Computer Network Security Services

Questions and Answers

PDF Questions PDF Answers

Security services are intended to enhance the speed of data processing systems.

False

Security mechanisms are used to provide a security service.

True

Authentication is a security service that prevents unauthorized use of a resource.

False

Confidentiality is a security service that protects data from unauthorized modification.

False

Security services are implemented by security mechanisms.

True

X.800 defines a security service as a service that provides a specific kind of speed to a system.

False

Access control is a security service that ensures the integrity of data.

False

Security services are closely related to security mechanisms.

True

Traffic analysis is a type of active attack.

False

Masquerade is a type of passive attack.

False

Security implementation involves four complementary courses of action.

True

Modification of messages is a type of passive attack.

False

Encryption is used for prevention and detection of security threats.

False

Denial of Service is an attack on confidentiality.

False

The use of backup systems is a part of security response.

False

Interception is an attack on integrity.

False

Intrusion detection systems are used to prevent unauthorized access.

False

Fabrication is an attack on integrity.

False

Security implementation involves only three courses of action.

False

Denial of service attacks can be prevented using encryption algorithms.

False

Passive attacks involve modification of the data stream.

False

Security response involves halting an attack and preventing further damage.

True

Replay Attack is a type of passive attack.

False

Encryption is used to respond to security threats.

False

Security recovery involves restoring systems and data after an attack.

True

Prevention is the only course of action in security implementation.

False

The ITU-T standards are referred to as FIPS xxx.

False

The CIA Triad consists of Confidentiality, Integrity, and Availability.

True

Authenticity is a part of the CIA Triad.

False

The main goal of Accountability is to generate the requirement for actions of an entity to be traced uniquely to that entity.

True

NIST is responsible for producing RFCs xxx.

False

The Internet Society (ISOC) produces X 123… Recommendations.

False

Revealing the data only to authorized users is a part of the Integrity requirement.

False

The CIA Triad consists of only three pillars of information security.

False

Countermeasures are used to introduce new vulnerabilities to a system.

False

Corrupted assets are an example of loss of confidentiality.

False

Threats are capable of exploiting vulnerabilities to an asset.

True

Active attacks attempt to learn or make use of information from the system.

False

Passive attacks are easy to detect and prevent.

False

Release of message contents is a type of traffic analysis.

False

Snooping refers to unauthorized access to or modification of data.

False

The goal of countermeasures is to eliminate residual risks to the assets.

False

Study Notes

Security Services

• Security services are intended to counter security attacks and make use of one or more security mechanisms to provide the service.
• ITU-T (X.800) provides security services and mechanisms to implement those services.

Security Mechanisms

• Security mechanisms are used to provide security services.
• Security services and mechanisms are closely related.

Types of Security Services

• Authentication: assurance that a communicating entity is the one it claims to be.
• Access Control: prevention of unauthorized use of a resource.
• Confidentiality: protection of data from unauthorized disclosure.

Security Implementation

• Prevention: detection and response to security incidents.
• Detection: identifying security incidents.
• Encryption: protection of data in transit and at rest.
• Access Control: prevention of unauthorized access to resources.

Security Threats

• Interruption: an asset of the system is destroyed or becomes unavailable.
• Interception: an unauthorized party gains access to an asset.
• Modification: an unauthorized party tampers with an asset.
• Fabrication: an unauthorized party inserts counterfeit objects into the system.

CIA Triad

• Confidentiality: ensuring that only authorized access to sensitive information.
• Integrity: ensuring that data and systems are protected from unauthorized modification.
• Availability: ensuring that systems and data are accessible and usable when needed.

Additional Concepts

• Authenticity: verifying the identity of users and ensuring the authenticity of data.
• Accountability: tracing actions to specific entities to ensure accountability.

Security Standardization Organizations

• International Telecommunication Union - Telecommunication Standardization Sector (ITU-T)
• National Institute of Standards & Technology (NIST)
• Internet Society (ISOC)

Security Attacks

• Passive Attacks: attempts to learn or make use of information from the system but does not affect system resources.
• Active Attacks: attempts to alter system resources or affect their operation.

Types of Passive Attacks

• Traffic Analysis: obtaining information by monitoring online traffic.
• Release of Message Contents (Snooping): unauthorized access to or interception of data.

Active Attacks

• Masquerade: one entity pretends to be a different entity.
• Replay Attack: passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
• Modification Attack: alteration of a legitimate message to produce an unauthorized effect.
• Denial of Service: preventing or inhibiting the normal use or management of communications facilities.

Description

This quiz covers security services and mechanisms in computer networks, including their relationship and implementation according to ITU-T(X.800) standards.