Final Exam Review

Which default file describes the network interfaces available on a Linux system?

/etc/network/interfaces

Linux typically stores password hashes for system accounts in this file:

/etc/shadow

Convert the following 32-bit memory address to a little-endian format. Note that the number below is a 32-bit memory address; leading zeros are not included, but they do need to be considered during conversion. 0x4008F8

0x00F80840

Consider the following python script: import hashlib x = hashlib.md5() salt = chr(61) password = 'testing' saltedpassword = salt + password x.update(saltedpassword) x.hexdigest() Pick above lines such that you can compute the md5 digest object for the saltedpassword string and print it as a MD5 digest in hexadecimal format

1. x.update(saltedpassword) 2. x.hexdigest()

Which orange book division is just right (not less or more than necessary) to address the Design Basis Threat of Malicious Code?

B

Which aspect of building a Trusted OS is most relevant to the discussion of Multics ring-based architecture?

Design

Name this principle: "Keep the design small and simple as possible"

Economy of Mechanism

Information (data or code) has not been tampered within a period of interest

Integrity

Authentication words or techniques should be classified and protected by a user to what level?

Highest level of information to which it permits access

DMCA makes it illegal to sell, manufacture or distribute any devices that disable antipiracy mechanisms functionality. What part of a threat is addressed by this restriction?

Means

Which one of these rule targets is non-terminating? Which means the rule processing continues even if the rule matches.

LOG

Which controlled sharing mechanism supports superior revocation capabilities on per-object basis?

List-based Mechanisms

Consider a Multics Data segment with ring bracket (5, 48, 48) and effective mode RW. It means:

This Data Segment is RW for code executing in rings 0 - 5 but R only for code executing in rings 6 - 48

Segment addressing works in this way:

Name of the segment provides the base address, to which the offset is added

The 8 design principles from Saltzer & Schroeder Paper are for designing these:

Protection Mechanisms

What does the Ware Report recommend to limit damage from fully cleared maintenance personnel or system personnel?

Two-man teams

What types of errors will be more likely when the sensitivity of the Biometric device is set to a value such that exact matches are required between the presented biometric and the stored biometric?

Type I Errors

Authenticators are of three types. A device that generates a one-time code (e.g. DUO used at UNO) is an example of this type of authenticator:

Something on only you have

This Linux command-line command is used for copying files and directories

cp

What is the behavior of this Linux command-line command? nc -lvp 1234

listen on port 1234 for an incoming connection in verbose mode

This Linux command-line command is used to list information about all files, including hidden directories contained within the current working directory.

ls -a

This Linux command is used for transferring files/directories to a different location:

mv

Which of the answers listed below refers to a command used for invoking a text editor in Unix-like operating systems?

nano

This Linux command-line command is used to view active internet connections and listening ports.

netstat

Which one of these iptables commands will set the default firewall policy such that all incoming packets that do not match a rule are discarded?

sudo iptables -P INPUT DROP

A Trusted Path provides the assurance that:

the user is indeed communicating with the trusted component

According to the Ware report, at a minimum, the CPU hardware needs to support how many operating states for supervisor protection?

two states

This Linux command-line command searches within files for lines containing a match to a given pattern

grep

Configure an iptables firewall on a host machine to allow a webserver running on its port 8080 to be only accessible from another machine on the network with the following IP address 192.168.36.200. The IP address of the host machine is 192.168.36.100. Consider the firewall to be its default state initially. Your firewall configuration should only expose the ports and protocols necessary for the task. List all commands necessary to accomplish this task.

$ sudo iptables -P INPUT DROP $ sudo iptables -A INPUT -p tcp -s 192.168.36.200 --dport 8080 -j ACCEPT

Consider a Multics Code segment with ring bracket (0, 1, 63) and effective mode RE. Pick all the statements that are true about this segment

1. Code segments executing in rings 2 through 63 can make an inward call to it via a gate location 2. Code executing in ring 0 and 1 can call it without a ring crossing fault.

Pick necessary the components of a dictionary attack:

1. Compute power and/or storage space 2. Dictionary or a wordlist generation algorithm 3. Hashing and comparison functions 4. Hashes to crack

Check all the problems that arise with Segmentation

1. Fragmentation of memory 2. Offsets could be larger than segment size

Select all the causes for buffer overflows being so exploitable?

1. Lack of input validation by programmers 2. Data can be interpreted as code and code as data 3. Unsafe C functions for string processing 4. EIP is stored on the stack 5. The von Neumann Architecture

Arrange the steps in The Flaw Hypothesis method, starting with the first step:

1. Map System 2. Hypothesize 3. Test 4. Generalize

Pick all the requirements for designing a Reference Validation Mechanism (RVM)

1. The RVM must be always invoked 2. The RVM is small enough to be subject to analysis and tests to assure it is correct 3. The RVM must be tamper proof.

Select all the desirable characteristics of cryptographically strong hash functions:

1. They are one-way functions 2. Collisions are extremely difficult to find 3. Transform a large set of bits to a fixed length hash

Select all the ways in which dictionary attacks can be mitigated:

1. User training and education on password complexity 2. Increase computational overhead 3. Enforce longer and complex passwords

Patents are valid for these many years...

19-20 years

Psychological Acceptability principle recommends this for user interfaces:

Allows to apply/configure protection mechanisms correctly

When setting new file permissions, what is the number used with chmod to give the owner full permissions, and read and execute to the group and the world.

755

Clearance is NOT applied to:

Data

What happens when a biometric device makes a Type I error?

A legitimate authentication request is rejected

According to the Ware report, providing satisfactory security controls in a computer system is this sort of a problem

A system design problem

Fail-safe defaults principle recommends this:

Access is based on permission rather than exclusion

Select all the parts of a Threat:

Agent, Means, Motive, Opportunity

In directory listings or navigation, _______ denotes the current directory and ______ denotes the parent directory.

Answer 1: . Answer 2: ..

It is both information and container-oriented

Availability

What will be the outcome of this Linux command-line command: echo keep things simple >> quotes

Append text to a file

Basis for belief that the system will operate as expected

Assurance

According to the Ware report the Central Processor Hardware must provide the following mechanisms:

Assurance Against Unanticipated Conditions, User Isolation Mechanisms, Supervisor Protection

The orange book splits its fundamental security requirements into two categories. What are they?

Assurance and Features

Information pertaining to a principal to validate the claim of their identity

Authenticator

According to Schneier, what are the opportunities enabled by the Internet?

Automation, Technique Propagation, Attack at a Distance

Which of the following key combinations allows to terminate the current process in Linux shell?

Ctrl + C

If a computer system passes the orange book B1 evaluation level, it would have also met the requirements of the following levels:

C2 and C1

Which controlled sharing mechanism supports superior access review on a per-subject basis?

Capabilities

Name this principle: "Every access to every object must be checked for authority"

Complete Mediation

An obligation to protect another person's or organization's secrets if you know them

Confidentiality

Requires building controls from outsiders as well as insiders

Confidentiality and Integrity

One process transmits secret information by modulating a shared resource, while another process detects that modulation

Covert Channel

According to the Anderson report, what is a more challenging security problem to solve for resource-sharing computers?

Controlled Sharing

According to the Ware report, computer security problem can be best described as:

Controlling access to a shared resource

A computer program flaw who's genesis is with a non-malicious intent

Covert Channel

On the stack, contents of which register are stored between the local variables of a function and the return address? Assume a 32-bit machine.

EBP

Intel-based CPUs have general-purpose registers where it can store data for future use. In a 32-bit machine, select the registers that keep track of the stack frame of the currently executing function.

EBP and ESP

Intel-based CPUs have general-purpose registers where it can store data for future use. Select the register that holds the memory address of the next instruction to be executed.

EIP

This is NOT a dimension of the Landwher Computer Program Flaw Taxonomy

Environment

A trusted entity is always trustworthy

False

Which one of these is an inappropriate reason for recovering root?

Gain unauthorized access to someone's computer

This law concerns the privacy of data for consumers of financial institutions:

Gramm - Leach - Bliley

This Law mandates the privacy of Personally Identifiable Information (PII) of a Patient receiving healthcare

HIPAA

When does the default policy apply? For iptables this policy with set with a -P flag.

If no rules match then the default policy is used

Multics rings for TCB design are an example of this general design strategy:

Layered Design

"Need-to-know" is an example of this principle

Least Privilege

Information from a prior use of a storage medium does not leak to the current use. What is being described here?

Object Reuse Control

When only paging is implemented for memory management, why do we end up with a two-state machine?

Pages have no logical unity and only rely on the kernel and user mode separation

According to the theory of information protection in the Saltzer and Schroeder paper, the following need to be true about the information to be protected:

Partitions must be as specified by its creators, Divided into mutually exclusive partitions

This legal device is appropriate to protect software algorithms subject to wide distribution, reverse engineering and possibility of implementation in many languages

Patent

Piracy infringes on this right of a copyright holder

The right to first sale

Methods to detect potential covert covert channels

Shared Resource Matrix, Information Flow Analysis

Violation of which laws result in criminal trials?

Statutes

Reasons for computer crime being hard to prosecute. Select all that apply.

Technical complexity of the case, plausibility of evidence and forensics, age of the defendant

According to the Anderson Report, What is the key limitation of a two-state machine that leads to security issues?

There is no convenient way to localize the referencing capability of the operating system service function.

Risk is proportional to:

Threat intensity and Information value

What is the purpose of using a Live CD when recovering root on a system?

To mount the hard drive partition containing the root password with read write privileges, and then clear the password.

What will be the classification of data output resulting from the execution of a program that is itself classified as Secret and uses Top-secret data as input?

Top-Secret

I have fully described a crypto algorithm in an article published in an open-access journal. Now, which one the following legal devices cannot be used to protect the algorithm.

Trade secret

ESP and EBP registers together keep track of the stack frame of the currently executing function in 32-bit x86 architectures. True or False: ESP points to the top of the stack frame at its lowest memory address, and likewise, EBP points to the highest memory address at the bottom of the stack frame

True

How can a computer understand need-to-know and clearance needed for mediating access to classified data?

Using labels

Both protection and authentication mechanisms can be viewed in terms of this general model

Wall, Door, Guard, Check

Can copyrighted software contain trade secrets?

Yes, because, you can redact trade secrets in source submitted for copyrights

Which of the following command line utilities did you use for searching and installing software packages on Kali Linux in the lab?

apt-get

These are the parts of an Information Domain (ID) a) Risks, Threats and Design Basis Threats b) Guard, Guns and Dogs! c) Users, Information Object, Expectations d) Agent, Motive, Means and Opportunity

c) Users, Information Object, Expectations

This Linux command-line command is used for directory traversal

cd

Which of the following commands allows for moving one level up in Linux directory tree?

cd ..

This Linux command allows for temporarily activating root privileges to execute high consequence commands:

sudo

This Linux command-line utility is used for displaying and modifying network interface configuration settings:

ifconfig

This Linux command-line command displays an absolute path of the current working directory

pwd

This Linux command-line command is used to switch users in a terminal session.

su

When viewing the permissions in the long output of directory listings, Linux files have three sets of user permissions. From left to right, these show permissions for:

the owner, the group and all users