Cybersecurity: Access Control, Firewalls, and Cryptography Fundamentals

What does CIA stand for in Cyber-Security?

Confidentiality, Integrity, Availability

What is the primary focus of Access Control in Cyber-Security?

Controlling who/what can access systems and what they can do with that access.

What are the three main entities involved in Access Control?

Subjects (who/what is attempting access), Objects (assets being accessed), and Rules (governing access).

What is the Reference Monitor Concept (RMC)?

A security mechanism that enforces access control rules and monitors access to objects.

What is the role of a Security Kernel in Access Control?

It implements the Reference Monitor Concept and manages access control operations.

What are the two main approaches to Access Control Management?

Centralized and Decentralized management.

What does the principle of Least Privilege entail?

Users should have only the minimum level of access necessary to perform their tasks.

What are the three factors of authentication?

Something you know (password), something you have (token), and something you are (biometric).

What is Discretionary Access Control (DAC)?

An access control model where users have ownership of resources and can determine access.

What is Mandatory Access Control (MAC)?

An access control model that uses labels to enforce access restrictions, making it more secure than DAC.

What is the Bell-LaPadula model focused on?

Confidentiality, enforcing rules like 'no read up' and 'no write down'.

What does the Biba model emphasize?

Integrity, enforcing rules like 'no read down' and 'no write up'.

What is the purpose of a firewall?

To isolate an organization's internal network from external threats and control traffic flow.

What are the limitations of firewalls?

They cannot protect against attacks that bypass them, internal threats, or unsecured wireless LANs.

What is the False Acceptance Rate (FAR) in biometrics?

The rate at which unauthorized users are incorrectly granted access.

What is the False Rejection Rate (FRR) in biometrics?

The rate at which authorized users are incorrectly denied access.

What does the Crossover Error Rate (CER) indicate?

The point at which the FAR and FRR are equal, indicating the effectiveness of a biometric system.

What is Role-Based Access Control (RBAC)?

An access control model that assigns permissions based on user roles within an organization.

What is Rule-Based Access Control?

An access control model that uses predefined rules to determine access, such as firewall rules.

What is Attribute-Based Access Control (ABAC)?

An access control model that uses attributes of objects, subjects, and actions to determine access.

What is the significance of logs in Access Control?

Logs provide an audit trail to investigate who accessed the system and what actions were taken.

What does the term 'Session Hijacking' refer to?

An attack where an unauthorized party takes control of a user's session.

What is the principle of Separation of Duties?

A security principle that ensures no single individual has control over all aspects of a critical process.

What is the primary function of a packet filtering firewall?

To filter inbound and outbound traffic based on specified rules such as IP address and port number.

What is ingress filtering?

Filtering of inbound traffic to a network.

What is egress filtering?

Filtering of outbound traffic from a network.

What does stateful inspection in firewalls do?

It tracks the state of connections and blocks packets that deviate from the expected state.

What is a state table in the context of firewalls?

A table that monitors the state of each connection, including source and destination addresses and ports.

What is the role of Windows Service Hardening in firewall rules?

It restricts services from establishing connections in ways other than they were designed.

What are connection security rules in firewalls?

Rules that define how and when computers authenticate using IPsec.

What are authenticated bypass rules in firewall settings?

Rules that allow specified computers or users to connect even when inbound rules would block the traffic.

What is the purpose of block rules in firewall configurations?

To explicitly block a particular type of incoming or outgoing traffic.

What do allow rules in firewall settings do?

They explicitly allow a particular type of incoming or outgoing traffic.

What is the default action of inbound and outbound rules in firewalls?

The default action for inbound is to block connections, while for outbound it is to allow connections.

How does basic browsing with HTTP affect internet privacy?

ISPs and others can see both your destination and data.

What is the privacy advantage of using HTTPS over HTTP?

ISPs cannot see your data when using HTTPS.

What does a VPN do in terms of internet privacy?

A VPN can hide your data and destination from ISPs and others.

What is password hashing?

A one-way function that turns data into a fixed-length 'fingerprint' that cannot be reversed.

What is the general workflow for account registration in a hash-based system?

User creates an account, their password is hashed and stored, and on login, the entered password's hash is checked against the stored hash.

Why should you never disclose whether a username or password is incorrect during login attempts?

To prevent attackers from enumerating valid usernames without knowing their passwords.

Where should hashing occur in a web application?

Hashing should always occur on the server side.

What is the significance of salting in password hashing?

Salting adds random data to passwords before hashing to enhance security.

What are the advantages of symmetric ciphers?

They encrypt blocks of plaintext one at a time, and larger blocks are considered more secure.

What is the role of mathematical algorithms in block ciphers?

They perform a series of simple mathematical functions like XOR, addition, and substitution.

What is the importance of key lengths in symmetric ciphers?

Key lengths vary (e.g., 128, 192, 256 bits) and longer keys generally provide stronger security.

What happens during a login attempt in a hash-based account system?

The hash of the entered password is compared to the stored hash, granting access if they match.

What is the purpose of a web proxy?

A web proxy can hide your destination and can also read your data.

What does TOR provide in terms of internet privacy?

TOR helps to anonymize users by routing traffic through multiple nodes, making it difficult to trace.