Computer Network Security

Ace your homework & exams now with Quizwiz!

Find the determinant mod of (A B) (C D)

(A*D) - (B*C)

Define a denial of service (DOS) attack

A denial of service attack is an action that prevents or impairs the network, system, or application

What are typical phases of operation of a virus or worm?

A dormant phase, a propagation phase, a triggering phase, and an execution phase

What is a MAC algorithm

A message authentication code uses a secret key to calculate a code used for authentication

A nonce is

A unique identifier, it needs to be hard to guess, such as a random number

What are the 4 steps in AES

Add round key, Substitute bytes, shift rows, Mix columns

List the categories of security services

Authentication, access control, data confidentiality, data integrity

What is a DMZ network and what types of systems would you expect to find on such networks

Between internal and external firewalls are one or more networked devices in a region referred to as a demilitarized zone

A _______________ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained.

Brute Force

What are the two ways to break a cipher

Brute force, Cryptanalysis

What is the formula for finding the plaintext P in rsa

C^d Mod n

List three design goals for a firewall

All traffic must pass through the firewall, only authorized traffic is allowed to pass, the firewall is immune to penetration

What services are provided by the SSL Record Protocol

Confidentiality, Message Integrity

What are the three key security objectives as per OSI

Confidentiality, integrity, availability

What is DAC

Discretionary access control controls access based on identity.

What does TLS entail

Transport Layer Security provides communications security over a computer network

T/F The most important development from the work on public Key encryption is the digital signature

True

X.509 defines the format for public-key certificates

True

What is the OSI security architecture

a framework that provides a systematic way of defining the requirement for security and characterizing the approaches to satisfying those requirements.

Explain the avalance effect

a property of any encryption algorithm such that a small change in either plaintext or key produces a significant change in the ciphertext

What is a key distribution center

a system is authorized to transmit temporary session keys to principals.

What is the formula for finding d

de = 1 mod phi(n)

What is a trap-door one-way function

easy to calculate in one direction but unfeasible to calculate the other direction

What mechanisms can a virus use to conceal itself

encryption, stealth, polymorphism, metamorphism

What is a hello in a rail fence cipher

hlo el

What is the difference between machine-executable and macro viruses?

machine executable infect executable program files, macro viruses infect files with macro or scripting code

What is salt

salt is combined with the password at the input to the one-way encryption routine which results in a hash value

The digital signature is formed by

taking the hash of the message and encrypting the message with the creators private key

What is a weakness of a packet filtering firewall

they don't examine upper layer data

What is a stateful firewall

watches traffic from end to end, it keeps track of the state of network connections, it knows if packets are fragmented

How is the hash value of a message encrypted?

with a users private key

What is EAPOL

EAP over LAN operates at the network layers and makes use of IEEE 802 LAN

What is a passive threat

Eavesdropping on, or monitoring transmissions

What is a honeypot?

Honeypots are decoy systems that are designed to lure a potential attacker away from critical systems.

What are three broad mechanisms that malware can use to propagate

Infections of existing content, exploit of software vulnerabilities, social engineering attacks

What is a public key certificate

It contains a public key and other information, is created by a certificate authority and is given to the participant with the matching private key

What is the formula for finding the ciphertext C in rsa

M^e Mod n

What is MAC

Mandatory access control controls access based on comparing security labels

What types of attacks are addressed by message authentication

Masquerade, content modification, sequence modification, timing modification

What is an active security threat

Modification, deletion, unauthorized access

Why is it important to study the feistel cipher

Most symmetric block encryption algorithms in current use

What is NAC

Network Access control, managing access to a network

What are the two basic functions used in encryption algorithms

Permutation and substitution

What is an application-level gateway

Also known as a proxy server, acts as a relay of application-level traffic

What is an IPS

An IPS blocks traffic

Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is

Authentic

Define a DDoS attack

A Distributed Denial of Service attack uses multiple attacking systems, often using compromised user workstations or PCs

Define Buffer Overflow

A buffer overflow results from adding more information to a programs buffer than it was designed to hold

what are the three broad categories of applications of public key cryptosystems

Encryption/decryption, Digital signature, Key exchange

What does EAP stand for

Extensible authentication Protocol

T/F A digital signature can guarantee the source but not the integrity of the message

False

Why is it useful to have host-based firewalls

Filtering rules can be tailored to the host environment, protection is provided independent of topology

What steps are involved in the SSL record protocol transmission

Fragmentation, compression, add MAC, encrypt, append ssl record header

For what applications is SSH useful

Providing a secure remote logon facility to replace TELNET

X.509 is based on the use of

Public Key cryptography and digital signatures

What are two common techniques used to protect a password file?

Restrict access to the password file, Force users to select passwords that are difficult to guess.

What does SSL entail

Secure Socket Layer is the standard security technology for establishing an encrypted link between a web server and a browser

Communication between end systems is encrypted using a

Session Key

Master key is

Shared by the key distribution center and an end system or user and is used to encrypt the session key

What metrics are useful for profile based intrusion detection

Solution counter, gauge, interval timer, resource utilization

What are the four means of authenticating a user's identity

Something the individual knows, possesses, is, does

If both parties use only one key over a secure encrypted channel, such a system is referred to as:

Symmetric Encryption

How is an X.509 certificate revoked

The owner of a public-key can issue a certificate revocation list that revokes one or more certificates

What is the function of IEEE 802.1X

To provide access control functions for LANs


Related study sets

Compound Inequality Graphs (MATH UNIT 5)

View Set

porth essentials of pathophysiology chapt 39

View Set

Regulations - Securities Exchange Act of 1934

View Set

NCLEX book CHAPTER 10- Vital Signs and Laboratory Reference Intervals

View Set

Theory, Research, and Evidence-Informed Practice

View Set

3. ORDERED-PAIR NUMBERS: FUNCTIONS

View Set

Modern Dental Assisting Chapter 40 quiz questions

View Set

Percent Composition of each element in H2O

View Set

Business English Quiz Questions - Review

View Set

Unit 14. Vocab. N. Use the word given in capitals to form a word that fits in the space.

View Set