Info Sec Admin Test 1

Describe what must happen with respect to public keys for a "man in the middle attack" to succeed when messages are encrypted with public keys?

Evil Eve would need to replace the sender's public key in the repository with her own then intercept the message, read it, re-encrypt it, and send it onward.

What is social engineering?

Hackers tricking people to break security procedures/policies

What is the principle of least privilege?

A subject is granted permissions needed to accomplish the required tasks and nothing more.

What is one security benefit of using reserved addresses and network address translation (NAT) on an internal network?

All requests going through the network firewall to be translated bt NAT.

Describe or give an example of inferential leakage in database or query security.

An example would be if a query showed average salaries. The person doesn't know the exact salary for person. But if they restrict the constraints on the query, then a good amount of information can be determined.

A one-time pad cryptosystem has a provable property that no other cryptosystem has. What is it?

Any part of the ciphertext is equally likely to correspond to any plaintext. EQNVZ = HELLO, but it also is EQNVX = LATER

Distinguish between authentication and authorization?

Authentication can ensue that a person has authorization or clearance to be doing what they are doing. Authorization is the actual clearance to do the task.

If an error is made in assigning access rights, a default deny policy is safer in terms of security than a default permit policy. Why?

Because default deny will block everything unless specified. But default permit will let anyone in unless said not to be. It is safer to not let anyone in rather than letting everyone in.

Signature-based virus detection programs have a major shortcoming. What is it?

By the time an update is available, you might already have the virus.

Distinguish between computationally secure and absolutely secure encrypted messages.

Computationally secure is that the cryptography would take so long to crack that the information would be invalid by the time it is cracker. Absolutely secure is there is no way to decrypt the cryptography.

What is the difference between identification and authentication?

Identification is who you are. Authentication is to prove that you are that person.

Describe how the technique of public keys can be used to implement digital signature.

If you make a hash of a message, encrypt it with your private key. Send it to another person, along with the message encrypted with the other person's public key. The other person will be able to use their private key to decrypt the original message, and use your public key to decrypt the hash. They can then hash the original message and compare it to the hash, and if they match, the message has not been tampered with.

Explain how two-factor authentication can make a system more secure.

It is safer b/c it gives an extra level of protection against an unwanted person. You need access to not only the password, but another authentication device (phone, email, code, etc..) to gain access to the system.

What is an access control list? How is it related to an access control matrix?

Lists each file and the users and their access level for the file (Read, Write, R/W.. etc). The matrix lists all users, files and the permission levels in a matrix.

Distinguish between mandatory access control and discretionary access control.

Mandatory access control is enabled by an external subject. Discretionary access control is up the discretion of the owner whether access is granted.

Explain why using a computationally intensive hash algorithm is important when storing password data.

Passwords are critical to information security, so a more intensive algorithm will slow the attacker down, giving more time to be detected.

Explain the differences between symmetric key encryption and asymmetric (public) key encryption.

Symmetric keys are shared between the sender and the recipient, while asymmetric depends on two sets of keys, one public and one private.

In the US, organizations use SSN's or a part of it as an authenticator. Is this a good or bad idea?

This is a bad idea because your SSN can be obtained by a third party breach. If someone got access to your SSN, they would then have access to the organization's system.

How "wrapping" a public key in a digital certificate makes it much more difficult to tamper with.

This is harder to tamper with because if the message is tampered with, the certificate will no longer match.

What is the purpose of the key exchange algorithm? What type of cryptosystem is it needed?

To securely exchange keys. This is needed for symmetric key encryption.

A crypto hash is a one-way function. Name one use for a hash and explain how it is used.

Using it as digital signature...

How does hybrid cryptography work?

Using unique session keys along with symmetrical encryption.

Name and briefly describe the 3 properties of information security. These are attributes of information that together describe a secure system. (3 letter word)

• Confidentiality - keeping data hidden from unauthorized personnel • Integrity - keeping data from the source and changed only by authorized personnel • Availability - enabling access to data when and where needed

2. Name the three goals of information security.

• Detection - detect violations of security policy • Prevention - prevent violations of security policy • Response and Recovery - return system to a state consistent with policy

What are the 2 most important factors in the strength of a key?

• Length • Randomness

Name three things related to security that the McCumber Model is intended to cause us to think about?

• Safeguards - policies, human factors • Properties - confidentiality, integrity, availability • States of information - storage processing, transmission

What are 3 factors used in authentication?

• Something you know - password • Something you have - badge, id • Something you are - retinal, fingerprint