Computer Network Security Services

Questions and Answers

Security services are intended to enhance the speed of data processing systems.

False (B)

Security mechanisms are used to provide a security service.

True (A)

Authentication is a security service that prevents unauthorized use of a resource.

False (B)

Confidentiality is a security service that protects data from unauthorized modification.

False (B)

Security services are implemented by security mechanisms.

True (A)

X.800 defines a security service as a service that provides a specific kind of speed to a system.

False (B)

Access control is a security service that ensures the integrity of data.

False (B)

Security services are closely related to security mechanisms.

True (A)

Traffic analysis is a type of active attack.

False (B)

Masquerade is a type of passive attack.

False (B)

Security implementation involves four complementary courses of action.

True (A)

Modification of messages is a type of passive attack.

False (B)

Encryption is used for prevention and detection of security threats.

False (B)

Denial of Service is an attack on confidentiality.

False (B)

The use of backup systems is a part of security response.

False (B)

Interception is an attack on integrity.

False (B)

Intrusion detection systems are used to prevent unauthorized access.

False (B)

Fabrication is an attack on integrity.

False (B)

Security implementation involves only three courses of action.

False (B)

Denial of service attacks can be prevented using encryption algorithms.

False (B)

Passive attacks involve modification of the data stream.

False (B)

Security response involves halting an attack and preventing further damage.

True (A)

Replay Attack is a type of passive attack.

False (B)

Encryption is used to respond to security threats.

False (B)

Security recovery involves restoring systems and data after an attack.

True (A)

Prevention is the only course of action in security implementation.

False (B)

The ITU-T standards are referred to as FIPS xxx.

False (B)

The CIA Triad consists of Confidentiality, Integrity, and Availability.

True (A)

Authenticity is a part of the CIA Triad.

False (B)

The main goal of Accountability is to generate the requirement for actions of an entity to be traced uniquely to that entity.

True (A)

NIST is responsible for producing RFCs xxx.

False (B)

The Internet Society (ISOC) produces X 123… Recommendations.

False (B)

Revealing the data only to authorized users is a part of the Integrity requirement.

False (B)

The CIA Triad consists of only three pillars of information security.

False (B)

Countermeasures are used to introduce new vulnerabilities to a system.

False (B)

Corrupted assets are an example of loss of confidentiality.

False (B)

Threats are capable of exploiting vulnerabilities to an asset.

True (A)

Active attacks attempt to learn or make use of information from the system.

False (B)

Passive attacks are easy to detect and prevent.

False (B)

Release of message contents is a type of traffic analysis.

False (B)

Snooping refers to unauthorized access to or modification of data.

False (B)

The goal of countermeasures is to eliminate residual risks to the assets.

False (B)

Study Notes

Security Services

• Security services are intended to counter security attacks and make use of one or more security mechanisms to provide the service.
• ITU-T (X.800) provides security services and mechanisms to implement those services.

Security Mechanisms

• Security mechanisms are used to provide security services.
• Security services and mechanisms are closely related.

Types of Security Services

• Authentication: assurance that a communicating entity is the one it claims to be.
• Access Control: prevention of unauthorized use of a resource.
• Confidentiality: protection of data from unauthorized disclosure.

Security Implementation

• Prevention: detection and response to security incidents.
• Detection: identifying security incidents.
• Encryption: protection of data in transit and at rest.
• Access Control: prevention of unauthorized access to resources.

Security Threats

• Interruption: an asset of the system is destroyed or becomes unavailable.
• Interception: an unauthorized party gains access to an asset.
• Modification: an unauthorized party tampers with an asset.
• Fabrication: an unauthorized party inserts counterfeit objects into the system.

CIA Triad

• Confidentiality: ensuring that only authorized access to sensitive information.
• Integrity: ensuring that data and systems are protected from unauthorized modification.
• Availability: ensuring that systems and data are accessible and usable when needed.

Additional Concepts

• Authenticity: verifying the identity of users and ensuring the authenticity of data.
• Accountability: tracing actions to specific entities to ensure accountability.

Security Standardization Organizations

• International Telecommunication Union - Telecommunication Standardization Sector (ITU-T)
• National Institute of Standards & Technology (NIST)
• Internet Society (ISOC)

Security Attacks

• Passive Attacks: attempts to learn or make use of information from the system but does not affect system resources.
• Active Attacks: attempts to alter system resources or affect their operation.

Types of Passive Attacks

• Traffic Analysis: obtaining information by monitoring online traffic.
• Release of Message Contents (Snooping): unauthorized access to or interception of data.

Active Attacks

• Masquerade: one entity pretends to be a different entity.
• Replay Attack: passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
• Modification Attack: alteration of a legitimate message to produce an unauthorized effect.
• Denial of Service: preventing or inhibiting the normal use or management of communications facilities.

Description

This quiz covers security services and mechanisms in computer networks, including their relationship and implementation according to ITU-T(X.800) standards.