Computer Networking and Security Module

Questions and Answers

What is the purpose of authentication?

proving a claim - usually that you are who you say you are

What are the two types of attackers as mentioned in the content?

• Amateurs and Script Kiddies
• Hackers and Crackers (correct)
• Career Criminals and State-supported Spies
• Opportunistic Attackers and Inside Attackers

Cryptanalysis is the process of breaking an encrypted ____.

code

Principle of Least Privilege states to give more privileges than necessary for a job.

False (B)

Match the cryptographic term with its definition:

Plaintext = original form of a message Ciphertext = coded/encrypted form of a message Cipher = encryption method or process Key = info used in cipher known only by the sender/receiver

What is the primary goal of confidentiality in computer security?

Prevention of unauthorized disclosure of information.

What is the main purpose of integrity in computer security?

Preventing unauthorized writing or modification of information.

Define availability in the context of computer security.

Assures that systems work promptly and service isn't denied to authorized users.

Which of the following are considered threat agents?

Hackers (A), Virus (B)

Non-repudiation in computer security prevents the denial of a transmitted message.

True (A)

What is the purpose of a digital signature algorithm?

Signing messages or data for authentication

Which key is used by the sender in a digital signature procedure?

Private key (B)

Vulnerability Assessment is used to detect and resolve security problems.

True (A)

Hash functions transform variable-length messages into a __________ message digest.

fixed-length

Match the following asymmetric key algorithms with their descriptions:

El Gamal = Developed by Taher ElGamal Diffie-Hellman Key Agreement (DH) = Key agreement protocol for sharing symmetric keys Digital Signature Algorithm (DSA) = Used for signing messages for authentication

What is cryptology?

Cryptology is the field of study which deals with both cryptography and cryptanalysis.

What does Cryptography classification include?

Classical/Conventional Cryptography and Modern Cryptography.

Define Substitution Ciphers.

Substitution ciphers replace one symbol with another.

Explain Monoalphabetic Ciphers.

Monoalphabetic ciphers involve a simple relationship between symbols in plaintext and ciphertext.

In the Hill Cipher, the key matrix needs to have a ____________.

multiplicative inverse

What is the rail-fence transposition used for?

Rail-fence transposition rearranges the order of letters in a plaintext message.

Which are building blocks of security in modern cryptographic functions?

All of the above (D)

In asymmetric key cryptography, there are two keys: a private key and a public key.

True (A)

What is the commonly known application for Secure Shell (SSH)?

for remote login to computer systems by users.

What are common applications of Secure Email?

Adding confidentiality and integrity protection to emails (A)

TLS-based client digital certificates are used in securing web servers. Is this statement true or false?

False (B)

Physical security protects hardware with ______________.

doors that lock

Match the following firewall types with their descriptions:

Network firewalls = Filter traffic between two or more networks and run on network hardware Host-based firewalls = Run on host computers and control network traffic in and out of those machines Application-Level Gateway (application firewall / proxy server) = Runs special software that acts as a proxy for a service request

Flashcards are hidden until you start studying

Study Notes

Introduction to Computer Security

• The practice of assuring information and managing risks related to the use, processing, storage, and transmission of information or data.
• Includes protection of the integrity, availability, authenticity, non-repudiation, and confidentiality of user data.

Information Assurance (IA)

• Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.
• A superset of information security, strongly related to the field of information security, and also includes business continuity.

Importance of Information Assurance

• To protect information exchanges between interconnected computer systems.
• To add business benefit through the use of IRM (Information Risk Management).
• To minimize risk and ensure business continuity.

Pillars of Information Assurance

• Confidentiality: preserving authorized restrictions on access and disclosure.
• Integrity: protecting against improper information modification or deletion.
• Availability: ensuring timely and reliable access to and use of information.

Security Models

• Information security models: CIA triad (Confidentiality, Integrity, and Availability).
• Other security models: Enterprise security, Cyber defense, and IA.

Threats, Vulnerabilities, and Risk

• Threat: any circumstances or events that can potentially harm an information system.
• Vulnerability: weaknesses or faults in an information system or its components that could be exploited.
• Risk: an expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability.

Controls and Countermeasures

• A control, safeguard, or countermeasure is an action, device, procedure, or technique that reduces a threat, vulnerability, or attack.
• Examples of controls: access controls, encryption, firewalls, and intrusion detection systems.

Types of Attacks

• Active attack: an attempt to alter or affect system resources or their operation.
• Passive attack: an attempt to learn or make use of information from the system without affecting its operation.
• Insider attack: initiated by an entity inside the security perimeter.
• Outsider attack: initiated from outside the perimeter.

Principles of Computer Security

• Principle of Easiest Penetration

• Principle of Adequate Protection

• Principle of Effectiveness

• Principle of Weakest Link

• Principle of Least Privilege

• Defense in Depth

• Minimization

• Compartmentalization

• Keep Things Simple

• Fail Securely

• Balancing Security and Access### Cryptography Fundamentals

• Cryptography concerns: Confidentiality, Integrity, Non-repudiation, and Authentication

• Types of Malicious Attacks:

  • Logic bomb
  • Backdoor/Trapdoor
  • Adware
  • Flooders (DoS client)
  • Key loggers
  • Rootkit
  • Spam/scam, identity theft, e-payment frauds

Cryptography Classifications

• Classical/Conventional Cryptography: Substitution Ciphers and Transposition Ciphers
• Modern Cryptography: Symmetric key cryptography and Public key cryptography

Basic Cryptographic Terms

• Plaintext: The original form of a message
• Ciphertext: The coded/encrypted form of a message
• Cipher: An encryption method or process
• Key: Information used in a cipher known only by the sender/receiver
• Symmetric Algorithm: Uses the same key for encryption and decryption
• Asymmetric Algorithm: Uses different keys for encryption and decryption

Substitution Ciphers

• Monoalphabetic Ciphers: One symbol in the plaintext corresponds to one symbol in the ciphertext
• Polyalphabetic Ciphers: One symbol in the plaintext corresponds to multiple symbols in the ciphertext
• Examples of Substitution Ciphers: Caesar Cipher, Vigenere Cipher, Hill Cipher

Transposition Ciphers

• Reorders the symbols in the plaintext
• Types of Transposition Ciphers:
  • Keyless Transposition Ciphers
  • Keyed Transposition Ciphers
• Examples of Transposition Ciphers: Rail-fence Transposition, Columnar Transposition

Symmetric Key Cryptography

• Uses the same key for encryption and decryption
• Key Distribution Problem: Secure distribution of the secret key
• Symmetric Cipher Model: Alice and Bob use the same key for encryption and decryption
• Examples of Symmetric Key Algorithms: DES, 3DES, AES

Asymmetric Key Cryptography (Public Key Cryptography)

• Uses different keys for encryption and decryption
• Key Pair: A public key and a private key
• Advantages: Simpler and faster, eliminates the key distribution problem
• Examples of Asymmetric Key Algorithms: RSA, Diffie-Hellman (DH)

Diffie-Hellman (DH) Key Agreement

• Used for key exchange
• Key Agreement Process: Alice and Bob agree on a shared symmetric key without actually exchanging the key
• Used in Internet Key Exchange (IKE) protocol and IP Security (IPSEC) architecture

RSA (Rivest, Shamir, Adleman)

• Asymmetric Key Algorithm
• Uses the difficulty of factoring large numbers and discrete logarithm problem
• Key Generation: Alice and Bob generate their own public and private keys### RSA Algorithm
• Developed by Ron Rivest, Adi Shamir, and Len Adleman
• Advantages: more secured, Authentication, and Variable Key Size (512, 1024, or 2048 bits)
• Disadvantages: relatively complex
• Used for the management of public key and distribution of digital certificates
• Authenticates users and devices in the digital world
• Most popular public key algorithm
• Based on the principle that no mathematical method can efficiently find the prime factors of large numbers

How RSA Works

• Key Generation, Encryption & Decryption Procedure:
  • Choose two large prime numbers p and q
  • Compute n=pq and z=(p-1)(q-1)
  • Choose number e, less than n, which has no common factor (other than 1) with z
  • Find number d, such that ed – 1 is exactly divisible by z
  • Keys are generated using n, d, e
  • Public key is (n,e)
  • Private key is (n, d)
• Encryption: c = me mod n
• Decryption: m = cd mod n

Other Asymmetric Key Algorithms

• El Gamal:
  • Developed by Taher ElGamal
  • Variable key size (512 or 1024 bits)
  • Less common than others
• Diffie-Hellman Key Agreement (DH):
  • Key exchange protocol
• Digital Signature Algorithm (DSA):
  • Used for digital signatures
  • Relies on public key cryptography
  • Private key is used for signing, and public key is used for verifying signatures

Hash Functions

• A hash function takes a variable-size message as input and produces a fixed-size output (hash code or message digest)
• No key is used in this algorithm
• Fixed-length hash value is computed as per the plain text
• Used in many operating systems to encrypt passwords
• Creates a unique, fixed-length signature for a specific message or data set

Vulnerability and Penetration Testing

• Vulnerability: a weakness or flaw in the system security that may result in unauthorized access
• Vulnerability Assessment: the process of scanning the system to identify vulnerabilities
• Penetration Testing: an authorized simulated attack on a computer system to evaluate the security of the system
• Types of vulnerability scanners:
  • Host-Based: identifies issues in the host or system
  • Network-Based: detects open ports and identifies unknown services running on these ports
  • Database-Based: identifies security exposure in database systems to prevent SQL Injections

Secure Web Servers and Firewalls

• Secure Web Servers:
  • Adds confidentiality and integrity protection to ordinary e-mail
  • Examples: PGP
• Firewalls:
  • A program or network device that filters access to a protected network from the internet connection
  • Monitors and controls incoming and outgoing network traffic
  • Objectives:
    • Keep intruders, malicious code, and unwanted traffic out
    • Keep private and sensitive information in
  • Categories:
    • Network Firewalls: filter traffic between two or more networks and run on network hardware
    • Host-Based Firewalls: run on host computers and control network traffic in and out of those machines
    • Application-Level Gateway (Application Firewall/Proxy Server): runs special software that acts as a proxy for a service request