Computer and Network Security: Overview of Security Topics

Questions and Answers

What is the goal of a Denial-of-Service (DoS) attack?

To perform network maintenance

To steal sensitive information from a network

To gain unauthorized access to a network

To disrupt the availability of a network (correct)

How can an attacker successfully launch a Distributed Denial-of-Service (DDoS) attack?

By sending lots of packets to the victim's network (correct)

By using a single compromised machine to overload the victim's network

By launching targeted phishing attacks

By checking if the packets originate from the same source IP address

What technique can the adversary use to disrupt a server's availability in a SYN flood attack?

Send an ACK packet to reset the connection

Use a single SYN packet to overload the server

Increase the time out for storing state information

Spoof the IP addresses of the sender (correct)

What is a common challenge in detecting Denial-of-Service (DoS) attacks?

Distinguishing between legitimate and malicious traffic

What does a Distributed Denial-of-Service (DDoS) attack involve?

Using multiple compromised machines to flood a network with traffic

What resources does an attacker need to successfully launch a Denial-of-Service (DoS) attack?

High bandwidth internet connection and access to a botnet

In a SYN flood attack, how can the adversary disrupt the server's availability?

By sending numerous SYN packets to exhaust server resources during the TCP three-way handshake

What is a common challenge in detecting Distributed Denial-of-Service (DDoS) attacks?

Identifying the real source of the attacking packets due to spoofed IP addresses

What technique can the adversary use to disrupt a server's availability in a SYN flood attack?

Sending repeated SYN packets to overwhelm the server's resources

What is the goal of an adversary launching a Denial-of-Service (DoS) attack?

To disrupt the availability of the victim's network or system

What is the purpose of randomness generation in cryptography?

To introduce uncertainty and make encryption more secure

Why is collecting high-entropy data important in random number generation?

To prevent patterns and biases in the generated random numbers

What is the role of physical processes in generating random numbers?

To ensure uniformity and independence of the generated bits

Why do hardware random number generators use physical processes like thermal noise and photoelectric effect?

To provide a constant source of high-entropy data

In what way does adding randomization contribute to block cipher modes of operation?

Enhances the resistance against known plaintext attacks