Computer Security Exam Notes

Intro

• Know the difference between Confidentiality, Integrity, and Availability (CIA), and how they can be applied in a scenario

  • Confidentiality 

    • Only those authorized to see the data can

    • Involves proving you have access to data and you are who you say you are 

  • Integrity

    • Data is not modified from an unauthorized source

    • You can ensure the data is from the source/sender

  • Availability

    • Systems and services are available

    • Resilience against attacks, failures, and compromises

• What is the difference between a Threat and a Vulnerability and an Asset

  • Threat 

    • something that can cause harm

  • Vulnerability  

    • where a system is vulnerable to harm

    • Insecure code, physical security to data center. No backup desk

  • Risks  

    • The possibility of a threat happening

    • Well known vulnerability in a popular library -> high risk

    • Less known vulnerability on a server not connected to a network -> less risk

• What is the type of Virtual Machine we are using in class?

  • VMWare

Cryptography

• Understand the differences between symmetric and asymmetric encryption

  • Symmetric

    • Uses the same key for encryption and decryption

    • Faster than asymmetric 

    • AES recommended, DES and blowfish not 

  • Asymmetric 

    • Uses a public key to encrypt and a private key to decrypt

    • Slower but allows secure key exchanges

    • RSA, ECC, DSS, ECDH

• Understand the basic process of encrypting and decrypting

  • Encryption : Converts plain text to cipher text using an algorithm and a key

  • Decryption: Converts ciphertext back to plaintext using a key

• Understand what role a salt plays in encryption and decryption and how it is stored

  • Salt: A random value added to passwords before hashing to protect against rainbow table attacks

  • Stored alongside the hash

• Understand what role encoding has if it is not encryption

  • Encoding is not Encryption

  • Encoding transforms data into a different format. But does not secure it

• Understand which algorithms are used, how they are used, and which ones should not be used

  • How: What is PBDKF2 used for? How is it different than AES?

    • PDKF2: Used for password hashing and key derivation.

    • AES: Used for encrypting and decrypting data

  • Not: Should we use DES and ECB?

  • Use 

    • Advanced Encryption Standard (AES) 128, 192, 256.

    • GCM (Galois Counter Mode) for encryption

    • SHA 256 for hashing

    • PBKDF2, for password hashing

• Understand what hashing is and how do we use it

  • How can hash tables be attacked

    • Rainbow Tables

      • Precomputed Hashes used to crack passwords

    • Solution, use Salt and strong hashing algorithms

  • One way function: Cannot be reversed

  • Used for:

    • Password Storage

    • Data Integrity Checks

    • USE SHA-256 and SHA-2. Not MD5 and SHA-1

• Understand what a digital signature is and why is it used

  • Verifies authentication and integrity of messages

  • Uses asymmetric encryption (RSA, DSS)

Certificates

• Understand what a CA is and what a Root CA is

  • CA is a Certificate Authority: Issues and verifies certificates

  • Root CA: A self-signed CA that serves as the trust anchor. 

• Understand how certificates are used with TLS

  • TLS (Transport Layer Security) uses certificates to establish secure communication

• What is the Let's Encrypt service, what does it offer?

  • A free Certificate Authority that provides SSL/TLS certificates

• What type of encryption is used with TLS

  • Uses a combination of Symmetric AES and Asymmetric (RSA, ECDH) encryption.  

• Understand basic TLS handshake

  • TLS Handshake Process

    • Client and Server agree on encryption

    • Server presents a certificate signed by a CA

    • Client verifies the certificate

    • Secure communication begins

Network Security

• Understand how protocols can be attacked (e.g. TCP SYN)

  • TCP SYN Flood-> Attacker overwhelms a server by sending many SYN requests

• Understand basics of TCP and IP and the responsibilities of each protocol

  • How IP and Port are used together

  • TCP: Ensures reliable Communication

  • IP: Routes packets between networks

  • IP Address: identifies the a device on a network

  • Ports: Identify specific services (HTTP = 80, HTTPS= 443)

• Understand how to define a network zone for a network diagram, what role firewalls play in creating a zone

  • Network Zones

    • DMZ (Demilitarized Zone): Public facing servers are placed here

  • Firewalls

    • Packet Filtering: Examines Packets Individually

    • Stateful Inspection: Tracks active connection

• Understand differences in firewalls such as packet filter and stateful

  • Firewalls

    • Packet Filtering: Examines Packets Individually

    • Stateful Inspection: Tracks active connection

• Understand basic ways of scanning a network and finding information about a network using whois, nmap, etc

  • Whois: finds domain ownership info

  • NMAP: Scans for open ports

• Understand what service DNS provides and how it can also be attacked

  • DNS (Domain Name System) maps domain names to IP’s 

  • Attacks: DNS poisoning, DNS amplification.

Operating System Security

• Understand principle of least privilege and how we can apply it in OS security

  • Users and processes should only have minimum permissions needed

• Understand important of updating packages, regularly checking services, checking logs, etc

  • Importance of updating packages: 

    • Security patches

    • Bug fixes

    • Performance enhancements

  • Sudo apt update && sudo apt upgrade -y

• How to harden an operating system and core software such as Apache and SSH

  • Hardening reduces the system's attack surface, limits exposure to vulnerabilities, ensures only necessary services and software are running 

  • Remove unnecessary software, keep the system updated

  • Restrict user privileges 

Malware and Threats

• What is a virus and a trojan?

  • Virus: Attaches to files and spreads

  • Trojan: Disguises itself as legitimate software

• What is spyware and malware?

  • Spyware: Collects data without user consent

  • Malware: Any malicious software

• What is phishing?

  • Tricks users into revealing credential (fake login pages) 

Overall

• Be able to evaluate an argument from a security perspective using what we have learned in class and make a counter argument or support an argument.