quotes
Append text to a file
Basis for belief that the system will operate as expected
Assurance
According to the Ware report the Central Processor Hardware must provide the following mechanisms:
Assurance Against Unanticipated Conditions, User Isolation Mechanisms, Supervisor Protection
The orange book splits its fundamental security requirements into two categories. What are they?
Assurance and Features
Information pertaining to a principal to validate the claim of their identity
Authenticator
According to Schneier, what are the opportunities enabled by the Internet?
Automation, Technique Propagation, Attack at a Distance
Which of the following key combinations allows to terminate the current process in Linux shell?
Ctrl + C
If a computer system passes the orange book B1 evaluation level, it would have also met the requirements of the following levels:
C2 and C1
Which controlled sharing mechanism supports superior access review on a per-subject basis?
Capabilities
Name this principle: "Every access to every object must be checked for authority"
Complete Mediation
An obligation to protect another person's or organization's secrets if you know them
Confidentiality
Requires building controls from outsiders as well as insiders
Confidentiality and Integrity
One process transmits secret information by modulating a shared resource, while another process detects that modulation
Covert Channel
According to the Anderson report, what is a more challenging security problem to solve for resource-sharing computers?
Controlled Sharing
According to the Ware report, computer security problem can be best described as:
Controlling access to a shared resource
A computer program flaw who's genesis is with a non-malicious intent
Covert Channel
On the stack, contents of which register are stored between the local variables of a function and the return address? Assume a 32-bit machine.
EBP
Intel-based CPUs have general-purpose registers where it can store data for future use. In a 32-bit machine, select the registers that keep track of the stack frame of the currently executing function.
EBP and ESP
Intel-based CPUs have general-purpose registers where it can store data for future use. Select the register that holds the memory address of the next instruction to be executed.
EIP
This is NOT a dimension of the Landwher Computer Program Flaw Taxonomy
Environment
A trusted entity is always trustworthy
False
Which one of these is an inappropriate reason for recovering root?
Gain unauthorized access to someone's computer
This law concerns the privacy of data for consumers of financial institutions:
Gramm - Leach - Bliley
This Law mandates the privacy of Personally Identifiable Information (PII) of a Patient receiving healthcare
HIPAA
When does the default policy apply? For iptables this policy with set with a -P flag.
If no rules match then the default policy is used
Multics rings for TCB design are an example of this general design strategy:
Layered Design
"Need-to-know" is an example of this principle
Least Privilege
Information from a prior use of a storage medium does not leak to the current use. What is being described here?
Object Reuse Control
When only paging is implemented for memory management, why do we end up with a two-state machine?
Pages have no logical unity and only rely on the kernel and user mode separation
According to the theory of information protection in the Saltzer and Schroeder paper, the following need to be true about the information to be protected:
Partitions must be as specified by its creators, Divided into mutually exclusive partitions
This legal device is appropriate to protect software algorithms subject to wide distribution, reverse engineering and possibility of implementation in many languages
Patent
Piracy infringes on this right of a copyright holder
The right to first sale
Methods to detect potential covert covert channels
Shared Resource Matrix, Information Flow Analysis
Violation of which laws result in criminal trials?
Statutes
Reasons for computer crime being hard to prosecute. Select all that apply.
Technical complexity of the case, plausibility of evidence and forensics, age of the defendant
According to the Anderson Report, What is the key limitation of a two-state machine that leads to security issues?
There is no convenient way to localize the referencing capability of the operating system service function.
Risk is proportional to:
Threat intensity and Information value
What is the purpose of using a Live CD when recovering root on a system?
To mount the hard drive partition containing the root password with read write privileges, and then clear the password.
What will be the classification of data output resulting from the execution of a program that is itself classified as Secret and uses Top-secret data as input?
Top-Secret
I have fully described a crypto algorithm in an article published in an open-access journal. Now, which one the following legal devices cannot be used to protect the algorithm.
Trade secret
ESP and EBP registers together keep track of the stack frame of the currently executing function in 32-bit x86 architectures. True or False: ESP points to the top of the stack frame at its lowest memory address, and likewise, EBP points to the highest memory address at the bottom of the stack frame
True
How can a computer understand need-to-know and clearance needed for mediating access to classified data?
Using labels
Both protection and authentication mechanisms can be viewed in terms of this general model
Wall, Door, Guard, Check
Can copyrighted software contain trade secrets?
Yes, because, you can redact trade secrets in source submitted for copyrights
Which of the following command line utilities did you use for searching and installing software packages on Kali Linux in the lab?
apt-get
These are the parts of an Information Domain (ID) a) Risks, Threats and Design Basis Threats b) Guard, Guns and Dogs! c) Users, Information Object, Expectations d) Agent, Motive, Means and Opportunity
c) Users, Information Object, Expectations
This Linux command-line command is used for directory traversal
cd
Which of the following commands allows for moving one level up in Linux directory tree?
cd ..
This Linux command allows for temporarily activating root privileges to execute high consequence commands:
sudo
This Linux command-line utility is used for displaying and modifying network interface configuration settings:
ifconfig
This Linux command-line command displays an absolute path of the current working directory
pwd
This Linux command-line command is used to switch users in a terminal session.
su
When viewing the permissions in the long output of directory listings, Linux files have three sets of user permissions. From left to right, these show permissions for:
the owner, the group and all users