Looks like no one added any tags here yet for you.
What is a macro?
A small program written to do something quickly
How do macros pose a threat?
They can be embedded in documents and used maliciously to obtain access to another machine.
What is a keylogger?
Program that records when a user types on their machine and sends that to the attackers machine
The ___ ___ ___ establishes relationships among documents
Word Wide Web
How do computers communicate?
Using TCP/IP
What is TCP?
Transmission Control Protocol
What is IP?
Internet Protocol
What three things are required for a risk to exist?
An asset, threat, and vulnerability
What is an asset?
Something of value that I want to protect
Can the amount of assets be zero?
No
What is a threat?
An entity that can damage assets
What is a vulnerability?
A weakness in the system that can be exploited by the threat
What is the only ingredient required for risk that we can control?
Vulnerability
What is a risk?
The possibility of suffering damage
(T/F) If there exists only a threat and an asset, but no vulnerabilities, there exists risk.
False
(T/F) If someone steals your data, you no longer have access to it.
False
What does it mean for someone to steal data?
To read data in an unauthorized manner.
What are the three Security Requirements?
Confidentiality, Integrity, and Availability (CIA)
What is confidentiality?
Unauthorized people should not be able to read data.
What is integrity?
Unauthorized people should not be able to modify data
What is availability?
Authorized users must be able to access data whenever they need
How do you measure system availability?
Divide up-time by up-time + down-time
What are the three main parts of a Security Paradigm?
Protect, Detect, and Recover/React
What is included under protect in the Security Paradigm?
Strong password, firewall, security updates, access control, and encryption
What are the pros of Encryption?
Protects against confidentiality violation (i.e. the hacker cannot read what they cannot understand)
What are some cons of encryption?
Does not protect against integrity violations (hacker can modify encryption) and it affects availability
What is included under detect in the Security Paradigm?
Intrusion detection tools, honey pots, logs
What is a honey pot?
A trap for a hacker (such as a fake passwords file, which is monitored to detect who looks at the folder)
How do logs play a role in detection?
They log activity in the system to ensure there’s no funny business going on
What are the limitations of logs?
If you log too much, the system may overwrite the file, but if too little is logged, you may not catch when there is a hacker.
What is Recover/React in the Security Paradigm?
The best practices and knowledge required to recover or react to an event
Why does recovery/react need to be fast and correct?
Fast to ensure availability and correct to ensure integrity
How many values does an attacker need to change to cause a domino effect?
Just one
How can the user recover after an attack?
They must go through and recalculate everything with the correct values
Why must the system be unavailable during recovery?
The hacker can continue doing damage if the system is available.
What is the weakest link in IT Infrastructure?
User Domain
What are the seven domains in IT Infrastructure?
User, Workstation, Local Area Network (LAN), LAN-to-WAN, Wide Area Network (WAN), System/Application, and Remote Access Domains.
What are security policies?
A set of statements that can be implemented to enforce security
What are security mechanisms?
Mechanisms that define how policies can be implemented
What relationship exists between policies and mechanisms?
Many-to-Many
(T/F) A system may have many vulnerabilities, so many security policies are needed. Therefore there needs to be many security mechanisms.
True
What defines a secure state?
No security violations occur
What causes the system to enter an unsecure state?
When a security mechanism fails.
What can mechanisms guarantee?
That the machine will remain in a secure state, a portion will be either state, OR a portion of the system will remain secure.
What is the broad set of mechanisms?
A bad and possibly evil set of mechanisms that may allow the system to reach an insecure state.
What is a precise set of mechanisms?
An amazing and beautiful set of mechanisms that never allow the system to reach an unsecure state, but is allowed to reach every secure state.
What is the secure set of states?
A subset of secure states
What is risk management?
Balancing the cost of risk vs countermeasures
(T/F) The cost of countermeasures must not exceed the cost of the damage.
True
What is impact?
The amount of damage caused by threats
To understand the risk, we must understand the _____.
Impact
What is an event?
A measurable occurrence which as an impact.
(T/F) An event must be security related.
False
What is an incident?
An event that violates or threatens to violate security policies.
(T/F) An incident must be security related.
True
What is an outsider threat?
A threat that comes from outside of the organization.
What is an insider threat?
A threat that comes from inside of the organization
Does an insider threat or an outsider threat have a higher impact?
Insider threat
What is a quantitative risk assessment?
When financial cost is assessed. Based off of hard data (numeric value)
What is a qualitative risk assessment?
A scenario based assessment based off of soft data. It is difficult to get an exact cost.
What is considered in a qualitative risk assessment?
Impact vs probability of damage occurrence
What are the three types of hackers?
Black Hat, White Hat, and Grey Hat
What are black hat hackers?
Hackers that have advanced skills and access systems in an unauthorized way.
What are white hat hackers?
Hackers that have advanced skills but access systems in an authorized way.
What is the objective of black hat hackers?
Financial gain
What is the objective of white hat hackers?
To test system vulnerability
What are grey hat hackers?
Hackers that have medium skills, who could become a black hat or white hat
What is a birthday attack?
When a hashed password file is compromised.
What is a dictionary password attack?
Running words from the dictionary to crack a password (brute force)
What is IP spoofing?
When an attacker spoofs an IP address such that it appears that the source is a trusted location.
What is session high jacking?
When a valid user logs in and an attacker takes control of the system.
What is a man-in-the-middle attack?
When an attacker intercepts packets in between the target and the rest of the network.
What is a replay attack?
When an attack sends a message over and over again (such as requesting a user to login multiple times to get their password)
What are the four parts of access control?
Identification, Authentication, Authorization, and Accountability
What is authentication in access control?
The way the system verifies that a user is who they claim to be
What is identification in access control?
Assigning an identity to each user
What is authorization in access control?
What a user can or cannot do (ex: admin vs regular user)
What is accountability in access control?
The way the system checks user activities log
What are the four ways we can authenticate a user?
By what the user knows, what the user has, what the user is, and where the user is
What is a password?
A string of characters
What is a password domain?
Defines the specifications for a password (ex: 8 characters, A-Z, etc)
What is the Authentication Information?
A set of passwords chosen by users
What are the four parts of a password system?
Authentication info, authentication function, complimentary info, and complimentary function
What is an authentication function?
The interface where the system allows the user to login. (i.e. what is provided to the user)
What is the complimentary function?
A one-way function which modifies the password from the authentication information.
How does a password system work?
The user enters in their info using the authentication function. The password is then the authentication information. Then, the complimentary function takes the password, and does a one-way modification on the password. If the user is setting their password, the modified password is then stored in the complimentary info. If the user is logging in, then the modified password is checked against existing passwords stored in the complimentary info.
What is the complimentary info?
The user info stored in the system.
What is the authentication info?
What the user provides to the system.
What are the two methods of password attacks?
Guessing the password or knowing/figuring out the complementary function and get access to complimentary info
What is a type 1 Dictionary attack?
When the complementary function & complementary info are used to find a password
How do you defend against a type 1 dictionary attack?
Hiding the complimentary function and/or complimentary info
What is a type 2 dictionary attack?
When the attacker uses the authentication function to find a password
How to defend against type 2 dictionary attack?
After n failed attempts, take action (ex: lock account for some time period)
How do you calculate the number of possible passwords?
(number of character options)^(password length)
Assume there are N number of passwords in the password domain. An attacker can guess G number of passwords per minute. The attacker tries for T minutes.
What is the total number of passwords the attacker can try?
TG (time * passwords per minute)
Assume there are N number of passwords in the password domain. An attacker can guess G number of passwords per minute. The attacker tries for T minutes.
What is the probability of the attacker breaking the password?
P>= (TG)/N (Probability is greater than or equal to time * passwords per minute over the number of passwords)
Assume there are N number of passwords in the password domain. An attacker can guess G number of passwords per minute. The attacker tries for T minutes.
What factors can we control?
We cannot control T, can try to control G but not really, but we can control N (number of passwords in domain)
How can we reduce the probability of an attacker breaking a password?
By increasing the password domain
What are the three types of passwords?
User selected, computer generated, and pronounceable passwords
What are user selected passwords?
Typically something easier for the user to remember. They tend to be easy to break.