Computer Network Security
Find the determinant mod of (A B) (C D)
(A*D) - (B*C)
Define a denial of service (DOS) attack
A denial of service attack is an action that prevents or impairs the network, system, or application
What are typical phases of operation of a virus or worm?
A dormant phase, a propagation phase, a triggering phase, and an execution phase
What is a MAC algorithm
A message authentication code uses a secret key to calculate a code used for authentication
A nonce is
A unique identifier, it needs to be hard to guess, such as a random number
What are the 4 steps in AES
Add round key, Substitute bytes, shift rows, Mix columns
List the categories of security services
Authentication, access control, data confidentiality, data integrity
What is a DMZ network and what types of systems would you expect to find on such networks
Between internal and external firewalls are one or more networked devices in a region referred to as a demilitarized zone
A _______________ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained.
Brute Force
What are the two ways to break a cipher
Brute force, Cryptanalysis
What is the formula for finding the plaintext P in rsa
C^d Mod n
List three design goals for a firewall
All traffic must pass through the firewall, only authorized traffic is allowed to pass, the firewall is immune to penetration
What services are provided by the SSL Record Protocol
Confidentiality, Message Integrity
What are the three key security objectives as per OSI
Confidentiality, integrity, availability
What is DAC
Discretionary access control controls access based on identity.
What does TLS entail
Transport Layer Security provides communications security over a computer network
T/F The most important development from the work on public Key encryption is the digital signature
True
X.509 defines the format for public-key certificates
True
What is the OSI security architecture
a framework that provides a systematic way of defining the requirement for security and characterizing the approaches to satisfying those requirements.
Explain the avalance effect
a property of any encryption algorithm such that a small change in either plaintext or key produces a significant change in the ciphertext
What is a key distribution center
a system is authorized to transmit temporary session keys to principals.
What is the formula for finding d
de = 1 mod phi(n)
What is a trap-door one-way function
easy to calculate in one direction but unfeasible to calculate the other direction
What mechanisms can a virus use to conceal itself
encryption, stealth, polymorphism, metamorphism
What is a hello in a rail fence cipher
hlo el
What is the difference between machine-executable and macro viruses?
machine executable infect executable program files, macro viruses infect files with macro or scripting code
What is salt
salt is combined with the password at the input to the one-way encryption routine which results in a hash value
The digital signature is formed by
taking the hash of the message and encrypting the message with the creators private key
What is a weakness of a packet filtering firewall
they don't examine upper layer data
What is a stateful firewall
watches traffic from end to end, it keeps track of the state of network connections, it knows if packets are fragmented
How is the hash value of a message encrypted?
with a users private key
What is EAPOL
EAP over LAN operates at the network layers and makes use of IEEE 802 LAN
What is a passive threat
Eavesdropping on, or monitoring transmissions
What is a honeypot?
Honeypots are decoy systems that are designed to lure a potential attacker away from critical systems.
What are three broad mechanisms that malware can use to propagate
Infections of existing content, exploit of software vulnerabilities, social engineering attacks
What is a public key certificate
It contains a public key and other information, is created by a certificate authority and is given to the participant with the matching private key
What is the formula for finding the ciphertext C in rsa
M^e Mod n
What is MAC
Mandatory access control controls access based on comparing security labels
What types of attacks are addressed by message authentication
Masquerade, content modification, sequence modification, timing modification
What is an active security threat
Modification, deletion, unauthorized access
Why is it important to study the feistel cipher
Most symmetric block encryption algorithms in current use
What is NAC
Network Access control, managing access to a network
What are the two basic functions used in encryption algorithms
Permutation and substitution
What is an application-level gateway
Also known as a proxy server, acts as a relay of application-level traffic
What is an IPS
An IPS blocks traffic
Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is
Authentic
Define a DDoS attack
A Distributed Denial of Service attack uses multiple attacking systems, often using compromised user workstations or PCs
Define Buffer Overflow
A buffer overflow results from adding more information to a programs buffer than it was designed to hold
what are the three broad categories of applications of public key cryptosystems
Encryption/decryption, Digital signature, Key exchange
What does EAP stand for
Extensible authentication Protocol
T/F A digital signature can guarantee the source but not the integrity of the message
False
Why is it useful to have host-based firewalls
Filtering rules can be tailored to the host environment, protection is provided independent of topology
What steps are involved in the SSL record protocol transmission
Fragmentation, compression, add MAC, encrypt, append ssl record header
For what applications is SSH useful
Providing a secure remote logon facility to replace TELNET
X.509 is based on the use of
Public Key cryptography and digital signatures
What are two common techniques used to protect a password file?
Restrict access to the password file, Force users to select passwords that are difficult to guess.
What does SSL entail
Secure Socket Layer is the standard security technology for establishing an encrypted link between a web server and a browser
Communication between end systems is encrypted using a
Session Key
Master key is
Shared by the key distribution center and an end system or user and is used to encrypt the session key
What metrics are useful for profile based intrusion detection
Solution counter, gauge, interval timer, resource utilization
What are the four means of authenticating a user's identity
Something the individual knows, possesses, is, does
If both parties use only one key over a secure encrypted channel, such a system is referred to as:
Symmetric Encryption
How is an X.509 certificate revoked
The owner of a public-key can issue a certificate revocation list that revokes one or more certificates
What is the function of IEEE 802.1X
To provide access control functions for LANs